Tom's Guide > Forum > Sécurité - Virus > Un .exe se crée à chaque démarrage dans \AppData\Local\Temp

Un .exe se crée à chaque démarrage dans \AppData\Local\Temp

Forum Sécurité - Virus : Un .exe se crée à chaque démarrage dans \AppData\Local\Temp

TomsGuide.com : 800 000 inscrits répondent à toutes vos questions high-tech et informatique. Pour obtenir de l'aide, inscrivez-vous gratuitement !
Créer un nouveau sujet Répondre
Mot :    Pseudo :           
 
Laurent81   16-10-2009 à 23:38:48

Bonjour,

voici mon problème, après avoir désinstallé un jeux, j'ai un .exe qui se crée à chaque démarrage de mon PC, il s'installe dans ...\AppData\Local\Temp

J'ai 3 fenêtre semblable qui s'ouvre les une après les autres m'indiquant qu'il lui manque une dll portant le nom Binkw32.dll

http://www.badboyteam.fr/img/shift.jpg

Lorsque je fait un CTRL ALT DEL et contrôle dans le gestionnaire des tâches >> Processus, il y a bien ce shift.exe ???

J'ai beau le supprimer dans le dossier ...\AppData\Local\Temp, il se recrée à chaque démarrage.

Je suis sous Vista.

Si vous auriez une idée comment résoudre cet agaçant problème, je vous en serez très reconnaissant.

Merci d'avance

Répondre
Liens sponsorisés
Inscrivez-vous ou connectez-vous pour masquer ceci.
Destrio5   16-10-2009 à 23:43:15
- 0 +

Bonjour,

(Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)

  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).


Note : les rapports sont sauvegardés dans le dossier C:\rsit.

Répondre à Destrio5
Laurent81   17-10-2009 à 00:05:30
- 0 +

Bonjour Destrio5, d'ores et déjà merci de t'occuper de "mon cas" :)

Code :
  1. info.txt logfile of random's system information tool 1.06 2009-10-16 23:56:49
  3. ======Uninstall list======
  5. -->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
  6. -->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
  7. -->MsiExec /X{5DB65884-C963-4454-AABA-4CA3089281FA}
  8. -->MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF}
  9. -->MsiExec.exe /I{0D330013-4A99-46D6-83C6-2C959C68DBFF}
  10. -->MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87}
  11. -->MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
  12. -->MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
  13. -->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
  14. -->MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82}
  15. -->MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
  16. 32 Bit HP CIO Components Installer-->MsiExec.exe /I{2614F54E-A828-49FA-93BA-45A3F756BFAA}
  17. Acrobat.com-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
  18. Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
  19. Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
  20. Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
  21. Adobe AIR-->MsiExec.exe /I{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}
  22. Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
  23. Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8}
  24. Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
  25. Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
  26. Adobe Bridge CS4-->MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0}
  27. Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
  28. Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
  29. Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}
  30. Adobe Color - Photoshop Specific CS4-->MsiExec.exe /I{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}
  31. Adobe Color Common Settings-->MsiExec.exe /I{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}
  32. Adobe Color EU Recommended Settings CS4-->MsiExec.exe /I{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}
  33. Adobe Color EU Recommended Settings-->MsiExec.exe /I{73B5D990-04EA-4751-B10F-5534770B91F2}
  34. Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F}
  35. Adobe Color NA Extra Settings CS4-->MsiExec.exe /I{098A2A49-7CF3-4F08-A38D-FB879117152A}
  36. Adobe Color NA Extra Settings-->MsiExec.exe /I{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}
  37. Adobe Color Video Profiles CS CS4-->MsiExec.exe /I{63C24A08-70F3-4C8E-B9FB-9F21A903801D}
  38. Adobe CSI CS4-->MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF}
  39. Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}
  40. Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
  41. Adobe Device Central CS4-->MsiExec.exe /I{67F0E67A-8E93-4C2C-B29D-47C48262738A}
  42. Adobe Drive CS4-->MsiExec.exe /I{16E16F01-2E2D-4248-A42F-76261C147B6C}
  43. Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}
  44. Adobe ExtendScript Toolkit CS4-->MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}
  45. Adobe Extension Manager CS4-->MsiExec.exe /I{054EFA56-2AC1-48F4-A883-0AB89874B972}
  46. Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
  47. Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
  48. Adobe Fonts All-->MsiExec.exe /I{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}
  49. Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
  50. Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
  51. Adobe Linguistics CS4-->MsiExec.exe /I{931AB7EA-3656-4BB7-864D-022B09E3DD67}
  52. Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A}
  53. Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353}
  54. Adobe Photoshop CS3-->MsiExec.exe /I{BF794769-8875-4E01-B7BE-E00104604F4A}
  55. Adobe Photoshop CS4 Support-->MsiExec.exe /I{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}
  56. Adobe Photoshop CS4-->C:\Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\Setup.exe --uninstall=1
  57. Adobe Photoshop CS4-->MsiExec.exe /I{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}
  58. Adobe Photoshop CS4-->MsiExec.exe /I{E4848436-0345-47E2-B648-8B522FCDA623}
  59. Adobe Reader 8-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *AdobeReader*
  60. Adobe Reader 9.1.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001}
  61. Adobe Search for Help-->MsiExec.exe /I{F0E64E2E-3A60-40D8-A55D-92F6831875DA}
  62. Adobe Service Manager Extension-->MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}
  63. Adobe Setup-->MsiExec.exe /I{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}
  64. Adobe Setup-->MsiExec.exe /I{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}
  65. Adobe Setup-->MsiExec.exe /I{926DEB4E-2B0A-4C5C-AE4A-BF6C06949702}
  66. Adobe Setup-->MsiExec.exe /I{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}
  67. Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
  68. Adobe Shockwave Player-->MsiExec.exe /X{A7DB362E-16DC-4E29-8A34-E74381E00B5B}
  69. Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
  70. Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}
  71. Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
  72. Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755}
  73. Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
  74. Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
  75. Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}
  76. Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
  77. Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}
  78. AdobeColorCommonSetCMYK-->MsiExec.exe /I{68243FF8-83CA-466B-B2B8-9F99DA5479C4}
  79. AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}
  80. Advanced SystemCare 3-->"C:\Program Files\IObit\Advanced SystemCare 3\unins000.exe"
  81. Age of Empires III - The Asian Dynasties-->C:\Program Files\InstallShield Installation Information\{C43C1415-3DFC-4089-9A32-0BECF28A6046}\install.exe -runfromtemp -l0x040c
  82. Age of Empires III - The WarChiefs-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{1C08A24C-B168-407E-A826-68FAF5F20710}
  83. Age of Empires III-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{485775E8-AEB8-46BD-922B-242879E03DD5}
  84. Analyseur et SDK MSXML 4.0 SP2-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
  85. Apple Application Support-->MsiExec.exe /I{0C34B801-6AEC-4667-B053-03A67E2D0415}
  86. Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
  87. Applian FLV Player-->"C:\Windows\Applian FLV Player\uninstall.exe" "/U:C:\Program Files\FLV Player\Uninstall\uninstall.xml"
  88. Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
  89. Assistant de connexion Windows Live ID-->MsiExec.exe /X{10A44844-4465-456E-8C97-80BDD4F68845}
  90. AusLogics BoostSpeed-->"C:\Program Files\Auslogics\AusLogics BoostSpeed\unins000.exe"
  91. AusLogics Disk Defrag 1.4-->"C:\Program Files\AusLogics Disk Defrag\unins000.exe"
  92. Autodesk 3ds Max 2008 32-bit Additional Maps and Material Libraries-->MsiExec.exe /I{EDC8D89C-DC3D-040C-ABE7-97D281C0A13A}
  93. Autodesk 3ds Max 2008 32-bit Aide-->MsiExec.exe /I{38EC4486-44FF-040C-8FFF-87DA9DCBC06B}
  94. Autodesk 3ds Max 2008 32-bit-->MsiExec.exe /I{BF658A51-6D4F-040C-8D40-D183692B995D}
  95. Autodesk Backburner 2008.0.0-->MsiExec.exe /I{3D347E6D-5A03-4342-B5BA-6A771885F379}
  96. Autosim Analyzer-->MsiExec.exe /I{6CFE816A-F472-49CC-B85D-D0A2C6013335}
  97. AVG 8.5-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
  98. Bill2's Process Manager (Désinstallation uniquement)-->C:\Program Files\Bill2's Process Manager\uninstall.exe
  99. Brasil R.S 1.2.58-->"C:\Program Files\Autodesk\3ds Max 2008\unins000.exe"
  100. Camtasia Studio 5-->MsiExec.exe /I{7BB40A22-8D98-43F9-A08A-E7EFF5AB1324}
  101. CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
  102. Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
  103. CloneCD-->"C:\Program Files\SlySoft\CloneCD\ccd-uninst.exe" /D="C:\Program Files\SlySoft\CloneCD"
  104. CloneDVD2-->"C:\Program Files\Elaborate Bytes\CloneDVD2\CloneDVD2-uninst.exe" /D="C:\Program Files\Elaborate Bytes\CloneDVD2"
  105. Connect-->MsiExec.exe /I{B29AD377-CC12-490A-A480-1452337C618D}
  106. ConvertHelper 2.2-->"C:\Program Files\ConvertHelper\unins000.exe"
  107. Creator 9-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *CREATOR9*
  108. CyberLink PowerDVD 9-->"C:\Program Files\InstallShield Installation Information\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\setup.exe" /z-uninstall
  109. CyberLink PowerDVD 9-->"C:\Program Files\InstallShield Installation Information\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\setup.exe" /z-uninstall
  110. dBpowerAMP mp3PRO Input Codec-->"C:\Windows\system32\SpoonUninstall.exe" <uninstall>C:\Windows\system32\SpoonUninstall-dBpowerAMP mp3PRO Input Codec.dat
  111. dBpowerAMP Music Converter-->"C:\Windows\system32\SpoonUninstall.exe" <uninstall>C:\Windows\system32\SpoonUninstall-dBpowerAMP Music Converter.dat
  112. dBpowerAMP Ogg Vorbis Codec-->"C:\Windows\system32\SpoonUninstall.exe" <uninstall>C:\Windows\system32\SpoonUninstall-dBpowerAMP Ogg Vorbis Codec.dat
  113. DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
  114. DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
  115. DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
  116. DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
  117. DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
  118. Download Accelerator Plus (DAP)-->C:\PROGRA~1\DAP\DAPREMOVE.EXE
  119. DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe"
  120. eMule-->"C:\Program Files\eMule\Uninstall.exe"
  121. Enregistrement Packard Bell-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *PBREG*
  122. EVEREST Ultimate Edition v5.30-->"C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
  123. FairUse Wizard 2-->"C:\Program Files\FairUse Wizard 2\un_FU-Setup_14333.exe"
  124. FBX Plugin 2006.11.1 for Max 2008-->C:\Program Files\Autodesk\FBX\FbxPlugins\2006.11.1\Max2008\Uninstall.exe
  125. FileZilla Client 3.2.8-->C:\Program Files\FileZilla FTP Client\uninstall.exe
  126. Firefox-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *FirefoxFR*
  127. Flash Player 9 Internet Explorer-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Flashplayer*
  128. Foxit Reader-->C:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe
  129. Fraps (remove only)-->"C:\Fraps\uninstall.exe"
  130. Free FLV Converter V 6.4.1-->"C:\Program Files\Free FLV Converter\unins000.exe"
  131. Free Mp3 Wma Converter V 1.81-->"C:\Program Files\Free Audio Pack\unins000.exe"
  132. Freecorder Toolbar 3.03 Application-->"C:\Windows\Freecorder Toolbar\uninstall.exe" "/U:C:\Program Files\Freecorder Toolbar\Uninstall\uninstall.xml"
  133. Futuremark SystemInfo-->C:\Program Files\InstallShield Installation Information\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}\setup.exe -runfromtemp -l0x0009 -removeonly
  134. Galerie de photos Windows Live-->MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF}
  135. Game Booster-->"C:\Program Files\IObit\Game Booster\unins000.exe"
  136. GCFScape 1.2.9-->"C:\Program Files\GCFScape\unins000.exe"
  137. GearDrvs-->MsiExec.exe /I{206FD69B-F9FE-4164-81BD-D52552BC9C23}
  138. Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
  139. Google Earth-->MsiExec.exe /X{CC016F21-3970-11DE-B878-005056806466}
  140. GTR 2 1.0.0.0-->"C:\Users\Laurent 81\Jeux\GTR2Championnat\Support\unins000.exe"
  141. GTR Evolution Demo Dedicated Server-->"C:\Program Files\Steam\steam.exe" steam://uninstall/8730
  142. GTR Evolution-->"C:\Program Files\Steam\steam.exe" steam://uninstall/8660
  143. GTR Evolution-->"C:\Users\Laurent 81\Jeux\GTR Evolution\Uninstall\unins000.exe"
  144. GTR2 AntiDeco (remove only)-->C:\Users\Laurent 81\Jeux\GTR2Championnat\AntiDeco\Uninstall GTR2 Antideco.exe
  145. GTR2 Online Functionality Patch-->"C:\Users\Laurent 81\Documents\Jeux\GTR2\Utilitaires\Patch Simbin\unins000.exe"
  146. GTRE-MotecAdd-Server-->MsiExec.exe /I{C194FC08-5E1C-4D40-BD51-C0E535A2A90F}
  147. Hamachi 1.0.3.0-->C:\Program Files\Hamachi\uninstall.exe
  148. HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
  149. Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall  /qb+ REBOOTPROMPT=""
  150. Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
  151. HP Product Assistant-->MsiExec.exe /I{36FDBE6E-6684-462B-AE98-9A39A1B200CC}
  152. HP Smart Web Printing-->msiexec /i{BE9880CD-73A9-4EFD-83E5-4BB38D48E2BD}
  153. HP Update-->MsiExec.exe /X{FE57DE70-95DE-4B64-9266-84DA811053DB}
  154. HPSSupply-->MsiExec.exe /X{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}
  155. Infocentre Rev. 2.0-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Infocentre*
  156. Install Creator Pro-->C:\Program Files\Install Creator Pro\Uninstal.exe
  157. Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
  158. Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
  159. IZArc 3.81-->"C:\Program Files\IZArc\unins000.exe"
  160. Java(TM) 6 Update 15-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216015FF}
  161. Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
  162. Keyboard FIJI-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *FIJI*
  163. K-Lite Codec Pack 5.0.0 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
  164. kuler-->MsiExec.exe /I{098727E1-775A-4450-B573-3F441F1CA243}
  165. Logitech Gaming Software 5.08-->MsiExec.exe /X{33BC9D7E-E790-495E-A4EA-CFB160C17A91}
  166. Ma-Config.com-->MsiExec.exe /X{425FFD94-36BD-4933-881B-FE0B9DADF2B7}
  167. Mafia Game-->C:\Windows\system32\MafiaSetup.exe
  168. Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
  169. MediaCoder 0.6.0-->C:\Program Files\MediaCoder\uninst.exe
  170. MediaInfo 0.7.20-->C:\Program Files\MediaInfo\uninst.exe
  171. Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
  172. Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
  173. Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
  174. Microsoft Age of Empires II : The Conquerors Expansion-->"D:\Age of Empires II\UNINSTALX.EXE" /runtemp /addremove
  175. Microsoft Age of Empires II-->"D:\Age of Empires II\UNINSTAL.EXE" /runtemp /uninstall
  176. Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}
  177. Microsoft Games for Windows - LIVE-->MsiExec.exe /X{F112F66E-25CA-42DD-983C-6118EB38F606}
  178. Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
  179. Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
  180. Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
  181. Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
  182. Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
  183. Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
  184. Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
  185. Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
  186. Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
  187. Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
  188. Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
  189. Microsoft Office FrontPage 2003-->MsiExec.exe /I{9017040C-6000-11D3-8CFE-0150048383C9}
  190. Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
  191. Microsoft Office Live Add-in 1.4-->MsiExec.exe /I{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}
  192. Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0120-040C-0000-0000000FF1CE}
  193. Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
  194. Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
  195. Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
  196. Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
  197. Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
  198. Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
  199. Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
  200. Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
  201. Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
  202. Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
  203. Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}
  204. Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
  205. Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
  206. Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
  207. Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
  208. Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
  209. Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
  210. Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
  211. Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
  212. Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
  213. Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
  214. Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
  215. Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
  216. Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
  217. Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
  218. Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
  219. Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
  220. Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
  221. Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
  222. Microsoft Windows Media Video 9 VCM-->RunDll32 advpack.dll,LaunchINFSection C:\Windows\INF\wmv9vcm.inf, Uninstall
  223. Mise à jour Microsoft Office Excel 2007 Help  (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}
  224. Mise à jour Microsoft Office Outlook 2007 Help  (KB963677)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {51EFB347-1F3D-4BAC-8B79-F056B904FE21}
  225. Mise à jour Microsoft Office Powerpoint 2007 Help  (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3}
  226. Mise à jour Microsoft Office Word 2007 Help  (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223}
  227. Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
  228. Monopoly Deluxe-->"C:\Program Files\Zylom Games\Monopoly Deluxe\GameInstlr.exe" --uninstall UnInstall.log
  229. Mozilla Firefox (3.0.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
  230. MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
  231. MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
  232. MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
  233. MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
  234. MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
  235. Mumble and Murmur-->C:\Program Files\Mumble\Uninstall.exe
  236. neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
  237. Neuf - Kit de connexion-->C:\Program Files\Neuf\Kit\uninstall.exe
  238. Nokia Connectivity Cable Driver-->MsiExec.exe /I{52D02A2B-03D2-4E34-A358-DC5D951FD296}
  239. Nokia PC Suite-->C:\ProgramData\Installations\{55495E65-7C5B-48E4-BC7D-DE54F3DE5ED6}\Nokia_PC_Suite_7_1_30_8_fre.exe
  240. Nokia PC Suite-->MsiExec.exe /I{55495E65-7C5B-48E4-BC7D-DE54F3DE5ED6}
  241. Nokia Software Updater-->MsiExec.exe /X{7169FA93-66C2-43BD-86E0-CD332A686B29}
  242. Norton 360-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *N360_2007_FR*
  243. Norton 360-->MsiExec.exe /I{63A6E9A9-A190-46D4-9430-2DB28654AFD8}
  244. Notepad++-->C:\Program Files\Notepad++\uninstall.exe
  245. NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI
  246. NVIDIA PhysX-->MsiExec.exe /X{5DB65884-C963-4454-AABA-4CA3089281FA}
  247. NVIDIA Stereoscopic 3D Driver-->"C:\Program Files\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
  248. Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
  249. Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
  250. Package de pilotes Windows - Nokia Modem  (06/01/2009 4.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokia_bluetooth.inf_44b2e2d6\nokia_bluetooth.inf
  251. Package de pilotes Windows - Nokia Modem  (06/01/2009 7.01.0.3)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokbtmdm.inf_34a3d799\nokbtmdm.inf
  252. Package de pilotes Windows - Nokia pccsmcfd  (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\Windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf
  253. Packard Bell ImageWriter-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *ImageWriter*
  254. Packard Bell LCD Test-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *LCDTest*
  255. Packard Bell Updator-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Updator*
  256. PC Connectivity Solution-->MsiExec.exe /I{0C973594-7DDF-4BD0-84ED-3517F7622037}
  257. PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}
  258. PDFCreator-->C:\Program Files\PDFCreator\unins000.exe
  259. Photoshop Camera Raw-->MsiExec.exe /I{CC75AB5C-2110-4A7F-AF52-708680D22FE8}
  260. Power&Glory, The IROCs (remove only)-->"C:\Users\Laurent 81\Jeux\GTR2\Power&Glory, The IROCs-uninst.exe"
  261. QuickTime-->MsiExec.exe /I{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}
  262. RACE 07 Demo - Crowne Plaza Raceway edition-->"C:\Program Files\Steam\steam.exe" steam://uninstall/8670
  263. Race On-->"D:\RaceON\Uninstall\unins000.exe"
  264. RAD Video Tools-->"C:\Program Files\RADVideo\uninstall.exe"
  265. Razer Habu Config-->C:\Program Files\InstallShield Installation Information\{32CF189D-52BB-4C1C-8F93-97E8F3CDDC95}\setup.exe -runfromtemp -l0x040c -removeonly
  266. Readon TV Movie Radio Player 5.5.5.0-->MsiExec.exe /I{0FD95BFA-44E8-4AD5-954E-3407ADD55B06}
  267. RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
  268. Realtek HD Audio V6.0.1.5334-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *AUDIO_REALTEK*
  269. Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
  270. Reload Post Maker-->"C:\Program Files\Reload Post Maker\Uninstall_Reload Post Maker\Uninstall Reload Post Maker.exe"
  271. Remote Administrator v2.2-->C:\Program Files\Radmin\uninstal.exe
  272. Replay Media Catcher 3.01-->"C:\Windows\Replay Media Catcher\uninstall.exe" "/U:C:\Program Files\Replay Media Catcher\Uninstall\uninstall.xml"
  273. rFactor (remove only)-->"D:\rFactorEndurance\Uninstall.exe"
  274. Riva FLV Encoder 2.0-->"C:\Program Files\Riva\Riva FLV Encoder 2.0\unins000.exe"
  275. Roxio Creator 9 LE-->MsiExec.exe /I{B7FB0C86-41A4-4402-9A33-912C462042A0}
  276. Roxio Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
  277. Secunia PSI-->"C:\Program Files\Secunia\PSI\uninstall.exe"
  278. Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
  279. Security Update for 2007 Microsoft Office System (KB969679)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C66E4A6C-6E07-4C63-8CCD-2493B5087C73}
  280. Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
  281. Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
  282. Security Update for Microsoft Office Excel 2007 (KB969682)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C03803BD-745A-46F8-8557-817DED578780}
  283. Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0}
  284. Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
  285. Security Update for Microsoft Office Publisher 2007 (KB969693)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E}
  286. Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
  287. Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
  288. Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
  289. Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
  290. Security Update for Microsoft Office Word 2007 (KB969604)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {CF3D6499-709C-43D0-8908-BC5652656050}
  291. SetUp My PC-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *SETUPMYPC_FR*
  292. Shockwave player 10-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Shockwave*
  293. Shuangs Audio Joiner 1.0-->"C:\Program Files\Shuangs Audio Joiner\unins000.exe"
  294. Skype 2.5.2.151-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *SKYPE*
  295. Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}
  296. Spelling_on_IE_Context_Menu-->wscript.exe  "C:\Windows\web\Uninstall_Spell_It.vbs"
  297. Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
  298. Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
  299. Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434}
  300. SwarmPlayer (remove only)-->C:\Program Files\SwarmPlayer\Uninstall.exe
  301. System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
  302. TeamSpeak 2 RC2-->"C:\Program Files\Teamspeak2_RC2\unins000.exe"
  303. TomTom HOME 2.6.2.1586-->C:\Program Files\TomTom HOME 2\Uninstall TomTom HOME.exe
  304. TomTom HOME Visual Studio Merge Modules-->MsiExec.exe /I{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}
  305. Top Spin 2-->MsiExec.exe /I{4D5B5CDD-77BD-48FB-8E2C-42A41ADC7CEC}
  306. TrackSet MONO-HistoricGT 2009/2010 v2.0-->C:\Users\Laurent 81\Jeux\rFactor\Désinstaller TrackSet Mono HistoricGT 2009-2010 v2.0.exe
  307. Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
  308. Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
  309. Update for Outlook 2007 Junk Email Filter (KB974810)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C05FBAD5-A211-4E86-BB51-7E07B80C9233}
  310. VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
  311. Ventrilo Client-->MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
  312. Video NVIDIA v162.22-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *VIDEO_NVIDIA*
  313. VideoAvatar-->"C:\Program Files\GeoVid\Video Avatar\unins000.exe"
  314. Viewpoint Manager (Remove Only)-->C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgrInstaller.exe /u /k
  315. Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Media Player\MtsAxInstaller.exe /u
  316. VirtualDub 1.8.8 Fr-->"C:\Users\Laurent 81\Documents\Utilitaires\VirtualDub\unins000.exe"
  317. VirtualDub Plugin Pack 1.0.0.6 Fr-->"C:\Users\Laurent 81\Documents\Utilitaires\VirtualDub\unins001.exe"
  318. VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
  319. Vuze-->C:\Program Files\Vuze\uninstall.exe
  320. WebExpert 6-->"C:\Program Files\Visicom Media\WebExpert 6\uninst-web.exe"
  321. Win AVI HelixSDK-->"C:\Program Files\WinAVI Video Converter\HelixSDK\unins000.exe"
  322. WinAVI Video Converter 8.0-->"C:\Program Files\WinAVI Video Converter\unins000.exe"
  323. Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
  324. Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
  325. Windows Live Contrôle parental-->MsiExec.exe /X{D6A2DDE3-9D7C-412C-932A-756580D29919}
  326. Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}
  327. Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
  328. Windows Live Sync-->MsiExec.exe /X{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}
  329. Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
  330. Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1}
  331. Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
  332. WinSCP 4.1.9-->"C:\Program Files\WinSCP\unins000.exe"
  333. xat.com JPEG Optimizer-->"C:\Program Files\xat.com JPEG Optimizer\uninstall.exe"
  334. XnView 1.95.4-->"C:\Program Files\XnView\unins000.exe"
  336. ======Hosts File======
  338.   127.0.0.1 activate.adobe.com
  339.   81.3.59.61 www.gtl-server.net
  341. ======Security center information======
  343. AS: Spybot - Search and Destroy
  344. AS: Windows Defender
  346. ======System event log======
  348. Computer Name: PC-de-Laurent81
  349. Event Code: 7000
  350. Message: Le service adfs n'a pas pu démarrer en raison de l'erreur :
  351. Le fichier spécifié est introuvable.
  352. Record Number: 79063
  353. Source Name: Service Control Manager
  354. Time Written: 20090320063835.000000-000
  355. Event Type: Erreur
  356. User:
  358. Computer Name: PC-de-Laurent81
  359. Event Code: 7000
  360. Message: Le service Parallel port driver n'a pas pu démarrer en raison de l'erreur :
  361. Le service ne peut pas être démarré parce qu'il est désactivé ou qu'aucun périphérique activé ne lui est associé.
  362. Record Number: 79062
  363. Source Name: Service Control Manager
  364. Time Written: 20090320063835.000000-000
  365. Event Type: Erreur
  366. User:
  368. Computer Name: PC-de-Laurent81
  369. Event Code: 15016
  370. Message: Impossible d’initialiser le package de sécurité Kerberos pour l’authentification côté serveur. Le champ de données contient le numéro de l’erreur.
  371. Record Number: 79020
  372. Source Name: Microsoft-Windows-HttpEvent
  373. Time Written: 20090320063802.127739-000
  374. Event Type: Erreur
  375. User:
  377. Computer Name: PC-de-Laurent81
  378. Event Code: 46
  379. Message: L'initialisation du fichier de vidage sur incident a échoué.
  380. Record Number: 79018
  381. Source Name: volmgr
  382. Time Written: 20090320063752.209300-000
  383. Event Type: Erreur
  384. User:
  386. Computer Name: PC-de-Laurent81
  387. Event Code: 46
  388. Message: L'initialisation du fichier de vidage sur incident a échoué.
  389. Record Number: 79011
  390. Source Name: volmgr
  391. Time Written: 20090320063743.582445-000
  392. Event Type: Erreur
  393. User:
  395. =====Application event log=====
  397. Computer Name: PC-de-Laurent81
  398. Event Code: 508
  399. Message: wuaueng.dll (900) SUS20ClientDataStore: Une requête pour lire à partir du fichier "C:\Windows\SoftwareDistribution\DataStore\Logs\edbtmp.log" à l'offset 0 (0x0000000000000000) pour 4096 (0x00001000) octets a réussi mais a pris un temps anormalement long (60 secondes) pour être traité par le système d'exploitation. Ce problème peut être causé par du matériel défaillant. Contactez le fabricant de votre matériel afin d'obtenir plus d'aide pour diagnostiquer le problème.
  400. Record Number: 393
  401. Source Name: ESENT
  402. Time Written: 20080715195034.000000-000
  403. Event Type: Avertissement
  404. User:
  406. Computer Name: PC-de-Laurent81
  407. Event Code: 5007
  408. Message: Impossible d’analyser le fichier cible de la plateforme de signalement de problèmes Windows (fichier DLL contenant la liste des problèmes de l’ordinateur et nécessitant la collecte de données supplémentaires à des fins de diagnostic). Le code d’erreur était : 8014FFF9.
  409. Record Number: 363
  410. Source Name: WerSvc
  411. Time Written: 20080715194221.000000-000
  412. Event Type: Erreur
  413. User:
  415. Computer Name: PC-de-Laurent81
  416. Event Code: 1008
  417. Message: Le service Windows Search tente de supprimer l’ancien catalogue.
  419. Record Number: 358
  420. Source Name: Microsoft-Windows-Search
  421. Time Written: 20080715194117.000000-000
  422. Event Type: Avertissement
  423. User:
  425. Computer Name: LH-B3F1JZ941RDX
  426. Event Code: 4440
  427. Message: Le fichier journal du CRM a initialement été créé sur un ordinateur ne portant pas le même nom. Il a été mis à jour avec le nom de l'ordinateur actuel. Si cet avertissement s'affiche lorsque le nom de l'ordinateur a été modifié, aucune action supplémentaire n'est requise. LH-B3F1JZ941RDX
  429. ID de l'application serveur : {02D4B3F1-FD88-11D1-960D-00805FC79235}
  430. ID d'instance d'application serveur :
  431. {6701E220-12F1-4CED-A892-A1F371E25398}
  432. Nom de l'application serveur : System Application
  433. Version du fichier Comsvcs.dll : ENU 2001.12.6930.16386 shp
  434. Record Number: 332
  435. Source Name: Microsoft-Windows-Complus
  436. Time Written: 20080715193641.000000-000
  437. Event Type: Avertissement
  438. User:
  440. Computer Name: LH-B3F1JZ941RDX
  441. Event Code: 5007
  442. Message: Impossible d’analyser le fichier cible de la plateforme de signalement de problèmes Windows (fichier DLL contenant la liste des problèmes de l’ordinateur et nécessitant la collecte de données supplémentaires à des fins de diagnostic). Le code d’erreur était : 8014FFF9.
  443. Record Number: 330
  444. Source Name: WerSvc
  445. Time Written: 20080715193607.000000-000
  446. Event Type: Erreur
  447. User:
  449. =====Security event log=====
  451. Computer Name: PC-de-Laurent81
  452. Event Code: 4608
  453. Message: Windows démarre.
  455. Cet événement est journalisé lorsque LSASS.EXE démarre et que le sous-système d’audit est initialisé.
  456. Record Number: 21677
  457. Source Name: Microsoft-Windows-Security-Auditing
  458. Time Written: 20090122084127.547722-000
  459. Event Type: Succès de l'audit
  460. User:
  462. Computer Name: PC-de-Laurent81
  463. Event Code: 4634
  464. Message: Fermeture de session d’un compte.
  466. Sujet :
  467.     ID de sécurité :        S-1-5-7
  468.     Nom du compte :        ANONYMOUS LOGON
  469.     Domaine du compte :        AUTORITE NT
  470.     ID du compte :        0x3905f
  472. Type d’ouverture de session :            3
  474. Cet événement est généré lorsqu’une session ouverte est supprimée. Il peut être associé à un événement d’ouverture de session en utilisant la valeur ID d’ouverture de session. Les ID d’ouverture de session ne sont uniques qu’entre les redémarrages sur un même ordinateur.
  475. Record Number: 21676
  476. Source Name: Microsoft-Windows-Security-Auditing
  477. Time Written: 20090122084036.838800-000
  478. Event Type: Succès de l'audit
  479. User:
  481. Computer Name: PC-de-Laurent81
  482. Event Code: 1108
  483. Message: Le service de journalisation des événements a rencontré une erreur lors du traitement d’un événement entrant publié à partir de Microsoft-Windows-Security-Auditing.
  484. Record Number: 21675
  485. Source Name: Microsoft-Windows-Eventlog
  486. Time Written: 20090122084036.792000-000
  487. Event Type: Succès de l'audit
  488. User:
  490. Computer Name: PC-de-Laurent81
  491. Event Code: 1108
  492. Message: Le service de journalisation des événements a rencontré une erreur lors du traitement d’un événement entrant publié à partir de Microsoft-Windows-Security-Auditing.
  493. Record Number: 21674
  494. Source Name: Microsoft-Windows-Eventlog
  495. Time Written: 20090122084036.792000-000
  496. Event Type: Succès de l'audit
  497. User:
  499. Computer Name: PC-de-Laurent81
  500. Event Code: 1100
  501. Message: Le service d’enregistrement des événements a été arrêté.
  502. Record Number: 21673
  503. Source Name: Microsoft-Windows-Eventlog
  504. Time Written: 20090122084036.698400-000
  505. Event Type: Succès de l'audit
  506. User:
  508. ======Environment variables======
  510. "ComSpec"=%SystemRoot%\system32\cmd.exe
  511. "FP_NO_HOST_CHECK"=NO
  512. "OS"=Windows_NT
  513. "Path"=%CommonProgramFiles%\Microsoft Shared\Windows Live;C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\Program Files\Common Files\Autodesk Shared\;C:\Program Files\Autodesk\Backburner\;C:\Program Files\Common Files\DivX Shared\;C:\Program Files\QuickTime\QTSystem\
  514. "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
  515. "PROCESSOR_ARCHITECTURE"=x86
  516. "TEMP"=%SystemRoot%\TEMP
  517. "TMP"=%SystemRoot%\TEMP
  518. "USERNAME"=SYSTEM
  519. "windir"=%SystemRoot%
  520. "PROCESSOR_LEVEL"=6
  521. "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 11, GenuineIntel
  522. "PROCESSOR_REVISION"=0f0b
  523. "NUMBER_OF_PROCESSORS"=4
  524. "RoxioCentral"=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
  525. "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
  526. "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
  528. -----------------EOF-----------------



[cpp]Logfile of random's system information tool 1.06 (written by random/random)
Run by Laurent 81 at 2009-10-16 23:56:40
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
System drive C: has 60 GB (26%) free of 230 GB
Total RAM: 3070 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:56:47, on 16/10/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Packard Bell\FIJI\ABoard.exe
C:\Program Files\Packard Bell\FIJI\AOSD.exe
C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files\CyberLink\Shared Files\brs.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Logitech\Gaming Software\LWEMon.exe
C:\Program Files\Razer\Habu\razerhid.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Bill2's Process Manager\ProcessManager.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Razer\Habu\razerofa.exe
C:\Program Files\Auslogics\AusLogics BoostSpeed\BoostSpeed.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DAP\DAP.exe
C:\Program Files\PDFCreator\PDFCreator.exe
C:\Program Files\Secunia\PSI\psi.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Laurent 81\Desktop\RSIT.exe
C:\Users\Laurent 81\Desktop\Laurent 81.exe
C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ch/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = file://C:/Users/Laurent 81/Desktop/Streamy/workspace/.metadata/.plugins/com.migniot.streamy.Browser/proxy.pac
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: 81.3.59.61 www.gtl-server.net
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: DAPIELoader Class - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~1\DAP\dapieloader.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [ACTIVBOARD] C:\Program Files\Packard Bell\FIJI\aboard.exe
O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe"
O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
O4 - HKLM\..\Run: [Habu] C:\Program Files\Razer\Habu\razerhid.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Microsoft Backup] C:\Windows\System32\svkhost.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [ProcessManager] C:\Program Files\Bill2's Process Manager\ProcessManager.exe -minimized
O4 - HKCU\..\Run: [Auslogics BoostSpeed 4] C:\Program Files\Auslogics\AusLogics BoostSpeed\boostspeed.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
O4 - HKCU\..\Run: [Microsoft Backup] C:\Windows\System32\svkhost.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: PDFCreator.lnk = C:\Program Files\PDFCreator\PDFCreator.exe
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: http://www.otaugames.com
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://www.ma-config.com/activex/MaConfig_3_1_2_1.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Service Google Update (gupdate1c9d4e1d4f5abd0) (gupdate1c9d4e1d4f5abd0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: mental ray 3.6 Satellite for Autodesk 3ds Max 2008 32-bit 32-bit (mi-raysat_3dsMax2008_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2008\mentalray\satellite\raysat_3dsMax2008_32server.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 12404 bytes

======Scheduled tasks folder======

C:\Windows\tasks\AWC Startup.job
C:\Windows\tasks\Google Software Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\NeroLiveEpgUpdate-PC-de-Laurent81_Laurent-81.job
C:\Windows\tasks\User_Feed_Synchronization-{832B8A95-4918-467A-BBC8-ED327AC0ECB8}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-10-16 1111320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-05-15 668656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-08-08 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}]
DAPIELoader Class - C:\PROGRA~1\DAP\dapieloader.dll [2009-04-06 140880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2008-10-15 505136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-01-09 4186112]
"RoxWatchTray"=C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2007-01-11 232184]
"toolbar_eula_launcher"=C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe [2007-02-20 28672]
"ACTIVBOARD"=C:\Program Files\Packard Bell\FIJI\aboard.exe [2007-01-18 79416]
"RemoteControl9"=C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe [2009-02-16 87336]
"PDVD9LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe [2008-10-13 50472]
"BDRegion"=C:\Program Files\Cyberlink\Shared Files\brs.exe [2009-02-28 75048]
"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2009-03-11 611712]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-08-08 149280]
"CloneCDTray"=C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2009-01-30 57344]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2009-09-16 153608]
"Habu"=C:\Program Files\Razer\Habu\razerhid.exe [2007-05-11 176128]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-10-16 2023704]
"Microsoft Backup"=C:\Windows\System32\svkhost.exe [2005-10-12 9325568]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"SmpcSys"=C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe [2007-07-19 1120568]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-02-06 3885408]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
"ProcessManager"=C:\Program Files\Bill2's Process Manager\ProcessManager.exe [2009-05-30 1830912]
"Auslogics BoostSpeed 4"=C:\Program Files\Auslogics\AusLogics BoostSpeed\boostspeed.exe [2008-06-23 361072]
"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-04-08 251240]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]
"DownloadAccelerator"=C:\Program Files\DAP\DAP.EXE [2009-08-07 2754048]
"Microsoft Backup"=C:\Windows\System32\svkhost.exe [2005-10-12 9325568]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
PDFCreator.lnk - C:\Program Files\PDFCreator\PDFCreator.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="avgrsstx.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=0
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c5c1c377-42d3-11de-9200-001d609582e7}]
shell\AutoRun\command - K:\Autorun.exe


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2009-10-16 23:56:40 ----D---- C:\rsit
2009-10-16 23:13:57 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-10-16 23:13:57 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-10-16 22:52:21 ----A---- C:\SDFix.exe
2009-10-16 22:33:49 ----D---- C:\Windows\pss
2009-10-16 22:15:02 ----D---- C:\SDFix
2009-10-16 17:49:15 ----D---- C:\Windows\BDOSCAN8
2009-10-16 14:39:48 ----HD---- C:\$AVG8.VAULT$
2009-10-16 13:34:14 ----D---- C:\Users\Laurent 81\AppData\Roaming\AVG8
2009-10-16 13:20:35 ----A---- C:\Windows\system32\avgrsstx.dll
2009-10-16 13:20:19 ----D---- C:\ProgramData\avg8
2009-10-16 13:20:19 ----D---- C:\Program Files\AVG
2009-10-14 12:20:54 ----D---- C:\Users\Laurent 81\AppData\Roaming\Hamachi
2009-10-14 12:20:32 ----D---- C:\Program Files\Hamachi
2009-10-14 07:20:37 ----A---- C:\Windows\system32\mshtml.dll
2009-10-14 07:20:36 ----A---- C:\Windows\system32\ieframe.dll
2009-10-14 07:20:35 ----A---- C:\Windows\system32\wininet.dll
2009-10-14 07:20:35 ----A---- C:\Windows\system32\urlmon.dll
2009-10-14 07:20:35 ----A---- C:\Windows\system32\occache.dll
2009-10-14 07:20:35 ----A---- C:\Windows\system32\msfeeds.dll
2009-10-14 07:20:35 ----A---- C:\Windows\system32\iertutil.dll
2009-10-14 07:20:34 ----A---- C:\Windows\system32\iedkcs32.dll
2009-10-14 07:20:33 ----A---- C:\Windows\system32\msfeedssync.exe
2009-10-14 07:20:33 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-10-14 07:20:33 ----A---- C:\Windows\system32\jsproxy.dll
2009-10-14 07:20:33 ----A---- C:\Windows\system32\ieUnatt.exe
2009-10-14 07:20:33 ----A---- C:\Windows\system32\ieui.dll
2009-10-14 07:20:33 ----A---- C:\Windows\system32\iesysprep.dll
2009-10-14 07:20:33 ----A---- C:\Windows\system32\iesetup.dll
2009-10-14 07:20:33 ----A---- C:\Windows\system32\iernonce.dll
2009-10-14 07:20:33 ----A---- C:\Windows\system32\iepeers.dll
2009-10-14 07:20:33 ----A---- C:\Windows\system32\ie4uinit.exe
2009-10-14 07:20:20 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-10-14 07:20:20 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-10-14 07:20:18 ----A---- C:\Windows\system32\msv1_0.dll
2009-10-14 07:20:16 ----A---- C:\Windows\system32\msasn1.dll
2009-10-14 07:18:18 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2009-10-12 14:12:17 ----D---- C:\Program Files\Readon Technology
2009-10-12 14:01:26 ----D---- C:\ProgramData\Electronic Arts
2009-10-11 13:06:54 ----D---- C:\ProgramData\PC Drivers HeadQuarters
2009-10-07 20:55:04 ----D---- C:\Program Files\Razer
2009-10-06 22:57:19 ----A---- C:\Windows\system32\cohelper.dll
2009-10-06 12:17:18 ----A---- C:\Windows\system32\wups2.dll
2009-10-06 12:17:18 ----A---- C:\Windows\system32\wucltux.dll
2009-10-06 12:17:18 ----A---- C:\Windows\system32\wuaueng.dll
2009-10-06 12:17:18 ----A---- C:\Windows\system32\wuauclt.exe
2009-10-06 12:17:06 ----A---- C:\Windows\system32\wups.dll
2009-10-06 12:17:06 ----A---- C:\Windows\system32\wudriver.dll
2009-10-06 12:17:06 ----A---- C:\Windows\system32\wuapi.dll
2009-10-06 12:17:03 ----A---- C:\Windows\system32\wuwebv.dll
2009-10-06 12:17:03 ----A---- C:\Windows\system32\wuapp.exe
2009-10-03 19:46:02 ----D---- C:\Users\Laurent 81\AppData\Roaming\.Tribler
2009-10-03 19:46:02 ----D---- C:\Users\Laurent 81\AppData\Roaming\.SwarmPlayer
2009-10-03 19:45:23 ----D---- C:\Program Files\SwarmPlayer
2009-10-03 14:51:55 ----D---- C:\Program Files\Lavalys
2009-10-03 02:05:40 ----N---- C:\Windows\system32\MpSigStub.exe
2009-09-27 17:47:30 ----A---- C:\Windows\system32\nvcpluir.dll
2009-09-27 17:47:30 ----A---- C:\Windows\system32\nvcplui.exe
2009-09-27 17:47:00 ----A---- C:\Windows\system32\nvwssr.dll
2009-09-27 17:47:00 ----A---- C:\Windows\system32\nvwss.dll
2009-09-27 17:47:00 ----A---- C:\Windows\system32\nvvsvc.exe
2009-09-27 17:47:00 ----A---- C:\Windows\system32\nvvitvsr.dll
2009-09-27 17:47:00 ----A---- C:\Windows\system32\nvvitvs.dll
2009-09-27 17:47:00 ----A---- C:\Windows\system32\nvsvsr.dll
2009-09-27 17:47:00 ----A---- C:\Windows\system32\nvsvs.dll
2009-09-27 17:47:00 ----A---- C:\Windows\system32\nvsvcr.dll
2009-09-27 17:47:00 ----A---- C:\Windows\system32\nvsvc.dll
2009-09-27 17:47:00 ----A---- C:\Windows\system32\nvmoblsr.dll
2009-09-27 17:47:00 ----A---- C:\Windows\system32\nvmobls.dll
2009-09-27 17:47:00 ----A---- C:\Windows\system32\nvmctray.dll
2009-09-27 17:47:00 ----A---- C:\Windows\system32\nvmccssr.dll
2009-09-27 17:47:00 ----A---- C:\Windows\system32\nvmccss.dll
2009-09-27 17:47:00 ----A---- C:\Windows\system32\nvgamesr.dll
2009-09-27 17:47:00 ----A---- C:\Windows\system32\nvgames.dll
2009-09-27 17:47:00 ----A---- C:\Windows\system32\nvdispsr.dll
2009-09-27 17:46:00 ----A---- C:\Windows\system32\nvdisps.dll
2009-09-27 17:46:00 ----A---- C:\Windows\system32\nvcpl.dll
2009-09-27 16:12:22 ----A---- C:\Windows\system32\nvwgf2um.dll
2009-09-27 16:12:22 ----A---- C:\Windows\system32\nvudisp.exe
2009-09-27 16:12:22 ----A---- C:\Windows\system32\nvoglv32.dll
2009-09-27 16:12:22 ----A---- C:\Windows\system32\nvcuvid.dll
2009-09-27 16:12:22 ----A---- C:\Windows\system32\nvcuvenc.dll
2009-09-27 16:12:22 ----A---- C:\Windows\system32\nvcuda.dll
2009-09-27 16:12:22 ----A---- C:\Windows\system32\nvcod167.dll
2009-09-27 16:12:22 ----A---- C:\Windows\system32\nvcod.dll
2009-09-27 16:12:22 ----A---- C:\Windows\system32\dpinst.exe
2009-09-27 11:41:50 ----D---- C:\Program Files\Logitech
2009-09-26 11:23:28 ----D---- C:\Program Files\WinAVI Video Converter
2009-09-26 11:03:10 ----D---- C:\Program Files\Common Files\AVSMedia
2009-09-26 11:03:10 ----A---- C:\Windows\system32\msvcp70.dll
2009-09-26 11:03:10 ----A---- C:\Windows\system32\mfc70.dll
2009-09-26 11:03:09 ----D---- C:\Program Files\AVSMedi

Répondre à Laurent81
Laurent81   17-10-2009 à 00:13:32
- 0 +

Il semblerait que le fichier Log.txt soit incomplet, je te le reposte.:

Code :
  1. Logfile of random's system information tool 1.06 (written by random/random)
  2. Run by Laurent 81 at 2009-10-16 23:56:40
  3. Microsoft® Windows Vista™ Édition Familiale Premium  Service Pack 2
  4. System drive C: has 60 GB (26%) free of 230 GB
  5. Total RAM: 3070 MB (51% free)
  7. Logfile of Trend Micro HijackThis v2.0.2
  8. Scan saved at 23:56:47, on 16/10/2009
  9. Platform: Windows Vista SP2 (WinNT 6.00.1906)
  10. MSIE: Internet Explorer v8.00 (8.00.6001.18828)
  11. Boot mode: Normal
  13. Running processes:
  14. C:\Windows\system32\Dwm.exe
  15. C:\Windows\Explorer.EXE
  16. C:\Program Files\Internet Explorer\iexplore.exe
  17. C:\Windows\system32\taskeng.exe
  18. C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
  19. C:\Program Files\Windows Defender\MSASCui.exe
  20. C:\Windows\RtHDVCpl.exe
  21. C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
  22. C:\Program Files\Packard Bell\FIJI\ABoard.exe
  23. C:\Program Files\Packard Bell\FIJI\AOSD.exe
  24. C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
  25. C:\Program Files\CyberLink\Shared Files\brs.exe
  26. C:\Program Files\Java\jre6\bin\jusched.exe
  27. C:\Program Files\Logitech\Gaming Software\LWEMon.exe
  28. C:\Program Files\Razer\Habu\razerhid.exe
  29. C:\Program Files\AVG\AVG8\avgtray.exe
  30. C:\Program Files\Windows Sidebar\sidebar.exe
  31. C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
  32. C:\Program Files\Windows Live\Messenger\msnmsgr.exe
  33. C:\Windows\ehome\ehtray.exe
  34. C:\Program Files\Bill2's Process Manager\ProcessManager.exe
  35. C:\Windows\ehome\ehmsas.exe
  36. C:\Program Files\Razer\Habu\razerofa.exe
  37. C:\Program Files\Auslogics\AusLogics BoostSpeed\BoostSpeed.exe
  38. C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
  39. C:\Program Files\Windows Media Player\wmpnscfg.exe
  40. C:\Program Files\DAEMON Tools Lite\daemon.exe
  41. C:\Program Files\Windows Sidebar\sidebar.exe
  42. C:\Program Files\DAP\DAP.exe
  43. C:\Program Files\PDFCreator\PDFCreator.exe
  44. C:\Program Files\Secunia\PSI\psi.exe
  45. C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
  46. C:\Program Files\Mozilla Firefox\firefox.exe
  47. C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
  48. C:\Windows\system32\SearchFilterHost.exe
  49. C:\Users\Laurent 81\Desktop\RSIT.exe
  50. C:\Users\Laurent 81\Desktop\Laurent 81.exe
  51. C:\Windows\system32\DllHost.exe
  53. R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
  54. R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ch/
  55. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
  56. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
  57. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  58. R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
  59. R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
  60. R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
  61. R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
  62. R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = file://C:/Users/Laurent 81/Desktop/Streamy/workspace/.metadata/.plugins/com.migniot.streamy.Browser/proxy.pac
  63. R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
  64. R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
  65. O1 - Hosts: 81.3.59.61 www.gtl-server.net
  66. O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
  67. O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
  68. O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
  69. O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
  70. O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
  71. O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
  72. O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
  73. O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
  74. O2 - BHO: DAPIELoader Class - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~1\DAP\dapieloader.dll
  75. O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
  76. O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
  77. O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
  78. O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
  79. O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
  80. O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
  81. O4 - HKLM\..\Run: [ACTIVBOARD] C:\Program Files\Packard Bell\FIJI\aboard.exe
  82. O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe"
  83. O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe"
  84. O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe
  85. O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
  86. O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
  87. O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
  88. O4 - HKLM\..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
  89. O4 - HKLM\..\Run: [Habu] C:\Program Files\Razer\Habu\razerhid.exe
  90. O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
  91. O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
  92. O4 - HKLM\..\Run: [Microsoft Backup] C:\Windows\System32\svkhost.exe
  93. O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
  94. O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
  95. O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
  96. O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
  97. O4 - HKCU\..\Run: [ProcessManager] C:\Program Files\Bill2's Process Manager\ProcessManager.exe -minimized
  98. O4 - HKCU\..\Run: [Auslogics BoostSpeed 4] C:\Program Files\Auslogics\AusLogics BoostSpeed\boostspeed.exe
  99. O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
  100. O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
  101. O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
  102. O4 - HKCU\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
  103. O4 - HKCU\..\Run: [Microsoft Backup] C:\Windows\System32\svkhost.exe
  104. O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
  105. O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
  106. O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
  107. O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
  108. O4 - Global Startup: PDFCreator.lnk = C:\Program Files\PDFCreator\PDFCreator.exe
  109. O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
  110. O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
  111. O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
  112. O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
  113. O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
  114. O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
  115. O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
  116. O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
  117. O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
  118. O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
  119. O13 - Gopher Prefix:
  120. O15 - Trusted Zone: http://www.otaugames.com
  121. O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
  122. O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://www.ma-config.com/activex/MaConfig_3_1_2_1.cab
  123. O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
  124. O20 - AppInit_DLLs: avgrsstx.dll
  125. O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
  126. O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
  127. O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
  128. O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
  129. O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
  130. O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
  131. O23 - Service: Service Google Update (gupdate1c9d4e1d4f5abd0) (gupdate1c9d4e1d4f5abd0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
  132. O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
  133. O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
  134. O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
  135. O23 - Service: mental ray 3.6 Satellite for Autodesk 3ds Max 2008 32-bit 32-bit (mi-raysat_3dsMax2008_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2008\mentalray\satellite\raysat_3dsMax2008_32server.exe
  136. O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
  137. O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
  138. O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
  139. O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
  140. O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
  141. O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
  142. O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
  143. O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
  144. O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
  145. O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
  146. O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
  147. O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
  149. --
  150. End of file - 12404 bytes
  152. ======Scheduled tasks folder======
  154. C:\Windows\tasks\AWC Startup.job
  155. C:\Windows\tasks\Google Software Updater.job
  156. C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
  157. C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
  158. C:\Windows\tasks\NeroLiveEpgUpdate-PC-de-Laurent81_Laurent-81.job
  159. C:\Windows\tasks\User_Feed_Synchronization-{832B8A95-4918-467A-BBC8-ED327AC0ECB8}.job
  161. ======Registry dump======
  163. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
  164. Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
  166. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
  167. AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-10-16 1111320]
  169. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
  170. Spybot-S&D IE Protection - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]
  172. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
  173. Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
  175. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
  176. Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]
  178. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
  179. Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-05-15 668656]
  181. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
  182. Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-08-08 41760]
  184. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
  185. Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
  187. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}]
  188. DAPIELoader Class - C:\PROGRA~1\DAP\dapieloader.dll [2009-04-06 140880]
  190. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
  191. HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2008-10-15 505136]
  193. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
  194. {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
  196. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  197. "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
  198. "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-01-09 4186112]
  199. "RoxWatchTray"=C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2007-01-11 232184]
  200. "toolbar_eula_launcher"=C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe [2007-02-20 28672]
  201. "ACTIVBOARD"=C:\Program Files\Packard Bell\FIJI\aboard.exe [2007-01-18 79416]
  202. "RemoteControl9"=C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe [2009-02-16 87336]
  203. "PDVD9LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe [2008-10-13 50472]
  204. "BDRegion"=C:\Program Files\Cyberlink\Shared Files\brs.exe [2009-02-28 75048]
  205. "AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2009-03-11 611712]
  206. "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-08-08 149280]
  207. "CloneCDTray"=C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2009-01-30 57344]
  208. "Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2009-09-16 153608]
  209. "Habu"=C:\Program Files\Razer\Habu\razerhid.exe [2007-05-11 176128]
  210. "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
  211. "AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-10-16 2023704]
  212. "Microsoft Backup"=C:\Windows\System32\svkhost.exe [2005-10-12 9325568]
  214. [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  215. "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
  216. "SmpcSys"=C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe [2007-07-19 1120568]
  217. "MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-02-06 3885408]
  218. "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
  219. "ProcessManager"=C:\Program Files\Bill2's Process Manager\ProcessManager.exe [2009-05-30 1830912]
  220. "Auslogics BoostSpeed 4"=C:\Program Files\Auslogics\AusLogics BoostSpeed\boostspeed.exe [2008-06-23 361072]
  221. "TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-04-08 251240]
  222. "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
  223. "DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]
  224. "DownloadAccelerator"=C:\Program Files\DAP\DAP.EXE [2009-08-07 2754048]
  225. "Microsoft Backup"=C:\Windows\System32\svkhost.exe [2005-10-12 9325568]
  226. "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
  228. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
  229. PDFCreator.lnk - C:\Program Files\PDFCreator\PDFCreator.exe
  231. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
  232. "AppInit_DLLS"="avgrsstx.dll"
  234. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
  236. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]
  238. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
  240. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
  242. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
  244. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
  246. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
  247. "ConsentPromptBehaviorUser"=0
  248. "EnableLUA"=0
  249. "dontdisplaylastusername"=0
  250. "legalnoticecaption"=
  251. "legalnoticetext"=
  252. "shutdownwithoutlogon"=1
  253. "undockwithoutlogon"=1
  254. "EnableUIADesktopToggle"=0
  256. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
  257. "BindDirectlyToPropertySetStorage"=
  259. [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
  261. [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
  263. [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c5c1c377-42d3-11de-9200-001d609582e7}]
  264. shell\AutoRun\command - K:\Autorun.exe
  267. ======File associations======
  269. .js - edit - C:\Windows\System32\Notepad.exe %1
  270. .js - open - C:\Windows\System32\WScript.exe "%1" %*
  272. ======List of files/folders created in the last 1 months======
  274. 2009-10-16 23:56:40 ----D---- C:\rsit
  275. 2009-10-16 23:13:57 ----D---- C:\ProgramData\Spybot - Search & Destroy
  276. 2009-10-16 23:13:57 ----D---- C:\Program Files\Spybot - Search & Destroy
  277. 2009-10-16 22:52:21 ----A---- C:\SDFix.exe
  278. 2009-10-16 22:33:49 ----D---- C:\Windows\pss
  279. 2009-10-16 22:15:02 ----D---- C:\SDFix
  280. 2009-10-16 17:49:15 ----D---- C:\Windows\BDOSCAN8
  281. 2009-10-16 14:39:48 ----HD---- C:\$AVG8.VAULT$
  282. 2009-10-16 13:34:14 ----D---- C:\Users\Laurent 81\AppData\Roaming\AVG8
  283. 2009-10-16 13:20:35 ----A---- C:\Windows\system32\avgrsstx.dll
  284. 2009-10-16 13:20:19 ----D---- C:\ProgramData\avg8
  285. 2009-10-16 13:20:19 ----D---- C:\Program Files\AVG
  286. 2009-10-14 12:20:54 ----D---- C:\Users\Laurent 81\AppData\Roaming\Hamachi
  287. 2009-10-14 12:20:32 ----D---- C:\Program Files\Hamachi
  288. 2009-10-14 07:20:37 ----A---- C:\Windows\system32\mshtml.dll
  289. 2009-10-14 07:20:36 ----A---- C:\Windows\system32\ieframe.dll
  290. 2009-10-14 07:20:35 ----A---- C:\Windows\system32\wininet.dll
  291. 2009-10-14 07:20:35 ----A---- C:\Windows\system32\urlmon.dll
  292. 2009-10-14 07:20:35 ----A---- C:\Windows\system32\occache.dll
  293. 2009-10-14 07:20:35 ----A---- C:\Windows\system32\msfeeds.dll
  294. 2009-10-14 07:20:35 ----A---- C:\Windows\system32\iertutil.dll
  295. 2009-10-14 07:20:34 ----A---- C:\Windows\system32\iedkcs32.dll
  296. 2009-10-14 07:20:33 ----A---- C:\Windows\system32\msfeedssync.exe
  297. 2009-10-14 07:20:33 ----A---- C:\Windows\system32\msfeedsbs.dll
  298. 2009-10-14 07:20:33 ----A---- C:\Windows\system32\jsproxy.dll
  299. 2009-10-14 07:20:33 ----A---- C:\Windows\system32\ieUnatt.exe
  300. 2009-10-14 07:20:33 ----A---- C:\Windows\system32\ieui.dll
  301. 2009-10-14 07:20:33 ----A---- C:\Windows\system32\iesysprep.dll
  302. 2009-10-14 07:20:33 ----A---- C:\Windows\system32\iesetup.dll
  303. 2009-10-14 07:20:33 ----A---- C:\Windows\system32\iernonce.dll
  304. 2009-10-14 07:20:33 ----A---- C:\Windows\system32\iepeers.dll
  305. 2009-10-14 07:20:33 ----A---- C:\Windows\system32\ie4uinit.exe
  306. 2009-10-14 07:20:20 ----A---- C:\Windows\system32\ntoskrnl.exe
  307. 2009-10-14 07:20:20 ----A---- C:\Windows\system32\ntkrnlpa.exe
  308. 2009-10-14 07:20:18 ----A---- C:\Windows\system32\msv1_0.dll
  309. 2009-10-14 07:20:16 ----A---- C:\Windows\system32\msasn1.dll
  310. 2009-10-14 07:18:18 ----A---- C:\Windows\system32\WMSPDMOD.DLL
  311. 2009-10-12 14:12:17 ----D---- C:\Program Files\Readon Technology
  312. 2009-10-12 14:01:26 ----D---- C:\ProgramData\Electronic Arts
  313. 2009-10-11 13:06:54 ----D---- C:\ProgramData\PC Drivers HeadQuarters
  314. 2009-10-07 20:55:04 ----D---- C:\Program Files\Razer
  315. 2009-10-06 22:57:19 ----A---- C:\Windows\system32\cohelper.dll
  316. 2009-10-06 12:17:18 ----A---- C:\Windows\system32\wups2.dll
  317. 2009-10-06 12:17:18 ----A---- C:\Windows\system32\wucltux.dll
  318. 2009-10-06 12:17:18 ----A---- C:\Windows\system32\wuaueng.dll
  319. 2009-10-06 12:17:18 ----A---- C:\Windows\system32\wuauclt.exe
  320. 2009-10-06 12:17:06 ----A---- C:\Windows\system32\wups.dll
  321. 2009-10-06 12:17:06 ----A---- C:\Windows\system32\wudriver.dll
  322. 2009-10-06 12:17:06 ----A---- C:\Windows\system32\wuapi.dll
  323. 2009-10-06 12:17:03 ----A---- C:\Windows\system32\wuwebv.dll
  324. 2009-10-06 12:17:03 ----A---- C:\Windows\system32\wuapp.exe
  325. 2009-10-03 19:46:02 ----D---- C:\Users\Laurent 81\AppData\Roaming\.Tribler
  326. 2009-10-03 19:46:02 ----D---- C:\Users\Laurent 81\AppData\Roaming\.SwarmPlayer
  327. 2009-10-03 19:45:23 ----D---- C:\Program Files\SwarmPlayer
  328. 2009-10-03 14:51:55 ----D---- C:\Program Files\Lavalys
  329. 2009-10-03 02:05:40 ----N---- C:\Windows\system32\MpSigStub.exe
  330. 2009-09-27 17:47:30 ----A---- C:\Windows\system32\nvcpluir.dll
  331. 2009-09-27 17:47:30 ----A---- C:\Windows\system32\nvcplui.exe
  332. 2009-09-27 17:47:00 ----A---- C:\Windows\system32\nvwssr.dll
  333. 2009-09-27 17:47:00 ----A---- C:\Windows\system32\nvwss.dll
  334. 2009-09-27 17:47:00 ----A---- C:\Windows\system32\nvvsvc.exe
  335. 2009-09-27 17:47:00 ----A---- C:\Windows\system32\nvvitvsr.dll
  336. 2009-09-27 17:47:00 ----A---- C:\Windows\system32\nvvitvs.dll
  337. 2009-09-27 17:47:00 ----A---- C:\Windows\system32\nvsvsr.dll
  338. 2009-09-27 17:47:00 ----A---- C:\Windows\system32\nvsvs.dll
  339. 2009-09-27 17:47:00 ----A---- C:\Windows\system32\nvsvcr.dll
  340. 2009-09-27 17:47:00 ----A---- C:\Windows\system32\nvsvc.dll
  341. 2009-09-27 17:47:00 ----A---- C:\Windows\system32\nvmoblsr.dll
  342. 2009-09-27 17:47:00 ----A---- C:\Windows\system32\nvmobls.dll
  343. 2009-09-27 17:47:00 ----A---- C:\Windows\system32\nvmctray.dll
  344. 2009-09-27 17:47:00 ----A---- C:\Windows\system32\nvmccssr.dll
  345. 2009-09-27 17:47:00 ----A---- C:\Windows\system32\nvmccss.dll
  346. 2009-09-27 17:47:00 ----A---- C:\Windows\system32\nvgamesr.dll
  347. 2009-09-27 17:47:00 ----A---- C:\Windows\system32\nvgames.dll
  348. 2009-09-27 17:47:00 ----A---- C:\Windows\system32\nvdispsr.dll
  349. 2009-09-27 17:46:00 ----A---- C:\Windows\system32\nvdisps.dll
  350. 2009-09-27 17:46:00 ----A---- C:\Windows\system32\nvcpl.dll
  351. 2009-09-27 16:12:22 ----A---- C:\Windows\system32\nvwgf2um.dll
  352. 2009-09-27 16:12:22 ----A---- C:\Windows\system32\nvudisp.exe
  353. 2009-09-27 16:12:22 ----A---- C:\Windows\system32\nvoglv32.dll
  354. 2009-09-27 16:12:22 ----A---- C:\Windows\system32\nvcuvid.dll
  355. 2009-09-27 16:12:22 ----A---- C:\Windows\system32\nvcuvenc.dll
  356. 2009-09-27 16:12:22 ----A---- C:\Windows\system32\nvcuda.dll
  357. 2009-09-27 16:12:22 ----A---- C:\Windows\system32\nvcod167.dll
  358. 2009-09-27 16:12:22 ----A---- C:\Windows\system32\nvcod.dll
  359. 2009-09-27 16:12:22 ----A---- C:\Windows\system32\dpinst.exe
  360. 2009-09-27 11:41:50 ----D---- C:\Program Files\Logitech
  361. 2009-09-26 11:23:28 ----D---- C:\Program Files\WinAVI Video Converter
  362. 2009-09-26 11:03:10 ----D---- C:\Program Files\Common Files\AVSMedia
  363. 2009-09-26 11:03:10 ----A---- C:\Windows\system32\msvcp70.dll
  364. 2009-09-26 11:03:10 ----A---- C:\Windows\system32\mfc70.dll
  365. 2009-09-26 11:03:09 ----D---- C:\Program Files\AVSMedia
  366. 2009-09-26 11:03:09 ----A---- C:\Windows\system32\mpg4c32.dll
  367. 2009-09-26 11:03:09 ----A---- C:\Windows\system32\mcdvd_32.dll
  368. 2009-09-25 23:48:52 ----D---- C:\ProgramData\Aspyr
  369. 2009-09-17 22:37:19 ----D---- C:\ProgramData\Age of Empires 3
  370. 2009-09-17 22:27:46 ----D---- C:\Program Files\Common Files\Microsoft Games
  372. ======List of files/folders modified in the last 1 months======
  374. 2009-10-16 23:56:43 ----D---- C:\Windows\Temp
  375. 2009-10-16 23:56:25 ----D---- C:\Users\Laurent 81\AppData\Roaming\FileZilla
  376. 2009-10-16 23:32:24 ----RD---- C:\Program Files
  377. 2009-10-16 23:13:57 ----HD---- C:\ProgramData
  378. 2009-10-16 23:03:06 ----D---- C:\Windows\Tasks
  379. 2009-10-16 23:01:14 ----D---- C:\Program Files\Mozilla Firefox
  380. 2009-10-16 23:00:59 ----D---- C:\Windows\system32\catroot2
  381. 2009-10-16 23:00:49 ----D---- C:\ProgramData\NVIDIA
  382. 2009-10-16 23:00:48 ----AD---- C:\ProgramData\Temp
  383. 2009-10-16 22:33:49 ----AD---- C:\Windows
  384. 2009-10-16 21:06:28 ----SHD---- C:\Windows\Installer
  385. 2009-10-16 21:06:28 ----HD---- C:\Config.Msi
  386. 2009-10-16 21:06:02 ----SHD---- C:\System Volume Information
  387. 2009-10-16 21:05:19 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
  388. 2009-10-16 21:03:52 ----RSHD---- C:\Windows\System32
  389. 2009-10-16 21:03:04 ----HD---- C:\Program Files\InstallShield Installation Information
  390. 2009-10-16 20:51:45 ----D---- C:\Windows\system
  391. 2009-10-16 20:22:49 ----D---- C:\Program Files\Radmin
  392. 2009-10-16 17:49:17 ----SD---- C:\Windows\Downloaded Program Files
  393. 2009-10-16 17:33:11 ----D---- C:\Windows\system32\Tasks
  394. 2009-10-16 16:49:47 ----D---- C:\Windows\system32\drivers
  395. 2009-10-16 14:01:28 ----A---- C:\Windows\win.ini
  396. 2009-10-16 13:31:32 ----D---- C:\Windows\system32\WDI
  397. 2009-10-16 13:24:10 ----D---- C:\Windows\Prefetch
  398. 2009-10-16 13:19:40 ----D---- C:\Users\Laurent 81\AppData\Roaming\uTorrent
  399. 2009-10-16 13:09:57 ----D---- C:\Windows\Debug
  400. 2009-10-16 13:05:59 ----D---- C:\ProgramData\Avira
  401. 2009-10-16 11:47:50 ----D---- C:\Program Files\Notepad++
  402. 2009-10-15 16:35:10 ----D---- C:\Program Files\Teamspeak2_RC2
  403. 2009-10-14 17:39:55 ----D---- C:\wtcced
  404. 2009-10-14 13:22:07 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
  405. 2009-10-14 12:20:32 ----D---- C:\Windows\inf
  406. 2009-10-14 12:04:55 ----D---- C:\Program Files\Steam
  407. 2009-10-14 11:28:28 ----D---- C:\Program Files\Common Files\Steam
  408. 2009-10-14 08:10:22 ----D---- C:\Windows\Microsoft.NET
  409. 2009-10-14 08:10:15 ----RSD---- C:\Windows\assembly
  410. 2009-10-14 08:06:06 ----D---- C:\Windows\winsxs
  411. 2009-10-14 07:55:59 ----D---- C:\Windows\system32\catroot
  412. 2009-10-14 07:53:52 ----D---- C:\Windows\system32\migration
  413. 2009-10-14 07:53:52 ----D---- C:\Windows\ehome
  414. 2009-10-14 07:53:52 ----D---- C:\Program Files\Windows Mail
  415. 2009-10-14 07:53:51 ----D---- C:\Program Files\Internet Explorer
  416. 2009-10-14 07:25:39 ----D---- C:\ProgramData\Microsoft Help
  417. 2009-10-13 16:37:15 ----D---- C:\Fraps
  418. 2009-10-13 07:52:02 ----D---- C:\Users\Laurent 81\AppData\Roaming\HTMLReport
  419. 2009-10-12 21:46:44 ----D---- C:\ProgramData\FLEXnet
  420. 2009-10-12 14:59:36 ----D---- C:\Windows\Logs
  421. 2009-10-12 14:46:49 ----D---- C:\ProgramData\NOS
  422. 2009-10-12 14:39:45 ----D---- C:\ProgramData\Roxio
  423. 2009-10-12 14:17:19 ----D---- C:\ProgramData\DVD Shrink
  424. 2009-10-12 14:07:17 ----D---- C:\Users\Laurent 81\AppData\Roaming\Azureus
  425. 2009-10-11 13:05:52 ----D---- C:\Users\Laurent 81\AppData\Roaming\GetRightToGo
  426. 2009-10-11 11:40:23 ----A---- C:\Windows\system32\PerfStringBackup.INI
  427. 2009-10-08 07:56:04 ----D---- C:\Program Files\SimBin
  428. 2009-10-07 20:54:30 ----D---- C:\Users\Laurent 81\AppData\Roaming\InstallShield
  429. 2009-10-07 12:46:31 ----A---- C:\Windows\3DSIMED.INI
  430. 2009-10-06 23:12:09 ----D---- C:\Windows\rescache
  431. 2009-10-06 22:31:33 ----D---- C:\Program Files\NVIDIA Corporation
  432. 2009-10-06 12:18:10 ----D---- C:\Windows\system32\fr-FR
  433. 2009-10-03 20:42:30 ----D---- C:\Program Files\FileZilla FTP Client
  434. 2009-10-02 21:29:56 ----D---- C:\ProgramData\ma-config.com
  435. 2009-10-02 21:29:56 ----D---- C:\Program Files\ma-config.com
  436. 2009-10-02 20:01:57 ----A---- C:\Windows\system32\mrt.exe
  437. 2009-09-27 16:12:22 ----A---- C:\Windows\system32\nvd3dum.dll
  438. 2009-09-27 16:12:22 ----A---- C:\Windows\system32\nvapi.dll
  439. 2009-09-27 11:41:51 ----D---- C:\Program Files\Common Files\Logitech
  440. 2009-09-26 11:03:10 ----D---- C:\Program Files\Common Files
  441. 2009-09-24 10:10:56 ----D---- C:\Program Files\WinSCP
  442. 2009-09-24 09:24:18 ----A---- C:\Windows\system32\nvuninst.exe
  443. 2009-09-23 01:09:53 ----D---- C:\Program Files\DivX
  444. 2009-09-23 01:09:21 ----D---- C:\Program Files\Common Files\DivX Shared
  445. 2009-09-22 12:36:15 ----D---- C:\Users\Laurent 81\AppData\Roaming\Notepad++
  446. 2009-09-19 13:02:03 ----D---- C:\Users\Laurent 81\AppData\Roaming\DivX
  448. ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
  450. R1 AvgLdx86;AVG AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2009-10-16 335240]
  451. R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2009-10-16 27784]
  452. R1 AvgTdiX;AVG8 Network Redirector; C:\Windows\System32\Drivers\avgtdix.sys [2009-10-16 108552]
  453. R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232]
  454. R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-10-16 28520]
  455. R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2009/03/27 14:26:34]; \??\C:\Program Files\CyberLink\PowerDVD9\000.fcl [2009-02-28 87536]
  456. R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2009-04-15 73312]
  457. R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2009-06-26 281760]
  458. R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2009-06-26 25888]
  459. R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\Windows\system32\drivers\LMIRfsDriver.sys [2008-07-24 47640]
  460. R3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 131584]
  461. R3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 16384]
  462. R3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 36864]
  463. R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 34760]
  464. R3 ElbyDelay;ElbyDelay; C:\Windows\System32\Drivers\ElbyDelay.sys [2007-02-16 11984]
  465. R3 GEARAspiWDM;GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
  466. R3 HabuFltr;Habu Mouse; C:\Windows\system32\drivers\habu.sys [2006-10-23 27776]
  467. R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-10-14 25280]
  468. R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-01-09 1655464]
  469. R3 lmimirr;lmimirr; C:\Windows\system32\DRIVERS\lmimirr.sys [2008-07-24 10144]
  470. R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-09-27 9509832]
  471. R3 NVNET;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2009-07-30 282144]
  472. R3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf.sys [2009-06-17 12648]
  473. R3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
  474. R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2009-09-11 22792]
  475. R3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2009-09-11 14984]
  476. R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2009-09-11 66056]
  477. S2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys []
  478. S3 a8715zjg;a8715zjg; C:\Windows\system32\drivers\a8715zjg.sys []
  479. S3 anvrvr75;anvrvr75; C:\Windows\system32\drivers\anvrvr75.sys []
  480. S3 catchme;catchme; \??\C:\Users\LAUREN~1\AppData\Local\Temp\catchme.sys []
  481. S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [2009-09-23 14336]
  482. S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
  483. S3 DsAudioDevice_282;DsAudioDevice_282; C:\Windows\system32\drivers\DsAudioDevice_282.sys [2009-01-08 16640]
  484. S3 ENTECH;ENTECH; \??\C:\Windows\system32\DRIVERS\ENTECH.sys [2008-04-22 27672]
  485. S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-02-06 55280]
  486. S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
  487. S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
  488. S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
  489. S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
  490. S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
  491. S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2009-07-30 282144]
  492. S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
  493. S3 uisp;Freescale USB JW32 driver; C:\Windows\System32\Drivers\usbicp.sys [2005-12-21 14592]
  494. S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys []
  495. S3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
  496. S3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2009-09-11 35592]
  497. S3 WmHidLo;Logitech Gaming USB Filter Driver; C:\Windows\system32\drivers\WmHidLo.sys [2009-09-11 31752]
  498. S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
  499. S4 LMIRfsClientNP;LMIRfsClientNP; C:\Windows\system32\drivers\LMIRfsClientNP.sys []
  500. S4 nvrd32;NVIDIA nForce RAID Driver; C:\Windows\system32\drivers\nvrd32.sys [2007-04-19 131368]
  501. S4 nvsmu;nvsmu; C:\Windows\system32\drivers\nvsmu.sys [2007-02-16 12032]
  502. S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]
  504. ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
  506. R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-08-11 611664]
  507. R2 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2008-12-30 79360]
  508. R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-10-16 297752]
  509. R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
  510. R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-19 21504]
  511. R2 mi-raysat_3dsMax2008_32;mental ray 3.6 Satellite for Autodesk 3ds Max 2008 32-bit 32-bit; C:\Program Files\Autodesk\3ds Max 2008\mentalray\satellite\raysat_3dsMax2008_32server.exe [2007-09-25 65536]
  512. R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-11-25 935208]
  513. R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
  514. R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-09-27 215656]
  515. R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
  516. R2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2007-01-11 166648]
  517. R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
  518. R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
  519. R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2009-09-27 240232]
  520. R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2009-04-08 92008]
  521. R2 Viewpoint Manager Service;Viewpoint Manager Service; C:\Program Files\Viewpoint\Common\ViewpointService.exe [2008-09-08 24652]
  522. R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
  523. R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504]
  524. R3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-01-11 887544]
  525. S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
  526. S2 gupdate1c9d4e1d4f5abd0;Service Google Update (gupdate1c9d4e1d4f5abd0); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-05-15 133104]
  527. S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-15 183280]
  528. S2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
  529. S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-12-14 655624]
  530. S3 fsssvc;Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
  531. S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
  532. S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-09-23 238960]
  533. S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
  534. S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
  535. S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-06-02 637952]
  536. S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2009-10-13 316664]
  537. S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-09-14 73728]
  539. -----------------EOF-----------------

Répondre à Laurent81
Destrio5   17-10-2009 à 00:15:40
- 0 +

  • Télécharge OTM (OldTimer) sur ton Bureau.
  • Clique droit sur OTM.exe et choisis Exécuter en tant qu'administrateur.
  • Copie (Ctrl+C) le texte suivant ci-dessous :


:processes
explorer.exe

:services
CLTNetCnService

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Microsoft Backup"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Microsoft Backup"=-

:files
C:\Windows\System32\svkhost.exe
C:\SDFix.exe

:commands
[purity]
[emptytemp]
[reboot]


  • Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
  • Clique maintenant sur le bouton MoveIt! puis ferme OTM.


---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

  • Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\

---> Le nom du rapport correspond au moment de sa création : date_heure.log

Répondre à Destrio5
Laurent81   17-10-2009 à 00:23:24
- 0 +

Code :
  1. All processes killed
  2. ========== PROCESSES ==========
  3. No active process named explorer.exe was found!
  4. ========== SERVICES/DRIVERS ==========
  6. Service\Driver CLTNetCnService deleted successfully.
  7. ========== REGISTRY ==========
  8. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Microsoft Backup deleted successfully.
  9. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Microsoft Backup deleted successfully.
  10. ========== FILES ==========
  11. C:\Windows\System32\svkhost.exe moved successfully.
  12. C:\SDFix.exe moved successfully.
  13. ========== COMMANDS ==========
  15. [EMPTYTEMP]
  17. User: All Users
  19. User: Default
  20. ->Temp folder emptied: 0 bytes
  21. ->Temporary Internet Files folder emptied: 33170 bytes
  23. User: Default User
  24. ->Temp folder emptied: 0 bytes
  25. ->Temporary Internet Files folder emptied: 0 bytes
  27. User: Laurent 81
  28. ->Temp folder emptied: 8939822 bytes
  29. ->Temporary Internet Files folder emptied: 44610083 bytes
  30. ->Java cache emptied: 32078496 bytes
  31. ->FireFox cache emptied: 81910347 bytes
  33. User: LogMeInRemoteUser
  34. ->Temp folder emptied: 0 bytes
  35. ->Temporary Internet Files folder emptied: 33170 bytes
  37. User: Public
  39. %systemdrive% .tmp files removed: 0 bytes
  40. C:\Windows\1C4551A64743409391E41477CD655043.TMP folder deleted successfully.
  41. %systemroot% .tmp files removed: 200704 bytes
  42. %systemroot%\System32 .tmp files removed: 0 bytes
  43. File delete failed. C:\Windows\temp\TMP0000006D85713404E7C27C21 scheduled to be deleted on reboot.
  44. Windows Temp folder emptied: 529223 bytes
  45. RecycleBin emptied: 9218799 bytes
  47. Total Files Cleaned = 169,33 mb
  50. OTM by OldTimer - Version 3.0.0.6 log created on 10172009_001808
  52. Files moved on Reboot...
  53. File C:\Windows\temp\TMP0000006D85713404E7C27C21 not found!
  55. Registry entries deleted on Reboot...

Répondre à Laurent81
Laurent81   17-10-2009 à 00:48:31
- 0 +

Lorsqu'il a rebooté, la fenêtre est de nouveau apparu.

si je me rends dans le dossier C:\Users\Laurent 81\AppData\Local\Temp, le fichier SHIFT.exe est toujours là. [:666 ]

Répondre à Laurent81
Destrio5   17-10-2009 à 00:53:46
- 0 +

C'est un crack pour un jeu ?

Répondre à Destrio5
Laurent81   17-10-2009 à 01:01:14
- 0 +

C'étais un "No-CD" téléchargé >> ICI, le jeu je l'ai en version original ;)

Répondre à Laurent81
Destrio5   17-10-2009 à 01:13:03
- 0 +

Oui mais ça reste illégal.

Le message d'erreur que tu m'as montré est "normal" car ton crack se trouve dans les fichiers temporaires et non dans le dossier d'installation du jeu.

Répondre à Destrio5
Laurent81   17-10-2009 à 01:17:31
- 0 +

Le jeu, je l'avais installé dans D:\ je l'ai désinstallé, il n'y a plus rien, le dossier est supprimé mais depuis ça me fait ça.

Si je supprime l'exe se trouvant dans le dossier TEMP, il se recrée au démarrage de windows ???

Répondre à Laurent81
Laurent81   17-10-2009 à 01:30:20
- 0 +

Bein vi malheureusement, d'où mon problème...

Je vais essayer de réinstaller le jeu et de le re désinstaller... bizarre cette histoire.

Répondre à Laurent81
Destrio5   17-10-2009 à 01:36:46
- 0 +

  • Télécharge et installe CCleaner Slim.
  • Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
  • Va dans Nettoyeur, choisis Analyser. Une fois terminé, lance le nettoyage.

Répondre à Destrio5
Laurent81   17-10-2009 à 01:57:06
- 0 +

CCleaner dans son analyse le localise bien, dans son nettoyage il le supprime, mais quand je redémarre mon PC, le fichier se recrée tout seul dans le dossier TEMP...

une histoire de fou ça... :pt1cable:

Répondre à Laurent81
Destrio5   17-10-2009 à 01:59:55
- 0 +

Fais-le en mode sans échec.

Pour redémarrer en mode sans échec :

  • Redémarre ton PC.
  • Au démarrage, tapote sur F8 (F5 sur certains PC) juste après l'affichage du BIOS et juste avant le chargement de Windows.
  • Dans le menu d'options avancées, choisis Mode sans échec.
  • Choisis ta session.

Répondre à Destrio5
Laurent81   17-10-2009 à 02:31:21
- 0 +

Même résultat en mode sans échec, CCleaner le localise bien, le supprime, mais au redémarrage le fichier se recrée...

Je suis gavé là... :o vais aller au dodo, verrait ça demain.

Merci pour ton aide en tous les cas. ;)

Répondre à Laurent81
Créer un nouveau sujet Répondre
Tom's Guide > Forum > Sécurité - Virus > Un .exe se crée à chaque démarrage dans \AppData\Local\Temp
Aller à :

Il y a 253 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.

Plan du forum
Forum Bestofmedia ©
2000-2009 Bestofmedia Group
Page générée en 1,164 secondes
Liens