Probleme de spywares
Résolu
dani-guiza
Messages postés
24
Date d'inscription
Statut
Membre
Dernière intervention
-
dani-guiza Messages postés 24 Date d'inscription Statut Membre Dernière intervention -
dani-guiza Messages postés 24 Date d'inscription Statut Membre Dernière intervention -
Bonjour,j'ai quelques problèmes depuis hier :
-mon fond d'ecran a changé tout seul, maintenant c'est un avertissement en anglais a propos de spyware avec un fond bleu.
-quand j'essaie d'ouvrir un programme un message me dit que aswupdsv.exe est infecté (quand je ne suis pas en mode sans echec).
-je lance spybot-S&D mais mon pc redémarre ...
voici mon résultat hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:39:16, on 26/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Safe mode with network support
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Samil\Bureau\HiJackThis.exe
O4 - HKLM\..\Run: [11454064] C:\Documents and Settings\All Users\Application Data\11454064\11454064.exe
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: sopidkc Service (sopidkc) - Elecard Lt - C:\WINDOWS\system32\sopidkc.exe
O23 - Service: websrvx - Unknown owner - C:\Program Files\websrvx\websrvx.exe (file missing)
-mon fond d'ecran a changé tout seul, maintenant c'est un avertissement en anglais a propos de spyware avec un fond bleu.
-quand j'essaie d'ouvrir un programme un message me dit que aswupdsv.exe est infecté (quand je ne suis pas en mode sans echec).
-je lance spybot-S&D mais mon pc redémarre ...
voici mon résultat hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:39:16, on 26/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Safe mode with network support
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Samil\Bureau\HiJackThis.exe
O4 - HKLM\..\Run: [11454064] C:\Documents and Settings\All Users\Application Data\11454064\11454064.exe
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: sopidkc Service (sopidkc) - Elecard Lt - C:\WINDOWS\system32\sopidkc.exe
O23 - Service: websrvx - Unknown owner - C:\Program Files\websrvx\websrvx.exe (file missing)
A voir également:
- Probleme de spywares
- Spyware Temu : un logiciel espion dans l'appli de shopping ? - Accueil - Applications & Logiciels
30 réponses
ben dans ce cas la mais un scan spybot au redémarrage^^
juste pour info ton antivirus c 'est quoi?
juste pour info ton antivirus c 'est quoi?
dani-guiza
Messages postés
24
Date d'inscription
Statut
Membre
Dernière intervention
mon antivirus c'est avast je l'ai depuis hier ^^
Salut, à mon avis installe AVG,et fais plusieurs analyses lentes, il est efficace'antivirus-antispyware-antitrojon......)
Bonjour dani-guiza,
Ton rapport est loin d'etre complet, ne peut tu pas le faire en mode normal avec ta session?
A+
Ton rapport est loin d'etre complet, ne peut tu pas le faire en mode normal avec ta session?
A+
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
RE
Que peut tu faire avec ton PC? Est tu en mode sans echecs avec prise en charge du reseau?
Inutile de vouloir changer d'Antivirus maintenant.
A+
Que peut tu faire avec ton PC? Est tu en mode sans echecs avec prise en charge du reseau?
Inutile de vouloir changer d'Antivirus maintenant.
A+
RE
Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
http://images.malwareremoval.com/random/RSIT.exe
Double-clique sur RSIT.exe.
Clique sur Continue à l'écran Disclaimer.
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).
A noter: Les rapports se trouvent également ici: C:\rsit.
A+
Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
http://images.malwareremoval.com/random/RSIT.exe
Double-clique sur RSIT.exe.
Clique sur Continue à l'écran Disclaimer.
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).
A noter: Les rapports se trouvent également ici: C:\rsit.
A+
Logfile of random's system information tool 1.06 (written by random/random)
Run by Samil at 2009-06-26 12:33:07
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 14 GB (39%) free of 36 GB
Total RAM: 255 MB (18% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:33:09, on 26/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Safe mode with network support
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Samil\Bureau\RSIT.exe
C:\Documents and Settings\Samil\Bureau\Samil.exe
O4 - HKLM\..\Run: [11454064] C:\Documents and Settings\All Users\Application Data\11454064\11454064.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: sopidkc Service (sopidkc) - Elecard Lt - C:\WINDOWS\system32\sopidkc.exe
O23 - Service: websrvx - Unknown owner - C:\Program Files\websrvx\websrvx.exe (file missing)
Run by Samil at 2009-06-26 12:33:07
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 14 GB (39%) free of 36 GB
Total RAM: 255 MB (18% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:33:09, on 26/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Safe mode with network support
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Samil\Bureau\RSIT.exe
C:\Documents and Settings\Samil\Bureau\Samil.exe
O4 - HKLM\..\Run: [11454064] C:\Documents and Settings\All Users\Application Data\11454064\11454064.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: sopidkc Service (sopidkc) - Elecard Lt - C:\WINDOWS\system32\sopidkc.exe
O23 - Service: websrvx - Unknown owner - C:\Program Files\websrvx\websrvx.exe (file missing)
info.txt logfile of random's system information tool 1.06 2009-06-26 12:31:12
======Uninstall list======
-->"C:\Program Files\Fichiers communs\Teknum Systems\tsUninst.exe" "C:\Program Files\HandyBits\EasyCrypto\HandyBits EasyCrypto Deluxe.del"
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\Program Files\Microsoft Money\setup\setup.exe
-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll"
-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->C:\WINDOWS\Modio\SLAMRNTO\slclean.exe
-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
-->C:\WINDOWS\uninst.exe -fC:\APPS\Audioneer\NewDJ\DeIsL1.isu -cC:\APPS\Audioneer\NewDJ\_ISREG32.DLL
-->CIAunwdm.exe
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0208A7E3-0D30-11D4-A1FC-00508B9D1BA2}\setup.exe"
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2CC982C0-7EAE-11D4-ACC3-0050568AD318}\SETUP.EXE" -uninst
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5809E7CF-4DCF-11D4-9875-00105ACE7734}\SETUP.EXE" -l040c UNINSTALL
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E3436EE2-D5CB-4249-840B-3A0140CC34C2}\SETUP.EXE" ControlPanel
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 7.0.7 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70700000002}
Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Advanced RAR Password Recovery (remove only)-->C:\Program Files\ElcomSoft\ARPR\uninstall.exe
All To MP3 Converter 1.5-->"C:\Program Files\LitexMedia\All To MP3 Converter\unins000.exe"
Apple Software Update-->MsiExec.exe /I{74EC78BC-B379-4E29-9006-8F161DCAABA6}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
ATI Display Driver-->rundll32 C:\WINDOWS\System32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Avanquest update-->C:\Program Files\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\Setup.exe -runfromtemp -l0x0009 -removeonly
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
DAEMON Tools-->MsiExec.exe /I{7A27AE24-F5B8-4ABC-B3DA-AB57BC7309FB}
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Dofus 1.27.0-->C:\Program Files\Dofus\uninstall.exe
eMule-->"C:\Program Files\eMule\Uninstall.exe"
Free Studio version 4.1-->"C:\Program Files\DVDVideoSoft\Free Studio\unins000.exe"
Free YouTube to Mp3 Converter version 3.1-->"C:\Program Files\DVDVideoSoft\Free YouTube to Mp3 Converter\unins000.exe"
HijackThis 2.0.2-->"C:\Documents and Settings\Samil\Bureau\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
IE7Pro-->C:\Program Files\IEPro\uninst.exe
Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
MediaConverter 2.5 for Philips-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8D8B167A-ED0F-43F1-AC10-3F4379F7CBBB}\Setup.exe" -l0x40c
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft LifeCam-->MsiExec.exe /X{718263DE-E612-4653-BB7D-7154BA9E31AB}
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
Mozilla Firefox (3.0.11)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
QuickTime-->MsiExec.exe /I{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}
RamBoost XP 4.0.6-->"C:\Program Files\RamBoost XP\unins000.exe"
Rockstar Custom Tracks 1.0-->C:\Program Files\Rockstar Custom Tracks\uninst.exe
SA52xx Device Manager-->C:\Program Files\InstallShield Installation Information\{6294CE03-1A16-4610-891E-FDAF9A585A54}\setup.exe -runfromtemp -l0x040c -removeonly
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB960003)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F04F8702-18D0-458D-921E-146FB7CD38CF}
Security Update for Microsoft Office Excel 2007 (KB959997)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {9EAC3AEC-5C81-4856-A05B-DE9DC236D740}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
Security Update pour Microsoft .NET Framework 2.0 (KB928365)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {8056AC9E-49C5-4375-9ADE-B2F862C9DF51} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
Sony Ericsson Media Manager 1.0-->MsiExec.exe /X{37F8E751-D19B-4445-8007-831CA42A9F9E}
Sony Ericsson PC Suite 3.209.00-->C:\Program Files\InstallShield Installation Information\{2FFE93F0-BB72-4E52-8761-354D1AAA9387}\Setup.exe -runfromtemp -l0x040c -removeonly
SopCast 3.0.3-->C:\Program Files\SopCast\uninst.exe
SpeedFan (remove only)-->"C:\Program Files\SpeedFan\uninstall.exe"
StuffPlug 3-->C:\Program Files\StuffPlug3\Uninstall.exe
SystemSecurity2009-->C:\Documents and Settings\Samil\Menu Démarrer\Programmes\System Security\\System Security
Total Video Converter 3.10-->"C:\Program Files\Total Video Converter\unins000.exe"
TreeWalk-->C:\WINDOWS\system32\dns\unins000.exe
Uninstall 1.0.0.1-->"C:\Program Files\Fichiers communs\DVDVideoSoft\unins000.exe"
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
Update for Office 2007 (KB932080)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {EDC9CA29-6BC1-471C-828C-7A36109005D7}
Update for Office 2007 (KB934391)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B3091818-7C56-4C45-BE7D-CA23027A5EA5}
Update for Outlook 2007 Junk Email Filter (kb970012)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {DC4A962B-9EC2-469C-BC9C-87312ADAEE81}
Winamp (remove only)-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
=====HijackThis Backups=====
O4 - HKCU\..\Policies\Explorer\Run: [Windows Security Drivers] twunk.exe [2009-06-26]
O4 - HKLM\..\Run: [sysldtray] C:\windows\ld11.exe [2009-06-26]
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-06-26]
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe [2009-06-26]
O2 - BHO: IEPlugin Class - {11222041-111B-46E3-BD29-EFB2449479B1} - C:\PROGRA~1\ArcSoft\MEDIAC~1.5FO\STREAM~1\ARCURL~1.DLL [2009-06-26]
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 [2009-06-26]
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-06-26]
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 [2009-06-26]
O4 - HKCU\..\Run: [kell] C:\program Files\Manson\liser.exe [2009-06-26]
O4 - HKLM\..\Run: [pp] C:\windows\pp10.exe [2009-06-26]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF [2009-06-26]
O4 - HKCU\..\Policies\Explorer\Run: [MstInit] C:\WINDOWS\System\mstinit.exe /waitservice [2009-06-26]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fourni par Planetis [2009-06-26]
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) [2009-06-26]
O4 - HKLM\..\Run: [ACTIVBOARD] C:\Apps\ActivBoard\MMKeybd.exe [2009-06-26]
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2009-06-26]
O4 - HKCU\..\Policies\Explorer\Run: [Windows Printing Driver] doskeys.exe [2009-06-26]
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime [2009-06-26]
O4 - Startup: SpeedFan.lnk = C:\Program Files\SpeedFan\speedfan.exe [2009-06-26]
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll [2009-06-26]
F3 - REG:win.ini: load=C:\DOCUME~1\Samil\LOCALS~1\APPLIC~1\MICROS~1\spoolsv.exe [2009-06-26]
O4 - HKLM\..\Policies\Explorer\Run: [rsvp] C:\DOCUME~1\Samil\LOCALS~1\APPLIC~1\MICROS~1\rsvp.exe /waitservice [2009-06-26]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl [2009-06-26]
O4 - HKCU\..\Policies\Explorer\Run: [Windows Spool Driver] WinSpool.exe [2009-06-26]
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe" [2009-06-26]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp [2009-06-26]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp [2009-06-26]
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-06-26]
O4 - HKLM\..\Run: [BVRPLiveUpdate] C:\Program Files\Avanquest update\Engine\Setup.exe -s /PATCH,/SRCUPDATEC:\DOCUME~1\ALLUSE~1\APPLIC~1\SONYER~1\SONYER~1\LIVEUP~1\LISTOF~1.DAT [2009-06-26]
O4 - HKCU\..\Policies\Explorer\Run: [NT Printing Services6] dllhosts.exe [2009-06-26]
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [2009-06-26]
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE [2009-06-26]
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens [2009-06-26]
O4 - HKCU\..\Policies\Explorer\Run: [NTSpool] NTSpool.exe [2009-06-26]
O4 - HKCU\..\Policies\Explorer\Run: [Esent Utl] C:\DOCUME~1\Samil\APPLIC~1\MICROS~1\esentutl.exe /waitservice [2009-06-26]
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2009-06-26]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF [2009-06-26]
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 [2009-06-26]
O4 - HKLM\..\Run: [11454064] C:\Documents and Settings\All Users\Application Data\11454064\11454064.exe [2009-06-26]
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe [2009-06-26]
O4 - HKUS\.DEFAULT\..\Run: [kell] C:\Program Files\Manson\liser.exe (User 'Default user') [2009-06-26]
O9 - Extra 'Tools' menuitem: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll [2009-06-26]
O9 - Extra button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll [2009-06-26]
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-06-26]
O4 - HKCU\..\Policies\Explorer\Run: [DXToolss] DXToolss.exe [2009-06-26]
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) [2009-06-26]
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" [2009-06-26]
O4 - HKCU\..\Run: [Update Service] C:\PROGRA~1\FICHIE~1\TEKNUM~1\update.exe /startup [2009-06-26]
O4 - HKUS\S-1-5-18\..\Policies\Explorer\Run: [Mstsc] C:\WINDOWS\System\mstsc.exe /waitservice (User 'SYSTEM') [2009-06-26]
O4 - HKUS\.DEFAULT\..\Policies\Explorer\Run: [Mstsc] C:\WINDOWS\System\mstsc.exe /waitservice (User 'Default user') [2009-06-26]
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe [2009-06-26]
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe" [2009-06-26]
O4 - HKUS\S-1-5-18\..\Run: [kell] C:\Program Files\Manson\liser.exe (User 'SYSTEM') [2009-06-26]
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe [2009-06-26]
O14 - IERESET.INF: START_PAGE_URL=http://ww25.planetis.com/ [2009-06-26]
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll [2009-06-26]
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe [2009-06-26]
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL [2009-06-26]
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll [2009-06-26]
O16 - DPF: {58EF1388-AF07-4D13-A069-D107671B8819} - http://www.gamegarden.net/ [2009-06-26]
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe [2009-06-26]
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll [2009-06-26]
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe [2009-06-26]
O23 - Service: twdns - Unknown owner - C:\WINDOWS\system32\dns\bin\named.exe [2009-06-26]
O17 - HKLM\System\CS1\Services\Tcpip\..\{55387117-926C-44E3-8679-5ACF2F9EAA24}: NameServer = 127.0.0.1 [2009-06-26]
O23 - Service: zfhsh5usr6i6u43t2q3awhrejaew80 - Unknown owner - C:\WINDOWS\zfhsh5usr6i6u43t2q3awhrejaew81.exe [2009-06-26]
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/... [2009-06-26]
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe [2009-06-26]
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe [2009-06-26]
O23 - Service: websrvx - Unknown owner - C:\Program Files\websrvx\websrvx.exe (file missing) [2009-06-26]
O17 - HKLM\System\CCS\Services\Tcpip\..\{66DAF5CD-588D-40C7-8DAA-4ABFB763CF86}: NameServer = 127.0.0.1,212.27.40.241,212.27.40.240 [2009-06-26]
O20 - AppInit_DLLs: c:\progra~1\Manson\liser.dll [2009-06-26]
O17 - HKLM\System\CCS\Services\Tcpip\..\{55387117-926C-44E3-8679-5ACF2F9EAA24}: NameServer = 127.0.0.1 [2009-06-26]
O23 - Service: sopidkc Service (sopidkc) - Elecard Lt - C:\WINDOWS\system32\sopidkc.exe [2009-06-26]
O17 - HKLM\System\CCS\Services\Tcpip\..\{6598F28F-5BDF-467D-BAA6-750AD577FCE3}: NameServer = 127.0.0.1 [2009-06-26]
O23 - Service: dfghaeuhe54ujetjnjiw4622nnn80 - Unknown owner - C:\WINDOWS\dfghaeuhe54ujetjnjiw4622nnn81.exe [2009-06-26]
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe [2009-06-26]
O17 - HKLM\System\CS2\Services\Tcpip\..\{55387117-926C-44E3-8679-5ACF2F9EAA24}: NameServer = 127.0.0.1 [2009-06-26]
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe [2009-06-26]
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe [2009-06-26]
O23 - Service: websrvx - Unknown owner - C:\Program Files\websrvx\websrvx.exe (file missing) [2009-06-26]
O23 - Service: sopidkc Service (sopidkc) - Elecard Lt - C:\WINDOWS\system32\sopidkc.exe [2009-06-26]
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe [2009-06-26]
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe [2009-06-26]
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe [2009-06-26]
======Hosts File======
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
======Security center information======
AV: avast! antivirus 4.8.1335 [VPS 090607-0] (outdated)
======System event log======
Computer Name: DAGGISTYLE
Event Code: 7036
Message: Le service Services Terminal Server est entré dans l'état : en cours d'exécution.
Record Number: 5
Source Name: Service Control Manager
Time Written: 20090618113932.000000+120
Event Type: Informations
User:
Computer Name: DAGGISTYLE
Event Code: 7000
Message: Le service NTPort Library Driver n'a pas pu démarrer en raison de l'erreur :
Le fichier spécifié est introuvable.
Record Number: 4
Source Name: Service Control Manager
Time Written: 20090618113932.000000+120
Event Type: erreur
User:
Computer Name: DAGGISTYLE
Event Code: 1001
Message: L'ordinateur a redémarré après une vérification d'erreur. La vérification d'erreur était :
0x100000d1 (0xce28ef84, 0x00000002, 0x00000001, 0xef8414e0).
Un vidage a été enregistré dans : C:\WINDOWS\Minidump\Mini061809-01.dmp.
Record Number: 3
Source Name: Save Dump
Time Written: 20090618113826.000000+120
Event Type: Informations
User:
Computer Name: DAGGISTYLE
Event Code: 6005
Message: Le service d'Enregistrement d'événement a démarré.
Record Number: 2
Source Name: EventLog
Time Written: 20090618113825.000000+120
Event Type: Informations
User:
Computer Name: DAGGISTYLE
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 3 Uniprocessor Free.
Record Number: 1
Source Name: EventLog
Time Written: 20090618113825.000000+120
Event Type: Informations
User:
=====Application event log=====
Computer Name: DAGGISTYLE
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.
Record Number: 5
Source Name: SecurityCenter
Time Written: 20090610125326.000000+120
Event Type: Informations
User:
Computer Name: DAGGISTYLE
Event Code: 3
Message: TWDNS: Starting DNS server version 9.4.0-(Hawk)-8.21
Record Number: 4
Source Name: twdns
Time Written: 20090610125255.000000+120
Event Type: Informations
User:
Computer Name: DAGGISTYLE
Event Code: 0
Message:
Record Number: 3
Source Name: MSCamSvc
Time Written: 20090610125233.000000+120
Event Type: Informations
User:
Computer Name: DAGGISTYLE
Event Code: 0
Message:
Record Number: 2
Source Name: MSCamSvc
Time Written: 20090610125233.000000+120
Event Type: Informations
User:
Computer Name: DAGGISTYLE
Event Code: 0
Message:
Record Number: 1
Source Name: MSCamSvc
Time Written: 20090610125233.000000+120
Event Type: Informations
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=C:\Program Files\Fichiers communs\ArcSoft\Bin;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 4 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=0402
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_06\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_06\lib\ext\QTJava.zip
"SAFEBOOT_OPTION"=NETWORK
======Uninstall list======
-->"C:\Program Files\Fichiers communs\Teknum Systems\tsUninst.exe" "C:\Program Files\HandyBits\EasyCrypto\HandyBits EasyCrypto Deluxe.del"
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\Program Files\Microsoft Money\setup\setup.exe
-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll"
-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->C:\WINDOWS\Modio\SLAMRNTO\slclean.exe
-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
-->C:\WINDOWS\uninst.exe -fC:\APPS\Audioneer\NewDJ\DeIsL1.isu -cC:\APPS\Audioneer\NewDJ\_ISREG32.DLL
-->CIAunwdm.exe
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0208A7E3-0D30-11D4-A1FC-00508B9D1BA2}\setup.exe"
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2CC982C0-7EAE-11D4-ACC3-0050568AD318}\SETUP.EXE" -uninst
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5809E7CF-4DCF-11D4-9875-00105ACE7734}\SETUP.EXE" -l040c UNINSTALL
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E3436EE2-D5CB-4249-840B-3A0140CC34C2}\SETUP.EXE" ControlPanel
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 7.0.7 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70700000002}
Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Advanced RAR Password Recovery (remove only)-->C:\Program Files\ElcomSoft\ARPR\uninstall.exe
All To MP3 Converter 1.5-->"C:\Program Files\LitexMedia\All To MP3 Converter\unins000.exe"
Apple Software Update-->MsiExec.exe /I{74EC78BC-B379-4E29-9006-8F161DCAABA6}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
ATI Display Driver-->rundll32 C:\WINDOWS\System32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Avanquest update-->C:\Program Files\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\Setup.exe -runfromtemp -l0x0009 -removeonly
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
DAEMON Tools-->MsiExec.exe /I{7A27AE24-F5B8-4ABC-B3DA-AB57BC7309FB}
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Dofus 1.27.0-->C:\Program Files\Dofus\uninstall.exe
eMule-->"C:\Program Files\eMule\Uninstall.exe"
Free Studio version 4.1-->"C:\Program Files\DVDVideoSoft\Free Studio\unins000.exe"
Free YouTube to Mp3 Converter version 3.1-->"C:\Program Files\DVDVideoSoft\Free YouTube to Mp3 Converter\unins000.exe"
HijackThis 2.0.2-->"C:\Documents and Settings\Samil\Bureau\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
IE7Pro-->C:\Program Files\IEPro\uninst.exe
Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
MediaConverter 2.5 for Philips-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8D8B167A-ED0F-43F1-AC10-3F4379F7CBBB}\Setup.exe" -l0x40c
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft LifeCam-->MsiExec.exe /X{718263DE-E612-4653-BB7D-7154BA9E31AB}
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
Mozilla Firefox (3.0.11)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
QuickTime-->MsiExec.exe /I{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}
RamBoost XP 4.0.6-->"C:\Program Files\RamBoost XP\unins000.exe"
Rockstar Custom Tracks 1.0-->C:\Program Files\Rockstar Custom Tracks\uninst.exe
SA52xx Device Manager-->C:\Program Files\InstallShield Installation Information\{6294CE03-1A16-4610-891E-FDAF9A585A54}\setup.exe -runfromtemp -l0x040c -removeonly
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB960003)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F04F8702-18D0-458D-921E-146FB7CD38CF}
Security Update for Microsoft Office Excel 2007 (KB959997)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {9EAC3AEC-5C81-4856-A05B-DE9DC236D740}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
Security Update pour Microsoft .NET Framework 2.0 (KB928365)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {8056AC9E-49C5-4375-9ADE-B2F862C9DF51} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
Sony Ericsson Media Manager 1.0-->MsiExec.exe /X{37F8E751-D19B-4445-8007-831CA42A9F9E}
Sony Ericsson PC Suite 3.209.00-->C:\Program Files\InstallShield Installation Information\{2FFE93F0-BB72-4E52-8761-354D1AAA9387}\Setup.exe -runfromtemp -l0x040c -removeonly
SopCast 3.0.3-->C:\Program Files\SopCast\uninst.exe
SpeedFan (remove only)-->"C:\Program Files\SpeedFan\uninstall.exe"
StuffPlug 3-->C:\Program Files\StuffPlug3\Uninstall.exe
SystemSecurity2009-->C:\Documents and Settings\Samil\Menu Démarrer\Programmes\System Security\\System Security
Total Video Converter 3.10-->"C:\Program Files\Total Video Converter\unins000.exe"
TreeWalk-->C:\WINDOWS\system32\dns\unins000.exe
Uninstall 1.0.0.1-->"C:\Program Files\Fichiers communs\DVDVideoSoft\unins000.exe"
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
Update for Office 2007 (KB932080)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {EDC9CA29-6BC1-471C-828C-7A36109005D7}
Update for Office 2007 (KB934391)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B3091818-7C56-4C45-BE7D-CA23027A5EA5}
Update for Outlook 2007 Junk Email Filter (kb970012)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {DC4A962B-9EC2-469C-BC9C-87312ADAEE81}
Winamp (remove only)-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
=====HijackThis Backups=====
O4 - HKCU\..\Policies\Explorer\Run: [Windows Security Drivers] twunk.exe [2009-06-26]
O4 - HKLM\..\Run: [sysldtray] C:\windows\ld11.exe [2009-06-26]
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-06-26]
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe [2009-06-26]
O2 - BHO: IEPlugin Class - {11222041-111B-46E3-BD29-EFB2449479B1} - C:\PROGRA~1\ArcSoft\MEDIAC~1.5FO\STREAM~1\ARCURL~1.DLL [2009-06-26]
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 [2009-06-26]
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-06-26]
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 [2009-06-26]
O4 - HKCU\..\Run: [kell] C:\program Files\Manson\liser.exe [2009-06-26]
O4 - HKLM\..\Run: [pp] C:\windows\pp10.exe [2009-06-26]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF [2009-06-26]
O4 - HKCU\..\Policies\Explorer\Run: [MstInit] C:\WINDOWS\System\mstinit.exe /waitservice [2009-06-26]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fourni par Planetis [2009-06-26]
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) [2009-06-26]
O4 - HKLM\..\Run: [ACTIVBOARD] C:\Apps\ActivBoard\MMKeybd.exe [2009-06-26]
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2009-06-26]
O4 - HKCU\..\Policies\Explorer\Run: [Windows Printing Driver] doskeys.exe [2009-06-26]
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime [2009-06-26]
O4 - Startup: SpeedFan.lnk = C:\Program Files\SpeedFan\speedfan.exe [2009-06-26]
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll [2009-06-26]
F3 - REG:win.ini: load=C:\DOCUME~1\Samil\LOCALS~1\APPLIC~1\MICROS~1\spoolsv.exe [2009-06-26]
O4 - HKLM\..\Policies\Explorer\Run: [rsvp] C:\DOCUME~1\Samil\LOCALS~1\APPLIC~1\MICROS~1\rsvp.exe /waitservice [2009-06-26]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl [2009-06-26]
O4 - HKCU\..\Policies\Explorer\Run: [Windows Spool Driver] WinSpool.exe [2009-06-26]
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe" [2009-06-26]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp [2009-06-26]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp [2009-06-26]
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-06-26]
O4 - HKLM\..\Run: [BVRPLiveUpdate] C:\Program Files\Avanquest update\Engine\Setup.exe -s /PATCH,/SRCUPDATEC:\DOCUME~1\ALLUSE~1\APPLIC~1\SONYER~1\SONYER~1\LIVEUP~1\LISTOF~1.DAT [2009-06-26]
O4 - HKCU\..\Policies\Explorer\Run: [NT Printing Services6] dllhosts.exe [2009-06-26]
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [2009-06-26]
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE [2009-06-26]
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens [2009-06-26]
O4 - HKCU\..\Policies\Explorer\Run: [NTSpool] NTSpool.exe [2009-06-26]
O4 - HKCU\..\Policies\Explorer\Run: [Esent Utl] C:\DOCUME~1\Samil\APPLIC~1\MICROS~1\esentutl.exe /waitservice [2009-06-26]
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2009-06-26]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF [2009-06-26]
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 [2009-06-26]
O4 - HKLM\..\Run: [11454064] C:\Documents and Settings\All Users\Application Data\11454064\11454064.exe [2009-06-26]
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe [2009-06-26]
O4 - HKUS\.DEFAULT\..\Run: [kell] C:\Program Files\Manson\liser.exe (User 'Default user') [2009-06-26]
O9 - Extra 'Tools' menuitem: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll [2009-06-26]
O9 - Extra button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll [2009-06-26]
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-06-26]
O4 - HKCU\..\Policies\Explorer\Run: [DXToolss] DXToolss.exe [2009-06-26]
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) [2009-06-26]
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" [2009-06-26]
O4 - HKCU\..\Run: [Update Service] C:\PROGRA~1\FICHIE~1\TEKNUM~1\update.exe /startup [2009-06-26]
O4 - HKUS\S-1-5-18\..\Policies\Explorer\Run: [Mstsc] C:\WINDOWS\System\mstsc.exe /waitservice (User 'SYSTEM') [2009-06-26]
O4 - HKUS\.DEFAULT\..\Policies\Explorer\Run: [Mstsc] C:\WINDOWS\System\mstsc.exe /waitservice (User 'Default user') [2009-06-26]
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe [2009-06-26]
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe" [2009-06-26]
O4 - HKUS\S-1-5-18\..\Run: [kell] C:\Program Files\Manson\liser.exe (User 'SYSTEM') [2009-06-26]
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe [2009-06-26]
O14 - IERESET.INF: START_PAGE_URL=http://ww25.planetis.com/ [2009-06-26]
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll [2009-06-26]
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe [2009-06-26]
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL [2009-06-26]
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll [2009-06-26]
O16 - DPF: {58EF1388-AF07-4D13-A069-D107671B8819} - http://www.gamegarden.net/ [2009-06-26]
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe [2009-06-26]
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll [2009-06-26]
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe [2009-06-26]
O23 - Service: twdns - Unknown owner - C:\WINDOWS\system32\dns\bin\named.exe [2009-06-26]
O17 - HKLM\System\CS1\Services\Tcpip\..\{55387117-926C-44E3-8679-5ACF2F9EAA24}: NameServer = 127.0.0.1 [2009-06-26]
O23 - Service: zfhsh5usr6i6u43t2q3awhrejaew80 - Unknown owner - C:\WINDOWS\zfhsh5usr6i6u43t2q3awhrejaew81.exe [2009-06-26]
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/... [2009-06-26]
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe [2009-06-26]
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe [2009-06-26]
O23 - Service: websrvx - Unknown owner - C:\Program Files\websrvx\websrvx.exe (file missing) [2009-06-26]
O17 - HKLM\System\CCS\Services\Tcpip\..\{66DAF5CD-588D-40C7-8DAA-4ABFB763CF86}: NameServer = 127.0.0.1,212.27.40.241,212.27.40.240 [2009-06-26]
O20 - AppInit_DLLs: c:\progra~1\Manson\liser.dll [2009-06-26]
O17 - HKLM\System\CCS\Services\Tcpip\..\{55387117-926C-44E3-8679-5ACF2F9EAA24}: NameServer = 127.0.0.1 [2009-06-26]
O23 - Service: sopidkc Service (sopidkc) - Elecard Lt - C:\WINDOWS\system32\sopidkc.exe [2009-06-26]
O17 - HKLM\System\CCS\Services\Tcpip\..\{6598F28F-5BDF-467D-BAA6-750AD577FCE3}: NameServer = 127.0.0.1 [2009-06-26]
O23 - Service: dfghaeuhe54ujetjnjiw4622nnn80 - Unknown owner - C:\WINDOWS\dfghaeuhe54ujetjnjiw4622nnn81.exe [2009-06-26]
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe [2009-06-26]
O17 - HKLM\System\CS2\Services\Tcpip\..\{55387117-926C-44E3-8679-5ACF2F9EAA24}: NameServer = 127.0.0.1 [2009-06-26]
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe [2009-06-26]
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe [2009-06-26]
O23 - Service: websrvx - Unknown owner - C:\Program Files\websrvx\websrvx.exe (file missing) [2009-06-26]
O23 - Service: sopidkc Service (sopidkc) - Elecard Lt - C:\WINDOWS\system32\sopidkc.exe [2009-06-26]
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe [2009-06-26]
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe [2009-06-26]
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe [2009-06-26]
======Hosts File======
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
======Security center information======
AV: avast! antivirus 4.8.1335 [VPS 090607-0] (outdated)
======System event log======
Computer Name: DAGGISTYLE
Event Code: 7036
Message: Le service Services Terminal Server est entré dans l'état : en cours d'exécution.
Record Number: 5
Source Name: Service Control Manager
Time Written: 20090618113932.000000+120
Event Type: Informations
User:
Computer Name: DAGGISTYLE
Event Code: 7000
Message: Le service NTPort Library Driver n'a pas pu démarrer en raison de l'erreur :
Le fichier spécifié est introuvable.
Record Number: 4
Source Name: Service Control Manager
Time Written: 20090618113932.000000+120
Event Type: erreur
User:
Computer Name: DAGGISTYLE
Event Code: 1001
Message: L'ordinateur a redémarré après une vérification d'erreur. La vérification d'erreur était :
0x100000d1 (0xce28ef84, 0x00000002, 0x00000001, 0xef8414e0).
Un vidage a été enregistré dans : C:\WINDOWS\Minidump\Mini061809-01.dmp.
Record Number: 3
Source Name: Save Dump
Time Written: 20090618113826.000000+120
Event Type: Informations
User:
Computer Name: DAGGISTYLE
Event Code: 6005
Message: Le service d'Enregistrement d'événement a démarré.
Record Number: 2
Source Name: EventLog
Time Written: 20090618113825.000000+120
Event Type: Informations
User:
Computer Name: DAGGISTYLE
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 3 Uniprocessor Free.
Record Number: 1
Source Name: EventLog
Time Written: 20090618113825.000000+120
Event Type: Informations
User:
=====Application event log=====
Computer Name: DAGGISTYLE
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.
Record Number: 5
Source Name: SecurityCenter
Time Written: 20090610125326.000000+120
Event Type: Informations
User:
Computer Name: DAGGISTYLE
Event Code: 3
Message: TWDNS: Starting DNS server version 9.4.0-(Hawk)-8.21
Record Number: 4
Source Name: twdns
Time Written: 20090610125255.000000+120
Event Type: Informations
User:
Computer Name: DAGGISTYLE
Event Code: 0
Message:
Record Number: 3
Source Name: MSCamSvc
Time Written: 20090610125233.000000+120
Event Type: Informations
User:
Computer Name: DAGGISTYLE
Event Code: 0
Message:
Record Number: 2
Source Name: MSCamSvc
Time Written: 20090610125233.000000+120
Event Type: Informations
User:
Computer Name: DAGGISTYLE
Event Code: 0
Message:
Record Number: 1
Source Name: MSCamSvc
Time Written: 20090610125233.000000+120
Event Type: Informations
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=C:\Program Files\Fichiers communs\ArcSoft\Bin;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 4 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=0402
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_06\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_06\lib\ext\QTJava.zip
"SAFEBOOT_OPTION"=NETWORK
RE
* Télécharge OtmoveIT (de Old_Timer) sur ton Bureau
http://oldtimer.geekstogo.com/OTMoveIt3.exe
* Double-clique sur OTMoveIt.exe pour le lancer.
* Assure toi que la case Unregister Dll's and Ocx's soit bien cochée.
* Copie la liste qui se trouve en gras dans la citation ci-dessous et colle-la dans le cadre de gauche de OTMoveIt sous Paste List of Files/Folders to move.
-----------------------------
-----------------------------
* Clique sur MoveIt! pour lancer la suppression.
* Le résultat apparaitra dans le cadre "Results".
* Clique sur Exit pour fermer.
* Poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
* Le pc va redémarrer, c'est normal. Poste le rapport ensuite.
A+
* Télécharge OtmoveIT (de Old_Timer) sur ton Bureau
http://oldtimer.geekstogo.com/OTMoveIt3.exe
* Double-clique sur OTMoveIt.exe pour le lancer.
* Assure toi que la case Unregister Dll's and Ocx's soit bien cochée.
* Copie la liste qui se trouve en gras dans la citation ci-dessous et colle-la dans le cadre de gauche de OTMoveIt sous Paste List of Files/Folders to move.
-----------------------------
:processes explorer.exe :files C:\Program Files\websrvx\websrvx.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0 C:\WINDOWS\twitty01.exe C:\WINDOWS\pp10.exe C:\Program Files\websrvx C:\Program Files\sys C:\WINDOWS\ld11.exe C:\WINDOWS\dfghaeuhe54ujetjnjiw4622nnn81.exe C:\Documents and Settings\All Users\Application Data\11454064 C:\WINDOWS\system32\tpsaxyd.exe C:\Program Files\Zero G Registry C:\WINDOWS\zfhsh5usr6i6u43t2q3awhrejaew81.exe C:\Program Files\Manson C:\WINDOWS\ld09.exe C:\WINDOWS\system32\Chan1.txt C:\Documents and Settings\All Users\Application Data\Babylon C:\Documents and Settings\Samil\Application Data\Babylon C:\WINDOWS\system32\twunk.exe C:\WINDOWS\system32\DXToolss.exe C:\WINDOWS\system32\gh14rs.txt C:\WINDOWS\zfhsh5usr6i6u43t2q3awhrejaew81.exe c:\progra~1\Manson\liser.dll C:\WINDOWS\system32\sopidkc.exe C:\WINDOWS\dfghaeuhe54ujetjnjiw4622nnn81.exe :reg [-HKLM\..\Run: [11454064] C:\Documents and Settings\All Users\Application Data\11454064\11454064.exe] [-HKCU\..\Run: [kell] C:\program Files\Manson\liser.exe] [-HKLM\..\Run: [pp] C:\windows\pp10.exe] [-HKCU\..\Policies\Explorer\Run: [MstInit] C:\WINDOWS\System\mstinit.exe /waitservice] [-HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fourni par Planetis] [-HKLM\..\Policies\Explorer\Run: [rsvp] C:\DOCUME~1\Samil\LOCALS~1\APPLIC~1\MICROS~1\rsvp.exe /waitservice] [-HKCU\..\Policies\Explorer\Run: [Esent Utl] C:\DOCUME~1\Samil\APPLIC~1\MICROS~1\esentutl.exe /waitservice] [-HKUS\.DEFAULT\..\Run: [kell] C:\Program Files\Manson\liser.exe (User 'Default user')] [-HKCU\..\Run: [Update Service] C:\PROGRA~1\FICHIE~1\TEKNUM~1\update.exe /startup] [-HKUS\S-1-5-18\..\Policies\Explorer\Run: [Mstsc] C:\WINDOWS\System\mstsc.exe /waitservice (User 'SYSTEM')] [-HKUS\.DEFAULT\..\Policies\Explorer\Run: [Mstsc] C:\WINDOWS\System\mstsc.exe /waitservice (User 'Default user')] [-HKUS\S-1-5-18\..\Run: [kell] C:\Program Files\Manson\liser.exe (User 'SYSTEM')] :commands [purity] [emptytemp] [start explorer] [reboot]
-----------------------------
* Clique sur MoveIt! pour lancer la suppression.
* Le résultat apparaitra dans le cadre "Results".
* Clique sur Exit pour fermer.
* Poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
* Le pc va redémarrer, c'est normal. Poste le rapport ensuite.
A+
re, voici le rapport:
All processes killed
========== PROCESSES ==========
Process explorer.exe killed successfully!
========== FILES ==========
File/Folder C:\Program Files\websrvx\websrvx.exe not found.
File/Folder C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0 not found.
C:\WINDOWS\twitty01.exe moved successfully.
C:\WINDOWS\pp10.exe moved successfully.
C:\Program Files\websrvx moved successfully.
C:\Program Files\sys moved successfully.
C:\WINDOWS\ld11.exe moved successfully.
C:\WINDOWS\dfghaeuhe54ujetjnjiw4622nnn81.exe moved successfully.
C:\Documents and Settings\All Users\Application Data\11454064 moved successfully.
C:\WINDOWS\system32\tpsaxyd.exe moved successfully.
C:\Program Files\Zero G Registry moved successfully.
C:\WINDOWS\zfhsh5usr6i6u43t2q3awhrejaew81.exe moved successfully.
C:\Program Files\Manson moved successfully.
C:\WINDOWS\ld09.exe moved successfully.
C:\WINDOWS\system32\Chan1.txt moved successfully.
C:\Documents and Settings\All Users\Application Data\Babylon moved successfully.
C:\Documents and Settings\Samil\Application Data\Babylon moved successfully.
C:\WINDOWS\system32\twunk.exe moved successfully.
C:\WINDOWS\system32\DXToolss.exe moved successfully.
C:\WINDOWS\system32\gh14rs.txt moved successfully.
File/Folder C:\WINDOWS\zfhsh5usr6i6u43t2q3awhrejaew81.exe not found.
File/Folder c:\progra~1\Manson\liser.dll not found.
File/Folder C:\WINDOWS\system32\sopidkc.exe not found.
File/Folder C:\WINDOWS\dfghaeuhe54ujetjnjiw4622nnn81.exe not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\..\Run: [11454064] C:\Documents and Settings\All Users\Application Data\11454064\11454064.exe\ not found.
Registry key HKEY_CURRENT_USER\..\Run: [kell] C:\program Files\Manson\liser.exe\ not found.
Registry key HKEY_LOCAL_MACHINE\..\Run: [pp] C:\windows\pp10.exe\ not found.
Registry key HKEY_CURRENT_USER\..\Policies\Explorer\Run: [MstInit] C:\WINDOWS\System\mstinit.exe /waitservice\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fourni par Planetis\ not found.
Registry key HKEY_LOCAL_MACHINE\..\Policies\Explorer\Run: [rsvp] C:\DOCUME~1\Samil\LOCALS~1\APPLIC~1\MICROS~1\rsvp.exe /waitservice\ not found.
Registry key HKEY_CURRENT_USER\..\Policies\Explorer\Run: [Esent Utl] C:\DOCUME~1\Samil\APPLIC~1\MICROS~1\esentutl.exe /waitservice\ not found.
Registry key Invalid\.DEFAULT\..\Run: [kell] C:\Program Files\Manson\liser.exe (User 'Default user')\ not found.
Registry key HKEY_CURRENT_USER\..\Run: [Update Service] C:\PROGRA~1\FICHIE~1\TEKNUM~1\update.exe /startup\ not found.
Registry key Invalid\S-1-5-18\..\Policies\Explorer\Run: [Mstsc] C:\WINDOWS\System\mstsc.exe /waitservice (User 'SYSTEM')\ not found.
Registry key Invalid\.DEFAULT\..\Policies\Explorer\Run: [Mstsc] C:\WINDOWS\System\mstsc.exe /waitservice (User 'Default user')\ not found.
Registry key Invalid\S-1-5-18\..\Run: [kell] C:\Program Files\Manson\liser.exe (User 'SYSTEM')\ not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrateur
->Temporary Internet Files folder emptied: 1271800 bytes
->FireFox cache emptied: 221548 bytes
User: All Users
User: cabs
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 672146 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 49621 bytes
User: Propriétaire
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: Samil
->Temp folder emptied: 11716151 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 36274332 bytes
->Google Chrome cache emptied: 14598614 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 137401 bytes
%systemroot%\System32 .tmp files removed: 2833408 bytes
Windows Temp folder emptied: 36263177 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 99,31 mb
OTM by OldTimer - Version 3.0.0.2 log created on 06262009_224155
All processes killed
========== PROCESSES ==========
Process explorer.exe killed successfully!
========== FILES ==========
File/Folder C:\Program Files\websrvx\websrvx.exe not found.
File/Folder C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0 not found.
C:\WINDOWS\twitty01.exe moved successfully.
C:\WINDOWS\pp10.exe moved successfully.
C:\Program Files\websrvx moved successfully.
C:\Program Files\sys moved successfully.
C:\WINDOWS\ld11.exe moved successfully.
C:\WINDOWS\dfghaeuhe54ujetjnjiw4622nnn81.exe moved successfully.
C:\Documents and Settings\All Users\Application Data\11454064 moved successfully.
C:\WINDOWS\system32\tpsaxyd.exe moved successfully.
C:\Program Files\Zero G Registry moved successfully.
C:\WINDOWS\zfhsh5usr6i6u43t2q3awhrejaew81.exe moved successfully.
C:\Program Files\Manson moved successfully.
C:\WINDOWS\ld09.exe moved successfully.
C:\WINDOWS\system32\Chan1.txt moved successfully.
C:\Documents and Settings\All Users\Application Data\Babylon moved successfully.
C:\Documents and Settings\Samil\Application Data\Babylon moved successfully.
C:\WINDOWS\system32\twunk.exe moved successfully.
C:\WINDOWS\system32\DXToolss.exe moved successfully.
C:\WINDOWS\system32\gh14rs.txt moved successfully.
File/Folder C:\WINDOWS\zfhsh5usr6i6u43t2q3awhrejaew81.exe not found.
File/Folder c:\progra~1\Manson\liser.dll not found.
File/Folder C:\WINDOWS\system32\sopidkc.exe not found.
File/Folder C:\WINDOWS\dfghaeuhe54ujetjnjiw4622nnn81.exe not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\..\Run: [11454064] C:\Documents and Settings\All Users\Application Data\11454064\11454064.exe\ not found.
Registry key HKEY_CURRENT_USER\..\Run: [kell] C:\program Files\Manson\liser.exe\ not found.
Registry key HKEY_LOCAL_MACHINE\..\Run: [pp] C:\windows\pp10.exe\ not found.
Registry key HKEY_CURRENT_USER\..\Policies\Explorer\Run: [MstInit] C:\WINDOWS\System\mstinit.exe /waitservice\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fourni par Planetis\ not found.
Registry key HKEY_LOCAL_MACHINE\..\Policies\Explorer\Run: [rsvp] C:\DOCUME~1\Samil\LOCALS~1\APPLIC~1\MICROS~1\rsvp.exe /waitservice\ not found.
Registry key HKEY_CURRENT_USER\..\Policies\Explorer\Run: [Esent Utl] C:\DOCUME~1\Samil\APPLIC~1\MICROS~1\esentutl.exe /waitservice\ not found.
Registry key Invalid\.DEFAULT\..\Run: [kell] C:\Program Files\Manson\liser.exe (User 'Default user')\ not found.
Registry key HKEY_CURRENT_USER\..\Run: [Update Service] C:\PROGRA~1\FICHIE~1\TEKNUM~1\update.exe /startup\ not found.
Registry key Invalid\S-1-5-18\..\Policies\Explorer\Run: [Mstsc] C:\WINDOWS\System\mstsc.exe /waitservice (User 'SYSTEM')\ not found.
Registry key Invalid\.DEFAULT\..\Policies\Explorer\Run: [Mstsc] C:\WINDOWS\System\mstsc.exe /waitservice (User 'Default user')\ not found.
Registry key Invalid\S-1-5-18\..\Run: [kell] C:\Program Files\Manson\liser.exe (User 'SYSTEM')\ not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrateur
->Temporary Internet Files folder emptied: 1271800 bytes
->FireFox cache emptied: 221548 bytes
User: All Users
User: cabs
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 672146 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 49621 bytes
User: Propriétaire
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: Samil
->Temp folder emptied: 11716151 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 36274332 bytes
->Google Chrome cache emptied: 14598614 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 137401 bytes
%systemroot%\System32 .tmp files removed: 2833408 bytes
Windows Temp folder emptied: 36263177 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 99,31 mb
OTM by OldTimer - Version 3.0.0.2 log created on 06262009_224155