Posez votre question Format imprimable Liste des forums Aidez-les Statistiques Rechercher Charte Forum Virus-Sécurité

TR/Crypt.XPACK.Gen ( je suis infecter )

Dernière réponse le 30 oct 2009 à 12:20:27 rocklee67, le 22 fév 2009 à 15:06:13

Signaler ce message aux modérateurs

Bonjour,
Effectivement ce matin a ma connexion sur le PC mon antivirus ( antivir )a détecter un virus nommé TR/Crypt.XPACK.Gen . Je n'arrive pas a le supprimer. Mais surtout je viens de remarquer que sur le bureau un fichier keygen est apparue je ne pas le supprimer car une fois que je clique dessus le même message de l'antivirus me dit que je suis infecter par ce trojan.
Merci de m'aider:) !

Configuration: Windows Vista
Firefox 3.0.6

Meilleures réponses pour « TR/Crypt.XPACK.Gen ( je suis infecter ) » dans :

TR/Crypt.XPACK.Gen (Résolu) Voir

Virus TR\Crypt.Xpack.gen Voir

TR/Crypt.XPACK.Gen virus aidez moi !! (Résolu) Voir

TR/Crypt.XPACK.Gen & Pub intempestives (Résolu) Voir

Cheval de troie TR/Crypt.XPACK.Gen Voir

Virus HIDDENEXT/Crypted et TR/Crypt.XPACK.Gen Voir

Posez votre question Répondre

DllD, le 22 fév 2009 à 15:31:00

Bonjour,
fais ceci stp :

> Télécharge random's system information tool (RSIT) : http://images.malwareremoval.com/random/RSIT.exe
- Enregistre le programme sur ton bureau.
- Double clique sur RSIT.exe
- A l'écran "Disclaimer" choisis "1 months" dans le menu déroulant puis clique sur <continue>.
- Si HiJackThis n'est pas détecté sur ton PC, RSIT le téléchargera ; accepte alors la licence.
- Une fois le scanne terminé tu obtiendras un rapport log.txt. Poste le sur le forum.
NB : Il se peut que tu obtiennes un second rapport nommé info.txt. Dans ce cas poste le aussi mais dans un second message.

A+
Formatage en cours...3% Veuillez patienter. Merci.

Répondre à DllD

alex a un probleme, le 30 oct 2009 à 12:03:20

Voici le repport log :

Logfile of random's system information tool 1.06 (written by random/random)
Run by computer at 2009-10-30 11:01:40
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 2 GB (3%) free of 79 GB
Total RAM: 1023 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:02:19, on 30/10/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
C:\Program Files\Belkin\Belkin Wireless Network Utility\WLanCfgG.exe
C:\PROGRA~1\WinTV\TVServer\HAUPPA~1.EXE
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Lexmark 4300 Series\lxcemon.exe
C:\Program Files\Lexmark 4300 Series\ezprint.exe
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\HiYo\bin\HiYo.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\EoRezo\EoEngine.exe
C:\WINDOWS\system32\lxcecoms.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\WinTV\Ir.exe
C:\Program Files\Avira\AntiVir Desktop\avscan.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Avira\AntiVir Desktop\avnotify.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Documents and Settings\computer\Bureau\RSIT.exe
C:\Program Files\trend micro\computer.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://y.lo.st
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://y.lo.st
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: EoBHO - {C7B76B90-3455-4AE6-A752-EAC4D19689E5} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [lxcemon.exe] "C:\Program Files\Lexmark 4300 Series\lxcemon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 4300 Series\ezprint.exe"
O4 - HKLM\..\Run: [LXCECATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCEtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Hiyo] C:\Program Files\HiYo\bin\HiYo.exe /RunFromStartup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [NiwradSoft Welcome] C:\WINDOWS\NiwradSoft Shell Pack\Tools\NS Welcome.exe
O4 - HKLM\..\Run: [EoEngine] "C:\Program Files\EoRezo\EoEngine.exe"
O4 - HKLM\..\Run: [SoftwareHelper] C:\Documents and Settings\computer\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
O4 - HKLM\..\Run: [IMBooster] C:\Program Files\Iminent\IMBooster\IMBooster.exe /warmup
O4 - HKLM\..\Run: [Iminent.Notifier] C:\Program Files\Iminent\SearchTheWeb\Iminent.Notifier.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe" /automount
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [DeskSpace] C:\Program Files\DeskSpace\deskspace.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AutoStart IR.lnk = C:\Program Files\WinTV\Ir.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Belkin Wireless USB Network Adapter (Belkin Wireless USB Network Adapter Service) - Unknown owner - C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
O23 - Service: Service Google Update (gupdate1c9fbe22809e4cc) (gupdate1c9fbe22809e4cc) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HauppaugeTVServer - Hauppauge Computer Works - C:\PROGRA~1\WinTV\TVServer\HAUPPA~1.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: lxce_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcecoms.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
End of file - 9766 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{15FB69AE-BD85-4224-B251-F6F9C955AE0C}.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{2EE08B99-10EE-4DED-8C4B-FE677A40F005}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16 37808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-10-28 256112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll [2009-10-21 762864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}]
EoBHO Class - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll [2008-11-18 42792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-10-28 458736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28 160496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-10-28 256112]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-07-21 86016]
"AlcWzrd"=C:\WINDOWS\ALCWZRD.EXE [2006-05-04 2808832]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe []
"LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2005-07-19 221184]
"LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe [2005-06-08 458752]
"LogitechVideoTray"=C:\Program Files\Logitech\Video\LogiTray.exe [2005-06-08 217088]
"lxcemon.exe"=C:\Program Files\Lexmark 4300 Series\lxcemon.exe [2005-08-02 192512]
"EzPrint"=C:\Program Files\Lexmark 4300 Series\ezprint.exe [2005-07-26 94208]
"LXCECATS"=rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCEtime.dll,_RunDLLEntry@16 []
"ArcSoft Connection Service"=C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe [2008-02-22 72192]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2006-09-01 282624]
"Hiyo"=C:\Program Files\HiYo\bin\HiYo.exe [2009-10-26 206192]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"NiwradSoft Welcome"=C:\WINDOWS\NiwradSoft Shell Pack\Tools\NS Welcome.exe [2009-09-22 303490]
"EoEngine"=C:\Program Files\EoRezo\EoEngine.exe [2009-02-23 472872]
"SoftwareHelper"=C:\Documents and Settings\computer\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe [2008-12-09 368224]
"IMBooster"=C:\Program Files\Iminent\IMBooster\IMBooster.exe /warmup []
"Iminent.Notifier"=C:\Program Files\Iminent\SearchTheWeb\Iminent.Notifier.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2006-03-02 40448]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe ASO-616B5711-6DAE-4795-A05F-39A1E5104020 []
"LogitechSoftwareUpdate"=C:\Program Files\Logitech\Video\ManifestEngine.exe [2005-06-08 196608]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-08-19 1667584]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe [2009-03-17 203416]
"OM2_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe [2007-02-08 95800]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-07-02 39408]
"DeskSpace"=C:\Program Files\DeskSpace\deskspace.exe []

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
AutoStart IR.lnk - C:\Program Files\WinTV\Ir.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-02-26 126976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"
"C:\Program Files\TrackMania Original\TmOriginal.exe"="C:\Program Files\TrackMania Original\TmOriginal.exe:*:Enabled:TmOriginal"
"C:\Program Files\Maxis\SimCity 3000 World Edition\Apps\Updater\UPDATER.EXE"="C:\Program Files\Maxis\SimCity 3000 World Edition\Apps\Updater\UPDATER.EXE:*:Enabled:SC3UpdaterMFC"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe"="C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe:*:Enabled:speed2"
"C:\Program Files\PokerTH\pokerth.exe"="C:\Program Files\PokerTH\pokerth.exe:*:Enabled:pokerth"
"C:\Program Files\TMNations\TmNationsForever\TmForever.exe"="C:\Program Files\TMNations\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1993f7ac-5858-11de-bb36-0011d8d8bb17}]
shell\AutoRun\command - E:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9dec05fe-5825-11de-bb35-0011d8d8bb17}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL demarrer.html

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b67c661d-ea4e-11dd-ba7d-0011d8d8bb17}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL demarrer.html

======List of files/folders created in the last 1 months======

2009-10-30 11:01:45 ----D---- C:\Program Files\trend micro
2009-10-30 11:01:40 ----D---- C:\rsit
2009-10-27 18:20:52 ----D---- C:\Documents
2009-10-26 19:33:49 ----D---- C:\Documents and Settings\computer\Application Data\Red Kawa
2009-10-26 19:31:53 ----D---- C:\Documents and Settings\computer\Application Data\Multi File Downloader
2009-10-26 19:04:07 ----D---- C:\Program Files\AviSynth 2.5
2009-10-26 19:03:54 ----D---- C:\Program Files\Red Kawa
2009-10-26 18:27:03 ----SHD---- C:\Config.Msi
2009-10-26 17:58:58 ----D---- C:\Program Files\Conduit
2009-10-26 17:56:47 ----D---- C:\Program Files\Iminent
2009-10-26 17:24:54 ----D---- C:\Documents and Settings\computer\Application Data\OtakuSoftware
2009-10-26 17:24:17 ----D---- C:\Documents and Settings\computer\Application Data\EoRezo
2009-10-26 17:24:13 ----D---- C:\Program Files\EoRezo
2009-10-26 16:08:21 ----N---- C:\WINDOWS\WB.ini
2009-10-26 16:07:16 ----N---- C:\WINDOWS\system32\wbsys.dll
2009-10-26 16:07:15 ----D---- C:\Program Files\Stardock
2009-10-26 15:37:01 ----A---- C:\WINDOWS\system32\uxtheme.dll.backup
2009-10-26 15:36:24 ----HD---- C:\WINDOWS\NiwradSoft Shell Pack
2009-10-23 22:22:22 ----D---- C:\Program Files\Mozilla Firefox
2009-10-21 11:39:44 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2009-10-21 11:26:05 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2009-10-21 11:25:58 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2009-10-21 11:25:51 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2009-10-21 11:25:42 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2009-10-21 11:25:24 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2009-10-18 13:31:33 ----D---- C:\Program Files\Fichiers communs\DVDVideoSoft
2009-10-18 13:31:31 ----D---- C:\Program Files\DVDVideoSoft
2009-10-13 20:12:55 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2009-10-13 20:12:50 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2009-10-13 20:12:45 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2009-10-13 20:12:33 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2009-10-13 20:12:15 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2009-10-10 10:32:05 ----D---- C:\Program Files\Microsoft Games
2009-10-10 09:59:07 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2009-10-08 20:17:51 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2009-10-08 20:17:07 ----HDC---- C:\WINDOWS\$NtUninstallKB925720$
2009-10-07 12:33:27 ----D---- C:\WINDOWS\system32\XPSViewer
2009-10-07 12:33:22 ----D---- C:\Program Files\MSBuild
2009-10-07 12:33:20 ----D---- C:\WINDOWS\system32\en-US
2009-10-07 12:33:09 ----D---- C:\Program Files\Reference Assemblies
2009-10-07 12:32:41 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2009-10-07 12:32:41 ----N---- C:\WINDOWS\system32\prntvpt.dll
2009-10-07 12:32:40 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2009-10-07 12:32:40 ----D---- C:\f3e464270c0aa34091731450
2009-10-07 12:29:33 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2009-10-07 12:29:27 ----D---- C:\Program Files\MSXML 6.0
2009-10-07 12:27:57 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2009-10-07 11:25:07 ----D---- C:\WINDOWS\system32\CatRoot_bak
2009-10-06 19:46:29 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-10-06 19:46:22 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-10-06 19:46:15 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2009-10-06 19:46:08 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-10-06 19:46:02 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2009-10-06 19:45:55 ----HDC---- C:\WINDOWS\$NtUninstallKB935448$
2009-10-06 19:45:48 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
2009-10-06 19:45:42 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2$
2009-10-06 19:45:34 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-10-06 19:45:28 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2009-10-06 19:45:22 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2009-10-06 19:45:16 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-10-06 19:45:10 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
2009-10-06 19:45:07 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2009-10-06 19:44:38 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-10-06 19:44:25 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2009-10-06 19:44:18 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2009-10-06 19:44:12 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
2009-10-06 19:44:06 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2009-10-06 19:43:59 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-10-06 19:43:52 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-10-06 19:43:47 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2009-10-06 19:43:35 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$
2009-10-06 19:43:25 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-10-06 19:43:18 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2009-10-06 19:43:13 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2009-10-06 19:42:54 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-10-06 19:42:48 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-10-06 19:42:42 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-10-06 19:42:35 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2009-10-06 19:42:22 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-10-06 19:42:16 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2009-10-06 19:41:54 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-10-06 19:41:45 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-10-06 19:41:32 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2009-10-06 19:41:20 ----D---- C:\WINDOWS\ServicePackFiles
2009-10-06 19:41:18 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$
2009-10-06 19:41:10 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-10-06 19:41:03 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2009-10-06 19:40:55 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
2009-10-06 19:40:43 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-10-06 19:40:37 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-10-06 19:40:30 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-10-06 19:40:24 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-10-06 19:40:14 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2009-10-06 19:40:01 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2009-10-06 19:39:49 ----HDC---- C:\WINDOWS\$NtUninstallKB970653-v3$
2009-10-06 17:57:16 ----N---- C:\WINDOWS\system32\tzchange.exe
2009-10-04 08:09:06 ----A---- C:\WINDOWS\system32\muweb.dll
2009-10-04 08:09:06 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2009-10-04 08:09:06 ----A---- C:\WINDOWS\system32\mucltui.dll
2009-10-03 11:38:34 ----D---- C:\WINDOWS\ie8updates
2009-10-03 11:37:41 ----D---- C:\WINDOWS\WBEM
2009-10-03 11:36:06 ----HDC---- C:\WINDOWS\ie8
2009-10-03 11:36:06 ----D---- C:\WINDOWS\system32\fr-FR
2009-10-03 11:32:52 ----A---- C:\WINDOWS\system32\MRT.exe
2009-10-03 11:21:05 ----A---- C:\WINDOWS\system32\B11gUSB.dll
2009-10-03 11:21:04 ----A---- C:\WINDOWS\system32\GTW32N50.dll
2009-10-03 10:38:37 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2009-10-03 10:04:40 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-10-03 10:04:39 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2009-10-03 10:04:18 ----D---- C:\Program Files\Windows Media Connect 2
2009-10-03 10:04:01 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2009-10-03 08:37:57 ----D---- C:\Program Files\Microsoft
2009-10-03 08:37:38 ----D---- C:\Program Files\Windows Live SkyDrive
2009-10-03 08:37:15 ----D---- C:\Program Files\Windows Live
2009-10-03 08:30:00 ----D---- C:\Program Files\Fichiers communs\Windows Live

======List of files/folders modified in the last 1 months======

2009-10-30 11:01:45 ----RD---- C:\Program Files
2009-10-30 11:01:43 ----D---- C:\WINDOWS\Prefetch
2009-10-30 11:00:55 ----D---- C:\WINDOWS
2009-10-30 10:32:03 ----D---- C:\WINDOWS\system32
2009-10-30 10:32:01 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-10-30 10:28:08 ----D---- C:\WINDOWS\Temp
2009-10-30 10:27:42 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-10-30 10:27:37 ----SD---- C:\WINDOWS\Tasks
2009-10-30 10:27:35 ----D---- C:\WINDOWS\system32\CatRoot2
2009-10-30 10:04:46 ----D---- C:\Documents and Settings\computer\Application Data\uTorrent
2009-10-30 09:23:42 ----HD---- C:\WINDOWS\inf
2009-10-30 09:23:37 ----D---- C:\WINDOWS\Help
2009-10-28 21:03:06 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-10-28 09:20:48 ----SHD---- C:\WINDOWS\Installer
2009-10-26 18:42:41 ----D---- C:\Program Files\uTorrent
2009-10-26 18:26:41 ----RSD---- C:\WINDOWS\assembly
2009-10-26 16:51:21 ----D---- C:\Program Files\Windows Media Player
2009-10-26 16:51:21 ----D---- C:\Program Files\Outlook Express
2009-10-26 16:51:21 ----D---- C:\Program Files\Fichiers communs\System
2009-10-26 16:51:20 ----D---- C:\WINDOWS\system32\usmt
2009-10-26 16:51:20 ----D---- C:\WINDOWS\system32\Restore
2009-10-26 16:51:20 ----D---- C:\Program Files\Windows NT
2009-10-26 16:51:20 ----D---- C:\Program Files\Movie Maker
2009-10-26 16:51:20 ----D---- C:\Program Files\Internet Explorer
2009-10-26 16:51:18 ----D---- C:\WINDOWS\srchasst
2009-10-26 16:23:48 ----A---- C:\WINDOWS\win.ini
2009-10-26 15:58:08 ----D---- C:\WINDOWS\system32\CatRoot
2009-10-26 15:53:23 ----RSD---- C:\WINDOWS\Fonts
2009-10-26 15:53:11 ----D---- C:\WINDOWS\Cursors
2009-10-26 15:37:02 ----A---- C:\WINDOWS\system32\uxtheme.dll
2009-10-23 22:23:54 ----D---- C:\Documents and Settings\computer\Application Data\Mozilla
2009-10-23 20:55:31 ----D---- C:\WINDOWS\Microsoft.NET
2009-10-21 13:36:24 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-10-21 11:39:56 ----D---- C:\Documents and Settings\computer\Application Data\Google
2009-10-21 11:39:44 ----D---- C:\Program Files\Google
2009-10-21 11:29:16 ----D---- C:\WINDOWS\WinSxS
2009-10-21 11:26:02 ----A---- C:\WINDOWS\imsins.BAK
2009-10-21 11:25:27 ----D---- C:\WINDOWS\system32\drivers
2009-10-18 19:22:41 ----D---- C:\Program Files\Lx_cats
2009-10-18 13:31:33 ----D---- C:\Program Files\Fichiers communs
2009-10-13 20:12:59 ----HD---- C:\WINDOWS\$hf_mig$
2009-10-13 20:01:53 ----D---- C:\Program Files\Dofus
2009-10-10 10:36:51 ----HD---- C:\Program Files\InstallShield Installation Information
2009-10-10 10:36:47 ----D---- C:\WINDOWS\system32\DirectX
2009-10-07 12:32:53 ----D---- C:\WINDOWS\system32\spool
2009-10-07 12:30:46 ----D---- C:\WINDOWS\system32\mui
2009-10-07 11:25:07 ----D---- C:\WINDOWS\Debug
2009-10-07 11:21:59 ----D---- C:\WINDOWS\system32\wbem
2009-10-07 11:21:58 ----D---- C:\WINDOWS\AppPatch
2009-10-06 19:46:09 ----D---- C:\Program Files\Messenger
2009-10-03 11:37:51 ----D---- C:\WINDOWS\system32\config
2009-10-03 11:37:25 ----D---- C:\WINDOWS\Media
2009-10-03 08:39:28 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-10-03 08:37:43 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-10-03 08:37:43 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-10-03 08:18:32 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2006-03-02 40320]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-19 14848]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-10-06 28520]
R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-03-02 12032]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-10-03 20747]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-10-06 55656]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2006-03-02 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-02-26 2863616]
R3 avshws;YouUp Simulated Hardware; C:\WINDOWS\system32\DRIVERS\youup.sys [2009-04-27 57472]
R3 hcw95bda;Hauppauge MOD7700 Tuner Driver; C:\WINDOWS\System32\Drivers\hcw95bda.sys [2008-09-09 562176]
R3 hcw95rc;Hauppauge MOD7700 IR Driver; C:\WINDOWS\system32\DRIVERS\hcw95rc.sys [2008-09-09 15616]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2006-03-02 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-12-20 4637696]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-05-27 22016]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12288]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2006-03-02 61824]
R3 RT73;Belkin USB Network Adapter; C:\WINDOWS\system32\DRIVERS\rt73.sys [2005-08-02 232192]
R3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2006-03-02 26624]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2006-03-02 57600]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2006-03-02 26496]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2006-03-02 20480]
S3 a3kjugcj;a3kjugcj; C:\WINDOWS\system32\drivers\a3kjugcj.sys []
S3 CamDrL;Logitech QuickCam Pro 3000(CamDrl); C:\WINDOWS\system32\DRIVERS\Camdrl.sys [2004-10-08 326656]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 MPE;Filtre BDA MPE; C:\WINDOWS\system32\DRIVERS\MPE.sys [2004-08-03 15360]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-10-06 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-10-06 185089]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-02-26 520192]
R2 Belkin Wireless USB Network Adapter Service;Belkin Wireless USB Network Adapter; C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe [2004-03-29 49152]
R2 HauppaugeTVServer;HauppaugeTVServer; C:\PROGRA~1\WinTV\TVServer\HAUPPA~1.EXE [2008-10-21 434176]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2006-03-02 14336]
R3 lxce_device;lxce_device; C:\WINDOWS\system32\lxcecoms.exe [2005-07-06 471040]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2008-02-25 593920]
S2 gupdate1c9fbe22809e4cc;Service Google Update (gupdate1c9fbe22809e4cc); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-03 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-02 190448]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Répondre à alex a un probleme

rocklee67, le 22 fév 2009 à 15:37:47

Et ben merci pour le coup demain :)
Voile le rapport log.txt. :

Logfile of random's system information tool 1.05 (written by random/random)
Run by Vincent at 2009-02-22 15:33:22
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 43 GB (14%) free of 297 GB
Total RAM: 3070 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:34:09, on 22/02/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Glary Utilities\memdefrag.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Azureus\Azureus.exe
C:\Program Files\Steam\steam.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\program files\avira\antivir personaledition classic\avcenter.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\PROGRA~1\FREEDO~1\fdm.exe
C:\Users\Vincent\Downloads\RSIT.exe
C:\Program Files\trend micro\Vincent.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Glary Memory Optimizer] "C:\Program Files\Glary Utilities\memdefrag.exe" /autostart
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe
End of file - 8912 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GlaryInitialize.job
C:\Windows\tasks\HDReg.job
C:\Windows\tasks\Maintenance en 1 clic.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
Click-to-Call BHO - C:\Program Files\Windows Live\Messenger\wlchtc.dll [2009-02-06 73072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2007-08-07 2436160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
CBrowserHelperObject Object - C:\Program Files\Google\Google_BAE\BAE.dll [2006-11-09 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2008-06-18 94208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2007-08-07 2436160]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2008-10-14 863688]
{D0943516-5076-4020-A3B5-AEFAF26AB263} - Veoh Browser Plug-in - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll [2008-03-24 352256]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-03-01 4390912]
"Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2008-02-29 76304]
"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-02-09 13683232]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2009-02-09 92704]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-02-11 399504]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
"Glary Memory Optimizer"=C:\Program Files\Glary Utilities\memdefrag.exe [2008-03-05 92160]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-11-07 21633320]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9763d5b4-46eb-11dd-bb37-806e6f6e6963}]
shell\AutoRun\command - H:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a2b3e284-7292-11dd-9258-001c2524b97b}]
shell\AutoRun\command - I:\autorun.exe

======List of files/folders created in the last 1 months======

2009-02-22 15:33:25 ----D---- C:\Program Files\trend micro
2009-02-22 15:33:22 ----D---- C:\rsit
2009-02-22 15:18:59 ----D---- C:\Users\Vincent\AppData\Roaming\Malwarebytes
2009-02-22 15:18:52 ----D---- C:\ProgramData\Malwarebytes
2009-02-22 15:18:52 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-02-22 12:52:46 ----D---- C:\ProgramData\Sports Interactive
2009-02-22 12:43:01 ----D---- C:\Program Files\Sports Interactive
2009-02-22 12:33:13 ----D---- C:\Users\Vincent\AppData\Roaming\Sports Interactive
2009-02-21 23:32:40 ----D---- C:\Users\Vincent\AppData\Roaming\Mount&Blade
2009-02-21 23:31:13 ----D---- C:\Program Files\Mount&Blade
2009-02-21 15:41:55 ----D---- C:\SIERRA
2009-02-21 15:41:55 ----D---- C:\Program Files\Sierra On-Line
2009-02-21 15:41:29 ----A---- C:\Windows\SIERRA.INI
2009-02-21 15:41:26 ----A---- C:\Windows\IsUn040c.exe
2009-02-20 17:16:11 ----A---- C:\Windows\system32\TuneUpDefragService.exe
2009-02-18 20:38:27 ----A---- C:\Windows\system32\TUProgSt.exe
2009-02-18 20:37:16 ----D---- C:\Program Files\TuneUp Utilities 2009
2009-02-18 20:36:33 ----SHD---- C:\ProgramData\{55A29068-F2CE-456C-9148-C869879E2357}
2009-02-15 22:34:24 ----A---- C:\Windows\system32\EncDec.dll
2009-02-15 22:34:23 ----A---- C:\Windows\system32\psisdecd.dll
2009-02-15 12:37:23 ----D---- C:\Users\Vincent\AppData\Roaming\DivX
2009-02-13 21:28:26 ----D---- C:\Netts
2009-02-11 12:14:44 ----A---- C:\Windows\system32\mshtml.dll
2009-02-11 12:14:44 ----A---- C:\Windows\system32\ieframe.dll
2009-02-11 12:14:43 ----A---- C:\Windows\system32\urlmon.dll
2009-02-11 12:14:43 ----A---- C:\Windows\system32\msfeeds.dll
2009-02-11 12:14:42 ----A---- C:\Windows\system32\wininet.dll
2009-02-11 12:14:42 ----A---- C:\Windows\system32\mstime.dll
2009-02-11 12:14:42 ----A---- C:\Windows\system32\jsproxy.dll
2009-02-11 12:14:42 ----A---- C:\Windows\system32\iertutil.dll
2009-02-09 13:18:00 ----A---- C:\Windows\system32\nvwssr.dll
2009-02-09 13:18:00 ----A---- C:\Windows\system32\nvwss.dll
2009-02-09 13:18:00 ----A---- C:\Windows\system32\nvwgf2um.dll
2009-02-09 13:18:00 ----A---- C:\Windows\system32\nvvitvsr.dll
2009-02-09 13:18:00 ----A---- C:\Windows\system32\nvvitvs.dll
2009-02-09 13:18:00 ----A---- C:\Windows\system32\nvudisp.exe
2009-02-09 13:18:00 ----A---- C:\Windows\system32\nvsvsr.dll
2009-02-09 13:18:00 ----A---- C:\Windows\system32\nvsvs.dll
2009-02-09 13:18:00 ----A---- C:\Windows\system32\nvoglv32.dll
2009-02-09 13:18:00 ----A---- C:\Windows\system32\nvmoblsr.dll
2009-02-09 13:18:00 ----A---- C:\Windows\system32\nvmobls.dll
2009-02-09 13:18:00 ----A---- C:\Windows\system32\nvmctray.dll
2009-02-09 13:18:00 ----A---- C:\Windows\system32\nvmccssr.dll
2009-02-09 13:18:00 ----A---- C:\Windows\system32\nvmccss.dll
2009-02-09 13:18:00 ----A---- C:\Windows\system32\nvmccsrs.dll
2009-02-09 13:18:00 ----A---- C:\Windows\system32\nvmccs.dll
2009-02-09 13:18:00 ----A---- C:\Windows\system32\nvgamesr.dll
2009-02-09 13:18:00 ----A---- C:\Windows\system32\nvgames.dll
2009-02-09 13:18:00 ----A---- C:\Windows\system32\nvdispsr.dll
2009-02-09 13:18:00 ----A---- C:\Windows\system32\nvdisps.dll
2009-02-09 13:18:00 ----A---- C:\Windows\system32\nvcuvid.dll
2009-02-09 13:18:00 ----A---- C:\Windows\system32\nvcuda.dll
2009-02-09 13:18:00 ----A---- C:\Windows\system32\nvcod140.dll
2009-02-09 13:18:00 ----A---- C:\Windows\system32\nvcod.dll
2009-02-07 17:44:48 ----D---- C:\Users\Vincent\AppData\Roaming\skypePM
2009-02-07 17:44:19 ----D---- C:\Program Files\Skype
2009-02-07 17:44:18 ----D---- C:\Program Files\Common Files\Skype
2009-02-06 18:52:40 ----A---- C:\Windows\system32\sirenacm.dll
2009-02-06 17:11:25 ----D---- C:\ProgramData\WindowsSearch
2009-02-05 22:28:48 ----D---- C:\Program Files\Windows Live Safety Center
2009-02-01 18:58:21 ----D---- C:\Program Files\Veoh Networks
2009-02-01 18:57:04 ----D---- C:\Windows\Downloaded Installations
2009-02-01 14:57:02 ----A---- C:\Windows\system32\nvcpluir.dll
2009-02-01 14:57:02 ----A---- C:\Windows\system32\nvcplui.exe
2009-02-01 14:55:16 ----A---- C:\Windows\system32\NVUNINST.EXE
2009-01-28 16:21:23 ----D---- C:\ProgramData\Ubisoft
2009-01-28 16:15:38 ----D---- C:\Program Files\Ubisoft
2009-01-27 18:43:27 ----D---- C:\Program Files\Common Files\PX Storage Engine
2009-01-27 18:43:05 ----D---- C:\Program Files\DivX
2009-01-25 16:40:54 ----D---- C:\Program Files\SpeedFan

======List of files/folders modified in the last 1 months======

2009-02-22 15:34:01 ----D---- C:\Users\Vincent\AppData\Roaming\Azureus
2009-02-22 15:33:28 ----D---- C:\Windows\Temp
2009-02-22 15:33:25 ----RD---- C:\Program Files
2009-02-22 15:31:22 ----D---- C:\Users\Vincent\AppData\Roaming\Free Download Manager
2009-02-22 15:26:08 ----D---- C:\Users\Vincent\AppData\Roaming\Skype
2009-02-22 15:18:56 ----D---- C:\Windows\system32\drivers
2009-02-22 15:18:52 ----D---- C:\ProgramData
2009-02-22 13:53:28 ----D---- C:\Program Files\Mozilla Firefox
2009-02-22 12:49:17 ----RSD---- C:\Windows\assembly
2009-02-22 12:48:04 ----SHD---- C:\System Volume Information
2009-02-22 12:43:05 ----D---- C:\Program Files\Steam
2009-02-22 12:41:49 ----D---- C:\Windows\Prefetch
2009-02-21 15:43:53 ----D---- C:\Windows
2009-02-21 14:01:36 ----D---- C:\Program Files\Azureus
2009-02-21 12:39:32 ----SHD---- C:\Windows\Installer
2009-02-21 12:39:03 ----AD---- C:\Windows\System32
2009-02-21 12:38:42 ----D---- C:\Program Files\Common Files\microsoft shared
2009-02-21 12:35:44 ----D---- C:\Windows\inf
2009-02-21 12:35:44 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-02-20 12:12:11 ----D---- C:\Windows\system32\catroot2
2009-02-19 19:52:26 ----D---- C:\ProgramData\NVIDIA
2009-02-19 19:43:47 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-02-19 19:43:29 ----D---- C:\Program Files\AGEIA Technologies
2009-02-19 19:41:30 ----D---- C:\Windows\system32\catroot
2009-02-19 14:02:04 ----A---- C:\Windows\win.ini
2009-02-18 21:31:53 ----D---- C:\Windows\system32\config
2009-02-18 21:26:32 ----D---- C:\Windows\winsxs
2009-02-18 20:44:17 ----D---- C:\Windows\system32\Tasks
2009-02-18 20:41:46 ----D---- C:\Windows\Tasks
2009-02-16 19:37:17 ----D---- C:\Users\Vincent\AppData\Roaming\Hamachi
2009-02-16 03:03:14 ----D---- C:\Windows\Microsoft.NET
2009-02-16 03:00:48 ----D---- C:\Windows\ehome
2009-02-15 20:20:42 ----D---- C:\Program Files\Common Files\Steam
2009-02-15 11:28:23 ----D---- C:\Windows\Debug
2009-02-13 21:28:25 ----HD---- C:\Program Files\InstallShield Installation Information
2009-02-13 06:53:34 ----D---- C:\Downloads
2009-02-11 16:04:07 ----D---- C:\Program Files\Windows Mail
2009-02-10 14:10:54 ----D---- C:\Program Files\CCleaner
2009-02-09 13:18:00 ----A---- C:\Windows\system32\nvvsvc.exe
2009-02-09 13:18:00 ----A---- C:\Windows\system32\nvsvcr.dll
2009-02-09 13:18:00 ----A---- C:\Windows\system32\nvsvc.dll
2009-02-09 13:18:00 ----A---- C:\Windows\system32\nvd3dum.dll
2009-02-09 13:18:00 ----A---- C:\Windows\system32\nvcpl.dll
2009-02-09 13:18:00 ----A---- C:\Windows\system32\nvapi.dll
2009-02-08 10:20:23 ----D---- C:\Program Files\Messenger Plus! Live
2009-02-07 17:44:20 ----D---- C:\ProgramData\Skype
2009-02-07 17:44:18 ----D---- C:\Program Files\Common Files
2009-02-04 00:21:12 ----A---- C:\Windows\system32\mrt.exe
2009-02-02 17:24:27 ----D---- C:\Windows\system32\WDI
2009-02-01 15:55:51 ----A---- C:\Windows\system32\PnkBstrB.exe
2009-02-01 15:24:02 ----D---- C:\ProgramData\ma-config.com
2009-02-01 15:24:02 ----D---- C:\Program Files\ma-config.com

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [2007-02-27 11840]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2008-11-25 75072]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2008-11-02 56572]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [2008-05-20 52032]
R3 GEARAspiWDM;GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2008-09-17 25280]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-03-01 1744928]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2008-02-29 35344]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2008-02-29 36880]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [2009-02-11 38496]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-02-09 7764672]
R3 ovt519;Eye Toy; C:\Windows\System32\Drivers\ov519vid.sys [2003-10-15 174530]
R3 RTL8023xp;Pilote Realtek 10/100 NIC Family NDIS x86; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2006-11-02 47104]
R3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-19 73088]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
R3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2007-08-28 55808]
S1 ATITool;ATITool Overclocking Utility; C:\Windows\system32\DRIVERS\ATITool.sys [2006-11-10 24064]
S3 a6sf8hgh;a6sf8hgh; C:\Windows\system32\drivers\a6sf8hgh.sys []
S3 ajerdefw;ajerdefw; C:\Windows\system32\drivers\ajerdefw.sys []
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [2009-01-24 14336]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys []
S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1; C:\Windows\system32\drivers\libusb0.sys [2005-03-09 33792]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 TVICHW32;TVICHW32; \??\C:\Windows\system32\DRIVERS\TVICHW32.SYS [2009-02-01 23600]
S3 xnacc;Contrôleur XBOX 360 pour le service de pilote Windows; C:\Windows\system32\DRIVERS\xnacc.sys [2006-11-02 514560]
S3 XPADFL02;XPAD Filter Service 02; C:\Windows\system32\DRIVERS\xpadfl02.sys [2006-12-24 27904]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-07-27 611664]
R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-23 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-23 151297]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-02-09 207392]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2008-10-02 66872]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-03-06 266343]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 TuneUp.ProgramStatisticsSvc;@%SystemRoot%\System32\TUProgSt.exe,-1; C:\Windows\System32\TUProgSt.exe [2009-02-18 603904]
R3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2009-02-15 316664]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2007-01-11 166648]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-08-07 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe [2008-05-02 121360]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-01-24 216232]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-01-11 887544]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-09-14 73728]
S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2009-02-20 360192]
S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2008-01-19 21504]

-----------------EOF-----------------

Répondre à rocklee67

rocklee67, le 22 fév 2009 à 15:39:12

Et voila le deuxième rapport info.txt. :

info.txt logfile of random's system information tool 1.05 2009-02-22 15:34:19

======Uninstall list======

-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->MsiExec /X{DD1865F0-AD73-40FB-B23E-1822E02396FF}
-->MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF}
-->MsiExec.exe /I{0D330013-4A99-46D6-83C6-2C959C68DBFF}
-->MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87}
-->MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
-->MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
-->MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82}
-->MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
Adobe Reader 8-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *AdobeReader*
Adobe Shockwave Player-->C:\Windows\System32\Macromed\SHOCKW~1\UNWISE.EXE C:\Windows\System32\Macromed\SHOCKW~1\Install.log
Adobe Shockwave Player-->MsiExec.exe /X{A7DB362E-16DC-4E29-8A34-E74381E00B5B}
ADSL Neuf-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *NEUF_FR*
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
Azureus Vuze-->C:\Program Files\Azureus\uninstall.exe
Battlefield 2(TM)-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}\setup.exe" -l0x40c -removeonly
Browser Address Error Redirector-->regsvr32 /u /s "C:\Program Files\Google\Google_BAE\BAE.dll"
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CDDRV_Installer-->MsiExec.exe /I{0C826C5B-B131-423A-A229-C71B3CACCD6A}
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Command & Conquer™ Alerte Rouge 3-->MsiExec.exe /X{296D8550-CB06-48E4-9A8B-E5034FB64715}
Creator 9-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *CREATOR9*
DAEMON Tools Toolbar-->C:\Program Files\DAEMON Tools Toolbar\uninst.exe
Diablo II-->C:\Windows\DIIUnin.exe C:\Windows\DIIUnin.dat
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
D-Link VGA Webcam-->C:\Windows\CleanDev.exe C:\Windows\ov519.TXT
DriverAgent by eSupport.com-->RunDll32.exe advpack.dll,LaunchINFSection driveragent_exe.inf,TVICHW32Remove
EA Download Manager-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{EF7E931D-DC84-471B-8DB6-A83358095474} /l1036
eMule-->"C:\Program Files\eMule\Uninstall.exe"
EVEREST Ultimate Edition v4.60-->"C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
Fallout 3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{974C4B12-4D02-4879-85E0-61C95CC63E9E}\setup.exe" -l0x40c -removeonly
FIFA 09-->MsiExec.exe /X{2315B23D-3E21-4920-837D-AE6460934ECB}
Firefox-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *FirefoxFR*
Flash Player 9 Internet Explorer-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Flashplayer*
Florensia-->C:\Program Files\InstallShield Installation Information\{9A8CE87B-CF81-48CA-B882-91445A71323F}\setup.exe -runfromtemp -l0x0009 -removeonly
Football Manager 2009-->"C:\Program Files\Sports Interactive\Football Manager 2009\Uninstall_Football Manager 2009\Uninstall Football Manager 2009.exe"
Free Download Manager 2.5-->"C:\Program Files\Free Download Manager\unins000.exe"
GearDrvs-->MsiExec.exe /I{206FD69B-F9FE-4164-81BD-D52552BC9C23}
GeoGebra-->"C:\Program Files\GeoGebra\UninstallerData\Uninstaller.exe"
Glary Utilities 2.6-->"C:\Program Files\Glary Utilities\unins000.exe"
Google BAE-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *GoogleBAE*
Google Earth-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *GOOGLE_EARTH*
Google Earth-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}\setup.exe" -l0x40c -removeonly
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
GoogleToolbar-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *GoogleToolbar*
GPGNet-->MsiExec.exe /I{C194D333-B84A-4BB7-B35E-060732D98DC4}
Grand Theft Auto IV-->"C:\Program Files\InstallShield Installation Information\{579BA58C-F33D-4970-9953-B94B43768AC3}\setup.exe" -runfromtemp -l0x040c -removeonly
Half-Life 2: Deathmatch-->"C:\Program Files\Steam\steam.exe" steam://uninstall/320
Half-Life 2: Episode One-->"C:\Program Files\Steam\steam.exe" steam://uninstall/380
Half-Life 2: Episode Two-->"C:\Program Files\Steam\steam.exe" steam://uninstall/420
Half-Life 2: Lost Coast-->"C:\Program Files\Steam\steam.exe" steam://uninstall/340
Hamachi 1.0.2.5-->C:\Program Files\Hamachi\uninstall.exe
HDReg France-->MsiExec.exe /I{0ED40D2A-7131-4FE7-941E-5C329336F712}
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Infocentre Rev. 2.0-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Infocentre*
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
Java(TM) 6 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
KhalInstallWrapper-->MsiExec.exe /I{3101CB58-3482-4D21-AF1A-7057FC935355}
Les Sims 2 : Nuits de Folie-->C:\Program Files\EA GAMES\Les Sims 2 Nuits de Folie\EAUninstall.exe
Les Sims 2 Fun en Famille Kit-->C:\Program Files\EA GAMES\Les Sims 2 Fun en Famille Kit\EAUninstall.exe
Les Sims 2 : La bonne affaire-->C:\Program Files\EA GAMES\Les Sims 2 La bonne affaire\EAUninstall.exe
Les Sims 2-->C:\Program Files\EA GAMES\Les Sims 2\EAUninstall.exe
Les Sims™ 2 Animaux & Cie-->C:\Program Files\EA GAMES\Les Sims 2 Animaux & Cie\EAUninstall.exe
Les Sims™ 2 Kit Glamour-->C:\Program Files\EA GAMES\Les Sims 2 Kit Glamour\EAUninstall.exe
Les Sims™ 2 Au fil des saisons-->C:\Program Files\EA GAMES\Les Sims 2 Au fil des saisons\EAUninstall.exe
Logitech SetPoint-->C:\Program Files\InstallShield Installation Information\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}\setup.exe -runfromtemp -l0x040c -removeonly
Ma-Config.com-->MsiExec.exe /X{8AFB8FC4-3EBA-4C67-943F-CF43DB2180F1}
Magic Sports-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *MagicSports*
MagicSports 3.5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5927AF0D-335C-41D6-937B-54587EBD6D2C}\setup.exe" -uninstall
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
MediaCoder 0.6.1-->C:\Program Files\MediaCoder\uninst.exe
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Metaboli-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *METABOLI*
Microsoft .NET Framework 1.1 Hotfix (KB929729)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M929729\M929729Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft Games for Windows - LIVE -->MsiExec.exe /X{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{FD052FB9-FE90-4438-B355-15EDC89D8FB1}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Works 9 SE-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *works9se*
Microsoft Works-->MsiExec.exe /I{0214A441-A4AB-43A8-8DEF-2F73C5364673}
Microsoft® Office Trial 2007-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *OFF2k7_FR*
Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Mount&Blade-->C:\Program Files\Mount&Blade\uninstall.exe
Mozilla Firefox (3.0.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Norton 360-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *N360_2007_FR*
Norton 360-->MsiExec.exe /I{63A6E9A9-A190-46D4-9430-2DB28654AFD8}
NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI
NVIDIA PhysX-->MsiExec.exe /X{DD1865F0-AD73-40FB-B23E-1822E02396FF}
OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U
OpenOffice.org 2.4-->MsiExec.exe /I{A122962F-331A-4C2E-93DB-AD92D8A4FB14}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Packard Bell Demo-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *PB_DEMO*
Packard Bell ImageWriter-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *ImageWriter*
Packard Bell LCD Test-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *LCDTest*
Packard Bell Updator-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Updator*
Pharaon-->C:\Windows\IsUn040c.exe -fC:\SIERRA\Pharaon\Uninst.isu
Picasa2-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Picasa_2*
PowerISO-->"C:\Program Files\PowerISO\uninstall.exe"
Prey-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A785BBA7-3FB9-4D81-BC35-4A2028915ACB}\setup.exe" -l0x40c -removeonly
RapidTyping-->"C:\Program Files\RapidTyping\Uninstall.exe"
Realtek HD Audio V6.0.1.5377-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *AUDIO_REALTEK*
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Rise Of Legends-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{CADDE354-C78C-46CB-A006-E2B178EFC271}
Rockstar Games Social Club-->"C:\Program Files\InstallShield Installation Information\{08B3869E-D282-424C-9AFC-870E04A4BA14}\setup.exe" -runfromtemp -l0x040c -removeonly
RomStation-->C:\Program Files\RomStation\Uninstal.exe
Roxio Creator 9 LE-->MsiExec.exe /I{B7FB0C86-41A4-4402-9A33-912C462042A0}
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
SetUp My PC-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *SETUPMYPC_FR*
Shockwave player 10-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Shockwave*
SixaxisDriver 0.91-->"C:\Program Files\SixaxisDriver\unins000.exe"
Skype 2.5.2.151-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *SKYPE*
Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Software Informer 1.0 BETA-->"C:\Program Files\Software Informer\unins000.exe"
SpeedFan (remove only)-->"C:\Program Files\SpeedFan\uninstall.exe"
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Supreme Commander - Forged Alliance-->C:\Program Files\InstallShield Installation Information\{31D95937-B237-405D-920C-A3EF4E482395}\setup.exe -runfromtemp -l0x0009 -removeonly
Supreme Commander-->C:\Program Files\InstallShield Installation Information\{25A1E6A4-2DBD-4AC0-8650-8EA9A45B183D}\setup.exe -runfromtemp -l0x0009 -removeonly
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
TeamSpeak 2 RC2-->"C:\Program Files\Teamspeak2_RC2\unins000.exe"
The Sims 2 University-->C:\Program Files\EA GAMES\The Sims 2 University\EAUninstall.exe
Titan Quest Immortal Throne-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B5C5C17E-FEF6-4062-8151-A427AE8AF9D7}\setup.exe" -l0x40c -removeonly
Tom Clancy's Splinter Cell Chaos Theory-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{888DD888-82BE-4D85-BCB2-2E042CD3E844}\setup.exe" -l0x40c -removeonly
Tomb Raider: Underworld 1.0-->C:\Program Files\Eidos\Tomb Raider - Underworld\uninst.exe
TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357}
Update for Microsoft Office Excel 2007 Help (KB957242)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {49E314EE-81FA-4007-8F1A-8D39BDBB4498}
Update for Office 2007 (KB946691)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
VeohTV BETA-->C:\Program Files\InstallShield Installation Information\{0405E51E-9582-4207-8F38-AC44201D3808}\setup.exe -runfromtemp -l0x0409
VIA Gestionnaire de périphériques de plate-forme-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
VideoLAN VLC media player 0.8.6i-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Live OneCare safety scanner-->"C:\Program Files\Windows Live Safety Center\UnInstall.exe"
Windows Live OneCare safety scanner-->MsiExec.exe /X{FE0646A7-19D0-41B4-A2BB-2C35D644270D}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Xfire (remove only)-->"C:\Program Files\Xfire\uninst.exe"

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

System event log

Computer Name: PC-de-Vincent
Event Code: 1103
Message: Votre ordinateur a obtenu une adresse auprès du réseau, et vous pouvez maintenant vous connecter à d'autres ordinateurs.
Record Number: 169848
Source Name: Microsoft-Windows-Dhcp-Client
Time Written: 20090222142703.000000-000
Event Type: Information
User:

Computer Name: PC-de-Vincent
Event Code: 1103
Message: Votre ordinateur a obtenu une adresse auprès du réseau, et vous pouvez maintenant vous connecter à d'autres ordinateurs.
Record Number: 169849
Source Name: Microsoft-Windows-Dhcp-Client
Time Written: 20090222142910.000000-000
Event Type: Information
User:

Computer Name: PC-de-Vincent
Event Code: 7036
Message: Le service Service de découverte automatique de Proxy Web pour les services HTTP Windows est entré dans l'état : en cours d'exécution.
Record Number: 169850
Source Name: Service Control Manager
Time Written: 20090222143043.000000-000
Event Type: Information
User:

Computer Name: PC-de-Vincent
Event Code: 1103
Message: Votre ordinateur a obtenu une adresse auprès du réseau, et vous pouvez maintenant vous connecter à d'autres ordinateurs.
Record Number: 169851
Source Name: Microsoft-Windows-Dhcp-Client
Time Written: 20090222143117.000000-000
Event Type: Information
User:

Computer Name: PC-de-Vincent
Event Code: 1103
Message: Votre ordinateur a obtenu une adresse auprès du réseau, et vous pouvez maintenant vous connecter à d'autres ordinateurs.
Record Number: 169852
Source Name: Microsoft-Windows-Dhcp-Client
Time Written: 20090222143324.000000-000
Event Type: Information
User:

Application event log

Computer Name: PC-de-Vincent
Event Code: 4113
Message:
Record Number: 16080
Source Name: Avira AntiVir
Time Written: 20090222134809.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: PC-de-Vincent
Event Code: 4113
Message:
Record Number: 16081
Source Name: Avira AntiVir
Time Written: 20090222134815.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: PC-de-Vincent
Event Code: 4113
Message:
Record Number: 16082
Source Name: Avira AntiVir
Time Written: 20090222141901.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: PC-de-Vincent
Event Code: 1
Message: Mise à jour automatique du certificat racine tierce partie réussie : Objet : <CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US> Empreinte digitale Sha1 : <E12DFB4B41D7D9C32B30514BAC1D81D8385E2D46>.
Record Number: 16083
Source Name: Microsoft-Windows-CAPI2
Time Written: 20090222141912.000000-000
Event Type: Information
User:

Computer Name: PC-de-Vincent
Event Code: 4113
Message:
Record Number: 16084
Source Name: Avira AntiVir
Time Written: 20090222142118.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Security event log

Computer Name: PC-de-Vincent
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.

Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 17681
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090222143403.470000-000
Event Type: Échec de l'audit
User:

Computer Name: PC-de-Vincent
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.

Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 17682
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090222143403.499000-000
Event Type: Échec de l'audit
User:

Computer Name: PC-de-Vincent
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.

Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 17683
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090222143403.523000-000
Event Type: Échec de l'audit
User:

Computer Name: PC-de-Vincent
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.

Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 17684
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090222143403.554000-000
Event Type: Échec de l'audit
User:

Computer Name: PC-de-Vincent
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.

Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 17685
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090222143403.578000-000
Event Type: Échec de l'audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=0f07
"NUMBER_OF_PROCESSORS"=4
"RoxioCentral"=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
"RGSCLauncher"=C:\Program Files\Rockstar Games\Rockstar Games Social Club
"RGSC"=C:\Program Files\Rockstar Games\Rockstar Games Social Club\1_0_0_0

-----------------EOF-----------------

Répondre à rocklee67

DllD, le 22 fév 2009 à 16:56:48

Ok,
fais ceci stp :

> Les logiciels suivants (MalwareByte's Anti-Malware et Ccleaner) te seront utiles par la suite - ils sont à conserver.

> Télécharge MalwareByte's Anti-Malware :
- Installe le programme puis lance le.
NB : S'il te manque COMCTL32.OCX alors télécharge le ici
- Fais les mises à jour (clique sur "Mises à jour" puis "Recherche de mises à jour").
- Clique sur "Executer un examen complet" puis "Rechercher" et sélectionne tous tes disques durs => le scan débute....patiente...
- A la fin du scanne, clique sur "supprimer" (Si des éléments sont difficiles à supprimer, un message te demandera de redémarrer : clique sur <Oui> alors)
- après suppression des infections : un rapport va être généré : sauvegarde le et poste le sur forum.
NB : Si tu as besoin : Tuto

Après,
>Télécharge et installe Ccleaner (logiciel à conserver et à utiliser régulièrement) : http://www.commentcamarche.net/telecharger/telecharger-168-ccleaner , si besoin est tu trouveras des Tutoriaux ici, ici et là.
(N'installe pas la Yahoo Toolbar)
> Démarre en mode sans échec : (image). Si problème : tuto ici
>Lance Ccleaner,,
- Choisi l’onglet "Options" puis clique sur "Avancé" et décoche la case "Effacer uniquement les fichiers, du dossier temp de Windows, plus vieux que 48 heures" (tout doit être supprimé).
- Dans l'onglet "Nettoyeur" clique sur "Analyse".
- Une fois l'analyse terminée, clique sur "Lancer le Nettoyage".
- Recommence jusqu’à ce qu’il ne trouve plus rien (cela varie en général entre 1 et 4 fois).
- Dans l'onglet "registre" => Recherches des erreurs => Réparer les erreurs sélectionnées => enregistre une sauvegarde => corriger toutes erreurs sélectionnées => ok => fermer.
N.B : Si Ccleaner te propose d'enregistrer une sauvegarde, reponds oui et enregistre sous 'Bureau'
- Recommence jusqu’à ce qu’il ne trouve plus rien (cela varie en général entre 1 et 4 fois).

Bon courage.
Formatage en cours...3% Veuillez patienter. Merci.

Répondre à DllD

rocklee67, le 23 fév 2009 à 02:11:00

Et ben c'est super ! plus de trojan ! merci pour ton aide et pour ton guide =)
Et encore grand merci !

Répondre à rocklee67

DllD, le 23 fév 2009 à 09:56:24

Heuuu.

Salut Rocklee67,
C'est pas tout à fait fini. Pourquoi ne pas avoir posté le rapport Malwares Byte's ?

Avant der terminer fais ceci stp :
> Fais un scan en ligne avec Kaspersky : http://webscanner.kaspersky.fr/
N.B. : Le scan ne marche que sous Internet Explorer.
- Commence par connecter tout ton matériel de stockage à ton PC (clés USB, DD amovible...). Allume les si nécessaire.
- Sous Démonstration en ligne, on t'explique la marche à suivre, et pour lancer le scan il faut sélectionner < Exécuter l'analyse en ligne >.
- On va te demander de télécharger un contrôle active x, accepte .
- Dans le menu < Choisissez la cible de l'analyse >, sélectionne < Poste de travail >. Le scan va commencer.
- Poste le rapport qui sera généré (voir cette image) (clique sur <enregistrer le rapport> puis sauvegarde-le sur ton bureau en choisissant "fichier texte (*.txt)" pour l'extension).
S'il y a un problème, assure toi que les contrôles active x sont bien configurés dans les options internet comme décrit sur ce lien : http://www.inoculer.com/activex.php3
Rappel : le scan est à faire sous Internet Explorer
Tuto ici si problème : http://www.vista-xp.fr/forum/topic109.html
NOTE : Si tu reçois le message "La licence de Kaspersky On-line Scanner est périmée", va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte toi sur le site de Kaspersky pour retenter le scan en ligne.
Pour le rapport Kaspersky il faut que tu choisisses "Afficher le rapport" puis que tu l'enregistres sur ton bureau sous forme de fichier texte (type de fichier "tous les fichiers").

Puis poste aussi un nouveau rapport RSIT stp.

Bonne journée.
Formatage en cours...3% Veuillez patienter. Merci.

Répondre à DllD

alex a un probleme, le 30 oct 2009 à 12:20:27

Bjr j'ai le meme probleme je t'envoie le rapport de rsit

Logfile of random's system information tool 1.06 (written by random/random)
Run by computer at 2009-10-30 11:19:35
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 2 GB (3%) free of 79 GB
Total RAM: 1023 MB (35% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:20:02, on 30/10/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
C:\Program Files\Belkin\Belkin Wireless Network Utility\WLanCfgG.exe
C:\PROGRA~1\WinTV\TVServer\HAUPPA~1.EXE
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Lexmark 4300 Series\lxcemon.exe
C:\Program Files\Lexmark 4300 Series\ezprint.exe
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\HiYo\bin\HiYo.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\EoRezo\EoEngine.exe
C:\WINDOWS\system32\lxcecoms.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\WinTV\Ir.exe
C:\Program Files\Avira\AntiVir Desktop\avscan.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Avira\AntiVir Desktop\avnotify.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Documents and Settings\computer\Bureau\RSIT.exe
C:\Program Files\trend micro\computer.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://y.lo.st
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://y.lo.st
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: EoBHO - {C7B76B90-3455-4AE6-A752-EAC4D19689E5} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [lxcemon.exe] "C:\Program Files\Lexmark 4300 Series\lxcemon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 4300 Series\ezprint.exe"
O4 - HKLM\..\Run: [LXCECATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCEtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Hiyo] C:\Program Files\HiYo\bin\HiYo.exe /RunFromStartup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [NiwradSoft Welcome] C:\WINDOWS\NiwradSoft Shell Pack\Tools\NS Welcome.exe
O4 - HKLM\..\Run: [EoEngine] "C:\Program Files\EoRezo\EoEngine.exe"
O4 - HKLM\..\Run: [SoftwareHelper] C:\Documents and Settings\computer\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
O4 - HKLM\..\Run: [IMBooster] C:\Program Files\Iminent\IMBooster\IMBooster.exe /warmup
O4 - HKLM\..\Run: [Iminent.Notifier] C:\Program Files\Iminent\SearchTheWeb\Iminent.Notifier.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe" /automount
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [DeskSpace] C:\Program Files\DeskSpace\deskspace.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AutoStart IR.lnk = C:\Program Files\WinTV\Ir.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Belkin Wireless USB Network Adapter (Belkin Wireless USB Network Adapter Service) - Unknown owner - C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
O23 - Service: Service Google Update (gupdate1c9fbe22809e4cc) (gupdate1c9fbe22809e4cc) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HauppaugeTVServer - Hauppauge Computer Works - C:\PROGRA~1\WinTV\TVServer\HAUPPA~1.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: lxce_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcecoms.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
End of file - 9945 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{15FB69AE-BD85-4224-B251-F6F9C955AE0C}.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{2EE08B99-10EE-4DED-8C4B-FE677A40F005}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16 37808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-10-28 256112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll [2009-10-21 762864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}]
EoBHO Class - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll [2008-11-18 42792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-10-28 458736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28 160496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-10-28 256112]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-07-21 86016]
"AlcWzrd"=C:\WINDOWS\ALCWZRD.EXE [2006-05-04 2808832]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe []
"LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2005-07-19 221184]
"LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe [2005-06-08 458752]
"LogitechVideoTray"=C:\Program Files\Logitech\Video\LogiTray.exe [2005-06-08 217088]
"lxcemon.exe"=C:\Program Files\Lexmark 4300 Series\lxcemon.exe [2005-08-02 192512]
"EzPrint"=C:\Program Files\Lexmark 4300 Series\ezprint.exe [2005-07-26 94208]
"LXCECATS"=rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCEtime.dll,_RunDLLEntry@16 []
"ArcSoft Connection Service"=C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe [2008-02-22 72192]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2006-09-01 282624]
"Hiyo"=C:\Program Files\HiYo\bin\HiYo.exe [2009-10-26 206192]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"NiwradSoft Welcome"=C:\WINDOWS\NiwradSoft Shell Pack\Tools\NS Welcome.exe [2009-09-22 303490]
"EoEngine"=C:\Program Files\EoRezo\EoEngine.exe [2009-02-23 472872]
"SoftwareHelper"=C:\Documents and Settings\computer\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe [2008-12-09 368224]
"IMBooster"=C:\Program Files\Iminent\IMBooster\IMBooster.exe /warmup []
"Iminent.Notifier"=C:\Program Files\Iminent\SearchTheWeb\Iminent.Notifier.exe []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-09-10 420176]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2006-03-02 40448]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe ASO-616B5711-6DAE-4795-A05F-39A1E5104020 []
"LogitechSoftwareUpdate"=C:\Program Files\Logitech\Video\ManifestEngine.exe [2005-06-08 196608]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-08-19 1667584]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe [2009-03-17 203416]
"OM2_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe [2007-02-08 95800]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-07-02 39408]
"DeskSpace"=C:\Program Files\DeskSpace\deskspace.exe []

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
AutoStart IR.lnk - C:\Program Files\WinTV\Ir.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-02-26 126976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"
"C:\Program Files\TrackMania Original\TmOriginal.exe"="C:\Program Files\TrackMania Original\TmOriginal.exe:*:Enabled:TmOriginal"
"C:\Program Files\Maxis\SimCity 3000 World Edition\Apps\Updater\UPDATER.EXE"="C:\Program Files\Maxis\SimCity 3000 World Edition\Apps\Updater\UPDATER.EXE:*:Enabled:SC3UpdaterMFC"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe"="C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe:*:Enabled:speed2"
"C:\Program Files\PokerTH\pokerth.exe"="C:\Program Files\PokerTH\pokerth.exe:*:Enabled:pokerth"
"C:\Program Files\TMNations\TmNationsForever\TmForever.exe"="C:\Program Files\TMNations\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1993f7ac-5858-11de-bb36-0011d8d8bb17}]
shell\AutoRun\command - E:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9dec05fe-5825-11de-bb35-0011d8d8bb17}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL demarrer.html

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b67c661d-ea4e-11dd-ba7d-0011d8d8bb17}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL demarrer.html

======List of files/folders created in the last 1 months======

2009-10-30 11:09:37 ----D---- C:\Documents and Settings\computer\Application Data\Malwarebytes
2009-10-30 11:09:23 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-10-30 11:09:22 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-10-30 11:01:45 ----D---- C:\Program Files\trend micro
2009-10-30 11:01:40 ----D---- C:\rsit
2009-10-27 18:20:52 ----D---- C:\Documents
2009-10-26 19:33:49 ----D---- C:\Documents and Settings\computer\Application Data\Red Kawa
2009-10-26 19:31:53 ----D---- C:\Documents and Settings\computer\Application Data\Multi File Downloader
2009-10-26 19:04:07 ----D---- C:\Program Files\AviSynth 2.5
2009-10-26 19:03:54 ----D---- C:\Program Files\Red Kawa
2009-10-26 18:27:03 ----SHD---- C:\Config.Msi
2009-10-26 17:58:58 ----D---- C:\Program Files\Conduit
2009-10-26 17:56:47 ----D---- C:\Program Files\Iminent
2009-10-26 17:24:54 ----D---- C:\Documents and Settings\computer\Application Data\OtakuSoftware
2009-10-26 17:24:17 ----D---- C:\Documents and Settings\computer\Application Data\EoRezo
2009-10-26 17:24:13 ----D---- C:\Program Files\EoRezo
2009-10-26 16:08:21 ----N---- C:\WINDOWS\WB.ini
2009-10-26 16:07:16 ----N---- C:\WINDOWS\system32\wbsys.dll
2009-10-26 16:07:15 ----D---- C:\Program Files\Stardock
2009-10-26 15:37:01 ----A---- C:\WINDOWS\system32\uxtheme.dll.backup
2009-10-26 15:36:24 ----HD---- C:\WINDOWS\NiwradSoft Shell Pack
2009-10-23 22:22:22 ----D---- C:\Program Files\Mozilla Firefox
2009-10-21 11:39:44 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2009-10-21 11:26:05 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2009-10-21 11:25:58 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2009-10-21 11:25:51 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2009-10-21 11:25:42 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2009-10-21 11:25:24 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2009-10-18 13:31:33 ----D---- C:\Program Files\Fichiers communs\DVDVideoSoft
2009-10-18 13:31:31 ----D---- C:\Program Files\DVDVideoSoft
2009-10-13 20:12:55 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2009-10-13 20:12:50 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2009-10-13 20:12:45 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2009-10-13 20:12:33 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2009-10-13 20:12:15 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2009-10-10 10:32:05 ----D---- C:\Program Files\Microsoft Games
2009-10-10 09:59:07 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2009-10-08 20:17:51 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2009-10-08 20:17:07 ----HDC---- C:\WINDOWS\$NtUninstallKB925720$
2009-10-07 12:33:27 ----D---- C:\WINDOWS\system32\XPSViewer
2009-10-07 12:33:22 ----D---- C:\Program Files\MSBuild
2009-10-07 12:33:20 ----D---- C:\WINDOWS\system32\en-US
2009-10-07 12:33:09 ----D---- C:\Program Files\Reference Assemblies
2009-10-07 12:32:41 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2009-10-07 12:32:41 ----N---- C:\WINDOWS\system32\prntvpt.dll
2009-10-07 12:32:40 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2009-10-07 12:32:40 ----D---- C:\f3e464270c0aa34091731450
2009-10-07 12:29:33 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2009-10-07 12:29:27 ----D---- C:\Program Files\MSXML 6.0
2009-10-07 12:27:57 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2009-10-07 11:25:07 ----D---- C:\WINDOWS\system32\CatRoot_bak
2009-10-06 19:46:29 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-10-06 19:46:22 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-10-06 19:46:15 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2009-10-06 19:46:08 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-10-06 19:46:02 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2009-10-06 19:45:55 ----HDC---- C:\WINDOWS\$NtUninstallKB935448$
2009-10-06 19:45:48 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
2009-10-06 19:45:42 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2$
2009-10-06 19:45:34 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-10-06 19:45:28 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2009-10-06 19:45:22 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2009-10-06 19:45:16 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-10-06 19:45:10 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
2009-10-06 19:45:07 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2009-10-06 19:44:38 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-10-06 19:44:25 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2009-10-06 19:44:18 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2009-10-06 19:44:12 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
2009-10-06 19:44:06 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2009-10-06 19:43:59 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-10-06 19:43:52 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-10-06 19:43:47 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2009-10-06 19:43:35 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$
2009-10-06 19:43:25 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-10-06 19:43:18 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2009-10-06 19:43:13 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2009-10-06 19:42:54 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-10-06 19:42:48 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-10-06 19:42:42 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-10-06 19:42:35 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2009-10-06 19:42:22 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-10-06 19:42:16 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2009-10-06 19:41:54 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-10-06 19:41:45 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-10-06 19:41:32 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2009-10-06 19:41:20 ----D---- C:\WINDOWS\ServicePackFiles
2009-10-06 19:41:18 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$
2009-10-06 19:41:10 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-10-06 19:41:03 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2009-10-06 19:40:55 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
2009-10-06 19:40:43 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-10-06 19:40:37 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-10-06 19:40:30 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-10-06 19:40:24 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-10-06 19:40:14 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2009-10-06 19:40:01 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2009-10-06 19:39:49 ----HDC---- C:\WINDOWS\$NtUninstallKB970653-v3$
2009-10-06 17:57:16 ----N---- C:\WINDOWS\system32\tzchange.exe
2009-10-04 08:09:06 ----A---- C:\WINDOWS\system32\muweb.dll
2009-10-04 08:09:06 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2009-10-04 08:09:06 ----A---- C:\WINDOWS\system32\mucltui.dll
2009-10-03 11:38:34 ----D---- C:\WINDOWS\ie8updates
2009-10-03 11:37:41 ----D---- C:\WINDOWS\WBEM
2009-10-03 11:36:06 ----HDC---- C:\WINDOWS\ie8
2009-10-03 11:36:06 ----D---- C:\WINDOWS\system32\fr-FR
2009-10-03 11:32:52 ----A---- C:\WINDOWS\system32\MRT.exe
2009-10-03 11:21:05 ----A---- C:\WINDOWS\system32\B11gUSB.dll
2009-10-03 11:21:04 ----A---- C:\WINDOWS\system32\GTW32N50.dll
2009-10-03 10:38:37 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2009-10-03 10:04:40 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-10-03 10:04:39 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2009-10-03 10:04:18 ----D---- C:\Program Files\Windows Media Connect 2
2009-10-03 10:04:01 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2009-10-03 08:37:57 ----D---- C:\Program Files\Microsoft
2009-10-03 08:37:38 ----D---- C:\Program Files\Windows Live SkyDrive
2009-10-03 08:37:15 ----D---- C:\Program Files\Windows Live
2009-10-03 08:30:00 ----D---- C:\Program Files\Fichiers communs\Windows Live

======List of files/folders modified in the last 1 months======

2009-10-30 11:09:37 ----D---- C:\WINDOWS\Prefetch
2009-10-30 11:09:26 ----D---- C:\WINDOWS\system32\drivers
2009-10-30 11:09:22 ----RD---- C:\Program Files
2009-10-30 11:00:55 ----D---- C:\WINDOWS
2009-10-30 10:32:03 ----D---- C:\WINDOWS\system32
2009-10-30 10:32:01 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-10-30 10:28:08 ----D---- C:\WINDOWS\Temp
2009-10-30 10:27:42 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-10-30 10:27:37 ----SD---- C:\WINDOWS\Tasks
2009-10-30 10:27:35 ----D---- C:\WINDOWS\system32\CatRoot2
2009-10-30 10:04:46 ----D---- C:\Documents and Settings\computer\Application Data\uTorrent
2009-10-30 09:23:42 ----HD---- C:\WINDOWS\inf
2009-10-30 09:23:37 ----D---- C:\WINDOWS\Help
2009-10-28 21:03:06 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-10-28 09:20:48 ----SHD---- C:\WINDOWS\Installer
2009-10-26 18:42:41 ----D---- C:\Program Files\uTorrent
2009-10-26 18:26:41 ----RSD---- C:\WINDOWS\assembly
2009-10-26 16:51:21 ----D---- C:\Program Files\Windows Media Player
2009-10-26 16:51:21 ----D---- C:\Program Files\Outlook Express
2009-10-26 16:51:21 ----D---- C:\Program Files\Fichiers communs\System
2009-10-26 16:51:20 ----D---- C:\WINDOWS\system32\usmt
2009-10-26 16:51:20 ----D---- C:\WINDOWS\system32\Restore
2009-10-26 16:51:20 ----D---- C:\Program Files\Windows NT
2009-10-26 16:51:20 ----D---- C:\Program Files\Movie Maker
2009-10-26 16:51:20 ----D---- C:\Program Files\Internet Explorer
2009-10-26 16:51:18 ----D---- C:\WINDOWS\srchasst
2009-10-26 16:23:48 ----A---- C:\WINDOWS\win.ini
2009-10-26 15:58:08 ----D---- C:\WINDOWS\system32\CatRoot
2009-10-26 15:53:23 ----RSD---- C:\WINDOWS\Fonts
2009-10-26 15:53:11 ----D---- C:\WINDOWS\Cursors
2009-10-26 15:37:02 ----A---- C:\WINDOWS\system32\uxtheme.dll
2009-10-23 22:23:54 ----D---- C:\Documents and Settings\computer\Application Data\Mozilla
2009-10-23 20:55:31 ----D---- C:\WINDOWS\Microsoft.NET
2009-10-21 13:36:24 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-10-21 11:39:56 ----D---- C:\Documents and Settings\computer\Application Data\Google
2009-10-21 11:39:44 ----D---- C:\Program Files\Google
2009-10-21 11:29:16 ----D---- C:\WINDOWS\WinSxS
2009-10-21 11:26:02 ----A---- C:\WINDOWS\imsins.BAK
2009-10-18 19:22:41 ----D---- C:\Program Files\Lx_cats
2009-10-18 13:31:33 ----D---- C:\Program Files\Fichiers communs
2009-10-13 20:12:59 ----HD---- C:\WINDOWS\$hf_mig$
2009-10-13 20:01:53 ----D---- C:\Program Files\Dofus
2009-10-10 10:36:51 ----HD---- C:\Program Files\InstallShield Installation Information
2009-10-10 10:36:47 ----D---- C:\WINDOWS\system32\DirectX
2009-10-07 12:32:53 ----D---- C:\WINDOWS\system32\spool
2009-10-07 12:30:46 ----D---- C:\WINDOWS\system32\mui
2009-10-07 11:25:07 ----D---- C:\WINDOWS\Debug
2009-10-07 11:21:59 ----D---- C:\WINDOWS\system32\wbem
2009-10-07 11:21:58 ----D---- C:\WINDOWS\AppPatch
2009-10-06 19:46:09 ----D---- C:\Program Files\Messenger
2009-10-03 11:37:51 ----D---- C:\WINDOWS\system32\config
2009-10-03 11:37:25 ----D---- C:\WINDOWS\Media
2009-10-03 08:39:28 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-10-03 08:37:43 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-10-03 08:37:43 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-10-03 08:18:32 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2006-03-02 40320]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-19 14848]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-10-06 28520]
R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-03-02 12032]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-10-03 20747]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-10-06 55656]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2006-03-02 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-02-26 2863616]
R3 avshws;YouUp Simulated Hardware; C:\WINDOWS\system32\DRIVERS\youup.sys [2009-04-27 57472]
R3 hcw95bda;Hauppauge MOD7700 Tuner Driver; C:\WINDOWS\System32\Drivers\hcw95bda.sys [2008-09-09 562176]
R3 hcw95rc;Hauppauge MOD7700 IR Driver; C:\WINDOWS\system32\DRIVERS\hcw95rc.sys [2008-09-09 15616]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2006-03-02 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-12-20 4637696]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-05-27 22016]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12288]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2006-03-02 61824]
R3 RT73;Belkin USB Network Adapter; C:\WINDOWS\system32\DRIVERS\rt73.sys [2005-08-02 232192]
R3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2006-03-02 26624]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2006-03-02 57600]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2006-03-02 26496]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2006-03-02 20480]
S3 a3kjugcj;a3kjugcj; C:\WINDOWS\system32\drivers\a3kjugcj.sys []
S3 CamDrL;Logitech QuickCam Pro 3000(CamDrl); C:\WINDOWS\system32\DRIVERS\Camdrl.sys [2004-10-08 326656]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 MPE;Filtre BDA MPE; C:\WINDOWS\system32\DRIVERS\MPE.sys [2004-08-03 15360]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-10-06 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-10-06 185089]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-02-26 520192]
R2 Belkin Wireless USB Network Adapter Service;Belkin Wireless USB Network Adapter; C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe [2004-03-29 49152]
R2 HauppaugeTVServer;HauppaugeTVServer; C:\PROGRA~1\WinTV\TVServer\HAUPPA~1.EXE [2008-10-21 434176]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2006-03-02 14336]
R3 lxce_device;lxce_device; C:\WINDOWS\system32\lxcecoms.exe [2005-07-06 471040]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2008-02-25 593920]
S2 gupdate1c9fbe22809e4cc;Service Google Update (gupdate1c9fbe22809e4cc); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-03 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-02 190448]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Répondre à alex a un probleme

claude69720, le 24 jun 2009 à 08:54:41

Bonjour,

J'ai eu récemment le même problème.
AVIRA m'annonçait le trojan TR/Crypt.XPACK.Gen

En faisant CTRL+ALT+DEL, j'ai pû identifier le processus qui se nomme jqs.exe
J'ai arrêté ce processus.
Ensuite j'ai recherché où se trouvait le programme jqs.exe, et je l'ai supprimé.

Apparemment, j'ai récupéré ce trojan en faisant une mise à jour de la plateforme Java.

Depuis, tout va bien.

Répondre à claude69720

Posez votre question Répondre