Icon kaspersky a disparu
Dernière réponse : dans Sécurité
salut, mon probleme est que sous windows xp j'ai installer kaspersky anti virus 6 for windows work station mais actuellement je vois plus l'icon de kaspersky dans la barre systeme en plus je ne peut ni acceder a la base du registre ni gestionnaire des taches ni scanner mon pc, si quelqu'un pourrais m'aider
Autres pages sur : icon kaspersky disparu
Lassé par la pub ? Créez un compte
(Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
Note : les rapports sont sauvegardés dans le dossier C:\rsit.
merci pour la réponse j'ai exécuté toutes les etapes , j'ai lu les fichiers mais toujours kaspersky gestionnaire des taches desactivé et l'icon kaspersky disparu
parmis les information du fichier info.txt :
======Security center information======
AV: Kaspersky Anti-Virus (disabled) (outdated)
FW: Kaspersky Anti-Virus (disabled)
parmis les information du fichier info.txt :
======Security center information======
AV: Kaspersky Anti-Virus (disabled) (outdated)
FW: Kaspersky Anti-Virus (disabled)
voici le fichier info.txt
----------------------------
info.txt logfile of random's system information tool 1.06 2009-11-02 09:33:30
======Uninstall list======
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E06E4F4E-72D6-4497-BFFD-BCB43077C2F4}\SETUP.EXE" -l0x40c -uninst
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\System32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A92000000001}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
Cavaj Java Decompiler-->C:\windows\IsUninst.exe -f"C:\Program Files\Cavaj Java Decompiler\Uninst.isu"
Correctif pour Windows XP (KB952287)-->"C:\windows\$NtUninstallKB952287$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB961118)-->"C:\windows\$NtUninstallKB961118$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
CutePDF Writer 2.8-->C:\Program Files\Acro Software\CutePDF Writer\uninscpw.exe
EP AuthorWare Web Players-->MsiExec.exe /X{11E971C9-1D25-4DF7-8610-A148072C8615}
Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C52BA20C2D}
Feneris Video Downloader-->MsiExec.exe /I{86AED2CA-EE00-400B-8516-5152CC10B32E}
Free PDF to Word Doc Converter v1.1-->"C:\Program Files\Free PDF to Word Doc Converter\unins000.exe"
Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
GPL Ghostscript 8.56-->C:\Program Files\gs\uninstgs.exe "C:\Program Files\gs\gs8.56\uninstal.txt"
GPL Ghostscript Fonts-->C:\Program Files\gs\uninstgs.exe "C:\Program Files\gs\fonts\uninstal.txt"
GSview 4.9-->C:\Program Files\Ghostgum\gsview\uninstgs.exe "C:\Program Files\Ghostgum\gsview\uninstal.txt"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
hp LaserJet 1000-->zuninst.exe
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Java 2 Runtime Environment, SE v1.4.2_03-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142030}
Java(TM) 6 Update 16-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF}
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
Kaspersky Anti-Virus 6.0 for Windows Workstations-->MsiExec.exe /I{79B986AD-54D8-4498-AA06-89808829ACC0}
Kaspersky Anti-Virus 6.0 for Windows Workstations-->MsiExec.exe /I{79B986AD-54D8-4498-AA06-89808829ACC0}
Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft ActiveSync-->MsiExec.exe /I{99052DB7-9592-4522-A558-5417BBAD48EE}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office 2003 French User Interface Pack-->MsiExec.exe /I{901E040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0122-040C-0000-0000000FF1CE}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB954155)-->"C:\windows\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\windows\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\windows\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB969897)-->"C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\windows\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB974455)-->"C:\windows\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\windows\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\windows\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\windows\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\windows\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\windows\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\windows\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\windows\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\windows\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\windows\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\windows\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\windows\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\windows\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\windows\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\windows\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\windows\$NtUninstallKB956744$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\windows\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\windows\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\windows\$NtUninstallKB956844$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\windows\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\windows\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\windows\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958869)-->"C:\windows\$NtUninstallKB958869$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\windows\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\windows\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\windows\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\windows\$NtUninstallKB960859$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\windows\$NtUninstallKB961371$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\windows\$NtUninstallKB961501$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\windows\$NtUninstallKB968537$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969059)-->"C:\windows\$NtUninstallKB969059$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\windows\$NtUninstallKB970238$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971486)-->"C:\windows\$NtUninstallKB971486$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\windows\$NtUninstallKB971557$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\windows\$NtUninstallKB971633$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\windows\$NtUninstallKB971657$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\windows\$NtUninstallKB973354$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\windows\$NtUninstallKB973507$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973525)-->"C:\windows\$NtUninstallKB973525$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\windows\$NtUninstallKB973869$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974112)-->"C:\windows\$NtUninstallKB974112$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974571)-->"C:\windows\$NtUninstallKB974571$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975025)-->"C:\windows\$NtUninstallKB975025$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975467)-->"C:\windows\$NtUninstallKB975467$\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB972636)-->"C:\WINDOWS\ie8updates\KB972636-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\windows\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB961503)-->"C:\windows\$NtUninstallKB961503$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\windows\$NtUninstallKB967715$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB968389)-->"C:\windows\$NtUninstallKB968389$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB973815)-->"C:\windows\$NtUninstallKB973815$\spuninst\spuninst.exe"
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
Net Transport 1.94.282-->"C:\Program Files\Xi\NetTransport 2\unins000.exe"
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
PrintFile-->C:\PROGRA~1\PRINTF~1\prfile32.exe /uninstall
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
SiS 661FX_760_741_M661FX_M760_M741-->Rundll32 SiSInst.dll,Uninstall VGA,r,0
Skype web features-->MsiExec.exe /I{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}
Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Surligneur (Windows Live Toolbar)-->MsiExec.exe /X{81B5F83F-2291-48B0-8375-36B63A9BF5B0}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
UseNeXT-->"C:\Program Files\UseNeXT\unins000.exe"
VLC media player 0.9.9-->d:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Contrôle parental-->MsiExec.exe /X{D5D81435-B8DE-4CAF-867F-7998F2B92CFC}
Windows Live Favorites pour Windows Live Toolbar-->MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}
Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA}
Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}
Windows XP Service Pack 3-->"C:\windows\$NtServicePackUninstall$\spuninst\spuninst.exe"
Youda Legend The Curse of the Amsterdam Diamond-->"C:\Program Files\BoontyGames\Youda Legend The Curse of the Amsterdam Diamond\unins000.exe"
YouTube Video Downloader 2.4.8-->"C:\Program Files\Tomato\YouTube Video Downloader\unins000.exe"
======Security center information======
AV: Kaspersky Anti-Virus (disabled) (outdated)
FW: Kaspersky Anti-Virus (disabled)
======System event log======
Computer Name: SDES
Event Code: 10005
Message: DCOM a reçu l'erreur "%1058" lors de la mise en route du service SeaPort avec les arguments "-Service"
pour démarrer le serveur :
{D6381B4A-D254-46EB-9018-A62E0F4BA6BA}
Record Number: 5701
Source Name: DCOM
Time Written: 20091102092815.000000+060
Event Type: erreur
User: SDES\omar
Computer Name: SDES
Event Code: 10005
Message: DCOM a reçu l'erreur "%1058" lors de la mise en route du service SeaPort avec les arguments "-Service"
pour démarrer le serveur :
{D6381B4A-D254-46EB-9018-A62E0F4BA6BA}
Record Number: 5700
Source Name: DCOM
Time Written: 20091102092648.000000+060
Event Type: erreur
User: SDES\omar
Computer Name: SDES
Event Code: 10005
Message: DCOM a reçu l'erreur "%1058" lors de la mise en route du service SeaPort avec les arguments "-Service"
pour démarrer le serveur :
{D6381B4A-D254-46EB-9018-A62E0F4BA6BA}
Record Number: 5699
Source Name: DCOM
Time Written: 20091102092459.000000+060
Event Type: erreur
User: SDES\omar
Computer Name: SDES
Event Code: 10005
Message: DCOM a reçu l'erreur "%1058" lors de la mise en route du service SeaPort avec les arguments "-Service"
pour démarrer le serveur :
{D6381B4A-D254-46EB-9018-A62E0F4BA6BA}
Record Number: 5698
Source Name: DCOM
Time Written: 20091102092436.000000+060
Event Type: erreur
User: SDES\omar
Computer Name: SDES
Event Code: 10005
Message: DCOM a reçu l'erreur "%1058" lors de la mise en route du service SeaPort avec les arguments "-Service"
pour démarrer le serveur :
{D6381B4A-D254-46EB-9018-A62E0F4BA6BA}
Record Number: 5697
Source Name: DCOM
Time Written: 20091102092422.000000+060
Event Type: erreur
User: SDES\omar
=====Application event log=====
Computer Name: SDES
Event Code: 100
Message: wlmail (3904) Le moteur de base de données 5.01.2600.2180 est démarré.
Record Number: 198
Source Name: ESENT
Time Written: 20090722124349.000000+060
Event Type: Informations
User:
Computer Name: SDES
Event Code: 302
Message: MsnMsgr (2004) \\.\C:\Documents and Settings\omar\Local Settings\Application Data\Microsoft\Messenger\withmeyoucandream@hotmail.fr\SharingMetadata\Working\database_2CEC_546D_EC54_3376\dfsr.db: Le moteur de base de données a exécuté la procédure de récupération avec succès.
Record Number: 197
Source Name: ESENT
Time Written: 20090722124326.000000+060
Event Type: Informations
User:
Computer Name: SDES
Event Code: 301
Message: MsnMsgr (2004) \\.\C:\Documents and Settings\omar\Local Settings\Application Data\Microsoft\Messenger\withmeyoucandream@hotmail.fr\SharingMetadata\Working\database_2CEC_546D_EC54_3376\dfsr.db: Le moteur de base de données commence la relecture du fichier journal \\.\C:\Documents and Settings\omar\Local Settings\Application Data\Microsoft\Messenger\withmeyoucandream@hotmail.fr\SharingMetadata\Working\database_2CEC_546D_EC54_3376\fsr.log.
Record Number: 196
Source Name: ESENT
Time Written: 20090722124326.000000+060
Event Type: Informations
User:
Computer Name: SDES
Event Code: 301
Message: MsnMsgr (2004) \\.\C:\Documents and Settings\omar\Local Settings\Application Data\Microsoft\Messenger\withmeyoucandream@hotmail.fr\SharingMetadata\Working\database_2CEC_546D_EC54_3376\dfsr.db: Le moteur de base de données commence la relecture du fichier journal \\.\C:\Documents and Settings\omar\Local Settings\Application Data\Microsoft\Messenger\withmeyoucandream@hotmail.fr\SharingMetadata\Working\database_2CEC_546D_EC54_3376\fsr00008.log.
Record Number: 195
Source Name: ESENT
Time Written: 20090722124325.000000+060
Event Type: Informations
User:
Computer Name: SDES
Event Code: 300
Message: MsnMsgr (2004) \\.\C:\Documents and Settings\omar\Local Settings\Application Data\Microsoft\Messenger\withmeyoucandream@hotmail.fr\SharingMetadata\Working\database_2CEC_546D_EC54_3376\dfsr.db: Le moteur de base de données initialise la procédure de récupération.
Record Number: 194
Source Name: ESENT
Time Written: 20090722124324.000000+060
Event Type: Informations
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=0209
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
-----------------EOF-----------------
----------------------------
info.txt logfile of random's system information tool 1.06 2009-11-02 09:33:30
======Uninstall list======
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E06E4F4E-72D6-4497-BFFD-BCB43077C2F4}\SETUP.EXE" -l0x40c -uninst
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\System32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A92000000001}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
Cavaj Java Decompiler-->C:\windows\IsUninst.exe -f"C:\Program Files\Cavaj Java Decompiler\Uninst.isu"
Correctif pour Windows XP (KB952287)-->"C:\windows\$NtUninstallKB952287$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB961118)-->"C:\windows\$NtUninstallKB961118$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
CutePDF Writer 2.8-->C:\Program Files\Acro Software\CutePDF Writer\uninscpw.exe
EP AuthorWare Web Players-->MsiExec.exe /X{11E971C9-1D25-4DF7-8610-A148072C8615}
Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C52BA20C2D}
Feneris Video Downloader-->MsiExec.exe /I{86AED2CA-EE00-400B-8516-5152CC10B32E}
Free PDF to Word Doc Converter v1.1-->"C:\Program Files\Free PDF to Word Doc Converter\unins000.exe"
Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
GPL Ghostscript 8.56-->C:\Program Files\gs\uninstgs.exe "C:\Program Files\gs\gs8.56\uninstal.txt"
GPL Ghostscript Fonts-->C:\Program Files\gs\uninstgs.exe "C:\Program Files\gs\fonts\uninstal.txt"
GSview 4.9-->C:\Program Files\Ghostgum\gsview\uninstgs.exe "C:\Program Files\Ghostgum\gsview\uninstal.txt"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
hp LaserJet 1000-->zuninst.exe
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Java 2 Runtime Environment, SE v1.4.2_03-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142030}
Java(TM) 6 Update 16-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF}
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
Kaspersky Anti-Virus 6.0 for Windows Workstations-->MsiExec.exe /I{79B986AD-54D8-4498-AA06-89808829ACC0}
Kaspersky Anti-Virus 6.0 for Windows Workstations-->MsiExec.exe /I{79B986AD-54D8-4498-AA06-89808829ACC0}
Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft ActiveSync-->MsiExec.exe /I{99052DB7-9592-4522-A558-5417BBAD48EE}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office 2003 French User Interface Pack-->MsiExec.exe /I{901E040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0122-040C-0000-0000000FF1CE}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB954155)-->"C:\windows\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\windows\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\windows\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB969897)-->"C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\windows\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB974455)-->"C:\windows\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\windows\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\windows\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\windows\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\windows\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\windows\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\windows\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\windows\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\windows\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\windows\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\windows\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\windows\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\windows\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\windows\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\windows\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\windows\$NtUninstallKB956744$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\windows\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\windows\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\windows\$NtUninstallKB956844$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\windows\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\windows\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\windows\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958869)-->"C:\windows\$NtUninstallKB958869$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\windows\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\windows\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\windows\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\windows\$NtUninstallKB960859$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\windows\$NtUninstallKB961371$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\windows\$NtUninstallKB961501$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\windows\$NtUninstallKB968537$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969059)-->"C:\windows\$NtUninstallKB969059$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\windows\$NtUninstallKB970238$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971486)-->"C:\windows\$NtUninstallKB971486$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\windows\$NtUninstallKB971557$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\windows\$NtUninstallKB971633$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\windows\$NtUninstallKB971657$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\windows\$NtUninstallKB973354$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\windows\$NtUninstallKB973507$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973525)-->"C:\windows\$NtUninstallKB973525$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\windows\$NtUninstallKB973869$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974112)-->"C:\windows\$NtUninstallKB974112$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974571)-->"C:\windows\$NtUninstallKB974571$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975025)-->"C:\windows\$NtUninstallKB975025$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975467)-->"C:\windows\$NtUninstallKB975467$\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB972636)-->"C:\WINDOWS\ie8updates\KB972636-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\windows\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB961503)-->"C:\windows\$NtUninstallKB961503$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\windows\$NtUninstallKB967715$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB968389)-->"C:\windows\$NtUninstallKB968389$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB973815)-->"C:\windows\$NtUninstallKB973815$\spuninst\spuninst.exe"
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
Net Transport 1.94.282-->"C:\Program Files\Xi\NetTransport 2\unins000.exe"
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
PrintFile-->C:\PROGRA~1\PRINTF~1\prfile32.exe /uninstall
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
SiS 661FX_760_741_M661FX_M760_M741-->Rundll32 SiSInst.dll,Uninstall VGA,r,0
Skype web features-->MsiExec.exe /I{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}
Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Surligneur (Windows Live Toolbar)-->MsiExec.exe /X{81B5F83F-2291-48B0-8375-36B63A9BF5B0}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
UseNeXT-->"C:\Program Files\UseNeXT\unins000.exe"
VLC media player 0.9.9-->d:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Contrôle parental-->MsiExec.exe /X{D5D81435-B8DE-4CAF-867F-7998F2B92CFC}
Windows Live Favorites pour Windows Live Toolbar-->MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}
Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA}
Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}
Windows XP Service Pack 3-->"C:\windows\$NtServicePackUninstall$\spuninst\spuninst.exe"
Youda Legend The Curse of the Amsterdam Diamond-->"C:\Program Files\BoontyGames\Youda Legend The Curse of the Amsterdam Diamond\unins000.exe"
YouTube Video Downloader 2.4.8-->"C:\Program Files\Tomato\YouTube Video Downloader\unins000.exe"
======Security center information======
AV: Kaspersky Anti-Virus (disabled) (outdated)
FW: Kaspersky Anti-Virus (disabled)
======System event log======
Computer Name: SDES
Event Code: 10005
Message: DCOM a reçu l'erreur "%1058" lors de la mise en route du service SeaPort avec les arguments "-Service"
pour démarrer le serveur :
{D6381B4A-D254-46EB-9018-A62E0F4BA6BA}
Record Number: 5701
Source Name: DCOM
Time Written: 20091102092815.000000+060
Event Type: erreur
User: SDES\omar
Computer Name: SDES
Event Code: 10005
Message: DCOM a reçu l'erreur "%1058" lors de la mise en route du service SeaPort avec les arguments "-Service"
pour démarrer le serveur :
{D6381B4A-D254-46EB-9018-A62E0F4BA6BA}
Record Number: 5700
Source Name: DCOM
Time Written: 20091102092648.000000+060
Event Type: erreur
User: SDES\omar
Computer Name: SDES
Event Code: 10005
Message: DCOM a reçu l'erreur "%1058" lors de la mise en route du service SeaPort avec les arguments "-Service"
pour démarrer le serveur :
{D6381B4A-D254-46EB-9018-A62E0F4BA6BA}
Record Number: 5699
Source Name: DCOM
Time Written: 20091102092459.000000+060
Event Type: erreur
User: SDES\omar
Computer Name: SDES
Event Code: 10005
Message: DCOM a reçu l'erreur "%1058" lors de la mise en route du service SeaPort avec les arguments "-Service"
pour démarrer le serveur :
{D6381B4A-D254-46EB-9018-A62E0F4BA6BA}
Record Number: 5698
Source Name: DCOM
Time Written: 20091102092436.000000+060
Event Type: erreur
User: SDES\omar
Computer Name: SDES
Event Code: 10005
Message: DCOM a reçu l'erreur "%1058" lors de la mise en route du service SeaPort avec les arguments "-Service"
pour démarrer le serveur :
{D6381B4A-D254-46EB-9018-A62E0F4BA6BA}
Record Number: 5697
Source Name: DCOM
Time Written: 20091102092422.000000+060
Event Type: erreur
User: SDES\omar
=====Application event log=====
Computer Name: SDES
Event Code: 100
Message: wlmail (3904) Le moteur de base de données 5.01.2600.2180 est démarré.
Record Number: 198
Source Name: ESENT
Time Written: 20090722124349.000000+060
Event Type: Informations
User:
Computer Name: SDES
Event Code: 302
Message: MsnMsgr (2004) \\.\C:\Documents and Settings\omar\Local Settings\Application Data\Microsoft\Messenger\withmeyoucandream@hotmail.fr\SharingMetadata\Working\database_2CEC_546D_EC54_3376\dfsr.db: Le moteur de base de données a exécuté la procédure de récupération avec succès.
Record Number: 197
Source Name: ESENT
Time Written: 20090722124326.000000+060
Event Type: Informations
User:
Computer Name: SDES
Event Code: 301
Message: MsnMsgr (2004) \\.\C:\Documents and Settings\omar\Local Settings\Application Data\Microsoft\Messenger\withmeyoucandream@hotmail.fr\SharingMetadata\Working\database_2CEC_546D_EC54_3376\dfsr.db: Le moteur de base de données commence la relecture du fichier journal \\.\C:\Documents and Settings\omar\Local Settings\Application Data\Microsoft\Messenger\withmeyoucandream@hotmail.fr\SharingMetadata\Working\database_2CEC_546D_EC54_3376\fsr.log.
Record Number: 196
Source Name: ESENT
Time Written: 20090722124326.000000+060
Event Type: Informations
User:
Computer Name: SDES
Event Code: 301
Message: MsnMsgr (2004) \\.\C:\Documents and Settings\omar\Local Settings\Application Data\Microsoft\Messenger\withmeyoucandream@hotmail.fr\SharingMetadata\Working\database_2CEC_546D_EC54_3376\dfsr.db: Le moteur de base de données commence la relecture du fichier journal \\.\C:\Documents and Settings\omar\Local Settings\Application Data\Microsoft\Messenger\withmeyoucandream@hotmail.fr\SharingMetadata\Working\database_2CEC_546D_EC54_3376\fsr00008.log.
Record Number: 195
Source Name: ESENT
Time Written: 20090722124325.000000+060
Event Type: Informations
User:
Computer Name: SDES
Event Code: 300
Message: MsnMsgr (2004) \\.\C:\Documents and Settings\omar\Local Settings\Application Data\Microsoft\Messenger\withmeyoucandream@hotmail.fr\SharingMetadata\Working\database_2CEC_546D_EC54_3376\dfsr.db: Le moteur de base de données initialise la procédure de récupération.
Record Number: 194
Source Name: ESENT
Time Written: 20090722124324.000000+060
Event Type: Informations
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=0209
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
-----------------EOF-----------------
le voici:
Logfile of random's system information tool 1.06 (written by random/random)
Run by omar at 2009-11-02 09:33:14
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 4 GB (24%) free of 16 GB
Total RAM: 991 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:33:25, on 02/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\windows\Explorer.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\windows\SOUNDMAN.EXE
C:\DOCUME~1\omar\MESDOC~1\OMAR18~1\ftp\FTP_SE~1.11_\ftpserv.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\DOCUME~1\omar\LOCALS~1\Temp\wcvdl.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Xi\NetTransport 2\NetTransport.exe
D:\omarvideo\RSIT.exe
C:\Program Files\trend micro\omar.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\avp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [FTP Server] C:\DOCUME~1\omar\MESDOC~1\OMAR18~1\ftp\FTP_SE~1.11_\ftpserv.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &Télécharger avec NetTransport - C:\Program Files\Xi\NetTransport 2\NTAddLink.html
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\ie_banner_deny.htm
O8 - Extra context menu item: Download Video on This Page - res://C:\Program Files\Tomato\YouTube Video Downloader\MDIEEx.dll/211
O8 - Extra context menu item: Download Video This Links To - res://C:\Program Files\Tomato\YouTube Video Downloader\MDIEEx.dll/212
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Tout t&élécharger avec NetTransport - C:\Program Files\Xi\NetTransport 2\NTAddList.html
O9 - Extra button: Download Video - {11F19C45-9675-488A-A8E0-8E8234DC245D} - res://C:\Program Files\Tomato\YouTube Video Downloader\MDIEEx.dll/211 (file missing)
O9 - Extra 'Tools' menuitem: Download Video on This Page - {11F19C45-9675-488A-A8E0-8E8234DC245D} - res://C:\Program Files\Tomato\YouTube Video Downloader\MDIEEx.dll/211 (file missing)
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\SCIEPlgn.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} - file://C:\Documents and Settings\All Users\Bureau\AW -EP versions from Oscar\v7.0 with component check Sept05\awswax70.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{436D79C1-F47A-4A19-A0F8-7663CB49660D}: NameServer = 10.10.1.202
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0FO\adialhk.dll
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
--
End of file - 9057 bytes
======Scheduled tasks folder======
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1390067357-789336058-725345543-1004Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1390067357-789336058-725345543-1004UA.job
C:\windows\tasks\User_Feed_Synchronization-{695B4424-8EA5-4A1F-84C4-B2586995AB69}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C56CB6B0-0D96-11D6-8C65-B2868B609932}]
NTIECatcher Class - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll [2005-09-08 49152]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-13 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-13 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-13 218912]
"SoundMan"=C:\windows\SOUNDMAN.EXE [2003-11-13 62464]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\avp.exe [2009-07-20 301584]
"Adobe Reader Speed Launcher"=D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 109424]
"Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 1009016]
"FTP Server"=C:\DOCUME~1\omar\MESDOC~1\OMAR18~1\ftp\FTP_SE~1.11_\ftpserv.exe [2004-03-14 902656]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\windows\system32\ctfmon.exe [2008-04-14 15360]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-07-26 3883856]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2009-10-13 289072]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1366824]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\omar\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-10-20 210928]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiS Windows KeyHook]
C:\WINDOWS\System32\keyhook.exe [2003-10-30 327680]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiSUSBRG]
C:\WINDOWS\SiSUSBrg.exe [2002-07-12 184320]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2009-09-02 25623336]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"SeaPort"=2
"ASKUpgrade"=2
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\KASPER~1\KASPER~1.0FO\adialhk.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\System32\klogon.dll [2007-11-19 219664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\windows\system32\WgaLogon.dll [2009-03-10 265088]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=1
"DisableRegistryTools"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:ipsec"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype "
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe:*:Enabled:ipsec"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
"C:\Documents and Settings\omar\Mes documents\omar 18-10-2009\ftp\ftp_server_ftp_server_1.11_francais_10300\ftpserv.exe"="C:\Documents and Settings\omar\Mes documents\omar 18-10-2009\ftp\ftp_server_ftp_server_1.11_francais_10300\ftpserv.exe:*:Enabled:TYPSoft FTP Server"
"C:\WINDOWS\system32\ftp.exe"="C:\WINDOWS\system32\ftp.exe:*:Enabled:Logiciel de transfert de fichiers"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"G:\dogduc.pif"="G:\dogduc.pif:*:Enabled:ipsec"
"C:\windows\Explorer.EXE"="C:\windows\Explorer.EXE:*:Enabled:ipsec"
"C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"="C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe:*:Enabled:ipsec"
"C:\WINDOWS\system32\userinit.exe"="C:\WINDOWS\system32\userinit.exe:*:Enabled:ipsec"
"C:\Program Files\Java\jre6\bin\jusched.exe"="C:\Program Files\Java\jre6\bin\jusched.exe:*:Enabled:ipsec"
"C:\windows\system32\ctfmon.exe"="C:\windows\system32\ctfmon.exe:*:Enabled:ipsec"
"C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe"="C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe:*:Enabled:ipsec"
"C:\Documents and Settings\omar\Local Settings\Application Data\Google\Update\GoogleUpdate.exe"="C:\Documents and Settings\omar\Local Settings\Application Data\Google\Update\GoogleUpdate.exe:*:Enabled:ipsec"
"D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"="D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe:*:Enabled:ipsec"
"C:\DOCUME~1\omar\LOCALS~1\Temp\iydr.exe"="C:\DOCUME~1\omar\LOCALS~1\Temp\iydr.exe:*:Enabled:ipsec"
"C:\DOCUME~1\omar\LOCALS~1\Temp\tgemof.exe"="C:\DOCUME~1\omar\LOCALS~1\Temp\tgemof.exe:*:Enabled:ipsec"
"C:\DOCUME~1\omar\LOCALS~1\Temp\wintmym.exe"="C:\DOCUME~1\omar\LOCALS~1\Temp\wintmym.exe:*:Enabled:ipsec"
"C:\DOCUME~1\omar\LOCALS~1\Temp\qypjg.exe"="C:\DOCUME~1\omar\LOCALS~1\Temp\qypjg.exe:*:Enabled:ipsec"
"C:\DOCUME~1\omar\LOCALS~1\Temp\winfvjxd.exe"="C:\DOCUME~1\omar\LOCALS~1\Temp\winfvjxd.exe:*:Enabled:ipsec"
"C:\DOCUME~1\omar\LOCALS~1\Temp\winbyeuuq.exe"="C:\DOCUME~1\omar\LOCALS~1\Temp\winbyeuuq.exe:*:Enabled:ipsec"
"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\avp.exe"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\avp.exe:*:Enabled:ipsec"
"C:\windows\system32\zstatus.exe"="C:\windows\system32\zstatus.exe:*:Enabled:ipsec"
"C:\DOCUME~1\omar\LOCALS~1\Temp\wcvdl.exe"="C:\DOCUME~1\omar\LOCALS~1\Temp\wcvdl.exe:*:Enabled:ipsec"
"C:\DOCUME~1\omar\LOCALS~1\Temp\lgqw.exe"="C:\DOCUME~1\omar\LOCALS~1\Temp\lgqw.exe:*:Enabled:ipsec"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{61ab7021-abf3-11de-b421-003005650b6c}]
shell\AUtopLaY\command - G:\lorga.exe
shell\AutoRun\command - G:\lorga.exe
shell\exPLOrE\command - G:\lorga.exe
shell\OpEn\command - G:\lorga.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8b1a729f-b3ce-11de-b42e-003005650b6c}]
shell\auToplay\command - khajw.exe
shell\AutoRun\command - khajw.exe
shell\eXpLore\command - khajw.exe
shell\oPEn\command - khajw.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d5a29376-9bc5-11d6-b3f7-003005650b6c}]
shell\AUtopLaY\command - G:\dogduc.pif
shell\AutoRun\command - G:\dogduc.pif
shell\explOrE\command - G:\dogduc.pif
shell\open\command - G:\dogduc.pif
======List of files/folders created in the last 1 months======
2009-11-02 09:33:14 ----D---- C:\rsit
2009-11-02 09:33:14 ----D---- C:\Program Files\trend micro
2009-10-29 14:11:14 ----D---- C:\Program Files\Cavaj Java Decompiler
2009-10-29 14:11:09 ----A---- C:\windows\IsUninst.exe
2009-10-25 10:32:40 ----D---- C:\Program Files\Xi
2009-10-25 09:52:27 ----D---- C:\Config.Msi
2009-10-25 09:47:59 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-10-25 09:47:59 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-10-25 09:16:57 ----D---- C:\windows\pss
2009-10-25 09:13:00 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-10-25 09:12:33 ----D---- C:\windows\Minidump
2009-10-20 09:48:17 ----D---- C:\Documents and Settings\omar\Application Data\dvdcss
2009-10-19 16:19:53 ----D---- C:\Program Files\Feneris
2009-10-18 16:11:06 ----A---- C:\windows\system32\cpwmon2k.dll
2009-10-18 16:10:49 ----D---- C:\Program Files\Acro Software
2009-10-18 14:42:13 ----D---- C:\Documents and Settings\omar\Application Data\Help
2009-10-15 16:18:04 ----D---- C:\Documents and Settings\omar\Application Data\UseNeXT
2009-10-15 16:17:56 ----D---- C:\Program Files\UseNeXT
2009-10-15 15:45:50 ----A---- C:\windows\gswin32.ini
2009-10-15 15:45:02 ----D---- C:\Program Files\gs
2009-10-15 13:06:52 ----D---- C:\Program Files\PrintFile
2009-10-15 13:06:52 ----A---- C:\windows\prfile.ini
2009-10-15 13:00:44 ----D---- C:\Program Files\Ghostgum
2009-10-14 16:43:28 ----HDC---- C:\windows\$NtUninstallKB958869$
2009-10-14 16:41:48 ----HDC---- C:\windows\$NtUninstallKB969059$
2009-10-14 16:41:13 ----HDC---- C:\windows\$NtUninstallKB954155_WM9$
2009-10-14 16:41:07 ----HDC---- C:\windows\$NtUninstallKB974112$
2009-10-14 16:40:59 ----HDC---- C:\windows\$NtUninstallKB975025$
2009-10-14 16:40:51 ----HDC---- C:\windows\$NtUninstallKB974571$
2009-10-14 16:38:12 ----HDC---- C:\windows\$NtUninstallKB971486$
2009-10-14 16:37:59 ----HDC---- C:\windows\$NtUninstallKB973525$
2009-10-14 16:37:06 ----HDC---- C:\windows\$NtUninstallKB975467$
2009-10-13 16:29:45 ----A---- C:\windows\system32\javaws.exe
2009-10-13 16:29:45 ----A---- C:\windows\system32\javaw.exe
2009-10-13 16:29:45 ----A---- C:\windows\system32\java.exe
2009-10-13 16:29:45 ----A---- C:\windows\system32\deploytk.dll
2009-10-06 17:28:42 ----HDC---- C:\windows\$NtUninstallKB961118$
2009-10-05 16:30:13 ----HDC---- C:\windows\$NtUninstallKB961503$
2009-10-05 16:23:42 ----D---- C:\windows\system32\XPSViewer
2009-10-05 16:23:37 ----D---- C:\Program Files\MSBuild
2009-10-05 16:23:35 ----D---- C:\windows\system32\en-US
2009-10-05 16:23:27 ----D---- C:\Program Files\Reference Assemblies
2009-10-05 16:22:48 ----N---- C:\windows\system32\xpsshhdr.dll
2009-10-05 16:22:48 ----N---- C:\windows\system32\prntvpt.dll
2009-10-05 16:22:47 ----N---- C:\windows\system32\xpssvcs.dll
2009-10-04 15:52:01 ----HDC---- C:\windows\$NtUninstallKB951978$
2009-10-04 15:51:46 ----HDC---- C:\windows\$NtUninstallKB956744$
2009-10-04 15:51:30 ----HDC---- C:\windows\$NtUninstallKB973540_WM9$
2009-10-04 15:51:19 ----HDC---- C:\windows\$NtUninstallKB954459$
2009-10-04 13:46:23 ----D---- C:\Program Files\Free PDF to Word Doc Converter
2009-10-04 11:54:55 ----D---- C:\Program Files\Microsoft Silverlight
2009-10-04 11:54:31 ----D---- C:\Program Files\Microsoft Office Outlook Connector
2009-10-04 11:47:06 ----D---- C:\Program Files\Microsoft Sync Framework
2009-10-04 11:46:01 ----A---- C:\windows\system32\d3dx9_32.dll
2009-10-04 11:45:48 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2009-10-04 11:43:46 ----D---- C:\Program Files\Microsoft
2009-10-04 11:43:22 ----D---- C:\Program Files\Windows Live SkyDrive
2009-10-04 10:36:22 ----D---- C:\Program Files\Fichiers communs\Windows Live
======List of files/folders modified in the last 1 months======
2009-11-02 09:33:14 ----RD---- C:\Program Files
2009-11-02 09:27:59 ----D---- C:\Documents and Settings\omar\Application Data\uTorrent
2009-11-02 08:47:25 ----D---- C:\windows\Temp
2009-11-02 08:47:23 ----D---- C:\windows\system32\drivers
2009-10-29 16:27:28 ----A---- C:\windows\SchedLgU.Txt
2009-10-29 14:11:17 ----D---- C:\WINDOWS
2009-10-29 12:50:21 ----D---- C:\windows\system32\CatRoot2
2009-10-29 10:33:12 ----D---- C:\windows\Prefetch
2009-10-28 15:09:41 ----D---- C:\windows\network diagnostic
2009-10-25 16:55:44 ----RSHDC---- C:\windows\system32\dllcache
2009-10-25 09:50:44 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2009-10-25 09:38:13 ----SHD---- C:\windows\Installer
2009-10-25 09:38:02 ----HD---- C:\windows\inf
2009-10-25 09:38:00 ----D---- C:\windows\system32\CatRoot
2009-10-25 09:34:13 ----D---- C:\windows\system32
2009-10-25 09:33:22 ----D---- C:\windows\system32\Restore
2009-10-25 09:21:10 ----D---- C:\Program Files\AskBarDis
2009-10-25 09:18:06 ----A---- C:\windows\win.ini
2009-10-25 09:18:06 ----A---- C:\windows\system.ini
2009-10-25 09:14:03 ----D---- C:\Documents and Settings\omar\Application Data\Skype
2009-10-25 09:02:36 ----D---- C:\Program Files\Google
2009-10-22 13:00:10 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-10-20 17:28:40 ----A---- C:\windows\system32\PerfStringBackup.INI
2009-10-20 16:10:57 ----SD---- C:\Documents and Settings\omar\Application Data\Microsoft
2009-10-20 15:52:34 ----SD---- C:\windows\Tasks
2009-10-18 11:59:07 ----D---- C:\windows\system
2009-10-18 11:59:07 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-10-15 08:49:27 ----D---- C:\windows\Microsoft.NET
2009-10-15 08:49:13 ----RSD---- C:\windows\assembly
2009-10-14 16:47:49 ----D---- C:\windows\WinSxS
2009-10-14 16:44:44 ----D---- C:\Program Files\Internet Explorer
2009-10-14 16:44:09 ----HD---- C:\windows\$hf_mig$
2009-10-14 16:43:32 ----A---- C:\windows\imsins.BAK
2009-10-13 16:29:16 ----D---- C:\Program Files\Java
2009-10-05 16:23:33 ----RSD---- C:\windows\Fonts
2009-10-05 16:23:05 ----D---- C:\windows\system32\spool
2009-10-04 11:54:31 ----D---- C:\Program Files\Fichiers communs\System
2009-10-04 11:53:58 ----DC---- C:\windows\system32\DRVSTORE
2009-10-04 11:53:56 ----D---- C:\Program Files\Windows Live
2009-10-04 11:47:36 ----D---- C:\Program Files\Windows Live Toolbar
2009-10-04 11:46:54 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-10-04 11:46:03 ----D---- C:\windows\system32\DirectX
2009-10-04 10:36:22 ----D---- C:\Program Files\Fichiers communs
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Pilote de processeur Intel; C:\windows\System32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 SiSkp;SiSkp; C:\windows\System32\DRIVERS\srvkp.sys [2003-10-30 11264]
R2 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\windows\system32\drivers\ALCXSENS.SYS [2003-11-13 391680]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\windows\system32\drivers\ALCXWDM.SYS [2003-11-13 481596]
R3 AN983;ADMtek AN983/AN985/ADM951X 10/100Mbps Fast Ethernet Adapter; C:\windows\System32\DRIVERS\AN983.sys [2002-10-28 38528]
R3 asc3360pr;asc3360pr; \??\C:\windows\system32\drivers\kjiqu.sys []
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\windows\System32\DRIVERS\klim5.sys [2007-05-30 24344]
R3 SiS315;SiS315; C:\windows\System32\DRIVERS\sisgrp.sys [2003-10-30 427776]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\windows\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\windows\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\windows\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbprint;Classe d'imprimantes USB Microsoft; C:\windows\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usb_rndisx;USB RNDIS Adapter; C:\windows\system32\DRIVERS\usb8023x.sys [2005-10-21 12800]
S3 USBSTOR;Pilote de stockage de masse USB; C:\windows\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\windows\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
S4 IntelIde;IntelIde; C:\windows\system32\drivers\IntelIde.sys []
S4 sr;Pilote de filtre de restauration système; C:\windows\System32\DRIVERS\sr.sys [2008-04-14 73600]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-13 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R3 idsvc;Windows CardSpace; C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 774496]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 162864]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 314240]
-----------------EOF-----------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by omar at 2009-11-02 09:33:14
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 4 GB (24%) free of 16 GB
Total RAM: 991 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:33:25, on 02/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\windows\Explorer.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\windows\SOUNDMAN.EXE
C:\DOCUME~1\omar\MESDOC~1\OMAR18~1\ftp\FTP_SE~1.11_\ftpserv.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\DOCUME~1\omar\LOCALS~1\Temp\wcvdl.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Xi\NetTransport 2\NetTransport.exe
D:\omarvideo\RSIT.exe
C:\Program Files\trend micro\omar.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\avp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [FTP Server] C:\DOCUME~1\omar\MESDOC~1\OMAR18~1\ftp\FTP_SE~1.11_\ftpserv.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &Télécharger avec NetTransport - C:\Program Files\Xi\NetTransport 2\NTAddLink.html
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\ie_banner_deny.htm
O8 - Extra context menu item: Download Video on This Page - res://C:\Program Files\Tomato\YouTube Video Downloader\MDIEEx.dll/211
O8 - Extra context menu item: Download Video This Links To - res://C:\Program Files\Tomato\YouTube Video Downloader\MDIEEx.dll/212
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Tout t&élécharger avec NetTransport - C:\Program Files\Xi\NetTransport 2\NTAddList.html
O9 - Extra button: Download Video - {11F19C45-9675-488A-A8E0-8E8234DC245D} - res://C:\Program Files\Tomato\YouTube Video Downloader\MDIEEx.dll/211 (file missing)
O9 - Extra 'Tools' menuitem: Download Video on This Page - {11F19C45-9675-488A-A8E0-8E8234DC245D} - res://C:\Program Files\Tomato\YouTube Video Downloader\MDIEEx.dll/211 (file missing)
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\SCIEPlgn.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} - file://C:\Documents and Settings\All Users\Bureau\AW -EP versions from Oscar\v7.0 with component check Sept05\awswax70.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{436D79C1-F47A-4A19-A0F8-7663CB49660D}: NameServer = 10.10.1.202
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0FO\adialhk.dll
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
--
End of file - 9057 bytes
======Scheduled tasks folder======
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1390067357-789336058-725345543-1004Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1390067357-789336058-725345543-1004UA.job
C:\windows\tasks\User_Feed_Synchronization-{695B4424-8EA5-4A1F-84C4-B2586995AB69}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C56CB6B0-0D96-11D6-8C65-B2868B609932}]
NTIECatcher Class - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll [2005-09-08 49152]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-13 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-13 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-13 218912]
"SoundMan"=C:\windows\SOUNDMAN.EXE [2003-11-13 62464]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\avp.exe [2009-07-20 301584]
"Adobe Reader Speed Launcher"=D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 109424]
"Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 1009016]
"FTP Server"=C:\DOCUME~1\omar\MESDOC~1\OMAR18~1\ftp\FTP_SE~1.11_\ftpserv.exe [2004-03-14 902656]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\windows\system32\ctfmon.exe [2008-04-14 15360]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-07-26 3883856]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2009-10-13 289072]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1366824]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\omar\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-10-20 210928]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiS Windows KeyHook]
C:\WINDOWS\System32\keyhook.exe [2003-10-30 327680]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiSUSBRG]
C:\WINDOWS\SiSUSBrg.exe [2002-07-12 184320]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2009-09-02 25623336]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"SeaPort"=2
"ASKUpgrade"=2
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\KASPER~1\KASPER~1.0FO\adialhk.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\System32\klogon.dll [2007-11-19 219664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\windows\system32\WgaLogon.dll [2009-03-10 265088]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=1
"DisableRegistryTools"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:ipsec"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype "
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe:*:Enabled:ipsec"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
"C:\Documents and Settings\omar\Mes documents\omar 18-10-2009\ftp\ftp_server_ftp_server_1.11_francais_10300\ftpserv.exe"="C:\Documents and Settings\omar\Mes documents\omar 18-10-2009\ftp\ftp_server_ftp_server_1.11_francais_10300\ftpserv.exe:*:Enabled:TYPSoft FTP Server"
"C:\WINDOWS\system32\ftp.exe"="C:\WINDOWS\system32\ftp.exe:*:Enabled:Logiciel de transfert de fichiers"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"G:\dogduc.pif"="G:\dogduc.pif:*:Enabled:ipsec"
"C:\windows\Explorer.EXE"="C:\windows\Explorer.EXE:*:Enabled:ipsec"
"C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"="C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe:*:Enabled:ipsec"
"C:\WINDOWS\system32\userinit.exe"="C:\WINDOWS\system32\userinit.exe:*:Enabled:ipsec"
"C:\Program Files\Java\jre6\bin\jusched.exe"="C:\Program Files\Java\jre6\bin\jusched.exe:*:Enabled:ipsec"
"C:\windows\system32\ctfmon.exe"="C:\windows\system32\ctfmon.exe:*:Enabled:ipsec"
"C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe"="C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe:*:Enabled:ipsec"
"C:\Documents and Settings\omar\Local Settings\Application Data\Google\Update\GoogleUpdate.exe"="C:\Documents and Settings\omar\Local Settings\Application Data\Google\Update\GoogleUpdate.exe:*:Enabled:ipsec"
"D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"="D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe:*:Enabled:ipsec"
"C:\DOCUME~1\omar\LOCALS~1\Temp\iydr.exe"="C:\DOCUME~1\omar\LOCALS~1\Temp\iydr.exe:*:Enabled:ipsec"
"C:\DOCUME~1\omar\LOCALS~1\Temp\tgemof.exe"="C:\DOCUME~1\omar\LOCALS~1\Temp\tgemof.exe:*:Enabled:ipsec"
"C:\DOCUME~1\omar\LOCALS~1\Temp\wintmym.exe"="C:\DOCUME~1\omar\LOCALS~1\Temp\wintmym.exe:*:Enabled:ipsec"
"C:\DOCUME~1\omar\LOCALS~1\Temp\qypjg.exe"="C:\DOCUME~1\omar\LOCALS~1\Temp\qypjg.exe:*:Enabled:ipsec"
"C:\DOCUME~1\omar\LOCALS~1\Temp\winfvjxd.exe"="C:\DOCUME~1\omar\LOCALS~1\Temp\winfvjxd.exe:*:Enabled:ipsec"
"C:\DOCUME~1\omar\LOCALS~1\Temp\winbyeuuq.exe"="C:\DOCUME~1\omar\LOCALS~1\Temp\winbyeuuq.exe:*:Enabled:ipsec"
"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\avp.exe"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\avp.exe:*:Enabled:ipsec"
"C:\windows\system32\zstatus.exe"="C:\windows\system32\zstatus.exe:*:Enabled:ipsec"
"C:\DOCUME~1\omar\LOCALS~1\Temp\wcvdl.exe"="C:\DOCUME~1\omar\LOCALS~1\Temp\wcvdl.exe:*:Enabled:ipsec"
"C:\DOCUME~1\omar\LOCALS~1\Temp\lgqw.exe"="C:\DOCUME~1\omar\LOCALS~1\Temp\lgqw.exe:*:Enabled:ipsec"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{61ab7021-abf3-11de-b421-003005650b6c}]
shell\AUtopLaY\command - G:\lorga.exe
shell\AutoRun\command - G:\lorga.exe
shell\exPLOrE\command - G:\lorga.exe
shell\OpEn\command - G:\lorga.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8b1a729f-b3ce-11de-b42e-003005650b6c}]
shell\auToplay\command - khajw.exe
shell\AutoRun\command - khajw.exe
shell\eXpLore\command - khajw.exe
shell\oPEn\command - khajw.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d5a29376-9bc5-11d6-b3f7-003005650b6c}]
shell\AUtopLaY\command - G:\dogduc.pif
shell\AutoRun\command - G:\dogduc.pif
shell\explOrE\command - G:\dogduc.pif
shell\open\command - G:\dogduc.pif
======List of files/folders created in the last 1 months======
2009-11-02 09:33:14 ----D---- C:\rsit
2009-11-02 09:33:14 ----D---- C:\Program Files\trend micro
2009-10-29 14:11:14 ----D---- C:\Program Files\Cavaj Java Decompiler
2009-10-29 14:11:09 ----A---- C:\windows\IsUninst.exe
2009-10-25 10:32:40 ----D---- C:\Program Files\Xi
2009-10-25 09:52:27 ----D---- C:\Config.Msi
2009-10-25 09:47:59 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-10-25 09:47:59 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-10-25 09:16:57 ----D---- C:\windows\pss
2009-10-25 09:13:00 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-10-25 09:12:33 ----D---- C:\windows\Minidump
2009-10-20 09:48:17 ----D---- C:\Documents and Settings\omar\Application Data\dvdcss
2009-10-19 16:19:53 ----D---- C:\Program Files\Feneris
2009-10-18 16:11:06 ----A---- C:\windows\system32\cpwmon2k.dll
2009-10-18 16:10:49 ----D---- C:\Program Files\Acro Software
2009-10-18 14:42:13 ----D---- C:\Documents and Settings\omar\Application Data\Help
2009-10-15 16:18:04 ----D---- C:\Documents and Settings\omar\Application Data\UseNeXT
2009-10-15 16:17:56 ----D---- C:\Program Files\UseNeXT
2009-10-15 15:45:50 ----A---- C:\windows\gswin32.ini
2009-10-15 15:45:02 ----D---- C:\Program Files\gs
2009-10-15 13:06:52 ----D---- C:\Program Files\PrintFile
2009-10-15 13:06:52 ----A---- C:\windows\prfile.ini
2009-10-15 13:00:44 ----D---- C:\Program Files\Ghostgum
2009-10-14 16:43:28 ----HDC---- C:\windows\$NtUninstallKB958869$
2009-10-14 16:41:48 ----HDC---- C:\windows\$NtUninstallKB969059$
2009-10-14 16:41:13 ----HDC---- C:\windows\$NtUninstallKB954155_WM9$
2009-10-14 16:41:07 ----HDC---- C:\windows\$NtUninstallKB974112$
2009-10-14 16:40:59 ----HDC---- C:\windows\$NtUninstallKB975025$
2009-10-14 16:40:51 ----HDC---- C:\windows\$NtUninstallKB974571$
2009-10-14 16:38:12 ----HDC---- C:\windows\$NtUninstallKB971486$
2009-10-14 16:37:59 ----HDC---- C:\windows\$NtUninstallKB973525$
2009-10-14 16:37:06 ----HDC---- C:\windows\$NtUninstallKB975467$
2009-10-13 16:29:45 ----A---- C:\windows\system32\javaws.exe
2009-10-13 16:29:45 ----A---- C:\windows\system32\javaw.exe
2009-10-13 16:29:45 ----A---- C:\windows\system32\java.exe
2009-10-13 16:29:45 ----A---- C:\windows\system32\deploytk.dll
2009-10-06 17:28:42 ----HDC---- C:\windows\$NtUninstallKB961118$
2009-10-05 16:30:13 ----HDC---- C:\windows\$NtUninstallKB961503$
2009-10-05 16:23:42 ----D---- C:\windows\system32\XPSViewer
2009-10-05 16:23:37 ----D---- C:\Program Files\MSBuild
2009-10-05 16:23:35 ----D---- C:\windows\system32\en-US
2009-10-05 16:23:27 ----D---- C:\Program Files\Reference Assemblies
2009-10-05 16:22:48 ----N---- C:\windows\system32\xpsshhdr.dll
2009-10-05 16:22:48 ----N---- C:\windows\system32\prntvpt.dll
2009-10-05 16:22:47 ----N---- C:\windows\system32\xpssvcs.dll
2009-10-04 15:52:01 ----HDC---- C:\windows\$NtUninstallKB951978$
2009-10-04 15:51:46 ----HDC---- C:\windows\$NtUninstallKB956744$
2009-10-04 15:51:30 ----HDC---- C:\windows\$NtUninstallKB973540_WM9$
2009-10-04 15:51:19 ----HDC---- C:\windows\$NtUninstallKB954459$
2009-10-04 13:46:23 ----D---- C:\Program Files\Free PDF to Word Doc Converter
2009-10-04 11:54:55 ----D---- C:\Program Files\Microsoft Silverlight
2009-10-04 11:54:31 ----D---- C:\Program Files\Microsoft Office Outlook Connector
2009-10-04 11:47:06 ----D---- C:\Program Files\Microsoft Sync Framework
2009-10-04 11:46:01 ----A---- C:\windows\system32\d3dx9_32.dll
2009-10-04 11:45:48 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2009-10-04 11:43:46 ----D---- C:\Program Files\Microsoft
2009-10-04 11:43:22 ----D---- C:\Program Files\Windows Live SkyDrive
2009-10-04 10:36:22 ----D---- C:\Program Files\Fichiers communs\Windows Live
======List of files/folders modified in the last 1 months======
2009-11-02 09:33:14 ----RD---- C:\Program Files
2009-11-02 09:27:59 ----D---- C:\Documents and Settings\omar\Application Data\uTorrent
2009-11-02 08:47:25 ----D---- C:\windows\Temp
2009-11-02 08:47:23 ----D---- C:\windows\system32\drivers
2009-10-29 16:27:28 ----A---- C:\windows\SchedLgU.Txt
2009-10-29 14:11:17 ----D---- C:\WINDOWS
2009-10-29 12:50:21 ----D---- C:\windows\system32\CatRoot2
2009-10-29 10:33:12 ----D---- C:\windows\Prefetch
2009-10-28 15:09:41 ----D---- C:\windows\network diagnostic
2009-10-25 16:55:44 ----RSHDC---- C:\windows\system32\dllcache
2009-10-25 09:50:44 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2009-10-25 09:38:13 ----SHD---- C:\windows\Installer
2009-10-25 09:38:02 ----HD---- C:\windows\inf
2009-10-25 09:38:00 ----D---- C:\windows\system32\CatRoot
2009-10-25 09:34:13 ----D---- C:\windows\system32
2009-10-25 09:33:22 ----D---- C:\windows\system32\Restore
2009-10-25 09:21:10 ----D---- C:\Program Files\AskBarDis
2009-10-25 09:18:06 ----A---- C:\windows\win.ini
2009-10-25 09:18:06 ----A---- C:\windows\system.ini
2009-10-25 09:14:03 ----D---- C:\Documents and Settings\omar\Application Data\Skype
2009-10-25 09:02:36 ----D---- C:\Program Files\Google
2009-10-22 13:00:10 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-10-20 17:28:40 ----A---- C:\windows\system32\PerfStringBackup.INI
2009-10-20 16:10:57 ----SD---- C:\Documents and Settings\omar\Application Data\Microsoft
2009-10-20 15:52:34 ----SD---- C:\windows\Tasks
2009-10-18 11:59:07 ----D---- C:\windows\system
2009-10-18 11:59:07 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-10-15 08:49:27 ----D---- C:\windows\Microsoft.NET
2009-10-15 08:49:13 ----RSD---- C:\windows\assembly
2009-10-14 16:47:49 ----D---- C:\windows\WinSxS
2009-10-14 16:44:44 ----D---- C:\Program Files\Internet Explorer
2009-10-14 16:44:09 ----HD---- C:\windows\$hf_mig$
2009-10-14 16:43:32 ----A---- C:\windows\imsins.BAK
2009-10-13 16:29:16 ----D---- C:\Program Files\Java
2009-10-05 16:23:33 ----RSD---- C:\windows\Fonts
2009-10-05 16:23:05 ----D---- C:\windows\system32\spool
2009-10-04 11:54:31 ----D---- C:\Program Files\Fichiers communs\System
2009-10-04 11:53:58 ----DC---- C:\windows\system32\DRVSTORE
2009-10-04 11:53:56 ----D---- C:\Program Files\Windows Live
2009-10-04 11:47:36 ----D---- C:\Program Files\Windows Live Toolbar
2009-10-04 11:46:54 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-10-04 11:46:03 ----D---- C:\windows\system32\DirectX
2009-10-04 10:36:22 ----D---- C:\Program Files\Fichiers communs
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Pilote de processeur Intel; C:\windows\System32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 SiSkp;SiSkp; C:\windows\System32\DRIVERS\srvkp.sys [2003-10-30 11264]
R2 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\windows\system32\drivers\ALCXSENS.SYS [2003-11-13 391680]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\windows\system32\drivers\ALCXWDM.SYS [2003-11-13 481596]
R3 AN983;ADMtek AN983/AN985/ADM951X 10/100Mbps Fast Ethernet Adapter; C:\windows\System32\DRIVERS\AN983.sys [2002-10-28 38528]
R3 asc3360pr;asc3360pr; \??\C:\windows\system32\drivers\kjiqu.sys []
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\windows\System32\DRIVERS\klim5.sys [2007-05-30 24344]
R3 SiS315;SiS315; C:\windows\System32\DRIVERS\sisgrp.sys [2003-10-30 427776]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\windows\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\windows\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\windows\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbprint;Classe d'imprimantes USB Microsoft; C:\windows\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usb_rndisx;USB RNDIS Adapter; C:\windows\system32\DRIVERS\usb8023x.sys [2005-10-21 12800]
S3 USBSTOR;Pilote de stockage de masse USB; C:\windows\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\windows\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
S4 IntelIde;IntelIde; C:\windows\system32\drivers\IntelIde.sys []
S4 sr;Pilote de filtre de restauration système; C:\windows\System32\DRIVERS\sr.sys [2008-04-14 73600]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-13 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R3 idsvc;Windows CardSpace; C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 774496]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 162864]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 314240]
-----------------EOF-----------------
C'est du Sality et c'est très embêtant à retirer.
Fais un scan avec A-squared Free et poste le rapport si tu peux.
Destrio5 a dit :
C'est du Sality et c'est très embêtant à retirer.Un message d'erreur s'afichhe lors de l'execution
" le prcesseur NTVDM a rencontré une instruction non autorisée
CS: IP:0210 OP:63 68 61 72 73 choisissez fermer pour mettre fin a l'application"
Lassé par la pub ? Créez un compte
- Contenus similaires :
- SolutionsIcone disparu
- SolutionsIcone outlook messagerie a disparu de mon bureau
- ForumIcone de volume disparu sos
- ForumL\'icône et appli skype a disparu du bureau de mon Mac Comment le retrouver ?
- ForumL'icône "Mes vidéos " disparu
- ForumPlus d'icones kaspersky internet security 2009 dans la barre des tache
- ForumL'icône Avast a disparu de l'écran
- ForumL\'icone du son a disparu (linux)
- ForumIcone de jeux steam disparu
- Voir plus
