Sujet Précédent Sujet Suivant

Qui peut m aidé win32:sudiet[trj]

tarmito -  
 tarmito -
Bonjour,j ai été infecté par le trojan win32:sudiet via MSN, il est impossible a supprimer( j ai avast) qui pourrait m aidé voici 2 doc obtenu avec RSIT(random's system infotmation tools )
INFO:
info.txt logfile of random's system information tool 1.05 2009-03-14 13:39:18

======Uninstall list======

-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->MsiExec /X{DD1865F0-AD73-40FB-B23E-1822E02396FF}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
ALZip-->"C:\Program Files\ESTsoft\ALZip\unins000.exe"
Apprenez les premiers secours-->C:\PROGRA~1\APPREN~1\UNWISE.EXE C:\PROGRA~1\APPREN~1\INSTALL.LOG
ArcSoft Panorama Maker 4-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D45E8C45-B601-4A80-AFD8-E16338744DE1}\Setup.exe" -l0x40c
Assassin's Creed-->C:\Program Files\InstallShield Installation Information\{8CFA9151-6404-409A-AF22-4632D04582FD}\setup.exe -runfromtemp -l0x040c -removeonly
avast! Antivirus-->C:\kent1\Avast4\aswRunDll.exe "C:\kent1\Avast4\Setup\setiface.dll",RunSetup
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CDBurnerXP-->"C:\Users\kent1\CDBurnerXP\unins000.exe"
CR-Hexact 2.3-->C:\Users\kent1\hexa\desinstaller.exe
Détecteur de flux Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{EFFCB0F1-CFEC-48D4-B793-EBFCAE852976}
DivX Content Uploader-->C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
EA Download Manager-->C:\kent1\EADM\Uninstall.exe
ecoDrive-->MsiExec.exe /X{9AB0757C-E4BE-D188-C514-B3FF163FC5E9}
eMule-->"C:\eMule\Uninstall.exe"
Enemy Territory - QUAKE Wars(TM) 1.1 Patch-->C:\Program Files\InstallShield Installation Information\{0C5D0DC4-F5D3-46F9-AE2E-E45C99B4A6B6}\setup.exe -runfromtemp -l0x040c
EVEREST Ultimate Edition v4.50-->"C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
Fable - The Lost Chapters-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}
Fallout 2-->C:\Windows\ipuninst.exe -fC:\Program Files\BlackIsle\Fallout2\uninst.log
Fallout 3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{974C4B12-4D02-4879-85E0-61C95CC63E9E}\setup.exe" -l0x40c -removeonly
Final Fantasy VII-->C:\Windows\IsUn040c.exe -fc:\kent1\ff7\Uninst.isu
FLAC codecs-->C:\Program Files\illiminable\oggcodecs\uninst.exe
GameSpy Arcade-->C:\kent1\GAMESP~1\UNWISE.EXE C:\kent1\GAMESP~1\INSTALL.LOG
Gestionnaire pour appareils Windows Mobile-->MsiExec.exe /X{904CCF62-818D-4675-BC76-D37EB399F917}
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0531C63A913CC9D1.exe" /uninstall
Hercules DualPix HD Webcam-->C:\Program Files\InstallShield Installation Information\{F0CFDC72-63D2-4086-A54F-1514494394A0}\setup.exe -runfromtemp -l0x040c -removeonly
Hercules WiFi Station-->C:\Program Files\InstallShield Installation Information\{DECE22F4-EEDD-4615-BC56-2F4827FAD64B}\setup.exe -runfromtemp -l0x040c -removeonly
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB5E289E-76BF-4251-9F3F-9B763F681AE0}\setup.exe" -l0x9 -removeonly
HP Customer Feedback-->MsiExec.exe /I{9DBA770F-BF73-4D39-B1DF-6035D95268FC}
HP Easy Setup - Frontend-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40F7AED3-0C7D-4582-99F6-484A515C73F2}\setup.exe" -l0x9 -removeonly
HP My Display-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{15733AD1-1CEF-459A-9245-0924FC63BDD5}\setup.exe" -l0x40c -removeonly
HP On-Screen Cap/Num/Scroll Lock Indicator-->C:\Windows\system32\OsdRemove.exe
HP Photosmart Essential 2.0-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Picasso Media Center Add-In-->MsiExec.exe /I{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}
HP Update-->MsiExec.exe /X{7059BDA7-E1DB-442C-B7A1-6144596720A4}
ISO Recorder-->MsiExec.exe /I{39600969-41C3-4658-876E-16F108FC5C92}
J2SE Runtime Environment 5.0-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150000}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Kaspersky Online Scanner-->C:\Windows\system32\KASPER~1\KASPER~1\kavuninstall.exe
livebox-->C:\Program Files\InstallShield Installation Information\{17342E3B-0818-4A6F-BFF8-99476605ADD6}\Setup.exe -runfromtemp -l0x040c -removeonly
LiveUpdate 3.2 (Symantec Corporation)-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
LiveUpdate Notice (Symantec Corporation)-->MsiExec.exe /X{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}
Logitech SetPoint-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe" -l0x40c
Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}
Microsoft Games for Windows - LIVE -->MsiExec.exe /X{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{FD052FB9-FE90-4438-B355-15EDC89D8FB1}
Microsoft LifeChat-->MsiExec.exe /X{66039B36-96AE-40D1-8A32-071F7A61B738}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works-->MsiExec.exe /I{6B1CB38D-E2E4-4A30-933D-EFDEBA76AD9C}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
muvee autoProducer 6.0-->C:\Program Files\InstallShield Installation Information\{6AF49698-949A-4C89-9B31-041D2CCB5FBD}\setup.exe -runfromtemp -l0x040c -removeonly
Netscape Navigator (9.0.0.5)-->C:\Program Files\Netscape\Navigator 9\uninstall\helper.exe
Nikon Message Center-->MsiExec.exe /X{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}
Nikon Transfer-->MsiExec.exe /X{E9757890-7EC5-46C8-99AB-B00F07B6525C}
NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI
NVIDIA PhysX-->MsiExec.exe /X{DD1865F0-AD73-40FB-B23E-1822E02396FF}
OpenOffice.org 3.0-->MsiExec.exe /I{6860B340-530D-46B3-91F8-1AE1F70F7C33}
Orange -->C:\Program Files\Orange\GLOBAL\Mnu\uninst.exe /G:{80CA15EA-C0A5-7CAF-B9E9-B8B2A87EFE11}
Orange Les offres Internet-->C:\Program Files\Orange\GLOBAL\Sung\uninst.exe /G:{90CA15EA-C0A5-7CAF-B9E9-B8B2A87EFE11}
Outils de diagnostic du matériel-->C:\Program Files\PC-Doctor 5 for Windows\uninst.exe
Panda ActiveScan 2.0-->C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
PowerISO-->"C:\Program Files\PowerISO\uninstall.exe"
Python 2.4.3-->MsiExec.exe /I{75E71ADD-042C-4F30-BFAC-A9EC42351313}
QuickTime-->MsiExec.exe /I{5B09BD67-4C99-46A1-8161-B7208CE18121}
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Ressources Windows Mobile-->C:\Program Files\Ressources Windows Mobile\Windows Mobile Device Handbook\Bin\DHUninstall.exe
Roxio Activation Module-->MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
Roxio Creator Audio-->MsiExec.exe /X{83FFCFC7-88C6-41c6-8752-958A45325C82}
Roxio Creator Basic v9-->MsiExec.exe /X{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
Roxio Creator Copy-->MsiExec.exe /X{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
Roxio Creator Data-->MsiExec.exe /X{0D397393-9B50-4c52-84D5-77E344289F87}
Roxio Creator EasyArchive-->MsiExec.exe /X{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}
Roxio Creator Tools-->MsiExec.exe /X{0394CDC8-FABD-4ed8-B104-03393876DFDF}
Roxio Express Labeler 3-->MsiExec.exe /X{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Roxio MyDVD Basic v9-->MsiExec.exe /X{938B1CD7-7C60-491E-AA90-1F1888168240}
SAMSUNG CDMA Modem Driver Set-->C:\Windows\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\Windows\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\Windows\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Samsung PC Studio 3 USB Driver Installer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}\setup.exe" -l0x40c -removeonly
SDK-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}\setup.exe" -l0x9
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
Security Update for Visio 2007 (KB947590)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6BAD036C-261F-4BEF-96CF-C20678D07A41}
Shop for HP Supplies-->C:\Program Files\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat
Snapfish Quick Uploader plugin-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2B6CC814-EA2A-436B-BCDB-6A30E998523A}\setup.exe" -l0x9 something -removeonly
Solution de clavier multimédia amélioré-->C:\HP\KBD\Install.exe /u
SPORE™ : Pack d’éléments étranges et mignons-->"C:\Program Files\InstallShield Installation Information\{C07F8D75-7A8D-400E-A8F9-A3F396B49BB1}\setup.exe" -runfromtemp -l0x040c -removeonly
SPORE™-->"C:\Program Files\InstallShield Installation Information\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}\setup.exe" -runfromtemp -l0x040c -removeonly
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
TeamSpeak 2 RC2-->C:\kent1\Teamspeak2_RC2\unins000.exe
UltraISO Premium V9.3-->"C:\kent1\UltraISO\unins000.exe"
Update for Microsoft Office Excel 2007 Help (KB957242)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {49E314EE-81FA-4007-8F1A-8D39BDBB4498}
Update for Office 2007 (KB946691)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Vista Codec Package-->MsiExec.exe /I{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}
VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Widget programmes-->msiexec /qb /x {29C877B1-19D9-3F74-E86C-2ECF5028C087}
widget_programmes-->MsiExec.exe /I{29C877B1-19D9-3F74-E86C-2ECF5028C087}
Winamp Remote-->"C:\Program Files\Winamp Remote\uninstall.exe"
Winamp Toolbar for Firefox-->"C:\Users\kent1\AppData\Roaming\Mozilla\Firefox\Profiles\90y9tvy6.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\uninstall.exe"
Winamp Toolbar for Internet Explorer-->"C:\Program Files\Winamp Toolbar\uninstall.exe"
Winamp-->"C:\Users\kent1\Winamp\UninstWA.exe"
Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
Windows Live Sign-in Assistant-->MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7}
Windows Live Toolbar-->"C:\Program Files\Windows Live Toolbar\UnInstall.exe" {0A8C97AD-DEED-4894-B446-3ABA95A77D0D}
Windows Live Toolbar-->MsiExec.exe /X{0A8C97AD-DEED-4894-B446-3ABA95A77D0D}
Windows Mobile Device Center Driver Update-->MsiExec.exe /X{E7044E25-3038-4A76-9064-344AC038043E}
World of Warcraft-->C:\Program Files\Common Files\Blizzard Entertainment\Wrath of the Lich King\Uninstall.exe
Wow Cartographe 1.09-->C:\Users\kent1\WowCartographe\uninst.exe
Yahoo! Install Manager-->C:\Windows\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL
Yahoo! Internet Mail-->C:\Windows\system32\regsvr32 /u /s C:\PROGRA~1\Yahoo!\Common\YMMAPI.dll
Yahoo! Mail Advisor-->C:\PROGRA~1\Yahoo!\Common\UNINST~1.EXE
Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
YAMAHA SoftSynthesizer S-YXG70-->C:\Windows\unin040c.exe -fC:\Windows\DeIsL1.isu -c"C:\Windows\system32\sxgunins.dll

======Security center information======

AV: avast! antivirus 4.8.1229 [VPS 081211-0]
AV: Norton Internet Security (outdated)
FW: Norton Internet Security
AS: Windows Defender
AS: Norton Internet Security (outdated)
AS: avast! antivirus 4.8.1229 [VPS 081211-0]

System event log

Computer Name: PC-de-kent1
Event Code: 7036
Message: Le service LiveUpdate est entré dans l'état : arrêté.
Record Number: 123076
Source Name: Service Control Manager
Time Written: 20090314095149.000000-000
Event Type: Information
User:

Computer Name: PC-de-kent1
Event Code: 7036
Message: Le service Service de découverte automatique de Proxy Web pour les services HTTP Windows est entré dans l'état : en cours d'exécution.
Record Number: 123077
Source Name: Service Control Manager
Time Written: 20090314101558.000000-000
Event Type: Information
User:

Computer Name: PC-de-kent1
Event Code: 7036
Message: Le service Service de découverte automatique de Proxy Web pour les services HTTP Windows est entré dans l'état : arrêté.
Record Number: 123078
Source Name: Service Control Manager
Time Written: 20090314103228.000000-000
Event Type: Information
User:

Computer Name: PC-de-kent1
Event Code: 7036
Message: Le service Service de découverte automatique de Proxy Web pour les services HTTP Windows est entré dans l'état : en cours d'exécution.
Record Number: 123079
Source Name: Service Control Manager
Time Written: 20090314120812.000000-000
Event Type: Information
User:

Computer Name: PC-de-kent1
Event Code: 7036
Message: Le service Service de découverte automatique de Proxy Web pour les services HTTP Windows est entré dans l'état : arrêté.
Record Number: 123080
Source Name: Service Control Manager
Time Written: 20090314122442.000000-000
Event Type: Information
User:

Application event log

Computer Name: PC-de-kent1
Event Code: 1033
Message: Windows Installer a installé le produit. Nom du produit : Kaspersky Anti-Virus 2009. Version du produit : 8.0.0.506. Langue du produit : 1036. Réussite de l’installation ou état d’erreur : 1602.
Record Number: 77214
Source Name: MsiInstaller
Time Written: 20090314084737.000000-000
Event Type: Information
User: PC-de-kent1\kent1

Computer Name: PC-de-kent1
Event Code: 101
Message: Niveau d'information : success

Le Planificateur a lancé LiveUpdate automatique.
Record Number: 77215
Source Name: Automatic LiveUpdate Scheduler
Time Written: 20090314095135.000000-000
Event Type: Information
User: AUTORITE NT\SYSTEM

Computer Name: PC-de-kent1
Event Code: 101
Message: Niveau d'information : success

LiveUpdate automatique a terminé.
Record Number: 77216
Source Name: Automatic LiveUpdate Scheduler
Time Written: 20090314095145.000000-000
Event Type: Information
User: AUTORITE NT\SYSTEM

Computer Name: PC-de-kent1
Event Code: 101
Message: Niveau d'information : success

L'exécution suivante a été planifiée pour intervenir approximativement à 2:55 PM.
Record Number: 77217
Source Name: Automatic LiveUpdate Scheduler
Time Written: 20090314095145.000000-000
Event Type: Information
User: AUTORITE NT\SYSTEM

Computer Name: PC-de-kent1
Event Code: 5
Message: Unsupported service control request (see data below)
Record Number: 77218
Source Name: LightScribeService
Time Written: 20090314123917.000000-000
Event Type: Information
User:

Security event log

Computer Name: PC-de-kent1
Event Code: 4907
Message: Les paramètres d’audit sur l’objet ont changé.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-KENT1$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7

Objet :
Serveur de l’objet : Security
Type d’objet : File
Nom de l’objet : C:\Boot\pl-PL\bootmgr.exe.mui
ID du handle : 0xfc

Informations sur le processus :
ID du processus : 0xd88
Nom du processus : C:\WINDOWS\bfsvc.exe

Paramètres d’audit :
Descripteur de sécurité d’origine :
Nouveau descripteur de sécurité : S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 20546
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20080623055831.654414-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-kent1
Event Code: 4907
Message: Les paramètres d’audit sur l’objet ont changé.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-KENT1$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7

Objet :
Serveur de l’objet : Security
Type d’objet : File
Nom de l’objet : C:\Boot\pt-BR\bootmgr.exe.mui
ID du handle : 0xe0

Informations sur le processus :
ID du processus : 0xd88
Nom du processus : C:\WINDOWS\bfsvc.exe

Paramètres d’audit :
Descripteur de sécurité d’origine :
Nouveau descripteur de sécurité : S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 20547
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20080623055831.670014-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-kent1
Event Code: 4907
Message: Les paramètres d’audit sur l’objet ont changé.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-KENT1$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7

Objet :
Serveur de l’objet : Security
Type d’objet : File
Nom de l’objet : C:\Boot\pt-PT\bootmgr.exe.mui
ID du handle : 0xf8

Informations sur le processus :
ID du processus : 0xd88
Nom du processus : C:\WINDOWS\bfsvc.exe

Paramètres d’audit :
Descripteur de sécurité d’origine :
Nouveau descripteur de sécurité : S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 20548
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20080623055831.685614-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-kent1
Event Code: 4907
Message: Les paramètres d’audit sur l’objet ont changé.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-KENT1$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7

Objet :
Serveur de l’objet : Security
Type d’objet : File
Nom de l’objet : C:\Boot\ru-RU\bootmgr.exe.mui
ID du handle : 0xec

Informations sur le processus :
ID du processus : 0xd88
Nom du processus : C:\WINDOWS\bfsvc.exe

Paramètres d’audit :
Descripteur de sécurité d’origine :
Nouveau descripteur de sécurité : S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 20549
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20080623055831.685614-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-kent1
Event Code: 4907
Message: Les paramètres d’audit sur l’objet ont changé.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-KENT1$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7

Objet :
Serveur de l’objet : Security
Type d’objet : File
Nom de l’objet : C:\Boot\sv-SE\bootmgr.exe.mui
ID du handle : 0x100

Informations sur le processus :
ID du processus : 0xd88
Nom du processus : C:\WINDOWS\bfsvc.exe

Paramètres d’audit :
Descripteur de sécurité d’origine :
Nouveau descripteur de sécurité : S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 20550
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20080623055831.701214-000
Event Type: Succès de l'audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\hp\bin\Python;c:\Program Files\Common Files\Roxio Shared\DLLShared\;c:\Program Files\Common Files\Roxio Shared\DLLShared\;c:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\Program Files\VistaCodecPack\QT\QTSystem\;C:\Program Files\ESTsoft\ALZip\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 107 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=6b01
"NUMBER_OF_PROCESSORS"=2
"RoxioCentral"=c:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
"PLATFORM"=HPD
"PCBRAND"=Pavilion
"OnlineServices"=Services en ligne
"CLASSPATH"=.;C:\Program Files\Java\jre1.5.0\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.5.0\lib\ext\QTJava.zip

-----------------EOF-----------------

LOG:
Logfile of random's system information tool 1.05 (written by random/random)
Run by kent1 at 2009-03-14 13:39:13
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 148 GB (50%) free of 297 GB
Total RAM: 3070 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:39:16, on 14/03/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\WINDOWS\RtHDVCpl.exe
C:\Program Files\Portrait Displays\HP My Display\dthtml.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Hercules\Hercules DualPix HD Webcam\CamService.exe
C:\kent1\Avast4\ashDisp.exe
C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
C:\WINDOWS\WindowsMobile\wmdc.exe
C:\Program Files\Microsoft LifeChat\LifeChat.exe
C:\Users\kent1\Winamp\winampa.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Yahoo!\Common\YMailAdvisor.exe
C:\WINDOWS\fxsteller.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\kent1\EADM\Core.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
C:\Program Files\Hercules\WiFi Station\WiFiStation.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Windows\System32\mobsync.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\hp\kbd\kbd.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\program files\winamp toolbar\WinampTbServer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Users\kent1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T6XG1L46\RSIT[1].exe
C:\Program Files\Trend Micro\HijackThis\kent1.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.01net.com/telecharger/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [DT HPW] C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe -startup_folder
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [CamserviceHD] C:\Program Files\Hercules\Hercules DualPix HD Webcam\Camservice.exe /startup
O4 - HKLM\..\Run: [avast!] C:\kent1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\VistaCodecPack\QT\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [LifeChat] "c:\Program Files\Microsoft LifeChat\LifeChat.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Users\kent1\Winamp\winampa.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [YMailAdvisor] "C:\Program Files\Yahoo!\Common\YMailAdvisor.exe"
O4 - HKLM\..\Run: [Windows UDP Control Center] fxsteller.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [EA Core] "C:\kent1\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [eMuleAutoStart] C:\eMule\emule.exe -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: widget_programmes.lnk = C:\kent1\widget_programmes\widget_programmes.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Nikon Monitor.lnk = C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
O4 - Global Startup: WiFi Station.lnk = C:\Program Files\Hercules\WiFi Station\WiFiStation.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\kent1\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\kent1\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\kent1\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\kent1\Avast4\ashWebSv.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Users\kent1\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 12331 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Vérifier les mises à jour de Windows Live Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll [2008-07-16 1266992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-02-15 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-08-31 322368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-12-29 251504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2008-12-29 657904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2008-12-29 522224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-02-15 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll [2008-07-28 160496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2008-07-28 882416]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2008-07-16 1266992]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-12-29 251504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"hpsysdrv"=c:\hp\support\hpsysdrv.exe [2006-09-28 65536]
"KBD"=C:\HP\KBD\KbdStub.EXE [2006-12-08 65536]
"OsdMaestro"=C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe [2007-02-15 118784]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-01-15 4874240]
""= []
"DT HPW"=C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe [2007-01-16 280576]
"Symantec PIF AlertEng"=C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2007-03-12 517768]
"CamserviceHD"=C:\Program Files\Hercules\Hercules DualPix HD Webcam\Camservice.exe [2007-08-13 73728]
"EoEngine"= []
"EoNet"= []
"avast!"=C:\kent1\Avast4\ashDisp.exe [2009-02-05 81000]
"QuickTime Task"=C:\Program Files\VistaCodecPack\QT\QTTask.exe [2007-10-19 286720]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072]
"LifeChat"=c:\Program Files\Microsoft LifeChat\LifeChat.exe [2008-08-21 267296]
"WinampAgent"=C:\Users\kent1\Winamp\winampa.exe [2008-08-04 36352]
"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2008-11-02 167936]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-02-15 136600]
"YMailAdvisor"=C:\Program Files\Yahoo!\Common\YMailAdvisor.exe [2008-06-05 125208]
"Windows UDP Control Center"=C:\Windows\fxsteller.exe [2009-03-11 48690]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-02-18 13683232]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2009-02-18 92704]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"=C:\Windows\SMINST\launcher.exe [2007-03-07 44168]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-19 1233920]
"MsnMsgr"=C:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-12-29 39408]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-12-29 687560]
"EA Core"=C:\kent1\EADM\Core.exe [2009-02-06 3325952]
"eMuleAutoStart"=C:\eMule\emule.exe [2009-02-22 5668864]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe
Nikon Monitor.lnk - C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
WiFi Station.lnk - C:\Program Files\Hercules\WiFi Station\WiFiStation.exe

C:\Users\kent1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.0.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe
widget_programmes.lnk - C:\kent1\widget_programmes\widget_programmes.exe

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{31167705-4980-11dd-a31e-001bb97ce407}]
shell\AutoRun\command - L:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3f86f453-831a-11dd-861b-001bb97ce407}]
shell\Auto\command - K:\AdobeR.exe e
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\AdobeR.exe e

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e7fef7c7-f8da-11dd-8c48-001bb97ce407}]
shell\AutoRun\command - M:\autorun.exe

======List of files/folders created in the last 1 months======

2009-03-14 13:39:13 ----D---- C:\rsit
2009-03-14 13:32:40 ----D---- C:\Program Files\Trend Micro
2009-03-14 09:49:19 ----D---- C:\Program Files\CCleaner
2009-03-14 09:46:53 ----D---- C:\ProgramData\Kaspersky Lab Setup Files
2009-03-14 07:38:14 ----D---- C:\Windows\system32\Kaspersky Lab
2009-03-14 01:34:11 ----D---- C:\Program Files\Panda Security
2009-03-14 01:17:22 ----D---- C:\Windows\avxoscan
2009-03-14 01:11:44 ----D---- C:\Windows\BDOSCAN8
2009-03-13 13:15:11 ----A---- C:\Windows\system32\nvcpluir.dll
2009-03-13 13:15:11 ----A---- C:\Windows\system32\nvcplui.exe
2009-03-13 13:13:43 ----A---- C:\Windows\system32\NVUNINST.EXE
2009-03-13 13:01:36 ----D---- C:\Windows\Sun
2009-03-12 22:19:51 ----RSH---- C:\Windows\fxsteller.exe
2009-03-12 14:58:25 ----D---- C:\Users\kent1\AppData\Roaming\ESTsoft
2009-03-12 14:57:47 ----D---- C:\ProgramData\ESTsoft
2009-03-12 14:57:39 ----D---- C:\Program Files\ESTsoft
2009-03-11 18:22:33 ----A---- C:\Windows\system32\wmp.dll
2009-03-11 18:22:31 ----A---- C:\Windows\system32\wmploc.DLL
2009-03-11 18:22:31 ----A---- C:\Windows\system32\spwmp.dll
2009-03-11 18:22:31 ----A---- C:\Windows\system32\dxmasf.dll
2009-03-11 18:16:16 ----A---- C:\Windows\system32\schannel.dll
2009-03-10 12:13:34 ----D---- C:\Users\kent1\AppData\Roaming\vlc
2009-03-08 10:29:51 ----D---- C:\Users\kent1\AppData\Roaming\Ubisoft
2009-03-08 10:29:51 ----D---- C:\ProgramData\Ubisoft
2009-03-06 11:40:35 ----D---- C:\Users\kent1\AppData\Roaming\SPORE
2009-03-06 11:20:03 ----D---- C:\Program Files\Electronic Arts
2009-03-06 09:44:34 ----D---- C:\ProgramData\Electronic Arts
2009-02-22 19:26:02 ----D---- C:\Plugins
2009-02-22 19:26:02 ----D---- C:\Components
2009-02-18 14:44:00 ----A---- C:\Windows\system32\nvwssr.dll
2009-02-18 14:44:00 ----A---- C:\Windows\system32\nvwss.dll
2009-02-18 14:44:00 ----A---- C:\Windows\system32\nvwgf2um.dll
2009-02-18 14:44:00 ----A---- C:\Windows\system32\nvvsvc.exe
2009-02-18 14:44:00 ----A---- C:\Windows\system32\nvvitvsr.dll
2009-02-18 14:44:00 ----A---- C:\Windows\system32\nvvitvs.dll
2009-02-18 14:44:00 ----A---- C:\Windows\system32\nvudisp.exe
2009-02-18 14:44:00 ----A---- C:\Windows\system32\nvsvsr.dll
2009-02-18 14:44:00 ----A---- C:\Windows\system32\nvsvs.dll
2009-02-18 14:44:00 ----A---- C:\Windows\system32\nvsvcr.dll
2009-02-18 14:44:00 ----A---- C:\Windows\system32\nvsvc.dll
2009-02-18 14:44:00 ----A---- C:\Windows\system32\nvoglv32.dll
2009-02-18 14:44:00 ----A---- C:\Windows\system32\nvmoblsr.dll
2009-02-18 14:44:00 ----A---- C:\Windows\system32\nvmobls.dll
2009-02-18 14:44:00 ----A---- C:\Windows\system32\nvmctray.dll
2009-02-18 14:44:00 ----A---- C:\Windows\system32\nvmccssr.dll
2009-02-18 14:44:00 ----A---- C:\Windows\system32\nvmccss.dll
2009-02-18 14:44:00 ----A---- C:\Windows\system32\nvmccsrs.dll
2009-02-18 14:44:00 ----A---- C:\Windows\system32\nvmccs.dll
2009-02-18 14:44:00 ----A---- C:\Windows\system32\nvgamesr.dll
2009-02-18 14:44:00 ----A---- C:\Windows\system32\nvgames.dll
2009-02-18 14:44:00 ----A---- C:\Windows\system32\nvdispsr.dll
2009-02-18 14:44:00 ----A---- C:\Windows\system32\nvdisps.dll
2009-02-18 14:44:00 ----A---- C:\Windows\system32\nvd3dum.dll
2009-02-18 14:44:00 ----A---- C:\Windows\system32\nvcuvid.dll
2009-02-18 14:44:00 ----A---- C:\Windows\system32\nvcuda.dll
2009-02-18 14:44:00 ----A---- C:\Windows\system32\nvcpl.dll
2009-02-18 14:44:00 ----A---- C:\Windows\system32\nvcod140.dll
2009-02-18 14:44:00 ----A---- C:\Windows\system32\nvcod.dll
2009-02-18 14:44:00 ----A---- C:\Windows\system32\nvapi.dll
2009-02-15 17:49:00 ----A---- C:\Windows\system32\deploytk.dll
2009-02-15 17:48:59 ----A---- C:\Windows\system32\javaws.exe
2009-02-15 17:48:59 ----A---- C:\Windows\system32\javaw.exe
2009-02-15 17:48:59 ----A---- C:\Windows\system32\java.exe
2009-02-15 13:30:05 ----D---- C:\Users\kent1\AppData\Roaming\OpenOffice.org
2009-02-15 13:27:40 ----D---- C:\Program Files\JRE
2009-02-15 13:27:34 ----D---- C:\Program Files\OpenOffice.org 3
2009-02-15 01:37:49 ----A---- C:\Windows\system32\EncDec.dll
2009-02-15 01:37:46 ----A---- C:\Windows\system32\psisdecd.dll

======List of files/folders modified in the last 1 months======

2009-03-14 13:39:16 ----D---- C:\Windows\Prefetch
2009-03-14 13:39:15 ----D---- C:\Windows\Temp
2009-03-14 13:32:40 ----RD---- C:\Program Files
2009-03-14 13:30:53 ----D---- C:\Users\kent1\AppData\Roaming\Real
2009-03-14 09:51:33 ----D---- C:\Windows\Debug
2009-03-14 09:51:33 ----D---- C:\WINDOWS
2009-03-14 09:46:53 ----HD---- C:\ProgramData
2009-03-14 09:39:50 ----SHD---- C:\System Volume Information
2009-03-14 07:51:22 ----SD---- C:\Windows\Downloaded Program Files
2009-03-14 07:38:14 ----D---- C:\Windows\System32
2009-03-14 07:22:32 ----D---- C:\Windows\inf
2009-03-14 07:22:32 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-03-14 07:16:11 ----D---- C:\Windows\SMINST
2009-03-14 01:37:16 ----D---- C:\Windows\system32\drivers
2009-03-14 01:18:49 ----D---- C:\Program Files\Internet Explorer
2009-03-13 13:24:06 ----SHD---- C:\Windows\Installer
2009-03-13 13:20:56 ----D---- C:\ProgramData\NVIDIA
2009-03-13 13:16:08 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-03-13 13:16:08 ----D---- C:\Program Files\AGEIA Technologies
2009-03-13 13:15:11 ----D---- C:\Windows\nvtmpinst
2009-03-13 13:14:48 ----D---- C:\Windows\system32\catroot
2009-03-13 13:14:43 ----D---- C:\Windows\system32\catroot2
2009-03-13 12:45:21 ----D---- C:\Program Files\Common Files\Adobe AIR
2009-03-13 12:40:57 ----D---- C:\Program Files\WinRAR
2009-03-12 03:35:59 ----D---- C:\Windows\winsxs
2009-03-12 03:06:26 ----D---- C:\Program Files\Windows Media Player
2009-03-12 03:06:26 ----D---- C:\Program Files\Windows Mail
2009-03-10 11:00:02 ----D---- C:\ProgramData\eMule
2009-03-10 10:56:54 ----D---- C:\eMule
2009-03-09 17:26:03 ----HD---- C:\Program Files\InstallShield Installation Information
2009-03-09 16:10:38 ----D---- C:\ProgramData\Yahoo! Companion
2009-03-09 16:04:14 ----D---- C:\Program Files\Microsoft Silverlight
2009-03-08 17:43:31 ----D---- C:\kent1
2009-03-08 10:24:03 ----RSD---- C:\Windows\assembly
2009-02-25 12:55:00 ----A---- C:\Windows\system32\mrt.exe
2009-02-15 17:48:24 ----D---- C:\Program Files\Java
2009-02-15 14:34:55 ----D---- C:\Windows\system32\Tasks
2009-02-15 13:28:00 ----RSD---- C:\Windows\Fonts
2009-02-15 02:21:40 ----D---- C:\Windows\ehome

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-02-05 23152]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-02-05 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-02-05 51376]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\kent1\UltraISO\drivers\ISODrive.sys [2008-05-24 73728]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2008-11-02 56572]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-02-05 51792]
R3 APL531;Hercules Dualpix HD Webcam; C:\Windows\System32\Drivers\hdvidv.sys [2007-07-13 285952]
R3 camfilt2;camfilt2; C:\Windows\System32\Drivers\camfilt2.sys [2007-07-31 94720]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-01-15 2047576]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-05-03 1065384]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-02-18 7765504]
R3 PdiPorts;Portrait Displays low level device driver; C:\Windows\System32\Drivers\PdiPorts.sys [2006-11-16 15920]
R3 Ps2;PS2; C:\Windows\system32\DRIVERS\PS2.sys [2005-12-12 19072]
R3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-19 73088]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S3 aqc9104a;aqc9104a; C:\Windows\system32\drivers\aqc9104a.sys []
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 RT70x86;Hercules Wireless USB Dongle Driver; C:\Windows\system32\DRIVERS\netr70.sys [2006-12-27 245248]
S3 usb_rndisx;Carte RNDIS USB; C:\Windows\system32\DRIVERS\usb8023x.sys [2008-01-19 15872]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\kent1\Avast4\aswUpdSv.exe [2009-02-05 18752]
R2 avast! Antivirus;avast! Antivirus; C:\kent1\Avast4\ashServ.exe [2009-02-05 138680]
R2 DTSRVC;Portrait Displays Display Tune Service; C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe [2007-01-16 73728]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2007-03-12 517768]
R2 NMSAccessU;NMSAccessU; C:\Users\kent1\CDBurnerXP\NMSAccessU.exe [2008-06-15 71096]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-02-18 207392]
R2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2007-09-26 554352]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\kent1\Avast4\ashMaiSv.exe [2009-02-05 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\kent1\Avast4\ashWebSv.exe [2009-02-05 352920]
R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-12-29 137200]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2007-09-26 2999664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Sourc

5 réponses

Réponse 1 / 5
ragebull Messages postés 877 Statut Membre 96
 
salut!

As-tu essayé une analyse avec Malware bytes en mode sans échec?
0
Réponse 2 / 5
tarmito
 
no mais je n y connait pas grand chose. ou peut on trouver ce programme ?
0
Réponse 3 / 5
tarmito
 
ok j ai trouvé ce programme et il est dit que l utiliser en mode sans échéc diminue son efficacité si je doit l utiliser en mode sans échéc comment faire?
0
Réponse 4 / 5
tarmito
 
bon apparement aprés le passage de malwarebyte je n est plus rien me semble voici le fichier aprés suppression
Malwarebytes' Anti-Malware 1.34
Version de la base de données: 1848
Windows 6.0.6001 Service Pack 1

14/03/2009 17:43:58
mbam-log-2009-03-14 (17-43-58).txt

Type de recherche: Examen rapide
Eléments examinés: 65799
Temps écoulé: 3 minute(s), 36 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 5
tarmito
 
j ai biensur au pré allable lancé un détection minutieuse de l ordinateur et les ai supprimés

Malwarebytes' Anti-Malware 1.34
Version de la base de données: 1848
Windows 6.0.6001 Service Pack 1

14/03/2009 17:27:19
mbam-log-2009-03-14 (17-27-15).txt

Type de recherche: Examen complet (C:\|D:\|F:\|)
Eléments examinés: 223674
Temps écoulé: 1 hour(s), 36 minute(s), 59 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 3
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{343ce214-9998-4b21-a151-ffe970167297} (Rogue.Installer) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a} (Rogue.WinAntivirus) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> No action taken.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Windows UDP Control Center (Backdoor.Bot) -> No action taken.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\WINDOWS\fxsteller.exe (Backdoor.Bot) -> No action taken.
0

Discussions similaires

Problème avec "PUADIManager:Win32/OfferCore
Knaki -
bazfile -

3 réponses
PUADlManager:Win32/OfferCore
tenmalade -
tenmalade -

2 réponses
PUA:Win32/InstallCore detecté par windows sécurité
thetib -
bazfile -

11 réponses
win32:malware-gen bloqué par avast
ikkual -
Utilisateur anonyme -

69 réponses
PUABundler:Win32/CandyOpen : dangereux ?
joubine -
bazfile -

2 réponses