HELP !! Mon pc est infecté par ADSPY/AdSpy.Gen
Forum Sécurité - Virus : HELP !! Mon pc est infecté par ADSPY/AdSpy.Gen
Bonjour,
Je suis désespérée, mon pc est infecté par ADSPY/AdSpy.Gen.
Je ne sais pas quoi faire!!
J'ai avira comme anti virus et a chak démarrage du pc il bip au moins 10 fois en me mettant ce virus.
Comment l'enlever svp ??
Merci
Elodie
J'ai fais hijackthis, je met le rapport si ca peux vous aider a m'aider ?!!
Merci d'avance
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:33:25, on 05/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\RelevantKnowledge\rlvknlg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\All Users\Application Data\Weemi\weemi121.exe
C:\Program Files\Google\Update\1.2.183.7\GoogleCrashHandler.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Weemi\weemi.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\Documents and Settings\Administrateur\Application Data\Agence Exclusive\Update\UpdateHP.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Agence Exclusive\Agence.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: 66.98.148.65 auto.search.msn.com
O1 - Hosts: 66.98.148.65 auto.search.msn.es
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AEBHO - {0495F4D7-9FE3-4456-AA9D-1D57E78DF5F0} - C:\Program Files\Agence Exclusive\AgenceBHO.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: iGraalBHO - {CF3C5900-BEC0-470E-AEE8-CE277C60667C} - C:\Program Files\iGraal\BHO.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: SYSTRAN Web Translator 5.0 - {A5899B52-3AF9-4F56-85FE-AD7B3BE8490F} - C:\Program Files\SYSTRAN\5.0\Personal\IEPlugIn.dll
O3 - Toolbar: iGraal Toolbar - {D01B1F7D-9D7F-46C3-8DB9-5A55819E2A7F} - C:\Program Files\iGraal\Toolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Helper] C:\Documents and Settings\Administrateur\Application Data\Agence Exclusive\Update\UpdateHP.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Agence] "C:\Program Files\Agence Exclusive\Agence.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Contrôleur d’état.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O4 - Global Startup: McAfee Security Scan.lnk = ?
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: iGraal - {32893F3D-2B10-4B09-BA6A-8F20E7D33925} - C:\Program Files\iGraal\Button.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} (PhotoboxPhotowaysUploader5 Control) - http://assets.photobox.com/assets/ [...] 0806143003
O16 - DPF: {12545791-AC9A-44B2-8964-0DA216C4A4E5} (Cnsweb3d Control) - http://www.partserver.de/partserve [...] sweb3d.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.fr/ImageUploader5.cab
O16 - DPF: {741747F6-83B4-4FB9-A268-8CA4010762C8} (Snapfish Activia2) - http://www3.snapfish.fr/SnapfishActivia2.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/control [...] ader55.cab
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - https://as.photoprintit.de/ips-opda [...] oader4.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.girafoto.fr/uploaders/a [...] oader4.cab
O20 - Winlogon Notify: RelevantKnowledge - C:\Program Files\RelevantKnowledge\rlls.dll
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Service Google Update (gupdate1ca27d872ddb1d2) (gupdate1ca27d872ddb1d2) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Weemi Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\Weemi\weemi121.exe
--
End of file - 11406 bytes
Bonjour,
- Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
- Double-clique sur RSIT.exe afin de lancer le programme.
(Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
- Clique sur Continue à l'écran Disclaimer.
- Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
- Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).
Note : les rapports sont sauvegardés dans le dossier C:\rsit.
Bonjour destrio5 et merci pour ta réponse.
Voici les 2 rapports :
le log.txt
Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrateur at 2009-10-05 17:46:55
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 219 GB (92%) free of 238 GB
Total RAM: 1983 MB (65% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:46:59, on 05/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\All Users\Application Data\Weemi\weemi121.exe
C:\Program Files\Google\Update\1.2.183.7\GoogleCrashHandler.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Weemi\weemi.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\Documents and Settings\Administrateur\Application Data\Agence Exclusive\Update\UpdateHP.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Agence Exclusive\Agence.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Outlook Express\msimn.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Administrateur\Mes documents\Téléchargements\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Administrateur.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: 66.98.148.65 auto.search.msn.com
O1 - Hosts: 66.98.148.65 auto.search.msn.es
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AEBHO - {0495F4D7-9FE3-4456-AA9D-1D57E78DF5F0} - C:\Program Files\Agence Exclusive\AgenceBHO.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: iGraalBHO - {CF3C5900-BEC0-470E-AEE8-CE277C60667C} - C:\Program Files\iGraal\BHO.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: SYSTRAN Web Translator 5.0 - {A5899B52-3AF9-4F56-85FE-AD7B3BE8490F} - C:\Program Files\SYSTRAN\5.0\Personal\IEPlugIn.dll
O3 - Toolbar: iGraal Toolbar - {D01B1F7D-9D7F-46C3-8DB9-5A55819E2A7F} - C:\Program Files\iGraal\Toolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Helper] C:\Documents and Settings\Administrateur\Application Data\Agence Exclusive\Update\UpdateHP.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Agence] "C:\Program Files\Agence Exclusive\Agence.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Contrôleur d’état.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O4 - Global Startup: McAfee Security Scan.lnk = ?
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: iGraal - {32893F3D-2B10-4B09-BA6A-8F20E7D33925} - C:\Program Files\iGraal\Button.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} (PhotoboxPhotowaysUploader5 Control) - http://assets.photobox.com/assets/ [...] 0806143003
O16 - DPF: {12545791-AC9A-44B2-8964-0DA216C4A4E5} (Cnsweb3d Control) - http://www.partserver.de/partserve [...] sweb3d.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.fr/ImageUploader5.cab
O16 - DPF: {741747F6-83B4-4FB9-A268-8CA4010762C8} (Snapfish Activia2) - http://www3.snapfish.fr/SnapfishActivia2.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/control [...] ader55.cab
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - https://as.photoprintit.de/ips-opda [...] oader4.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.girafoto.fr/uploaders/a [...] oader4.cab
O20 - Winlogon Notify: RelevantKnowledge - C:\Program Files\RelevantKnowledge\rlls.dll (file missing)
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Service Google Update (gupdate1ca27d872ddb1d2) (gupdate1ca27d872ddb1d2) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Weemi Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\Weemi\weemi121.exe
--
End of file - 11579 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\RegPowerClean.job
C:\WINDOWS\tasks\RPCReminder.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0495F4D7-9FE3-4456-AA9D-1D57E78DF5F0}]
AEBHO Class - C:\Program Files\Agence Exclusive\AgenceBHO.dll [2009-09-22 225280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-08-20 256112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2009-08-20 761840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-08-20 458736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CF3C5900-BEC0-470E-AEE8-CE277C60667C}]
iGraal Module - C:\Program Files\iGraal\BHO.dll [2009-06-11 61728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{A5899B52-3AF9-4F56-85FE-AD7B3BE8490F} - SYSTRAN Web Translator 5.0 - C:\Program Files\SYSTRAN\5.0\Personal\IEPlugIn.dll [2005-03-10 262144]
{D01B1F7D-9D7F-46C3-8DB9-5A55819E2A7F} - iGraal Toolbar - C:\Program Files\iGraal\Toolbar.dll [2009-06-11 92960]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-08-20 256112]
Locked
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-02-25 8491008]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-02-25 81920]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-04-10 16861184]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2006-12-06 69216]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-12-05 54832]
"SSBkgdUpdate"=C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2003-10-14 155648]
"PaperPort PTD"=C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2005-03-17 57393]
"IndexSearch"=C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2005-03-17 40960]
"SetDefPrt"=C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe [2005-01-26 49152]
"ControlCenter2.0"=C:\Program Files\Brother\ControlCenter2\brctrcen.exe [2005-05-17 933888]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"Helper"=C:\Documents and Settings\Administrateur\Application Data\Agence Exclusive\Update\UpdateHP.exe [2009-07-01 491520]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-09-05 417792]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-09-08 305440]
"AppleSyncNotifier"=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-08-13 177440]
"Agence"=C:\Program Files\Agence Exclusive\Agence.exe [2009-09-22 638976]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Picasa Media Detector"=C:\Program Files\Picasa2\PicasaMediaDetector.exe [2008-02-26 443968]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Contrôleur d’état.lnk - C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
McAfee Security Scan.lnk - C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\RelevantKnowledge]
C:\Program Files\RelevantKnowledge\rlls.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\WINDOWS\Temp\~os52A.tmp\rlvknlg.exe"="C:\WINDOWS\Temp\~os52A.tmp\rlvknlg.exe:*:Enabled:rlvknlg.exe"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
"c:\program files\relevantknowledge\rlvknlg.exe"="c:\program files\relevantknowledge\rlvknlg.exe:*:Enabled:rlvknlg.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{120f856a-85b1-11de-a64f-00218567f8db}]
shell\AutoRun\command - L:\LaunchU3.exe -a
======List of files/folders created in the last 1 months======
2009-10-05 17:46:55 ----DC---- C:\rsit
2009-10-05 12:55:34 ----DC---- C:\Program Files\Trend Micro
2009-10-03 20:06:30 ----DC---- C:\Program Files\Microsoft Office Outlook Connector
2009-10-02 21:46:01 ----DC---- C:\Program Files\Avira
2009-10-02 21:46:01 ----DC---- C:\Documents and Settings\All Users\Application Data\Avira
2009-10-02 21:26:05 ----DC---- C:\Documents and Settings\All Users\Application Data\McAfee
2009-09-30 10:38:17 ----DC---- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
2009-09-30 10:38:16 ----DC---- C:\Program Files\McAfee Security Scan
2009-09-29 11:38:12 ----DC---- C:\Program Files\Mozilla Firefox
2009-09-27 23:40:49 ----DC---- C:\Program Files\Windows Live Safety Center
2009-09-24 21:11:15 ----DC---- C:\Program Files\Agence Exclusive
2009-09-23 23:13:12 ----DC---- C:\WINDOWS\Bureau
2009-09-20 21:00:24 ----AC---- C:\WINDOWS\system32\ptpusb.dll
2009-09-20 21:00:22 ----AC---- C:\WINDOWS\system32\ptpusd.dll
2009-09-20 13:46:05 ----DC---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2009-09-19 19:27:04 ----DC---- C:\Documents and Settings\All Users\Application Data\Winferno
2009-09-19 19:25:08 ----DC---- C:\Documents and Settings\Administrateur\Application Data\Titanium Gears
2009-09-19 19:24:58 ----DC---- C:\Program Files\Playalot Games
2009-09-19 19:22:24 ----DC---- C:\Program Files\Free Offers from Freeze.com
2009-09-19 19:22:21 ----AC---- C:\WINDOWS\system32\WINUTIL5.DLL
2009-09-19 19:22:21 ----AC---- C:\WINDOWS\system32\WINLCTL5.DLL
2009-09-19 19:22:19 ----DC---- C:\Program Files\Winferno
2009-09-19 19:22:19 ----AC---- C:\WINDOWS\system32\CapiCom.dll
2009-09-19 19:21:51 ----DC---- C:\Program Files\RelevantKnowledge
2009-09-19 19:21:48 ----DC---- C:\Program Files\Weemi
2009-09-19 19:21:48 ----DC---- C:\Documents and Settings\All Users\Application Data\Weemi
2009-09-19 19:19:43 ----DC---- C:\Program Files\DivoCodec
2009-09-19 17:52:39 ----DC---- C:\Program Files\eMule
2009-09-18 22:25:17 ----DC---- C:\Documents and Settings\Administrateur\Application Data\cadenas
2009-09-18 18:41:36 ----AC---- C:\WINDOWS\OpPrintServer.INI
2009-09-18 18:33:09 ----DC---- C:\Program Files\Canon
2009-09-17 17:27:26 ----DC---- C:\Program Files\Safari
2009-09-17 17:03:35 ----DC---- C:\Program Files\Utilitaire de configuration iPhone
2009-09-17 17:02:59 ----AC---- C:\WINDOWS\system32\GEARAspi.dll
2009-09-17 17:02:15 ----DC---- C:\Program Files\iPod
2009-09-17 17:02:11 ----DC---- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-09-17 17:02:10 ----DC---- C:\Program Files\iTunes
2009-09-17 17:01:47 ----DC---- C:\Program Files\Bonjour
2009-09-17 17:01:06 ----DC---- C:\Program Files\QuickTime
2009-09-17 17:01:05 ----DC---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2009-09-17 16:59:42 ----DC---- C:\Program Files\Fichiers communs\Apple
2009-09-10 19:01:52 ----DC---- C:\Program Files\PhotoFiltre
2009-09-10 01:26:16 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2009-09-10 01:26:13 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
======List of files/folders modified in the last 1 months======
2009-10-05 17:45:25 ----DC---- C:\WINDOWS\Prefetch
2009-10-05 16:08:11 ----DC---- C:\WINDOWS\Temp
2009-10-05 16:06:37 ----DC---- C:\WINDOWS\system32\CatRoot2
2009-10-05 16:06:26 ----SDC---- C:\WINDOWS\Tasks
2009-10-05 16:05:22 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-10-05 14:38:18 ----DC---- C:\Documents and Settings\Administrateur\Application Data\vlc
2009-10-05 12:55:34 ----RDC---- C:\Program Files
2009-10-04 23:50:37 ----DC---- C:\WINDOWS\system32
2009-10-04 21:53:50 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-10-04 21:50:10 ----DC---- C:\WINDOWS
2009-10-03 23:19:45 ----SHDC---- C:\WINDOWS\Installer
2009-10-03 23:19:45 ----DC---- C:\WINDOWS\WinSxS
2009-10-03 20:18:18 ----DC---- C:\WINDOWS\Microsoft.NET
2009-10-03 20:17:51 ----RSDC---- C:\WINDOWS\assembly
2009-10-03 20:06:31 ----DC---- C:\Program Files\Fichiers communs\System
2009-10-03 20:04:34 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-10-03 20:04:34 ----DC---- C:\WINDOWS\system32\drivers
2009-10-03 20:04:33 ----HDC---- C:\WINDOWS\inf
2009-10-03 20:04:13 ----DC---- C:\Program Files\Windows Live
2009-10-03 20:03:14 ----DC---- C:\WINDOWS\system32\DirectX
2009-10-02 21:45:41 ----DC---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-09-30 15:23:23 ----AC---- C:\WINDOWS\NeroDigital.ini
2009-09-29 11:38:44 ----DC---- C:\Documents and Settings\Administrateur\Application Data\Mozilla
2009-09-28 21:36:28 ----DC---- C:\Program Files\Mozilla Thunderbird
2009-09-26 16:00:09 ----SHDC---- C:\WINDOWS\system32\dllcache
2009-09-20 21:35:11 ----DC---- C:\WINDOWS\Debug
2009-09-20 01:27:02 ----SDC---- C:\Documents and Settings\Administrateur\Application Data\Microsoft
2009-09-18 22:25:17 ----SDC---- C:\WINDOWS\Downloaded Program Files
2009-09-18 20:10:14 ----DC---- C:\WINDOWS\Network Diagnostic
2009-09-18 18:43:35 ----HDC---- C:\Program Files\InstallShield Installation Information
2009-09-17 17:03:16 ----DC---- C:\Documents and Settings\Administrateur\Application Data\Apple Computer
2009-09-17 16:59:42 ----DC---- C:\Program Files\Fichiers communs
2009-09-14 15:56:24 ----DC---- C:\Program Files\PhotoFiltre Studio X
2009-09-10 18:21:10 ----DC---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-09-10 11:13:44 ----DC---- C:\Program Files\Microsoft Silverlight
2009-09-10 01:26:13 ----HDC---- C:\WINDOWS\$hf_mig$
2009-09-10 01:25:46 ----DC---- C:\WINDOWS\ie8updates
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43520]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-10-04 28520]
R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B}; \??\C:\Program Files\CyberLink\PowerDVD\000.fcl []
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-10-04 55656]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
R3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\System32\Drivers\BrScnUsb.sys [2004-10-15 15295]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-04-17 4707328]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-02-25 6867360]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2008-01-29 54016]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2008-01-29 22016]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 grmnusb;grmnusb; C:\WINDOWS\system32\drivers\grmnusb.sys [2007-03-08 8320]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nvsmu;nvsmu; C:\WINDOWS\system32\DRIVERS\nvsmu.sys [2008-02-15 14336]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-10-04 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-10-04 185089]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 Brother XP spl Service;BrSplService; C:\WINDOWS\system32\brsvc01a.exe [2002-04-12 57344]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-02-25 155716]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2005-08-08 167936]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 Weemi Service;Weemi Service; C:\Documents and Settings\All Users\Application Data\Weemi\weemi121.exe [2009-09-22 54624]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-09-08 545568]
S2 gupdate1ca27d872ddb1d2;Service Google Update (gupdate1ca27d872ddb1d2); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-08-28 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-28 194032]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2007-05-16 271920]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
le info.txt :
info.txt logfile of random's system information tool 1.06 2009-10-05 17:47:01
======Uninstall list======
-->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->MsiExec.exe /I{8A42F680-2DD6-11D4-9A8C-0040F6982C20}
-->MsiExec.exe /I{A2529672-574A-4A99-86A5-C1770A0E31FE}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001}
Agence 1.0-->"C:\Program Files\Agence Exclusive\unins000.exe"
AMD Processor Driver-->C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe -runfromtemp -l0x040c -removeonly
Apple Application Support-->MsiExec.exe /I{0C34B801-6AEC-4667-B053-03A67E2D0415}
Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Brother MFL-Pro Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BB9AC6BF-71B6-42A4-9689-C17D9F44E79A}\Setup.exe" -l0x40c Brunin03.dllBrunin03.dll
Canon Camera Support Core Library-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{91F1A0D6-23AD-49FE-8D4E-379485652214} /l1036
Canon Camera Window DS for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{91203BD3-6C3E-472F-ADBD-F60FDC7C4010}
Canon Camera Window DVC for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{4C96958A-6562-4143-B820-FF4890D3B734}
Canon Camera Window for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{C7281207-4AA4-425E-B57A-0E9EF8445635}
Canon Internet Library for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{2F81FBFC-9A37-431F-9050-14B55485DF5A}
Canon MovieEdit Task for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{8AF1E098-1A5C-4336-BBE2-D047ABB401ED}
Canon PhotoRecord-->MsiExec.exe /X{0878E100-C0BB-41E8-B4C6-C486B61FDA7B}
Canon RAW Image Task for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{44E24545-F317-4498-B7CD-240DE7BA8DE2}
Canon RemoteCapture Task for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{28291BD5-92D2-4685-82DC-CCA925C53CCA}
Canon Utilities PhotoStitch 3.1-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{218BBBE3-FE63-4BB2-81A8-7435575A84FA}
Canon ZoomBrowser EX-->MsiExec.exe /X{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
eMule-->"C:\Program Files\eMule\Uninstall.exe"
Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}
Garmin Communicator Plugin-->MsiExec.exe /X{B3C9A441-C34D-40F3-9D3B-00EDDDAC74F1}
Garmin USB Drivers-->MsiExec.exe /X{B1102A25-3AA3-446B-AA0F-A699B07A02FD}
Garmin WebUpdater-->MsiExec.exe /X{E0783143-EAE2-4047-A8D6-E155523C594C}
Google Chrome-->"C:\Program Files\Google\Chrome\Application\3.0.195.24\Installer\setup.exe" --uninstall --system-level
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google Earth-->MsiExec.exe /X{CC016F21-3970-11DE-B878-005056806466}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"
iGraal Toolbar for Internet Explorer-->"C:\Program Files\iGraal\uninstall.exe"
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
iTunes-->MsiExec.exe /I{EC2A8F27-4FBF-4E41-B27B-FE822511B761}
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
McAfee Security Scan-->"C:\Program Files\McAfee Security Scan\uninstall.exe"
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0122-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB972260)-->"C:\WINDOWS\ie7updates\KB972260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB972636)-->"C:\WINDOWS\ie8updates\KB972636-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB943729)-->"C:\WINDOWS\$NtUninstallKB943729$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
MobileMe Control Panel-->MsiExec.exe /I{3AC54383-31D1-4907-961B-B12CBB1D0AE8}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Mozilla Firefox (3.5.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.23)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Nero 7 Ultra Edition-->MsiExec.exe /X{A20A58C4-6784-4B4B-86CC-94E2E3671036}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Package de base Microsoft de service de chiffrement pour cartes à puce-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
PaperPort-->MsiExec.exe /I{A17EABB6-D0C6-44E5-820C-72DC7F495064}
PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"
Picasa 3-->"C:\Program Files\Picasa2\Uninstall.exe"
PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
QuickTime-->MsiExec.exe /I{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly
RelevantKnowledge-->C:\Program Files\RelevantKnowledge\rlvknlg.exe -bootremove -uninst:RelevantKnowledge
Safari-->MsiExec.exe /I{E56D39F8-2A9F-44B4-B068-A72E45A073E6}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Windows Search 4 - KB963093-->"C:\WINDOWS\$NtUninstallKB963093$\spuninst\spuninst.exe"
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
SYSTRAN Web Translator 5.0-->MsiExec.exe /I{26092005-1129-0001-3530-01706572736F}
Update 1.3-->"C:\Documents and Settings\Administrateur\Application Data\Agence Exclusive\Update\unins000.exe"
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Outlook 2007 Junk Email Filter (kb973514)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {03B11C77-336F-43B4-9B43-79890BA84504}
Utilitaire de configuration iPhone-->MsiExec.exe /I{FA54AFB1-5745-4389-B8C1-9F7509672ED1}
VLC media player 1.0.1-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Weemi 1.0 build 121-->C:\Program Files\Weemi\uninstall.exe
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)-->rundll32.exe C:\PROGRA~1\DIFX\15B7F172FC21855D\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\WINDOWS\system32\DRVSTORE\grmnusb_09F3E629557EBE4D2BA1A9469BDAE635AC0807AE\grmnusb.inf
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Contrôle parental-->MsiExec.exe /X{D5D81435-B8DE-4CAF-867F-7998F2B92CFC}
Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA}
Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live OneCare safety scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows PowerShell(TM) 1.0-->"C:\WINDOWS\$NtUninstallKB926140-v5$\spuninst\spuninst.exe"
Windows Search 4.0-->"C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe"
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
======Hosts File======
66.98.148.65 auto.search.msn.com
66.98.148.65 auto.search.msn.es
127.0.0.1 mpa.one.microsoft.com
======Security center information======
AV: AntiVir Desktop
======System event log======
Computer Name: WINDOWSX-941CDB
Event Code: 7036
Message: Le service Service COM de gravage de CD IMAPI est entré dans l'état : en cours d'exécution.
Record Number: 1696
Source Name: Service Control Manager
Time Written: 20090827100325.000000+120
Event Type: Informations
User:
Computer Name: WINDOWSX-941CDB
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Service COM de gravage de CD IMAPI.
Record Number: 1695
Source Name: Service Control Manager
Time Written: 20090827100325.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM
Computer Name: WINDOWSX-941CDB
Event Code: 7036
Message: Le service avast! Web Scanner est entré dans l'état : en cours d'exécution.
Record Number: 1694
Source Name: Service Control Manager
Time Written: 20090827100324.000000+120
Event Type: Informations
User:
Computer Name: WINDOWSX-941CDB
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service avast! Web Scanner.
Record Number: 1693
Source Name: Service Control Manager
Time Written: 20090827100324.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM
Computer Name: WINDOWSX-941CDB
Event Code: 7036
Message: Le service avast! Mail Scanner est entré dans l'état : en cours d'exécution.
Record Number: 1692
Source Name: Service Control Manager
Time Written: 20090827100323.000000+120
Event Type: Informations
User:
=====Application event log=====
Computer Name: WINDOWSX-941CDB
Event Code: 0
Message:
Record Number: 804
Source Name: RichVideo
Time Written: 20091009214328.000000+120
Event Type: Informations
User:
Computer Name: WINDOWSX-941CDB
Event Code: 0
Message:
Record Number: 803
Source Name: gusvc
Time Written: 20091009214327.000000+120
Event Type: Informations
User:
Computer Name: WINDOWSX-941CDB
Event Code: 0
Message:
Record Number: 802
Source Name: gupdate1ca27d872ddb1d2
Time Written: 20091009214326.000000+120
Event Type: Informations
User:
Computer Name: WINDOWSX-941CDB
Event Code: 7
Message: Récupération de la mise à jour automatique du numéro de séquence de la liste racine tierce partie réussie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
Record Number: 801
Source Name: crypt32
Time Written: 20090928235418.000000+120
Event Type: Informations
User:
Computer Name: WINDOWSX-941CDB
Event Code: 0
Message:
Record Number: 800
Source Name: gusvc
Time Written: 20090928223100.000000+120
Event Type: Informations
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\WINDOWS\system32\WindowsPowerShell\v1.0;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 127 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=7f02
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.PSC1
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip
-----------------EOF-----------------
- Désinstalle Weemi 1.0.
- Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
- Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
- Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
- Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
- Sélectionne Exécuter un examen rapide.
- Clique sur Rechercher. L'analyse démarre.
- A la fin de l'analyse, un message s'affiche :
| Citation : L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés. |
- Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
- Ferme tes navigateurs.
- Si des malwares ont été détectés, clique sur Afficher les résultats.
- Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
- MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
merci encore !
voila la réponse
Malwarebytes' Anti-Malware 1.41
Version de la base de données: 2910
Windows 5.1.2600 Service Pack 3
05/10/2009 19:38:32
mbam-log-2009-10-05 (19-38-32).txt
Type de recherche: Examen rapide
Eléments examinés: 98744
Temps écoulé: 4 minute(s), 51 second(s)
Processus mémoire infecté(s): 2
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 5
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 6
Fichier(s) infecté(s): 15
Processus mémoire infecté(s):
C:\Documents and Settings\All Users\Application Data\Weemi\weemi121.exe (Adware.Weemi) -> Unloaded process successfully.
C:\Program Files\Weemi\weemi.exe (Adware.Weemi) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
C:\Program Files\RelevantKnowledge\components\rlxg.dll (Spyware.MarketScore) -> Delete on reboot.
C:\Program Files\Weemi\weemi.dll (Adware.Weemi) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\weemi (Adware.Weemi) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{d08d9f98-1c78-4704-87e6-368b0023d831} (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Weemi (Adware.Weemi) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Weemi Service (Adware.Weemi) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Enum\Root\LEGACY_WEEMI_SERVICE (Adware.Weemi) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Program Files\DivoCodec (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\RelevantKnowledge (Spyware.MarketScore) -> Delete on reboot.
C:\Program Files\RelevantKnowledge\components (Spyware.MarketScore) -> Delete on reboot.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\RelevantKnowledge (Spyware.MarketScore) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Weemi (Adware.Weemi) -> Quarantined and deleted successfully.
C:\Program Files\Weemi (Adware.Weemi) -> Delete on reboot.
Fichier(s) infecté(s):
C:\Program Files\RelevantKnowledge\chrome.manifest (Spyware.MarketScore) -> Quarantined and deleted successfully.
C:\Program Files\RelevantKnowledge\install.rdf (Spyware.MarketScore) -> Quarantined and deleted successfully.
C:\Program Files\RelevantKnowledge\rloci.bin (Spyware.MarketScore) -> Quarantined and deleted successfully.
C:\Program Files\RelevantKnowledge\rlph.dll (Spyware.MarketScore) -> Quarantined and deleted successfully.
C:\Program Files\RelevantKnowledge\rlxf.dll (Spyware.MarketScore) -> Quarantined and deleted successfully.
C:\Program Files\RelevantKnowledge\components\rlxg.dll (Spyware.MarketScore) -> Delete on reboot.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\RelevantKnowledge\About RelevantKnowledge.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\RelevantKnowledge\Privacy Policy and User License Agreement.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\RelevantKnowledge\Support.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\RelevantKnowledge\Uninstall Instructions.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Weemi\weemi117.exe (Adware.Weemi) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Weemi\weemi121.exe (Adware.Weemi) -> Quarantined and deleted successfully.
C:\Program Files\Weemi\uninstall.exe (Adware.Weemi) -> Quarantined and deleted successfully.
C:\Program Files\Weemi\weemi.dll (Adware.Weemi) -> Delete on reboot.
C:\Program Files\Weemi\weemi.exe (Adware.Weemi) -> Quarantined and deleted successfully.
- Relance MBAM, va dans Quarantaine et supprime tout.
- Refais un scan RSIT et poste le rapport log.
J'ai fais ce que vous m'avez dit :
voici le rapport log
merci encore
Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrateur at 2009-10-06 12:59:05
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 219 GB (92%) free of 238 GB
Total RAM: 1983 MB (66% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:59:09, on 06/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Documents and Settings\Administrateur\Application Data\Agence Exclusive\Update\UpdateHP.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Agence Exclusive\Agence.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Google\Update\1.2.183.7\GoogleCrashHandler.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Administrateur\Mes documents\Téléchargements\RSIT.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HijackThis\Administrateur.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: 66.98.148.65 auto.search.msn.com
O1 - Hosts: 66.98.148.65 auto.search.msn.es
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AEBHO - {0495F4D7-9FE3-4456-AA9D-1D57E78DF5F0} - C:\Program Files\Agence Exclusive\AgenceBHO.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: iGraalBHO - {CF3C5900-BEC0-470E-AEE8-CE277C60667C} - C:\Program Files\iGraal\BHO.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: SYSTRAN Web Translator 5.0 - {A5899B52-3AF9-4F56-85FE-AD7B3BE8490F} - C:\Program Files\SYSTRAN\5.0\Personal\IEPlugIn.dll
O3 - Toolbar: iGraal Toolbar - {D01B1F7D-9D7F-46C3-8DB9-5A55819E2A7F} - C:\Program Files\iGraal\Toolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Helper] C:\Documents and Settings\Administrateur\Application Data\Agence Exclusive\Update\UpdateHP.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Agence] "C:\Program Files\Agence Exclusive\Agence.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Contrôleur d’état.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O4 - Global Startup: McAfee Security Scan.lnk = ?
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: iGraal - {32893F3D-2B10-4B09-BA6A-8F20E7D33925} - C:\Program Files\iGraal\Button.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} (PhotoboxPhotowaysUploader5 Control) - http://assets.photobox.com/assets/ [...] 0806143003
O16 - DPF: {12545791-AC9A-44B2-8964-0DA216C4A4E5} (Cnsweb3d Control) - http://www.partserver.de/partserve [...] sweb3d.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.fr/ImageUploader5.cab
O16 - DPF: {741747F6-83B4-4FB9-A268-8CA4010762C8} (Snapfish Activia2) - http://www3.snapfish.fr/SnapfishActivia2.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/control [...] ader55.cab
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - https://as.photoprintit.de/ips-opda [...] oader4.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.girafoto.fr/uploaders/a [...] oader4.cab
O20 - Winlogon Notify: RelevantKnowledge - C:\Program Files\RelevantKnowledge\rlls.dll (file missing)
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Service Google Update (gupdate1ca27d872ddb1d2) (gupdate1ca27d872ddb1d2) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
--
End of file - 11441 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\RegPowerClean.job
C:\WINDOWS\tasks\RPCReminder.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0495F4D7-9FE3-4456-AA9D-1D57E78DF5F0}]
AEBHO Class - C:\Program Files\Agence Exclusive\AgenceBHO.dll [2009-09-22 225280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-08-20 256112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2009-08-20 761840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-08-20 458736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CF3C5900-BEC0-470E-AEE8-CE277C60667C}]
iGraal Module - C:\Program Files\iGraal\BHO.dll [2009-06-11 61728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{A5899B52-3AF9-4F56-85FE-AD7B3BE8490F} - SYSTRAN Web Translator 5.0 - C:\Program Files\SYSTRAN\5.0\Personal\IEPlugIn.dll [2005-03-10 262144]
{D01B1F7D-9D7F-46C3-8DB9-5A55819E2A7F} - iGraal Toolbar - C:\Program Files\iGraal\Toolbar.dll [2009-06-11 92960]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-08-20 256112]
Locked
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-02-25 8491008]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-02-25 81920]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-04-10 16861184]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2006-12-06 69216]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-12-05 54832]
"SSBkgdUpdate"=C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2003-10-14 155648]
"PaperPort PTD"=C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2005-03-17 57393]
"IndexSearch"=C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2005-03-17 40960]
"SetDefPrt"=C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe [2005-01-26 49152]
"ControlCenter2.0"=C:\Program Files\Brother\ControlCenter2\brctrcen.exe [2005-05-17 933888]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"Helper"=C:\Documents and Settings\Administrateur\Application Data\Agence Exclusive\Update\UpdateHP.exe [2009-07-01 491520]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-09-05 417792]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-09-08 305440]
"AppleSyncNotifier"=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-08-13 177440]
"Agence"=C:\Program Files\Agence Exclusive\Agence.exe [2009-09-22 638976]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Picasa Media Detector"=C:\Program Files\Picasa2\PicasaMediaDetector.exe [2008-02-26 443968]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Contrôleur d’état.lnk - C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
McAfee Security Scan.lnk - C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\RelevantKnowledge]
C:\Program Files\RelevantKnowledge\rlls.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\WINDOWS\Temp\~os52A.tmp\rlvknlg.exe"="C:\WINDOWS\Temp\~os52A.tmp\rlvknlg.exe:*:Enabled:rlvknlg.exe"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
"c:\program files\relevantknowledge\rlvknlg.exe"="c:\program files\relevantknowledge\rlvknlg.exe:*:Enabled:rlvknlg.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{120f856a-85b1-11de-a64f-00218567f8db}]
shell\AutoRun\command - L:\LaunchU3.exe -a
======List of files/folders created in the last 3 months======
2009-10-05 17:46:55 ----DC---- C:\rsit
2009-10-05 12:55:34 ----DC---- C:\Program Files\Trend Micro
2009-10-03 20:06:30 ----DC---- C:\Program Files\Microsoft Office Outlook Connector
2009-10-02 21:46:01 ----DC---- C:\Program Files\Avira
2009-10-02 21:46:01 ----DC---- C:\Documents and Settings\All Users\Application Data\Avira
2009-10-02 21:26:05 ----DC---- C:\Documents and Settings\All Users\Application Data\McAfee
2009-09-30 10:38:17 ----DC---- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
2009-09-30 10:38:16 ----DC---- C:\Program Files\McAfee Security Scan
2009-09-29 11:38:12 ----DC---- C:\Program Files\Mozilla Firefox
2009-09-27 23:40:49 ----DC---- C:\Program Files\Windows Live Safety Center
2009-09-24 21:11:15 ----DC---- C:\Program Files\Agence Exclusive
2009-09-23 23:13:12 ----DC---- C:\WINDOWS\Bureau
2009-09-20 21:00:24 ----AC---- C:\WINDOWS\system32\ptpusb.dll
2009-09-20 21:00:22 ----AC---- C:\WINDOWS\system32\ptpusd.dll
2009-09-20 13:46:05 ----DC---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2009-09-19 19:27:04 ----DC---- C:\Documents and Settings\All Users\Application Data\Winferno
2009-09-19 19:25:08 ----DC---- C:\Documents and Settings\Administrateur\Application Data\Titanium Gears
2009-09-19 19:24:58 ----DC---- C:\Program Files\Playalot Games
2009-09-19 19:22:24 ----DC---- C:\Program Files\Free Offers from Freeze.com
2009-09-19 19:22:21 ----AC---- C:\WINDOWS\system32\WINUTIL5.DLL
2009-09-19 19:22:21 ----AC---- C:\WINDOWS\system32\WINLCTL5.DLL
2009-09-19 19:22:19 ----DC---- C:\Program Files\Winferno
2009-09-19 19:22:19 ----AC---- C:\WINDOWS\system32\CapiCom.dll
2009-09-19 17:52:39 ----DC---- C:\Program Files\eMule
2009-09-18 22:25:17 ----DC---- C:\Documents and Settings\Administrateur\Application Data\cadenas
2009-09-18 18:41:36 ----AC---- C:\WINDOWS\OpPrintServer.INI
2009-09-18 18:33:09 ----DC---- C:\Program Files\Canon
2009-09-17 17:27:26 ----DC---- C:\Program Files\Safari
2009-09-17 17:03:35 ----DC---- C:\Program Files\Utilitaire de configuration iPhone
2009-09-17 17:02:59 ----AC---- C:\WINDOWS\system32\GEARAspi.dll
2009-09-17 17:02:15 ----DC---- C:\Program Files\iPod
2009-09-17 17:02:11 ----DC---- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-09-17 17:02:10 ----DC---- C:\Program Files\iTunes
2009-09-17 17:01:47 ----DC---- C:\Program Files\Bonjour
2009-09-17 17:01:06 ----DC---- C:\Program Files\QuickTime
2009-09-17 17:01:05 ----DC---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2009-09-17 16:59:42 ----DC---- C:\Program Files\Fichiers communs\Apple
2009-09-10 19:01:52 ----DC---- C:\Program Files\PhotoFiltre
2009-09-10 01:26:16 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2009-09-10 01:26:13 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2009-08-28 14:09:28 ----DC---- C:\Documents and Settings\All Users\Application Data\Google Updater
2009-08-28 14:06:55 ----DC---- C:\Documents and Settings\Administrateur\Application Data\Agence Exclusive
2009-08-26 23:51:27 ----HDC---- C:\WINDOWS\$NtUninstallKB970653-v3$
2009-08-26 10:42:20 ----DC---- C:\Documents and Settings\Administrateur\Application Data\Snapfish
2009-08-23 20:25:13 ----RDC---- C:\Documents and Settings\Administrateur\Application Data\Brother
2009-08-23 19:54:23 ----DC---- C:\Documents and Settings\Administrateur\Application Data\GARMIN
2009-08-23 19:34:21 ----DC---- C:\Program Files\Garmin GPS Plugin
2009-08-23 19:33:24 ----DC---- C:\Program Files\Garmin
2009-08-23 19:33:24 ----DC---- C:\Program Files\DIFX
2009-08-21 14:00:28 ----DC---- C:\Documents and Settings\Administrateur\Application Data\U3
2009-08-20 13:21:37 ----AC---- C:\WINDOWS\system32\ML.DLL
2009-08-18 15:36:50 ----DC---- C:\Program Files\Adobe
2009-08-14 14:38:11 ----DC---- C:\Documents and Settings\Administrateur\Application Data\Apple Computer
2009-08-14 14:34:52 ----DC---- C:\Program Files\Apple Software Update
2009-08-14 14:34:52 ----DC---- C:\Documents and Settings\All Users\Application Data\Apple
2009-08-13 16:30:07 ----DC---- C:\Documents and Settings\Administrateur\Application Data\igraal
2009-08-13 16:29:58 ----DC---- C:\Program Files\iGraal
2009-08-13 01:20:48 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2009-08-13 01:20:45 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2009-08-13 01:20:41 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2009-08-13 01:20:37 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2009-08-13 01:20:34 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2009-08-13 01:20:20 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2009-08-13 01:20:17 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2009-08-13 01:20:11 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2009-08-13 01:19:16 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2009-08-12 17:24:30 ----DC---- C:\Program Files\SYSTRAN
2009-08-12 17:24:28 ----DC---- C:\WINDOWS\system32\E177E04D548C4006A465EEB92D3DE021
2009-08-12 17:21:20 ----C---- C:\WINDOWS\system32\brinsstr.dll
2009-08-12 17:21:14 ----C---- C:\WINDOWS\system32\PDRVINST.DLL
2009-08-12 17:21:14 ----C---- C:\WINDOWS\system32\BRWEBUP.EXE
2009-08-12 17:21:14 ----C---- C:\WINDOWS\system32\BrWebIns.dll
2009-08-12 17:21:13 ----DC---- C:\Program Files\Common Files
2009-08-12 17:21:13 ----DC---- C:\Program Files\Brother
2009-08-12 17:21:11 ----DC---- C:\Brother
2009-08-12 17:21:10 ----C---- C:\WINDOWS\brunin03.dll
2009-08-12 17:20:33 ----AC---- C:\WINDOWS\maxlink.ini
2009-08-12 17:20:24 ----DC---- C:\Documents and Settings\All Users\Application Data\InstallShield
2009-08-12 17:20:14 ----DC---- C:\Program Files\Fichiers communs\ScanSoft Shared
2009-08-12 17:20:11 ----DC---- C:\Program Files\ScanSoft
2009-08-12 17:20:11 ----DC---- C:\Documents and Settings\All Users\Application Data\ScanSoft
2009-08-12 17:19:37 ----DC---- C:\Documents and Settings\All Users\Application Data\Brother
2009-08-12 16:18:40 ----DC---- C:\Documents and Settings\Administrateur\Application Data\Google
2009-08-12 16:18:38 ----DC---- C:\Documents and Settings\All Users\Application Data\Google
2009-08-12 15:06:37 ----DC---- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2009-08-12 15:04:31 ----DC---- C:\Program Files\Messenger Plus! Live
2009-08-10 17:11:04 ----DC---- C:\Program Files\PhotoFiltre Studio X
2009-08-09 01:04:25 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
2009-08-08 11:42:54 ----DC---- C:\Documents and Settings\Administrateur\Application Data\vlc
2009-08-08 11:12:26 ----AC---- C:\WINDOWS\system32\muweb.dll
2009-08-08 11:12:26 ----AC---- C:\WINDOWS\system32\mucltui.dll.mui
2009-08-08 11:12:26 ----AC---- C:\WINDOWS\system32\mucltui.dll
2009-08-07 23:42:07 ----DC---- C:\Documents and Settings\Administrateur\Application Data\Adobe
2009-08-07 23:42:00 ----DC---- C:\Documents and Settings\Administrateur\Application Data\Macromedia
2009-08-07 23:38:25 ----DC---- C:\Documents and Settings\Administrateur\Application Data\Windows Search
2009-08-07 23:36:51 ----DC---- C:\Program Files\Microsoft Silverlight
2009-08-07 23:36:03 ----DC---- C:\Program Files\Microsoft Sync Framework
2009-08-07 23:35:33 ----AC---- C:\WINDOWS\system32\d3dx9_32.dll
2009-08-07 23:35:27 ----DC---- C:\Program Files\Microsoft SQL Server Compact Edition
2009-08-07 23:34:39 ----DC---- C:\Program Files\Microsoft
2009-08-07 23:34:25 ----DC---- C:\Program Files\Windows Live SkyDrive
2009-08-07 23:34:06 ----DC---- C:\Program Files\Windows Live
2009-08-07 23:29:50 ----DC---- C:\Program Files\Fichiers communs\Windows Live
2009-08-07 23:10:12 ----DC---- C:\Documents and Settings\Administrateur\Application Data\Talkback
2009-08-07 23:09:56 ----DC---- C:\Documents and Settings\Administrateur\Application Data\Thunderbird
2009-08-07 23:09:56 ----DC---- C:\Documents and Settings\Administrateur\Application Data\Mozilla
2009-08-07 23:08:59 ----DC---- C:\Program Files\Mozilla Thunderbird
2009-08-07 23:06:49 ----AC---- C:\WINDOWS\system32\brss01a.ini
2009-08-07 23:06:49 ----AC---- C:\WINDOWS\BRWMARK.INI
2009-08-07 23:06:49 ----AC---- C:\WINDOWS\BRPP2KA.INI
2009-08-07 23:06:28 ----AC---- C:\WINDOWS\system32\vfwwdm32.dll
2009-08-07 14:28:54 ----HDC---- C:\WINDOWS\$NtUninstallbasecsp$
2009-08-07 14:28:47 ----DC---- C:\WINDOWS\system32\windowspowershell
2009-08-07 14:28:45 ----HDC---- C:\WINDOWS\$NtUninstallKB926140-v5$
2009-08-07 14:28:39 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2009-08-07 14:27:54 ----DC---- C:\Documents and Settings\Administrateur\Application Data\WinRAR
2009-08-07 14:27:34 ----C---- C:\WINDOWS\system32\spmsg2.dll
2009-08-07 14:27:33 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
2009-08-07 14:20:00 ----DC---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2009-08-07 14:12:09 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2009-08-07 14:12:05 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2009-08-07 14:11:57 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-08-07 14:11:53 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
2009-08-07 14:08:51 ----DC---- C:\WINDOWS\system32\XPSViewer
2009-08-07 14:08:47 ----DC---- C:\WINDOWS\system32\en-US
2009-08-07 14:08:42 ----DC---- C:\Program Files\Reference Assemblies
2009-08-07 14:08:28 ----DC---- C:\f08c62f5788916a6db
2009-08-07 14:08:28 ----C---- C:\WINDOWS\system32\xpssvcs.dll
2009-08-07 14:08:28 ----C---- C:\WINDOWS\system32\xpsshhdr.dll
2009-08-07 14:08:28 ----C---- C:\WINDOWS\system32\prntvpt.dll
2009-08-07 14:08:19 ----DC---- C:\WINDOWS\SxsCaPendDel
2009-08-07 14:04:17 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-08-07 14:04:10 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2009-08-07 14:04:04 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-08-07 14:03:58 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-08-07 14:03:27 ----HDC---- C:\WINDOWS\$NtUninstallKB963093$
2009-08-07 14:03:10 ----DC---- C:\Program Files\WinRAR
2009-08-07 14:02:59 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-08-07 14:02:51 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-08-07 14:02:22 ----DC---- C:\WINDOWS\ie8updates
2009-08-07 14:01:27 ----DC---- C:\Documents and Settings\Administrateur\Application Data\Yahoo!
2009-08-07 14:01:24 ----DC---- C:\Program Files\Yahoo!
2009-08-07 14:01:19 ----DC---- C:\Program Files\CCleaner
2009-08-07 14:01:05 ----HDC---- C:\WINDOWS\ie8
2009-08-07 14:00:54 ----DC---- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
2009-08-07 14:00:47 ----DC---- C:\Program Files\Malwarebytes' Anti-Malware
2009-08-07 14:00:47 ----DC---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-08-07 13:53:16 ----HDC---- C:\WINDOWS\$NtUninstallKB959772_WM11$
2009-08-07 13:53:10 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-08-07 13:53:05 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-08-07 13:53:00 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2009-08-07 13:52:54 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-08-07 13:52:03 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
2009-08-07 13:51:58 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-08-07 13:51:53 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$
2009-08-07 13:51:50 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-08-07 13:51:36 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2009-08-07 13:51:26 ----AC---- C:\WINDOWS\NeroDigital.ini
2009-08-07 13:51:08 ----DC---- C:\WINDOWS\system32\appmgmt
2009-07-26 16:44:56 ----AC---- C:\WINDOWS\system32\sirenacm.dll
======List of files/folders modified in the last 3 months======
2009-10-06 12:57:31 ----DC---- C:\WINDOWS\Prefetch
2009-10-06 12:55:14 ----DC---- C:\WINDOWS\Temp
2009-10-06 12:54:28 ----DC---- C:\WINDOWS\system32\CatRoot2
2009-10-06 12:54:25 ----SDC---- C:\WINDOWS\Tasks
2009-10-05 23:38:29 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-10-05 19:41:09 ----RDC---- C:\Program Files
2009-10-05 18:36:09 ----DC---- C:\WINDOWS\system32\drivers
2009-10-04 23:50:37 ----DC---- C:\WINDOWS\system32
2009-10-04 21:53:50 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-10-04 21:50:10 ----DC---- C:\WINDOWS
2009-10-03 23:19:45 ----SHDC---- C:\WINDOWS\Installer
2009-10-03 23:19:45 ----DC---- C:\WINDOWS\WinSxS
2009-10-03 20:18:18 ----DC---- C:\WINDOWS\Microsoft.NET
2009-10-03 20:17:51 ----RSDC---- C:\WINDOWS\assembly
2009-10-03 20:06:31 ----DC---- C:\Program Files\Fichiers communs\System
2009-10-03 20:04:34 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-10-03 20:04:33 ----HDC---- C:\WINDOWS\inf
2009-10-03 20:03:14 ----DC---- C:\WINDOWS\system32\DirectX
2009-10-02 21:45:41 ----DC---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-09-26 16:00:09 ----SHDC---- C:\WINDOWS\system32\dllcache
2009-09-20 21:35:11 ----DC---- C:\WINDOWS\Debug
2009-09-20 01:27:02 ----SDC---- C:\Documents and Settings\Administrateur\Application Data\Microsoft
2009-09-18 22:25:17 ----SDC---- C:\WINDOWS\Downloaded Program Files
2009-09-18 20:10:14 ----DC---- C:\WINDOWS\Network Diagnostic
2009-09-18 18:43:35 ----HDC---- C:\Program Files\InstallShield Installation Information
2009-09-17 16:59:42 ----DC---- C:\Program Files\Fichiers communs
2009-09-10 18:21:10 ----DC---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-09-10 01:26:13 ----HDC---- C:\WINDOWS\$hf_mig$
2009-08-28 23:38:20 ----AC---- C:\WINDOWS\system32\MRT.exe
2009-08-28 14:10:34 ----DC---- C:\Program Files\Google
2009-08-26 10:42:22 ----SDC---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-08-18 15:37:21 ----DC---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-08-18 15:37:05 ----DC---- C:\Program Files\Fichiers communs\Adobe
2009-08-14 14:35:20 ----DC---- C:\Program Files\Internet Explorer
2009-08-13 01:20:18 ----DC---- C:\Program Files\Outlook Express
2009-08-12 17:28:16 ----RSDC---- C:\WINDOWS\Fonts
2009-08-12 17:21:13 ----DC---- C:\Program Files\Fichiers communs\InstallShield
2009-08-10 17:16:15 ----DC---- C:\Documents and Settings\Administrateur\Application Data\Identities
2009-08-07 23:06:15 ----DC---- C:\WINDOWS\twain_32
2009-08-07 15:01:13 ----DC---- C:\Program Files\Picasa2
2009-08-07 14:54:42 ----DC---- C:\WINDOWS\system32\config
2009-08-07 14:53:53 ----DC---- C:\WINDOWS\security
2009-08-07 14:29:45 ----DC---- C:\WINDOWS\system32\CatRoot
2009-08-07 14:27:24 ----DC---- C:\WINDOWS\system32\fr-fr
2009-08-07 14:18:59 ----DC---- C:\WINDOWS\system32\wbem
2009-08-07 14:18:59 ----DC---- C:\WINDOWS\Media
2009-08-07 14:18:59 ----DC---- C:\WINDOWS\Help
2009-08-07 14:18:59 ----DC---- C:\WINDOWS\AppPatch
2009-08-07 14:18:59 ----DC---- C:\Program Files\Windows Desktop Search
2009-08-07 14:08:48 ----DC---- C:\Program Files\MSBuild
2009-08-07 14:08:34 ----DC---- C:\WINDOWS\system32\spool
2009-08-07 14:03:49 ----DC---- C:\WINDOWS\ie7updates
2009-08-07 13:51:04 ----DC---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2009-08-07 12:18:10 ----SHD---- C:\System Volume Information
2009-08-05 11:00:38 ----AC---- C:\WINDOWS\system32\mswebdvd.dll
2009-07-19 18:45:00 ----A---- C:\WINDOWS\system32\ieframe.dll
2009-07-19 15:15:02 ----AC---- C:\WINDOWS\system32\mshtml.dll
2009-07-17 21:03:33 ----A---- C:\WINDOWS\system32\atl.dll
2009-07-14 13:03:14 ----AC---- C:\WINDOWS\system32\tzchange.exe
2009-07-13 23:43:24 ----AC---- C:\WINDOWS\system32\wmpdxm.dll
2009-07-13 23:43:24 ----AC---- C:\WINDOWS\system32\wmp.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43520]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-10-04 28520]
R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B}; \??\C:\Program Files\CyberLink\PowerDVD\000.fcl []
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-10-04 55656]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
R3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\System32\Drivers\BrScnUsb.sys [2004-10-15 15295]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-04-17 4707328]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-02-25 6867360]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2008-01-29 54016]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2008-01-29 22016]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 grmnusb;grmnusb; C:\WINDOWS\system32\drivers\grmnusb.sys [2007-03-08 8320]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nvsmu;nvsmu; C:\WINDOWS\system32\DRIVERS\nvsmu.sys [2008-02-15 14336]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-10-04 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-10-04 185089]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 Brother XP spl Service;BrSplService; C:\WINDOWS\system32\brsvc01a.exe [2002-04-12 57344]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-02-25 155716]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2005-08-08 167936]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-09-08 545568]
S2 gupdate1ca27d872ddb1d2;Service Google Update (gupdate1ca27d872ddb1d2); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-08-28 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-28 194032]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2007-05-16 271920]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Agence Exclusive, ça te dit quelque chose ?
pourquoi cette question ? non ca me dit rien !!
| Citation : Agence 1.0-->"C:\Program Files\Agence Exclusive\unins000.exe" |
--> Ce logiciel est pourtant installé.
ba jen sais rien du tout ce que c est que ce truc !!
meme jle trouve pas dans mes instal !
jpeux le virer ?
Alors désinstalle-le puis refais un scan RSIT puis poste le rapport log.
Merci
voila le rapport
Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrateur at 2009-10-06 23:28:32
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 218 GB (92%) free of 238 GB
Total RAM: 1983 MB (61% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:28:37, on 06/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\Documents and Settings\Administrateur\Application Data\Agence Exclusive\Update\UpdateHP.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Google\Update\1.2.183.7\GoogleCrashHandler.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Brother\Brmfcmon\brmfcwnd.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Administrateur\Mes documents\Téléchargements\RSIT(3).exe
C:\Program Files\Trend Micro\HijackThis\Administrateur.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: 66.98.148.65 auto.search.msn.com
O1 - Hosts: 66.98.148.65 auto.search.msn.es
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: iGraalBHO - {CF3C5900-BEC0-470E-AEE8-CE277C60667C} - C:\Program Files\iGraal\BHO.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: SYSTRAN Web Translator 5.0 - {A5899B52-3AF9-4F56-85FE-AD7B3BE8490F} - C:\Program Files\SYSTRAN\5.0\Personal\IEPlugIn.dll
O3 - Toolbar: iGraal Toolbar - {D01B1F7D-9D7F-46C3-8DB9-5A55819E2A7F} - C:\Program Files\iGraal\Toolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Helper] C:\Documents and Settings\Administrateur\Application Data\Agence Exclusive\Update\UpdateHP.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Contrôleur d’état.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O4 - Global Startup: McAfee Security Scan.lnk = ?
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: iGraal - {32893F3D-2B10-4B09-BA6A-8F20E7D33925} - C:\Program Files\iGraal\Button.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} (PhotoboxPhotowaysUploader5 Control) - http://assets.photobox.com/assets/ [...] 0806143003
O16 - DPF: {12545791-AC9A-44B2-8964-0DA216C4A4E5} (Cnsweb3d Control) - http://www.partserver.de/partserve [...] sweb3d.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.fr/ImageUploader5.cab
O16 - DPF: {741747F6-83B4-4FB9-A268-8CA4010762C8} (Snapfish Activia2) - http://www3.snapfish.fr/SnapfishActivia2.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/control [...] ader55.cab
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - https://as.photoprintit.de/ips-opda [...] oader4.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.girafoto.fr/uploaders/a [...] oader4.cab
O20 - Winlogon Notify: RelevantKnowledge - C:\Program Files\RelevantKnowledge\rlls.dll (file missing)
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Service Google Update (gupdate1ca27d872ddb1d2) (gupdate1ca27d872ddb1d2) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
--
End of file - 11306 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\RegPowerClean.job
C:\WINDOWS\tasks\RPCReminder.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-08-20 256112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2009-08-20 761840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-08-20 458736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CF3C5900-BEC0-470E-AEE8-CE277C60667C}]
iGraal Module - C:\Program Files\iGraal\BHO.dll [2009-06-11 61728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{A5899B52-3AF9-4F56-85FE-AD7B3BE8490F} - SYSTRAN Web Translator 5.0 - C:\Program Files\SYSTRAN\5.0\Personal\IEPlugIn.dll [2005-03-10 262144]
{D01B1F7D-9D7F-46C3-8DB9-5A55819E2A7F} - iGraal Toolbar - C:\Program Files\iGraal\Toolbar.dll [2009-06-11 92960]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-08-20 256112]
Locked
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-02-25 8491008]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-02-25 81920]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-04-10 16861184]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2006-12-06 69216]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-12-05 54832]
"SSBkgdUpdate"=C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2003-10-14 155648]
"PaperPort PTD"=C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2005-03-17 57393]
"IndexSearch"=C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2005-03-17 40960]
"SetDefPrt"=C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe [2005-01-26 49152]
"ControlCenter2.0"=C:\Program Files\Brother\ControlCenter2\brctrcen.exe [2005-05-17 933888]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"Helper"=C:\Documents and Settings\Administrateur\Application Data\Agence Exclusive\Update\UpdateHP.exe [2009-07-01 491520]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-09-05 417792]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-09-08 305440]
"AppleSyncNotifier"=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-08-13 177440]
"Agence"= []
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Picasa Media Detector"=C:\Program Files\Picasa2\PicasaMediaDetector.exe [2008-02-26 443968]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Contrôleur d’état.lnk - C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
McAfee Security Scan.lnk - C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\RelevantKnowledge]
C:\Program Files\RelevantKnowledge\rlls.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\WINDOWS\Temp\~os52A.tmp\rlvknlg.exe"="C:\WINDOWS\Temp\~os52A.tmp\rlvknlg.exe:*:Enabled:rlvknlg.exe"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
"c:\program files\relevantknowledge\rlvknlg.exe"="c:\program files\relevantknowledge\rlvknlg.exe:*:Enabled:rlvknlg.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{120f856a-85b1-11de-a64f-00218567f8db}]
shell\AutoRun\command - L:\LaunchU3.exe -a
======List of files/folders created in the last 3 months======
2009-10-06 18:24:20 ----DC---- C:\WINDOWS\LastGood
2009-10-05 17:46:55 ----DC---- C:\rsit
2009-10-05 12:55:34 ----DC---- C:\Program Files\Trend Micro
2009-10-03 20:06:30 ----DC---- C:\Program Files\Microsoft Office Outlook Connector
2009-10-02 21:46:01 ----DC---- C:\Program Files\Avira
2009-10-02 21:46:01 ----DC---- C:\Documents and Settings\All Users\Application Data\Avira
2009-10-02 21:26:05 ----DC---- C:\Documents and Settings\All Users\Application Data\McAfee
2009-09-30 10:38:17 ----DC---- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
2009-09-30 10:38:16 ----DC---- C:\Program Files\McAfee Security Scan
2009-09-29 11:38:12 ----DC---- C:\Program Files\Mozilla Firefox
2009-09-27 23:40:49 ----DC---- C:\Program Files\Windows Live Safety Center
2009-09-23 23:13:12 ----DC---- C:\WINDOWS\Bureau
2009-09-20 21:00:24 ----AC---- C:\WINDOWS\system32\ptpusb.dll
2009-09-20 21:00:22 ----AC---- C:\WINDOWS\system32\ptpusd.dll
2009-09-20 13:46:05 ----DC---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2009-09-19 19:27:04 ----DC---- C:\Documents and Settings\All Users\Application Data\Winferno
2009-09-19 19:25:08 ----DC---- C:\Documents and Settings\Administrateur\Application Data\Titanium Gears
2009-09-19 19:24:58 ----DC---- C:\Program Files\Playalot Games
2009-09-19 19:22:24 ----DC---- C:\Program Files\Free Offers from Freeze.com
2009-09-19 19:22:21 ----AC---- C:\WINDOWS\system32\WINUTIL5.DLL
2009-09-19 19:22:21 ----AC---- C:\WINDOWS\system32\WINLCTL5.DLL
2009-09-19 19:22:19 ----DC---- C:\Program Files\Winferno
2009-09-19 19:22:19 ----AC---- C:\WINDOWS\system32\CapiCom.dll
2009-09-19 17:52:39 ----DC---- C:\Program Files\eMule
2009-09-18 22:25:17 ----DC---- C:\Documents and Settings\Administrateur\Application Data\cadenas
2009-09-18 18:41:36 ----AC---- C:\WINDOWS\OpPrintServer.INI
2009-09-18 18:33:09 ----DC---- C:\Program Files\Canon
2009-09-17 17:27:26 ----DC---- C:\Program Files\Safari
2009-09-17 17:03:35 ----DC---- C:\Program Files\Utilitaire de configuration iPhone
2009-09-17 17:02:59 ----AC---- C:\WINDOWS\system32\GEARAspi.dll
2009-09-17 17:02:15 ----DC---- C:\Program Files\iPod
2009-09-17 17:02:11 ----DC---- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-09-17 17:02:10 ----DC---- C:\Program Files\iTunes
2009-09-17 17:01:47 ----DC---- C:\Program Files\Bonjour
2009-09-17 17:01:06 ----DC---- C:\Program Files\QuickTime
2009-09-17 17:01:05 ----DC---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2009-09-17 16:59:42 ----DC---- C:\Program Files\Fichiers communs\Apple
2009-09-10 19:01:52 ----DC---- C:\Program Files\PhotoFiltre
2009-09-10 01:26:16 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2009-09-10 01:26:13 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2009-08-28 14:09:28 ----DC---- C:\Documents and Settings\All Users\Application Data\Google Updater
2009-08-28 14:06:55 ----DC---- C:\Documents and Settings\Administrateur\Application Data\Agence Exclusive
2009-08-26 23:51:27 ----HDC---- C:\WINDOWS\$NtUninstallKB970653-v3$
2009-08-26 10:42:20 ----DC---- C:\Documents and Settings\Administrateur\Application Data\Snapfish
2009-08-23 20:25:13 ----RDC---- C:\Documents and Settings\Administrateur\Application Data\Brother
2009-08-23 19:54:23 ----DC---- C:\Documents and Settings\Administrateur\Application Data\GARMIN
2009-08-23 19:34:21 ----DC---- C:\Program Files\Garmin GPS Plugin
2009-08-23 19:33:24 ----DC---- C:\Program Files\Garmin
2009-08-23 19:33:24 ----DC---- C:\Program Files\DIFX
2009-08-21 14:00:28 ----DC---- C:\Documents and Settings\Administrateur\Application Data\U3
2009-08-20 13:21:37 ----AC---- C:\WINDOWS\system32\ML.DLL
2009-08-18 15:36:50 ----DC---- C:\Program Files\Adobe
2009-08-14 14:38:11 ----DC---- C:\Documents and Settings\Administrateur\Application Data\Apple Computer
2009-08-14 14:34:52 ----DC---- C:\Program Files\Apple Software Update
2009-08-14 14:34:52 ----DC---- C:\Documents and Settings\All Users\Application Data\Apple
2009-08-13 16:30:07 ----DC---- C:\Documents and Settings\Administrateur\Application Data\igraal
2009-08-13 16:29:58 ----DC---- C:\Program Files\iGraal
2009-08-13 01:20:48 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2009-08-13 01:20:45 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2009-08-13 01:20:41 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2009-08-13 01:20:37 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2009-08-13 01:20:34 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2009-08-13 01:20:20 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2009-08-13 01:20:17 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2009-08-13 01:20:11 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2009-08-13 01:19:16 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2009-08-12 17:24:30 ----DC---- C:\Program Files\SYSTRAN
2009-08-12 17:24:28 ----DC---- C:\WINDOWS\system32\E177E04D548C4006A465EEB92D3DE021
2009-08-12 17:21:20 ----C---- C:\WINDOWS\system32\brinsstr.dll
2009-08-12 17:21:14 ----C---- C:\WINDOWS\system32\PDRVINST.DLL
2009-08-12 17:21:14 ----C---- C:\WINDOWS\system32\BRWEBUP.EXE
2009-08-12 17:21:14 ----C---- C:\WINDOWS\system32\BrWebIns.dll
2009-08-12 17:21:13 ----DC---- C:\Program Files\Common Files
2009-08-12 17:21:13 ----DC---- C:\Program Files\Brother
2009-08-12 17:21:11 ----DC---- C:\Brother
2009-08-12 17:21:10 ----C---- C:\WINDOWS\brunin03.dll
2009-08-12 17:20:33 ----AC---- C:\WINDOWS\maxlink.ini
2009-08-12 17:20:24 ----DC---- C:\Documents and Settings\All Users\Application Data\InstallShield
2009-08-12 17:20:14 ----DC---- C:\Program Files\Fichiers communs\ScanSoft Shared
2009-08-12 17:20:11 ----DC---- C:\Program Files\ScanSoft
2009-08-12 17:20:11 ----DC---- C:\Documents and Settings\All Users\Application Data\ScanSoft
2009-08-12 17:19:37 ----DC---- C:\Documents and Settings\All Users\Application Data\Brother
2009-08-12 16:18:40 ----DC---- C:\Documents and Settings\Administrateur\Application Data\Google
2009-08-12 16:18:38 ----DC---- C:\Documents and Settings\All Users\Application Data\Google
2009-08-12 15:06:37 ----DC---- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2009-08-12 15:04:31 ----DC---- C:\Program Files\Messenger Plus! Live
2009-08-10 17:11:04 ----DC---- C:\Program Files\PhotoFiltre Studio X
2009-08-09 01:04:25 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
2009-08-08 11:42:54 ----DC---- C:\Documents and Settings\Administrateur\Application Data\vlc
2009-08-08 11:12:26 ----AC---- C:\WINDOWS\system32\muweb.dll
2009-08-08 11:12:26 ----AC---- C:\WINDOWS\system32\mucltui.dll.mui
2009-08-08 11:12:26 ----AC---- C:\WINDOWS\system32\mucltui.dll
2009-08-07 23:42:07 ----DC---- C:\Documents and Settings\Administrateur\Application Data\Adobe
2009-08-07 23:42:00 ----DC---- C:\Documents and Settings\Administrateur\Application Data\Macromedia
2009-08-07 23:38:25 ----DC---- C:\Documents and Settings\Administrateur\Application Data\Windows Search
2009-08-07 23:36:51 ----DC---- C:\Program Files\Microsoft Silverlight
2009-08-07 23:36:03 ----DC---- C:\Program Files\Microsoft Sync Framework
2009-08-07 23:35:33 ----AC---- C:\WINDOWS\system32\d3dx9_32.dll
2009-08-07 23:35:27 ----DC---- C:\Program Files\Microsoft SQL Server Compact Edition
2009-08-07 23:34:39 ----DC---- C:\Program Files\Microsoft
2009-08-07 23:34:25 ----DC---- C:\Program Files\Windows Live SkyDrive
2009-08-07 23:34:06 ----DC---- C:\Program Files\Windows Live
2009-08-07 23:29:50 ----DC---- C:\Program Files\Fichiers communs\Windows Live
2009-08-07 23:10:12 ----DC---- C:\Documents and Settings\Administrateur\Application Data\Talkback
2009-08-07 23:09:56 ----DC---- C:\Documents and Settings\Administrateur\Application Data\Thunderbird
2009-08-07 23:09:56 ----DC---- C:\Documents and Settings\Administrateur\Application Data\Mozilla
2009-08-07 23:08:59 ----DC---- C:\Program Files\Mozilla Thunderbird
2009-08-07 23:06:49 ----AC---- C:\WINDOWS\system32\brss01a.ini
2009-08-07 23:06:49 ----AC---- C:\WINDOWS\BRWMARK.INI
2009-08-07 23:06:49 ----AC---- C:\WINDOWS\BRPP2KA.INI
2009-08-07 23:06:28 ----AC---- C:\WINDOWS\system32\vfwwdm32.dll
2009-08-07 14:28:54 ----HDC---- C:\WINDOWS\$NtUninstallbasecsp$
2009-08-07 14:28:47 ----DC---- C:\WINDOWS\system32\windowspowershell
2009-08-07 14:28:45 ----HDC---- C:\WINDOWS\$NtUninstallKB926140-v5$
2009-08-07 14:28:39 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2009-08-07 14:27:54 ----DC---- C:\Documents and Settings\Administrateur\Application Data\WinRAR
2009-08-07 14:27:34 ----C---- C:\WINDOWS\system32\spmsg2.dll
2009-08-07 14:27:33 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
2009-08-07 14:20:00 ----DC---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2009-08-07 14:12:09 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2009-08-07 14:12:05 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2009-08-07 14:11:57 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-08-07 14:11:53 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
2009-08-07 14:08:51 ----DC---- C:\WINDOWS\system32\XPSViewer
2009-08-07 14:08:47 ----DC---- C:\WINDOWS\system32\en-US
2009-08-07 14:08:42 ----DC---- C:\Program Files\Reference Assemblies
2009-08-07 14:08:28 ----DC---- C:\f08c62f5788916a6db
2009-08-07 14:08:28 ----C---- C:\WINDOWS\system32\xpssvcs.dll
2009-08-07 14:08:28 ----C---- C:\WINDOWS\system32\xpsshhdr.dll
2009-08-07 14:08:28 ----C---- C:\WINDOWS\system32\prntvpt.dll
2009-08-07 14:08:19 ----DC---- C:\WINDOWS\SxsCaPendDel
2009-08-07 14:04:17 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-08-07 14:04:10 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2009-08-07 14:04:04 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-08-07 14:03:58 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-08-07 14:03:27 ----HDC---- C:\WINDOWS\$NtUninstallKB963093$
2009-08-07 14:03:10 ----DC---- C:\Program Files\WinRAR
2009-08-07 14:02:59 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-08-07 14:02:51 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-08-07 14:02:22 ----DC---- C:\WINDOWS\ie8updates
2009-08-07 14:01:27 ----DC---- C:\Documents and Settings\Administrateur\Application Data\Yahoo!
2009-08-07 14:01:24 ----DC---- C:\Program Files\Yahoo!
2009-08-07 14:01:19 ----DC---- C:\Program Files\CCleaner
2009-08-07 14:01:05 ----HDC---- C:\WINDOWS\ie8
2009-08-07 14:00:54 ----DC---- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
2009-08-07 14:00:47 ----DC---- C:\Program Files\Malwarebytes' Anti-Malware
2009-08-07 14:00:47 ----DC---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-08-07 13:53:16 ----HDC---- C:\WINDOWS\$NtUninstallKB959772_WM11$
2009-08-07 13:53:10 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-08-07 13:53:05 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-08-07 13:53:00 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2009-08-07 13:52:54 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-08-07 13:52:03 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
2009-08-07 13:51:58 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-08-07 13:51:53 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$
2009-08-07 13:51:50 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-08-07 13:51:36 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2009-08-07 13:51:26 ----AC---- C:\WINDOWS\NeroDigital.ini
2009-08-07 13:51:08 ----DC---- C:\WINDOWS\system32\appmgmt
2009-07-26 16:44:56 ----AC---- C:\WINDOWS\system32\sirenacm.dll
======List of files/folders modified in the last 3 months======
2009-10-06 23:27:55 ----DC---- C:\WINDOWS\Prefetch
2009-10-06 23:27:54 ----RDC---- C:\Program Files
2009-10-06 23:21:02 ----DC---- C:\WINDOWS\Temp
2009-10-06 18:24:49 ----HDC---- C:\WINDOWS\inf
2009-10-06 18:24:20 ----DC---- C:\WINDOWS
2009-10-06 14:29:10 ----SDC---- C:\WINDOWS\Tasks
2009-10-06 12:54:28 ----DC---- C:\WINDOWS\system32\CatRoot2
2009-10-05 23:38:29 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-10-05 18:36:09 ----DC---- C:\WINDOWS\system32\drivers
2009-10-04 23:50:37 ----DC---- C:\WINDOWS\system32
2009-10-04 21:53:50 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-10-03 23:19:45 ----SHDC---- C:\WINDOWS\Installer
2009-10-03 23:19:45 ----DC---- C:\WINDOWS\WinSxS
2009-10-03 20:18:18 ----DC---- C:\WINDOWS\Microsoft.NET
2009-10-03 20:17:51 ----RSDC---- C:\WINDOWS\assembly
2009-10-03 20:06:31 ----DC---- C:\Program Files\Fichiers communs\System
2009-10-03 20:04:34 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-10-03 20:03:14 ----DC---- C:\WINDOWS\system32\DirectX
2009-10-02 21:45:41 ----DC---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-09-26 16:00:09 ----SHDC---- C:\WINDOWS\system32\dllcache
2009-09-20 21:35:11 ----DC---- C:\WINDOWS\Debug
2009-09-20 01:27:02 ----SDC---- C:\Documents and Settings\Administrateur\Application Data\Microsoft
2009-09-18 22:25:17 ----SDC---- C:\WINDOWS\Downloaded Program Files
2009-09-18 20:10:14 ----DC---- C:\WINDOWS\Network Diagnostic
2009-09-18 18:43:35 ----HDC---- C:\Program Files\InstallShield Installation Information
2009-09-17 16:59:42 ----DC---- C:\Program Files\Fichiers communs
2009-09-10 18:21:10 ----DC---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-09-10 01:26:13 ----HDC---- C:\WINDOWS\$hf_mig$
2009-08-28 23:38:20 ----AC---- C:\WINDOWS\system32\MRT.exe
2009-08-28 14:10:34 ----DC---- C:\Program Files\Google
2009-08-26 10:42:22 ----SDC---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-08-18 15:37:21 ----DC---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-08-18 15:37:05 ----DC---- C:\Program Files\Fichiers communs\Adobe
2009-08-14 14:35:20 ----DC---- C:\Program Files\Internet Explorer
2009-08-13 01:20:18 ----DC---- C:\Program Files\Outlook Express
2009-08-12 17:28:16 ----RSDC---- C:\WINDOWS\Fonts
2009-08-12 17:21:13 ----DC---- C:\Program Files\Fichiers communs\InstallShield
2009-08-10 17:16:15 ----DC---- C:\Documents and Settings\Administrateur\Application Data\Identities
2009-08-07 23:06:15 ----DC---- C:\WINDOWS\twain_32
2009-08-07 15:01:13 ----DC---- C:\Program Files\Picasa2
2009-08-07 14:54:42 ----DC---- C:\WINDOWS\system32\config
2009-08-07 14:53:53 ----DC---- C:\WINDOWS\security
2009-08-07 14:29:45 ----DC---- C:\WINDOWS\system32\CatRoot
2009-08-07 14:27:24 ----DC---- C:\WINDOWS\system32\fr-fr
2009-08-07 14:18:59 ----DC---- C:\WINDOWS\system32\wbem
2009-08-07 14:18:59 ----DC---- C:\WINDOWS\Media
2009-08-07 14:18:59 ----DC---- C:\WINDOWS\Help
2009-08-07 14:18:59 ----DC---- C:\WINDOWS\AppPatch
2009-08-07 14:18:59 ----DC---- C:\Program Files\Windows Desktop Search
2009-08-07 14:08:48 ----DC---- C:\Program Files\MSBuild
2009-08-07 14:08:34 ----DC---- C:\WINDOWS\system32\spool
2009-08-07 14:03:49 ----DC---- C:\WINDOWS\ie7updates
2009-08-07 13:51:04 ----DC---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2009-08-07 12:18:10 ----SHD---- C:\System Volume Information
2009-08-05 11:00:38 ----AC---- C:\WINDOWS\system32\mswebdvd.dll
2009-07-19 18:45:00 ----A---- C:\WINDOWS\system32\ieframe.dll
2009-07-19 15:15:02 ----AC---- C:\WINDOWS\system32\mshtml.dll
2009-07-17 21:03:33 ----A---- C:\WINDOWS\system32\atl.dll
2009-07-14 13:03:14 ----AC---- C:\WINDOWS\system32\tzchange.exe
2009-07-13 23:43:24 ----AC---- C:\WINDOWS\system32\wmpdxm.dll
2009-07-13 23:43:24 ----AC---- C:\WINDOWS\system32\wmp.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43520]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-10-04 28520]
R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B}; \??\C:\Program Files\CyberLink\PowerDVD\000.fcl []
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-10-04 55656]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
R3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\System32\Drivers\BrScnUsb.sys [2004-10-15 15295]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-04-17 4707328]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-02-25 6867360]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2008-01-29 54016]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2008-01-29 22016]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 grmnusb;grmnusb; C:\WINDOWS\system32\drivers\grmnusb.sys [2007-03-08 8320]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nvsmu;nvsmu; C:\WINDOWS\system32\DRIVERS\nvsmu.sys [2008-02-15 14336]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-10-04 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-10-04 185089]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-02-25 155716]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2005-08-08 167936]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-09-08 545568]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2007-05-16 271920]
S2 Brother XP spl Service;BrSplService; C:\WINDOWS\system32\brsvc01a.exe [2002-04-12 57344]
S2 gupdate1ca27d872ddb1d2;Service Google Update (gupdate1ca27d872ddb1d2); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-08-28 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-28 194032]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
1/
- Lance ce fichier : C:\Program Files\Trend Micro\HijackThis\Administrateur.exe
- Choisis Do a system scan only.
- Coche les cases qui sont devant les lignes suivantes :
O1 - Hosts: 66.98.148.65 auto.search.msn.com
|
- Clique en bas sur Fix checked. Mets oui si HijackThis te demande quelque chose.
- Ferme HijackThis.
2/
- Télécharge OTM (OldTimer) sur ton Bureau.
- Double-clique sur OTM.exe afin de le lancer.
- Copie (Ctrl+C) le texte suivant ci-dessous :
:processes
|
- Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
- Clique maintenant sur le bouton MoveIt! puis ferme OTM.
---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.
- Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
---> Le nom du rapport correspond au moment de sa création : date_heure.log
Voila le rapport
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\c:\program files\relevantknowledge\rlvknlg.exe deleted successfully.
========== FILES ==========
C:\Documents and Settings\Administrateur\Application Data\Agence Exclusive\Update\Software\agence\1.0.0.1 moved successfully.
C:\Documents and Settings\Administrateur\Application Data\Agence Exclusive\Update\Software\agence moved successfully.
C:\Documents and Settings\Administrateur\Application Data\Agence Exclusive\Update\Software moved successfully.
C:\Documents and Settings\Administrateur\Application Data\Agence Exclusive\Update\Download moved successfully.
C:\Documents and Settings\Administrateur\Application Data\Agence Exclusive\Update moved successfully.
C:\Documents and Settings\Administrateur\Application Data\Agence Exclusive moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrateur
->Temp folder emptied: 89139902 bytes
->Temporary Internet Files folder emptied: 73741308 bytes
->FireFox cache emptied: 44474880 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 4349394 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 37827916 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2351795 bytes
%systemroot%\System32 .tmp files removed: 3072 bytes
Windows Temp folder emptied: 1850625 bytes
RecycleBin emptied: 296429940 bytes
Total Files Cleaned = 524,78 mb
OTM by OldTimer - Version 3.0.0.6 log created on 10072009_101059
Files moved on Reboot...
Registry entries deleted on Reboot...
Merci
Je peux vous demander qqc, comment connaissez vous tout cela ?
| Citation : Je peux vous demander qqc, comment connaissez vous tout cela ? |
--> En m'y intéressant, en faisant des formations sur Internet.
- Double-clique sur l'icône d'AntiVir (Parapluie) dans la barre des tâches.
- Dans AntiVir, choisis Outils puis Configuration.
- Coche Mode Expert et coche Rech. Rootkit au dém. de la recherche à droite dans Autres réglages puis valide.
- Fais un scan complet, clique sur Tout réparer si AntiVir trouve quelque chose et poste le rapport.
Tutoriel : Scanner le(s) disque(s) dur(s)
punaise respect !! mais vous etes informaticien ??
je fais de suite le scan !
voila le rapport !
Avira AntiVir Personal
Date de création du fichier de rapport : mercredi 7 octobre 2009 17:32
La recherche porte sur 1780400 souches de virus.
Détenteur de la licence : Avira AntiVir Personal - FREE Antivirus
Numéro de série : 0000149996-ADJIE-0000001
Plateforme : Windows XP
Version de Windows : (Service Pack 3) [5.1.2600]
Mode Boot : Démarré normalement
Identifiant : SYSTEM
Nom de l'ordinateur : WINDOWSX-941CDB
Informations de version :
BUILD.DAT : 9.0.0.70 18071 Bytes 25/09/2009 12:03:00
AVSCAN.EXE : 9.0.3.7 466689 Bytes 04/10/2009 20:03:06
AVSCAN.DLL : 9.0.3.0 49409 Bytes 03/03/2009 09:21:02
LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 10:35:11
LUKERES.DLL : 9.0.2.0 13569 Bytes 03/03/2009 09:21:31
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 11:30:36
ANTIVIR1.VDF : 7.1.4.132 5707264 Bytes 24/06/2009 20:03:06
ANTIVIR2.VDF : 7.1.6.50 4333568 Bytes 29/09/2009 20:03:06
ANTIVIR3.VDF : 7.1.6.80 320512 Bytes 06/10/2009 19:54:04
Version du moteur : 8.2.1.33
AEVDF.DLL : 8.1.1.2 106867 Bytes 04/10/2009 20:03:06
AESCRIPT.DLL : 8.1.2.35 483707 Bytes 04/10/2009 20:03:06
AESCN.DLL : 8.1.2.5 127346 Bytes 04/10/2009 20:03:06
AERDL.DLL : 8.1.3.2 479604 Bytes 04/10/2009 20:03:06
AEPACK.DLL : 8.2.0.0 422261 Bytes 04/10/2009 20:03:06
AEOFFICE.DLL : 8.1.0.38 196987 Bytes 04/10/2009 20:03:06
AEHEUR.DLL : 8.1.0.166 2003319 Bytes 04/10/2009 20:03:06
AEHELP.DLL : 8.1.7.0 237940 Bytes 04/10/2009 20:03:06
AEGEN.DLL : 8.1.1.67 364916 Bytes 04/10/2009 20:03:06
AEEMU.DLL : 8.1.1.0 393587 Bytes 04/10/2009 20:03:06
AECORE.DLL : 8.1.8.1 184693 Bytes 04/10/2009 20:03:06
AEBB.DLL : 8.1.0.3 53618 Bytes 09/10/2008 13:32:40
AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 07:47:30
AVPREF.DLL : 9.0.3.0 44289 Bytes 04/10/2009 20:03:06
AVREP.DLL : 8.0.0.3 155905 Bytes 20/01/2009 13:34:28
AVREG.DLL : 9.0.0.0 36609 Bytes 07/11/2008 14:24:42
AVARKT.DLL : 9.0.0.3 292609 Bytes 24/03/2009 14:05:22
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 09:36:37
SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 14:03:49
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 02/02/2009 07:20:57
NETNT.DLL : 9.0.0.0 11521 Bytes 07/11/2008 14:40:59
RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 04/10/2009 20:03:06
RCTEXT.DLL : 9.0.37.0 88321 Bytes 15/04/2009 09:07:05
Configuration pour la recherche actuelle :
Nom de la tâche...............................: Contrôle intégral du système
Fichier de configuration......................: c:\program files\avira\antivir desktop\sysscan.avp
Documentation.................................: bas
Action principale.............................: interactif
Action secondaire.............................: ignorer
Recherche sur les secteurs d'amorçage maître..: marche
Recherche sur les secteurs d'amorçage.........: marche
Secteurs d'amorçage...........................: C:,
Recherche dans les programmes actifs..........: marche
Recherche en cours sur l'enregistrement.......: marche
Recherche de Rootkits.........................: marche
Contrôle d'intégrité de fichiers système......: arrêt
Fichier mode de recherche.....................: Tous les fichiers
Recherche sur les archives....................: marche
Limiter la profondeur de récursivité..........: 20
Archive Smart Extensions......................: marche
Heuristique de macrovirus.....................: marche
Heuristique fichier...........................: moyen
Catégories de dangers divergentes.............: +APPL,+GAME,+JOKE,+PCK,+SPR,
Début de la recherche : mercredi 7 octobre 2009 17:32
La recherche d'objets cachés commence.
'38925' objets ont été contrôlés, '0' objets cachés ont été trouvés.
La recherche sur les processus démarrés commence :
Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés
Processus de recherche 'firefox.exe' - '1' module(s) sont contrôlés
Processus de recherche 'msnmsgr.exe' - '1' module(s) sont contrôlés
Processus de recherche 'wlcomm.exe' - '1' module(s) sont contrôlés
Processus de recherche 'iPodService.exe' - '1' module(s) sont contrôlés
Processus de recherche 'WindowsSearch.exe' - '1' module(s) sont contrôlés
Processus de recherche 'SSScheduler.exe' - '1' module(s) sont contrôlés
Processus de recherche 'BrMfcMon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'BrMfcWnd.exe' - '1' module(s) sont contrôlés
Processus de recherche 'msmsgs.exe' - '1' module(s) sont contrôlés
Processus de recherche 'msnmsgr.exe' - '1' module(s) sont contrôlés
Processus de recherche 'ctfmon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'PicasaMediaDetector.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés
Processus de recherche 'iTunesHelper.exe' - '1' module(s) sont contrôlés
Processus de recherche 'brctrcen.exe' - '1' module(s) sont contrôlés
Processus de recherche 'pptd40nt.exe' - '1' module(s) sont contrôlés
Processus de recherche 'PDVDServ.exe' - '1' module(s) sont contrôlés
Processus de recherche 'RTHDCPL.exe' - '1' module(s) sont contrôlés
Processus de recherche 'rundll32.exe' - '1' module(s) sont contrôlés
Processus de recherche 'alg.exe' - '1' module(s) sont contrôlés
Processus de recherche 'GoogleCrashHandler.exe' - '1' module(s) sont contrôlés
Processus de recherche 'searchindexer.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'SeaPort.exe' - '1' module(s) sont contrôlés
Processus de recherche 'RichVideo.exe' - '1' module(s) sont contrôlés
Processus de recherche 'nvsvc32.exe' - '1' module(s) sont contrôlés
Processus de recherche 'mdm.exe' - '1' module(s) sont contrôlés
Processus de recherche 'mDNSResponder.exe' - '1' module(s) sont contrôlés
Processus de recherche 'AppleMobileDeviceService.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés
Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés
Processus de recherche 'brss01a.exe' - '1' module(s) sont contrôlés
Processus de recherche 'brsvc01a.exe' - '1' module(s) sont contrôlés
Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés
Processus de recherche 'services.exe' - '1' module(s) sont contrôlés
Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés
Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés
'48' processus ont été contrôlés avec '48' modules
La recherche sur les secteurs d'amorçage maître commence :
Secteur d'amorçage maître HD0
[INFO] Aucun virus trouvé !
Secteur d'amorçage maître HD1
[INFO] Aucun virus trouvé !
Secteur d'amorçage maître HD2
[INFO] Aucun virus trouvé !
Secteur d'amorçage maître HD3
[INFO] Aucun virus trouvé !
Secteur d'amorçage maître HD4
[INFO] Aucun virus trouvé !
Secteur d'amorçage maître HD5
[INFO] Aucun virus trouvé !
Secteur d'amorçage maître HD6
[INFO] Aucun virus trouvé !
La recherche sur les secteurs d'amorçage commence :
Secteur d'amorçage 'C:\'
[INFO] Aucun virus trouvé !
La recherche sur les renvois aux fichiers exécutables (registre) commence :
Le registre a été contrôlé ( '66' fichiers).
La recherche sur les fichiers sélectionnés commence :
Recherche débutant dans 'C:\'
C:\pagefile.sys
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
[REMARQUE] Ce fichier est un fichier système Windows.
[REMARQUE] Il est correct que ce fichier ne puisse pas être ouvert pour la recherche.
C:\System Volume Information\_restore{2A2619B1-36F4-470A-BD1F-E5801B141F54}\RP71\A0018291.exe
[RESULTAT] Contient le cheval de Troie TR/Drop.Softomat.AN
C:\System Volume Information\_restore{2A2619B1-36F4-470A-BD1F-E5801B141F54}\RP71\A0018293.exe
[RESULTAT] Contient le cheval de Troie TR/Drop.Softomat.AN
C:\System Volume Information\_restore{2A2619B1-36F4-470A-BD1F-E5801B141F54}\RP71\A0018295.dll
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
Début de la désinfection :
C:\System Volume Information\_restore{2A2619B1-36F4-470A-BD1F-E5801B141F54}\RP71\A0018291.exe
[RESULTAT] Contient le cheval de Troie TR/Drop.Softomat.AN
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4afcbe1a.qua' !
C:\System Volume Information\_restore{2A2619B1-36F4-470A-BD1F-E5801B141F54}\RP71\A0018293.exe
[RESULTAT] Contient le cheval de Troie TR/Drop.Softomat.AN
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4b8fd47b.qua' !
C:\System Volume Information\_restore{2A2619B1-36F4-470A-BD1F-E5801B141F54}\RP71\A0018295.dll
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4b94057b.qua' !
Fin de la recherche : mercredi 7 octobre 2009 18:12
Temps nécessaire: 29:48 Minute(s)
La recherche a été effectuée intégralement
8354 Les répertoires ont été contrôlés
158895 Des fichiers ont été contrôlés
3 Des virus ou programmes indésirables ont été trouvés
0 Des fichiers ont été classés comme suspects
0 Des fichiers ont été supprimés
0 Des virus ou programmes indésirables ont été réparés
3 Les fichiers ont été déplacés dans la quarantaine
0 Les fichiers ont été renommés
1 Impossible de contrôler des fichiers
158891 Fichiers non infectés
1905 Les archives ont été contrôlées
1 Avertissements
4 Consignes
38925 Des objets ont été contrôlés lors du Rootkitscan
0 Des objets cachés ont été trouvés
Plus de souci ?
non plus de soucis, il rame plus il ne bipe plus au démarrage
merci beaucoup !!
tout est nikel d apres toi ?
et les logiciels que tu m as fais installé jles laisse ou pas ??
1/
- Désinstalle HijackThis.
- Télécharge ToolsCleaner2 sur ton Bureau.
- Double-clique sur ToolsCleaner2.exe pour le lancer.
- Clique sur Recherche et laisse le scan agir.
- Clique sur Suppression pour finaliser.
- Tu peux, si tu le souhaites, te servir des Options Facultatives.
- Clique sur Quitter pour obtenir le rapport.
- Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
2/
- Télécharge et installe CCleaner Slim.
- Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
- Va dans Nettoyeur, choisis Analyser. Une fois terminé, lance le nettoyage.
3/
- Il est nécessaire de désactiver puis réactiver la restauration système pour la purger.
==Prévention==
Pour supprimer les popups d'AntiVir : Lien
Conserve MBAM. Il te servira à scanner les fichiers douteux en complément de l'antivirus et scanne le disque dur régulièrement.
Vérifie que les mises à jour automatiques sont bien activées (Menu Démarrer, clique droit sur Poste de travail, Propriétés, onglet Mises à jour automatiques).
Par rapport au P2P : Lien
Voici un dossier complet (A lire avec Adobe Reader ou Foxit Reader) : Lien
==Problème résolu ?==
--> Si tu estimes que ton problème est résolu, ajoute [Résolu] au titre. Pour cela :
- Clique, dans ton premier message, sur le bouton Editer
.
- Ajoute la mention [Résolu] devant le titre.
- Clique ensuite sur Valider votre message.
Sois plus vigilant(e) sur Internet 
Il y a 1005 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.
