Bonjour, J'ai un gros soucis à la suite d'un petit logiciel téléchargé; -mon mode sans échec ne fonctionne plus -ainsi que les antivirus (win32 non valide) y compris combix -le réseau sans fil se bloque si je passe pas par l'étape exécuter regedit puis 3 au lieu de 4 J'ai cherché toute l'après midi différentes solutions sans résultat. S'il vous plait aidez moi!!!!

Virus bagle

Réponse 21 / 67

tannytane
23 oct. 2008 à 22:40

Je suis à 65% du scan, j'attends la fin pour te poster le rapport mais aprés il faut que je fasse ma poule parceque demain je me leve tôt.
Oserais je caresser l'espoir d'avoir encore de l'aide demain?

sKe69 Messages postés 21360 Date d'inscription samedi 15 mars 2008 Statut Contributeur sécurité Dernière intervention 30 décembre 2012 463
23 oct. 2008 à 22:45

Oserais je caresser l'espoir d'avoir encore de l'aide demain?

--> sans problème ;) ... tant que le PC n'est pas clean ! ...

postes moi le rapport et à demain pour la suite ....

Réponse 22 / 67

tannytane
23 oct. 2008 à 23:24

Voilà le rapport j'ai bien cru que ça ne finirait jamais!
Merci et bonne nuit
J'espere a demain

Avira AntiVir Personal
Report file date: 2008-10-23 22:10

Scanning for 1705737 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 3) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: YOUR-6FBB7B0EF0

Version information:
BUILD.DAT : 8.2.0.334 16933 Bytes 2008-10-16 14:55:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 2008-06-26 08:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 2008-05-26 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 2008-06-12 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 2008-05-26 07:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 2008-06-24 13:54:15
ANTIVIR2.VDF : 7.0.7.59 4366336 Bytes 2008-10-19 18:53:55
ANTIVIR3.VDF : 7.0.7.80 166400 Bytes 2008-10-23 18:53:56
Engineversion : 8.2.0.7
AEVDF.DLL : 8.1.0.6 102772 Bytes 2008-10-23 18:54:11
AESCRIPT.DLL : 8.1.1.9 319867 Bytes 2008-10-23 18:54:10
AESCN.DLL : 8.1.1.3 123252 Bytes 2008-10-23 18:54:09
AERDL.DLL : 8.1.1.2 438644 Bytes 2008-10-23 18:54:09
AEPACK.DLL : 8.1.2.4 369014 Bytes 2008-10-23 18:54:07
AEOFFICE.DLL : 8.1.0.29 196988 Bytes 2008-10-23 18:54:06
AEHEUR.DLL : 8.1.0.63 1479032 Bytes 2008-10-23 18:54:05
AEHELP.DLL : 8.1.1.2 115062 Bytes 2008-10-23 18:54:01
AEGEN.DLL : 8.1.0.41 319861 Bytes 2008-10-23 18:54:01
AEEMU.DLL : 8.1.0.9 393588 Bytes 2008-10-23 18:53:59
AECORE.DLL : 8.1.2.7 172407 Bytes 2008-10-23 18:53:58
AEBB.DLL : 8.1.0.3 53618 Bytes 2008-10-23 18:53:57
AVWINLL.DLL : 1.0.0.12 15105 Bytes 2008-07-09 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 2008-05-16 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 2008-10-23 18:53:57
AVREG.DLL : 8.0.0.1 33537 Bytes 2008-05-09 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 2008-02-12 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 2008-06-12 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2008-01-22 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 2008-06-12 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 2008-01-25 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 2008-06-12 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 2008-06-27 13:34:37

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: high

Start of the scan: 2008-10-23 22:10

Starting search for hidden objects.
'69082' objects were checked, '0' hidden objects were found.

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
Scan process 'wscntfy.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'dllhost.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'Orb.exe' - '1' Module(s) have been scanned
Scan process 'OrbTray.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'IMApp.exe' - '1' Module(s) have been scanned
Scan process 'PSFree.exe' - '1' Module(s) have been scanned
Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
Scan process 'SuperCopier2.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'winampa.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'CalCheck.exe' - '1' Module(s) have been scanned
Scan process 'daemon.exe' - '1' Module(s) have been scanned
Scan process 'X10nets.exe' - '1' Module(s) have been scanned
Scan process 'TAPPSRV.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'StarWindServiceAE.exe' - '1' Module(s) have been scanned
Scan process 'RegSrvc.exe' - '1' Module(s) have been scanned
Scan process 'neronet.exe' - '1' Module(s) have been scanned
Scan process 'incdsrv.exe' - '1' Module(s) have been scanned
Scan process 'imapi.exe' - '1' Module(s) have been scanned
Scan process 'ehSched.exe' - '1' Module(s) have been scanned
Scan process 'ehrecvr.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'CFSvcs.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'S24EvMon.exe' - '1' Module(s) have been scanned
Scan process 'EvtEng.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
50 processes with 50 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '61' files ).

Starting the file scan:

Begin scan in 'C:\'
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\Toshiba\Mes documents\Ma musique\Emuleplus\Jeux\Jeux Maé\Adiboud'chou\Enfant - AdibouD'Chou Au Cirque.rar
[0] Archive type: RAR
--> Acrobat Reader\Deu\RP505DEU.EXE
[1] Archive type: CAB SFX (self extracting)
--> \SVG Files\SVGViewer.dict
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\Program Files\Toshiba\TOSCDSPD\toscdspd.exe
[DETECTION] Is the TR/Dldr.Bagle.aei Trojan
[NOTE] The file was moved to '4973e580.qua'!
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP1\A0000009.exe
[DETECTION] Is the TR/Dldr.Bagle.aei Trojan
[NOTE] The file was moved to '4930e6b9.qua'!
C:\WINDOWS\system32\gzmuyoibv.exe
[DETECTION] Contains recognition pattern of the WORM/Zhelatin.Gen worm
[NOTE] The file was moved to '496dead1.qua'!
C:\WINDOWS\system32\ictxhzpoc.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '4974eac0.qua'!
C:\WINDOWS\system32\mbkywcptz.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '496bead4.qua'!
C:\WINDOWS\system32\oxxoexzt.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '4978eb1c.qua'!
C:\WINDOWS\system32\twpfrqldgp.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '4970eb48.qua'!
C:\WINDOWS\system32\ukkswn.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '496beb3f.qua'!
C:\WINDOWS\system32\zcxxfxda.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '4978eb45.qua'!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!

End of the scan: 2008-10-23 23:23
Used time: 1:12:34 Hour(s)

The scan has been done completely.

9269 Scanning directories
358244 Files were scanned
9 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
9 files were moved to quarantine
0 files were renamed
3 Files cannot be scanned
358232 Files not concerned
8214 Archives were scanned
4 Warnings
9 Notes
69082 Objects were scanned with rootkit scan
0 Hidden objects were found

Réponse 23 / 67

sKe69 Messages postés 21360 Date d'inscription samedi 15 mars 2008 Statut Contributeur sécurité Dernière intervention 30 décembre 2012 463
23 oct. 2008 à 23:33

Très intéressant ....

pour demain :

1- Supprimes tout ce qui se trouve dans la quarantaine d' AntiVir ...

2- refais un coup de CCleaner (registre compris )

3- Télécharges MalwareByte's :
ici ftp://ftp.commentcamarche.com/download/mbam-setup.exe
ou ici : http://www.malwarebytes.org/mbam.php

Installes le ( choisis bien "francais" ; ne modifies pas les paramètres d'installe ) et mets le à jour .

(NB : S'il te manque "COMCTL32.OCX" lors de l'installe, alors télécharges le ici : https://www.malekal.com/tutorial-aboutbuster/ )

Potasses le tuto pour te familiariser avec le prg :
https://forum.pcastuces.com/sujet.asp?f=31&s=3
https://www.androidworld.fr/
( cela dis, il est très simple d'utilisation ).

Lances Malwarebyte's .

Fais un scan dit "complet" ( sélectionnes bien tous tes disks avant le scan ! ) et supprimes tout ce qu'il peut trouver, c'est à dire :
-->Laisses le scan se terminer,puis à la fin tu cliques sur "résultat" .
-->Vérifies que tous les objets infectés soient validés, puis cliques sur " suppression " .

PS : Malwarebytes te demandera peut-être de redémarrer ton PC pour finir le nettoyage , fais le !

Postes le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwarebytes, le dernier en date) accompagné d'un nouvel hijackthis ...

Réponse 24 / 67

tannytane
24 oct. 2008 à 20:21

Malwarebytes' Anti-Malware 1.30
Version de la base de données: 1311
Windows 5.1.2600 Service Pack 3

2008-10-24 20:15:45
mbam-log-2008-10-24 (20-15-45).txt

Type de recherche: Examen complet (C:\|D:\|E:\|F:\|)
Eléments examinés: 147216
Temps écoulé: 1 hour(s), 9 minute(s), 44 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\WINDOWS\system32\drivers\downld (Trojan.Agent) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Program Files\eoRezo (Rogue.Eorezo) -> Delete on reboot.

Réponse 25 / 67

tannytane
24 oct. 2008 à 20:23

J'ai fais tout ce que tu m'as dis y compris le scan complet en mode sans echec.
Il n'y a plus l'air d'avoir de souci?
Quoiqu'il en soit encore merci de ton aide

Réponse 26 / 67

sKe69 Messages postés 21360 Date d'inscription samedi 15 mars 2008 Statut Contributeur sécurité Dernière intervention 30 décembre 2012 463
24 oct. 2008 à 20:27

Salut,

1- supprimes tout ce qui se trouve dans la quarantaine de malwarebytes ( via celle ci )

2-Télécharges Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau.

-> http://images.malwareremoval.com/random/RSIT.exe

! Fermes bien toutes tes applications en cours !

Double-clique sur " RSIT.exe " pour le lancer .

-> Une première fenêtre s'ouvre avec en titre : " Disclaimer of warranty " .

* Devant l'option "List files/folders created ..." , tu choisis : 2 months

* cliques ensuite sur " Continue " pour lancer l'analyse ...

( Note : Si la dernière version de HijackThis n'est pas détectée sur ton PC, RSIT le téléchargera et te demandera d'accepter la licence.)

-> laisses faire le scan et ne touche pas au PC ...

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-note).

Postes le contenu de " log.txt " (c'est celui qui apparait à l'écran), ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ...

( Note : les rapports seront en outre sauvegardés dans ce dossier -> C:\rsit )

Réponse 27 / 67

tannytane
24 oct. 2008 à 20:37

info.txt logfile of random's system information tool 1.04 2008-10-24 20:32:24

======Uninstall list======

-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware SE Personal-->C:\PROGRA~1\UTILIT~3\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\UTILIT~3\AD-AWA~1\INSTALL.LOG
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 7.0.8 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70800000002}
Ahead InCD-->C:\WINDOWS\NuNInst.exe /UNINSTALL
Ahead Nero Burning ROM-->C:\Program Files\Utilitaires-musique\nero\nero-burning\nero\uninstall\UNNERO.exe /UNINSTALL
Ahead NeroMediaPlayer-->C:\WINDOWS\UNNMP.exe /UNINSTALL
Ahead NeroMIX-->C:\WINDOWS\UNNMIX.exe /UNINSTALL
Ahead NeroNET-->C:\WINDOWS\UNNeroNET.exe /UNINSTALL
Ahead NeroVision Express-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
Apple Mobile Device Support-->MsiExec.exe /I{AA9768AA-FF0B-4C66-A085-31E934F77841}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ArcSoft Software Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9E397B40-13F7-4CA2-9943-ADB29ACBBFDF}\setup.exe" -l0x40c
Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
Bluetooth Stack for Windows by Toshiba-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
Brain Coaching-->MsiExec.exe /I{42AD6CE4-B761-4ED1-9A3C-3E168F256504}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Commandes TOSHIBA-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}\Setup.exe" -l0x40c UNINSTALL
Concours Administratifs de la Fonction Publique-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{491C73F3-3635-436F-869E-04EFE4E0F7F2}\SETUP.EXE" -l0x40c -removeonly
Correctif n° 2 pour Windows XP Édition Media Center 2005-->C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe
Correctif pour Lecteur Windows Media 10 (KB910393)-->"C:\WINDOWS\$NtUninstallKB910393$\spuninst\spuninst.exe"
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
DAEMON Tools-->MsiExec.exe /I{3DED3A72-61A8-4B87-98A5-EF0BC8038AA0}
DiViDiX Génération-->C:\WINDOWS\unvise32.exe C:\WINDOWS\system32\undividix.log
DivX Codec Language Plugin (Français)-->C:\WINDOWS\unvise32.exe C:\Program Files\lang-fr-uninstal.log
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
Dora Sakado-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3AFC7779-F2B8-49A4-9689-A2EA86ABCC8A}\Setup.exe" -l0x40c
eMule-->"C:\Program Files\Internet\eMule\Uninstall.exe"
FileZilla Client 3.0.11.1-->C:\Program Files\Free\FileZilla Client\uninstall.exe
FlexiPoints 2.01-->MsiExec.exe /I{2C4DDA22-BF40-4D9E-8360-D0ACB322FB95}
Formatage de carte mémoire SD TOSHIBA-->MsiExec.exe /X{48CF9A66-5F03-4025-ABD0-B3A3FA095A59}
FusionSoft DVD Player XP Version 4.5-->"C:\Program Files\DivX\FusionSoft DVD Player XP\unins000.exe"
Gestion d'énergie TOSHIBA-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\TOSHIBA\Power Saver\Uninst.isu" -c"C:\WINDOWS\system32\TPSDel.dll"
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
Hercules WebCam Station-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D208F4A7-6B73-4C2A-8B1E-8756FCBA831E}\Setup.exe" -l0x40c
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 10 (KB903157)-->"C:\WINDOWS\$NtUninstallKB903157$\spuninst\spuninst.exe"
IncrediMail Xe-->C:\PROGRA~1\INCRED~1\bin\imsetup.exe /remove /addon:IncrediMail /log:IncMail.log
Intel(R) Graphics Media Accelerator Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_27A6 PCI\VEN_8086&DEV_27A2
Intel(R) PRO Network Connections Drivers-->Prounstl.exe
InterVideo WinDVD Creator 2-->"C:\Program Files\InstallShield Installation Information\{2FCE4FC5-6930-40E7-A4F1-F862207424EF}\setup.exe" REMOVEALL
InterVideo WinDVD for TOSHIBA-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
IZArc 3.7-->"C:\Program Files\Utilitaires systeme\IZArc\unins000.exe"
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Java(TM) 6 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Language pack for Ad-Aware SE-->C:\PROGRA~1\UTILIT~3\AD-AWA~1\Plugins\Langs\UNWISE.EXE C:\PROGRA~1\UTILIT~3\AD-AWA~1\Plugins\Langs\INSTALL.LOG
Lapin Malin Maternelle 1-->C:\WINDOWS\IsUn040c.exe -f"c:\program files\jeux\lapinmalin\Uninst\DeIsL1.isu"
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Logiciel Intel(R) PROSet/Wireless-->C:\WINDOWS\Installer\iProInst.exe
LogMeIn-->MsiExec.exe /I{3FEC3A5B-60FF-4626-B425-08E09B121A15}
LUMIX Simple Viewer-->C:\Program Files\InstallShield Installation Information\{2CDCCE7E-55D5-40CC-AEA0-ABA54713501F}\setup.exe -runfromtemp -l0x040c -removeonly
Macromedia Flash Player-->MsiExec.exe /X{0456ebd7-5f67-4ab6-852e-63781e3f389c}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Manuels TOSHIBA-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3EB6332B-AF02-457C-A31C-835458C5B48B}\setup.exe" -l0x40c -removeonly
Matroska Playback Pack-->C:\Program Files\Utilitaires vidéos\Matroska Playback Pack\uninstall.exe
mCore-->MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}
mDrWiFi-->MsiExec.exe /I{90CC4231-94AC-45CD-991A-0253BFAC0650}
MediaCoder 0.6.1-->C:\Program Files\Utilitaires-musique\MediaCoder\uninst.exe
mHelp-->MsiExec.exe /I{8C6BB412-D3A8-4AAE-A01B-35B681789D68}
Micro Application - Concours de la Fonction publique v2-->C:\WINDOWS\IsUn040c.exe -f"c:\program files\jeux\Concours de la Fonction publique\Uninst.isu"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office 2003 Web Components-->MsiExec.exe /I{90A4040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Excel Viewer 2003-->MsiExec.exe /I{9084040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office OneNote 2003-->MsiExec.exe /I{91A1040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works-->MsiExec.exe /I{6B1CB38D-E2E4-4A30-933D-EFDEBA76AD9C}
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour pour Lecteur Windows Media 10 (KB913800)-->"C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe"
Mise à jour pour Lecteur Windows Media 10 (KB926251)-->"C:\WINDOWS\$NtUninstallKB926251$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
mIWA-->MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F}
mLogView-->MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}
mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
Mozilla Firefox (3.0.1)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mPfWiz-->MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9}
mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
mXML-->MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401}
mZConfig-->MsiExec.exe /I{94658027-9F16-4509-BBD7-A59FE57C3023}
Nokia Connectivity Cable Driver-->MsiExec.exe /X{972B1D9B-0EAD-49E8-B7D6-3B83FD5665B1}
Nokia PC Suite-->C:\Documents and Settings\All Users\Application Data\Installations\{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}\Nokia_PC_Suite_683_rel_14_1_fre.exe /LANG="1036"
Nokia PC Suite-->MsiExec.exe /I{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}
Outil de diagnostic PC TOSHIBA-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{2C38F661-26B7-445D-B87D-B53FE2D3BD42}
Package de pilotes Windows - Nokia Modem (11/03/2006 6.82.0.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_4EFFAAE27A08EDFDE145390033D8EF099DA65567\nokbtmdm.inf
PC Connectivity Solution-->MsiExec.exe /I{066D65EA-ED53-44E4-A96A-F81B6E409D2E}
Peggle Deluxe 1.0-->C:\Program Files\PopCap Games\Peggle Deluxe\PopUninstall.exe "C:\Program Files\PopCap Games\Peggle Deluxe\Install.log"
Photo Frame Show-->C:\PROGRA~1\UTILIT~1\FRAMES~1\UNWISE.EXE C:\PROGRA~1\UTILIT~1\FRAMES~1\INSTALL.LOG
PHOTOfunSTUDIO -viewer--->C:\Program Files\InstallShield Installation Information\{9A9DBEBC-C800-4776-A970-D76D6AA405B1}\Setup.exe -runfromtemp -l0x040cPackage -removeonly
Picasa 2-->"C:\Program Files\utilitaire-image\Picasa2\Uninstall.exe"
Pop-Up Stopper Free Edition-->C:\PROGRA~1\Internet\POP-UP~2\UNWISE.EXE C:\PROGRA~1\Internet\POP-UP~2\INSTALL.LOG
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly
Réducteur de bruit lect. CD/DVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}\Setup.exe" -l0x40c
Rippack v3 beta 16.1-->"C:\Program Files\DivX\Rippack\Uninstall.exe" "C:\Program Files\DivX\Rippack\install.log"
Samsung PC Studio 3 USB Driver Installer-->"C:\Program Files\InstallShield Installation Information\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}\setup.exe" -runfromtemp -l0x040c -removeonly
Samsung PC Studio 3-->"C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -runfromtemp -l0x040c -removeonly
Samsung Samples Installer-->"C:\Program Files\InstallShield Installation Information\{7AC15160-A49B-4A89-B181-D4619C025FFF}\setup.exe" -runfromtemp -l0x040c -removeonly
SD Secure Module-->MsiExec.exe /X{C45F4811-31D5-4786-801D-F79CD06EDD85}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Son virtuel TOSHIBA-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8B12BA86-ADAC-4BA6-B441-FFC591087252}\setup.exe" /uninstall
Sonic DLA-->MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Sonic Encoders-->MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}
Sonic RecordNow!-->MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
SuperCopier2-->"C:\Program Files\SuperCopier2\SC2Uninst.exe"
SweetIM For Internet Explorer 3.0b-->MsiExec.exe /X{F6D63A65-BD23-46F3-B9A3-87F442423481}
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Texas Instruments PCIxx21/x515/xx12 drivers.-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{4497AFF6-98C4-4F49-B073-F48F42BCBF9E} /l1036
TOSHIBA ConfigFree-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}\setup.exe" -l0x40c UNINSTALL
TOSHIBA Hotkey Utility-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{64DD71BC-3109-4C88-9AD3-D5422644B722}\setup.exe" -l0x40c
TOSHIBA Software Modem-->Tosmreg -U
TOSHIBA TouchPad ON/Off Utility-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{69BE47C2-36FE-4397-8199-85D8EAE69982}\setup.exe" -l0x40c
TOSHIBA Utilities-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{78C68CB9-3DF5-44F3-AB9D-FA305C5EB85C}\setup.exe" -l0x40c
Ulead Photo Express 6
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{760B29F2-8663-419B-A025-5A55066E130B}\setup.exe" -l0x9
Ulead PhotoImpact 12-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11AFE21E-B193-430D-B57A-DFF7815BB962}\Setup.exe" -l0x40c
Utilitaire de zoom TOSHIBA-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{64212898-097F-4F3F-AECA-6D34A7EF82DF}\Setup.exe" -l0x40c
Winamp Remote-->"C:\Program Files\Winamp Remote\uninstall.exe"
Winamp-->"C:\Program Files\Utilitaires-musique\Winamp\UninstWA.exe"
Windows Desktop Search -->"C:\WINDOWS\$NtUninstallKB911993-V2$\spuninst\spuninst.exe"
Windows Driver Package - Nokia (WUDFRd) WPD (03/19/2007 6.83.31.1)-->C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccswpddri_039E7E24575DBAE6A389611AF28F4EB97729D33E\pccswpddriver.inf
Windows Driver Package - Nokia Modem (02/15/2007 3.1)-->C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccs_bluet_8B37DC72918CCD58A6EC20373AF6242B037A293B\pccs_bluetooth.inf
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Mail-->MsiExec.exe /I{C514C594-23AA-4F13-A070-DB8BDB27594F}
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows XP Édition Media Center 2005 KB888316-->C:\WINDOWS\$NtUninstallKB888316$\spuninst\spuninst.exe
Windows XP Media Center Edition 2005 KB894553-->C:\WINDOWS\$NtUninstallKB894553$\spuninst\spuninst.exe
Windows XP Media Center Edition 2005 KB895678-->C:\WINDOWS\$NtUninstallKB895678$\spuninst\spuninst.exe
Windows XP Media Center Edition 2005 KB925766-->"C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
X10 Hardware(TM)-->C:\WINDOWS\UNWISE.EXE C:\PROGRA~1\X10HAR~1\Install.log

======Security center information======

AV: AVG (disabled) (outdated)
AV: Avira AntiVir PersonalEdition
FW: Norton Internet Worm Protection (disabled)

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\PC Connectivity Solution;C:\Program Files\Fichiers communs\GTK\2.0\bin;C:\Program Files\Fichiers communs\Ulead Systems\MPEG;C:\Program Files\QuickTime\QTSystem;C:\Program Files\Samsung\Samsung PC Studio 3
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 14 Stepping 8, GenuineIntel
"PROCESSOR_REVISION"=0e08
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip

-----------------EOF-----------------

Réponse 28 / 67

tannytane
24 oct. 2008 à 20:41

info.txt logfile of random's system information tool 1.04 2008-10-24 20:32:24

======Uninstall list======

-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware SE Personal-->C:\PROGRA~1\UTILIT~3\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\UTILIT~3\AD-AWA~1\INSTALL.LOG
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 7.0.8 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70800000002}
Ahead InCD-->C:\WINDOWS\NuNInst.exe /UNINSTALL
Ahead Nero Burning ROM-->C:\Program Files\Utilitaires-musique\nero\nero-burning\nero\uninstall\UNNERO.exe /UNINSTALL
Ahead NeroMediaPlayer-->C:\WINDOWS\UNNMP.exe /UNINSTALL
Ahead NeroMIX-->C:\WINDOWS\UNNMIX.exe /UNINSTALL
Ahead NeroNET-->C:\WINDOWS\UNNeroNET.exe /UNINSTALL
Ahead NeroVision Express-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
Apple Mobile Device Support-->MsiExec.exe /I{AA9768AA-FF0B-4C66-A085-31E934F77841}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ArcSoft Software Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9E397B40-13F7-4CA2-9943-ADB29ACBBFDF}\setup.exe" -l0x40c
Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
Bluetooth Stack for Windows by Toshiba-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
Brain Coaching-->MsiExec.exe /I{42AD6CE4-B761-4ED1-9A3C-3E168F256504}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Commandes TOSHIBA-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}\Setup.exe" -l0x40c UNINSTALL
Concours Administratifs de la Fonction Publique-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{491C73F3-3635-436F-869E-04EFE4E0F7F2}\SETUP.EXE" -l0x40c -removeonly
Correctif n° 2 pour Windows XP Édition Media Center 2005-->C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe
Correctif pour Lecteur Windows Media 10 (KB910393)-->"C:\WINDOWS\$NtUninstallKB910393$\spuninst\spuninst.exe"
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
DAEMON Tools-->MsiExec.exe /I{3DED3A72-61A8-4B87-98A5-EF0BC8038AA0}
DiViDiX Génération-->C:\WINDOWS\unvise32.exe C:\WINDOWS\system32\undividix.log
DivX Codec Language Plugin (Français)-->C:\WINDOWS\unvise32.exe C:\Program Files\lang-fr-uninstal.log
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
Dora Sakado-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3AFC7779-F2B8-49A4-9689-A2EA86ABCC8A}\Setup.exe" -l0x40c
eMule-->"C:\Program Files\Internet\eMule\Uninstall.exe"
FileZilla Client 3.0.11.1-->C:\Program Files\Free\FileZilla Client\uninstall.exe
FlexiPoints 2.01-->MsiExec.exe /I{2C4DDA22-BF40-4D9E-8360-D0ACB322FB95}
Formatage de carte mémoire SD TOSHIBA-->MsiExec.exe /X{48CF9A66-5F03-4025-ABD0-B3A3FA095A59}
FusionSoft DVD Player XP Version 4.5-->"C:\Program Files\DivX\FusionSoft DVD Player XP\unins000.exe"
Gestion d'énergie TOSHIBA-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\TOSHIBA\Power Saver\Uninst.isu" -c"C:\WINDOWS\system32\TPSDel.dll"
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
Hercules WebCam Station-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D208F4A7-6B73-4C2A-8B1E-8756FCBA831E}\Setup.exe" -l0x40c
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 10 (KB903157)-->"C:\WINDOWS\$NtUninstallKB903157$\spuninst\spuninst.exe"
IncrediMail Xe-->C:\PROGRA~1\INCRED~1\bin\imsetup.exe /remove /addon:IncrediMail /log:IncMail.log
Intel(R) Graphics Media Accelerator Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_27A6 PCI\VEN_8086&DEV_27A2
Intel(R) PRO Network Connections Drivers-->Prounstl.exe
InterVideo WinDVD Creator 2-->"C:\Program Files\InstallShield Installation Information\{2FCE4FC5-6930-40E7-A4F1-F862207424EF}\setup.exe" REMOVEALL
InterVideo WinDVD for TOSHIBA-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
IZArc 3.7-->"C:\Program Files\Utilitaires systeme\IZArc\unins000.exe"
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Java(TM) 6 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Language pack for Ad-Aware SE-->C:\PROGRA~1\UTILIT~3\AD-AWA~1\Plugins\Langs\UNWISE.EXE C:\PROGRA~1\UTILIT~3\AD-AWA~1\Plugins\Langs\INSTALL.LOG
Lapin Malin Maternelle 1-->C:\WINDOWS\IsUn040c.exe -f"c:\program files\jeux\lapinmalin\Uninst\DeIsL1.isu"
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Logiciel Intel(R) PROSet/Wireless-->C:\WINDOWS\Installer\iProInst.exe
LogMeIn-->MsiExec.exe /I{3FEC3A5B-60FF-4626-B425-08E09B121A15}
LUMIX Simple Viewer-->C:\Program Files\InstallShield Installation Information\{2CDCCE7E-55D5-40CC-AEA0-ABA54713501F}\setup.exe -runfromtemp -l0x040c -removeonly
Macromedia Flash Player-->MsiExec.exe /X{0456ebd7-5f67-4ab6-852e-63781e3f389c}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Manuels TOSHIBA-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3EB6332B-AF02-457C-A31C-835458C5B48B}\setup.exe" -l0x40c -removeonly
Matroska Playback Pack-->C:\Program Files\Utilitaires vidéos\Matroska Playback Pack\uninstall.exe
mCore-->MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}
mDrWiFi-->MsiExec.exe /I{90CC4231-94AC-45CD-991A-0253BFAC0650}
MediaCoder 0.6.1-->C:\Program Files\Utilitaires-musique\MediaCoder\uninst.exe
mHelp-->MsiExec.exe /I{8C6BB412-D3A8-4AAE-A01B-35B681789D68}
Micro Application - Concours de la Fonction publique v2-->C:\WINDOWS\IsUn040c.exe -f"c:\program files\jeux\Concours de la Fonction publique\Uninst.isu"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office 2003 Web Components-->MsiExec.exe /I{90A4040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Excel Viewer 2003-->MsiExec.exe /I{9084040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office OneNote 2003-->MsiExec.exe /I{91A1040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works-->MsiExec.exe /I{6B1CB38D-E2E4-4A30-933D-EFDEBA76AD9C}
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour pour Lecteur Windows Media 10 (KB913800)-->"C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe"
Mise à jour pour Lecteur Windows Media 10 (KB926251)-->"C:\WINDOWS\$NtUninstallKB926251$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
mIWA-->MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F}
mLogView-->MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}
mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
Mozilla Firefox (3.0.1)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mPfWiz-->MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9}
mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
mXML-->MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401}
mZConfig-->MsiExec.exe /I{94658027-9F16-4509-BBD7-A59FE57C3023}
Nokia Connectivity Cable Driver-->MsiExec.exe /X{972B1D9B-0EAD-49E8-B7D6-3B83FD5665B1}
Nokia PC Suite-->C:\Documents and Settings\All Users\Application Data\Installations\{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}\Nokia_PC_Suite_683_rel_14_1_fre.exe /LANG="1036"
Nokia PC Suite-->MsiExec.exe /I{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}
Outil de diagnostic PC TOSHIBA-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{2C38F661-26B7-445D-B87D-B53FE2D3BD42}
Package de pilotes Windows - Nokia Modem (11/03/2006 6.82.0.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_4EFFAAE27A08EDFDE145390033D8EF099DA65567\nokbtmdm.inf
PC Connectivity Solution-->MsiExec.exe /I{066D65EA-ED53-44E4-A96A-F81B6E409D2E}
Peggle Deluxe 1.0-->C:\Program Files\PopCap Games\Peggle Deluxe\PopUninstall.exe "C:\Program Files\PopCap Games\Peggle Deluxe\Install.log"
Photo Frame Show-->C:\PROGRA~1\UTILIT~1\FRAMES~1\UNWISE.EXE C:\PROGRA~1\UTILIT~1\FRAMES~1\INSTALL.LOG
PHOTOfunSTUDIO -viewer--->C:\Program Files\InstallShield Installation Information\{9A9DBEBC-C800-4776-A970-D76D6AA405B1}\Setup.exe -runfromtemp -l0x040cPackage -removeonly
Picasa 2-->"C:\Program Files\utilitaire-image\Picasa2\Uninstall.exe"
Pop-Up Stopper Free Edition-->C:\PROGRA~1\Internet\POP-UP~2\UNWISE.EXE C:\PROGRA~1\Internet\POP-UP~2\INSTALL.LOG
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly
Réducteur de bruit lect. CD/DVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}\Setup.exe" -l0x40c
Rippack v3 beta 16.1-->"C:\Program Files\DivX\Rippack\Uninstall.exe" "C:\Program Files\DivX\Rippack\install.log"
Samsung PC Studio 3 USB Driver Installer-->"C:\Program Files\InstallShield Installation Information\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}\setup.exe" -runfromtemp -l0x040c -removeonly
Samsung PC Studio 3-->"C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -runfromtemp -l0x040c -removeonly
Samsung Samples Installer-->"C:\Program Files\InstallShield Installation Information\{7AC15160-A49B-4A89-B181-D4619C025FFF}\setup.exe" -runfromtemp -l0x040c -removeonly
SD Secure Module-->MsiExec.exe /X{C45F4811-31D5-4786-801D-F79CD06EDD85}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Son virtuel TOSHIBA-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8B12BA86-ADAC-4BA6-B441-FFC591087252}\setup.exe" /uninstall
Sonic DLA-->MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Sonic Encoders-->MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}
Sonic RecordNow!-->MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
SuperCopier2-->"C:\Program Files\SuperCopier2\SC2Uninst.exe"
SweetIM For Internet Explorer 3.0b-->MsiExec.exe /X{F6D63A65-BD23-46F3-B9A3-87F442423481}
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Texas Instruments PCIxx21/x515/xx12 drivers.-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{4497AFF6-98C4-4F49-B073-F48F42BCBF9E} /l1036
TOSHIBA ConfigFree-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}\setup.exe" -l0x40c UNINSTALL
TOSHIBA Hotkey Utility-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{64DD71BC-3109-4C88-9AD3-D5422644B722}\setup.exe" -l0x40c
TOSHIBA Software Modem-->Tosmreg -U
TOSHIBA TouchPad ON/Off Utility-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{69BE47C2-36FE-4397-8199-85D8EAE69982}\setup.exe" -l0x40c
TOSHIBA Utilities-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{78C68CB9-3DF5-44F3-AB9D-FA305C5EB85C}\setup.exe" -l0x40c
Ulead Photo Express 6
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{760B29F2-8663-419B-A025-5A55066E130B}\setup.exe" -l0x9
Ulead PhotoImpact 12-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11AFE21E-B193-430D-B57A-DFF7815BB962}\Setup.exe" -l0x40c
Utilitaire de zoom TOSHIBA-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{64212898-097F-4F3F-AECA-6D34A7EF82DF}\Setup.exe" -l0x40c
Winamp Remote-->"C:\Program Files\Winamp Remote\uninstall.exe"
Winamp-->"C:\Program Files\Utilitaires-musique\Winamp\UninstWA.exe"
Windows Desktop Search -->"C:\WINDOWS\$NtUninstallKB911993-V2$\spuninst\spuninst.exe"
Windows Driver Package - Nokia (WUDFRd) WPD (03/19/2007 6.83.31.1)-->C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccswpddri_039E7E24575DBAE6A389611AF28F4EB97729D33E\pccswpddriver.inf
Windows Driver Package - Nokia Modem (02/15/2007 3.1)-->C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccs_bluet_8B37DC72918CCD58A6EC20373AF6242B037A293B\pccs_bluetooth.inf
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Mail-->MsiExec.exe /I{C514C594-23AA-4F13-A070-DB8BDB27594F}
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows XP Édition Media Center 2005 KB888316-->C:\WINDOWS\$NtUninstallKB888316$\spuninst\spuninst.exe
Windows XP Media Center Edition 2005 KB894553-->C:\WINDOWS\$NtUninstallKB894553$\spuninst\spuninst.exe
Windows XP Media Center Edition 2005 KB895678-->C:\WINDOWS\$NtUninstallKB895678$\spuninst\spuninst.exe
Windows XP Media Center Edition 2005 KB925766-->"C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
X10 Hardware(TM)-->C:\WINDOWS\UNWISE.EXE C:\PROGRA~1\X10HAR~1\Install.log

======Security center information======

AV: AVG (disabled) (outdated)
AV: Avira AntiVir PersonalEdition
FW: Norton Internet Worm Protection (disabled)

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\PC Connectivity Solution;C:\Program Files\Fichiers communs\GTK\2.0\bin;C:\Program Files\Fichiers communs\Ulead Systems\MPEG;C:\Program Files\QuickTime\QTSystem;C:\Program Files\Samsung\Samsung PC Studio 3
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 14 Stepping 8, GenuineIntel
"PROCESSOR_REVISION"=0e08
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip

-----------------EOF-----------------

Réponse 29 / 67

sKe69 Messages postés 21360 Date d'inscription samedi 15 mars 2008 Statut Contributeur sécurité Dernière intervention 30 décembre 2012 463
24 oct. 2008 à 21:02

re,

tu m'as posté 2 fois "Info.txt" ... il me faut l'autre rapport ... ^^

Réponse 30 / 67

tannytane
24 oct. 2008 à 21:25

impossible de poster le rapport?!! ça tourne en rond
Je vais essayer par petits bouts

sKe69 Messages postés 21360 Date d'inscription samedi 15 mars 2008 Statut Contributeur sécurité Dernière intervention 30 décembre 2012 463
24 oct. 2008 à 21:26

re,

en deux fois cela devrai passer ... ;)

A tout'

Réponse 31 / 67

tannytane
24 oct. 2008 à 21:26

Logfile of random's system information tool 1.04 (written by random/random)
Run by Toshiba at 2008-10-24 20:32:14
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 59 GB (62%) free of 95 GB
Total RAM: 1014 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:32, on 2008-10-24
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\imapi.exe
C:\Program Files\Utilitaires-musique\nero\InCD\InCD\InCDsrv.exe
C:\Program Files\Utilitaires-musique\nero\wizard\NeroNET\NeroNET.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Program Files\jeux\utilitaires\daemons\daemon.exe
C:\Program Files\utilitaire-image\photoexpress\CalCheck.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Utilitaires-musique\Winamp\winampa.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\Internet\POP-UP~2\PSFree.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Winamp Remote\bin\OrbTray.exe
C:\Program Files\Winamp Remote\bin\Orb.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Toshiba\Bureau\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\HijackThis\Toshiba.exe

Réponse 32 / 67

tannytane
24 oct. 2008 à 21:26

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\jeux\utilitaires\daemons\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\Monitor.exe
O4 - HKLM\..\Run: [Ulead Calendar Checker] C:\Program Files\utilitaire-image\photoexpress\CalCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Utilitaires-musique\Winamp\winampa.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\Internet\POP-UP~2\PSFree.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe" /automount
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://data.jeuxclassiques.com/npwwg.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.new2.foto.com/ImageUploader5.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://express.foto.com/Newuploader/ImageUploader4.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2F17E5A3-18E2-40A5-BC33-DB85443C2FA5}: NameServer = 212.27.54.252,212.27.53.252
O17 - HKLM\System\CCS\Services\Tcpip\..\{7C0B2B59-3C08-46B0-82C8-63212A69A068}: NameServer = 212.27.54.252,212.27.53.252
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program Files\Utilitaires-musique\nero\InCD\InCD\InCDsrv.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - Unknown owner - C:\Program Files\Free\LogMeIn\x86\RaMaint.exe (file missing)
O23 - Service: LogMeIn - Unknown owner - C:\Program Files\Free\LogMeIn\x86\LogMeIn.exe (file missing)
O23 - Service: NeroNET - Ahead Software AG - C:\Program Files\Utilitaires-musique\nero\wizard\NeroNET\NeroNET.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

Réponse 33 / 67

tannytane
24 oct. 2008 à 21:27

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Maintenance en 1 clic.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 63128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F85D76C-0569-466F-A488-493E6BD0E955}]
dsWebAllowBHO Class - C:\Program Files\Windows Desktop Search\dsWebAllow.dll [2006-03-26 265432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}]
DriveLetterAccess - C:\WINDOWS\System32\DLA\DLASHX_W.DLL [2005-10-06 110652]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}]
EoBho Class

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar2.dll [2007-01-19 2436160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar2.dll [2007-01-19 2436160]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools-1033"=C:\Program Files\jeux\utilitaires\daemons\daemon.exe [2004-08-22 81920]
"Ulead AutoDetector"=C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\Monitor.exe [2008-10-23 94208]
"Ulead Calendar Checker"=C:\Program Files\utilitaire-image\photoexpress\CalCheck.exe [2005-08-22 69632]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"WinampAgent"=C:\Program Files\Utilitaires-musique\Winamp\winampa.exe [2008-04-01 36352]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"SuperCopier2.exe"=C:\Program Files\SuperCopier2\SuperCopier2.exe [2006-07-07 1052672]
"IncrediMail"=C:\Program Files\IncrediMail\bin\IncMail.exe [2007-01-23 204843]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"PopUpStopperFreeEdition"=C:\PROGRA~1\Internet\POP-UP~2\PSFree.exe [2005-03-17 536576]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe [2007-07-02 219008]
"Orb"=C:\Program Files\Winamp Remote\bin\OrbTray.exe [2008-04-01 507904]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Windows Desktop Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-03-22 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2006-03-23 139264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LMIinit]
LMIinit.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 240128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2006-03-13 233472]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sglfb.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tga.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NBF]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nbf.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProtectedStorage]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSEXESVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sglfb.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tga.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme
"EnableLUA"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"NoDrives"=
"NoDriveAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Internet\eMule\emule.exe"="C:\Program Files\Internet\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\Internet\mIRC\mirc.exe"="C:\Program Files\Internet\mIRC\mirc.exe:*:Enabled:mIRC"
"C:\Documents and Settings\Toshiba\Local Settings\Temporary Internet Files\Content.IE5\TTRDP4Y9\incredimail_install[1].exe"="C:\Documents and Settings\Toshiba\Local Settings\Temporary Internet Files\Content.IE5\TTRDP4Y9\incredimail_install[1].exe:*:Enabled:IncrediMail Installer"
"C:\Program Files\IncrediMail\bin\IMApp.exe"="C:\Program Files\IncrediMail\bin\IMApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\Internet\eMuleplus\eMule.exe"="C:\Program Files\Internet\eMuleplus\eMule.exe:*:Enabled:eMule Plus"
"C:\Documents and Settings\Toshiba\Local Settings\Temp\ARC118\emule.exe"="C:\Documents and Settings\Toshiba\Local Settings\Temp\ARC118\emule.exe:*:Enabled:eMule"
"C:\Documents and Settings\Toshiba\Local Settings\Temp\ARC119\emule.exe"="C:\Documents and Settings\Toshiba\Local Settings\Temp\ARC119\emule.exe:*:Enabled:eMule"
"C:\Documents and Settings\Toshiba\Local Settings\Temp\ARC11A\emule.exe"="C:\Documents and Settings\Toshiba\Local Settings\Temp\ARC11A\emule.exe:*:Enabled:eMule"
"C:\Program Files\Ubisoft\Heroes of Might and Magic V\bin\H5_Game.exe"="C:\Program Files\Ubisoft\Heroes of Might and Magic V\bin\H5_Game.exe:*:Enabled:Heroes of Might and Magic V"
"C:\Program Files\Magentic\bin\MgImp.exe"="C:\Program Files\Magentic\bin\MgImp.exe:*:Enabled:Magentic"
"C:\Program Files\Magentic\bin\Magentic.exe"="C:\Program Files\Magentic\bin\Magentic.exe:*:Enabled:Magentic"
"C:\Program Files\Magentic\bin\MgApp.exe"="C:\Program Files\Magentic\bin\MgApp.exe:*:Enabled:Magentic"
"C:\Program Files\Freeplayer\vlc\vlc.exe"="C:\Program Files\Freeplayer\vlc\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Winamp Remote\bin\Orb.exe"="C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb"
"C:\Program Files\Winamp Remote\bin\OrbTray.exe"="C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray"
"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"C:\Program Files\Internet\LimeWire\LimeWire.exe"="C:\Program Files\Internet\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Documents and Settings\Toshiba\Local Settings\Temp\ImInstaller\FreeSkin_Installer.exe"="C:\Documents and Settings\Toshiba\Local Settings\Temp\ImInstaller\FreeSkin_Installer.exe:*:Enabled:IncrediMail Installer"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

======List of files/folders created in the last 2 months======

Réponse 34 / 67

tannytane
24 oct. 2008 à 21:28

2008-10-24 20:32:14 ----D---- C:\rsit
2008-10-24 09:22:12 ----A---- C:\WINDOWS\ntbtlog.txt
2008-10-24 09:18:19 ----D---- C:\Documents and Settings\Toshiba\Application Data\Malwarebytes
2008-10-24 09:18:13 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-24 09:18:12 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-23 21:07:38 ----A---- C:\SAFEBOOT_REPAIR.TXT
2008-10-23 20:39:16 ----D---- C:\Program Files\Avira
2008-10-23 20:39:16 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2008-10-23 20:09:08 ----D---- C:\Program Files\Trend Micro
2008-10-23 19:54:17 ----D---- C:\Program Files\CCleaner
2008-10-23 19:45:29 ----A---- C:\TCleaner.txt
2008-10-23 18:01:55 ----D---- C:\Program Files\FindyKill
2008-10-23 17:48:53 ----D---- C:\antibagle
2008-10-23 17:48:42 ----A---- C:\WINDOWS\system32\CF9525.exe
2008-10-23 17:25:13 ----A---- C:\WINDOWS\gmer_uninstall.cmd
2008-10-23 15:59:09 ----SHD---- C:\Config.Msi
2008-10-23 15:49:28 ----A---- C:\WINDOWS\system32\CF18964.exe
2008-10-23 15:47:40 ----A---- C:\WINDOWS\system32\CF18516.exe
2008-10-23 15:03:23 ----D---- C:\WINDOWS\temp
2008-10-23 14:56:31 ----A---- C:\WINDOWS\system32\CF8586.exe
2008-10-23 14:41:55 ----A---- C:\WINDOWS\PSEXESVC.EXE
2008-10-23 14:34:17 ----A---- C:\WINDOWS\zip.exe
2008-10-23 14:34:17 ----A---- C:\WINDOWS\VFIND.exe
2008-10-23 14:34:17 ----A---- C:\WINDOWS\SWXCACLS.exe
2008-10-23 14:34:17 ----A---- C:\WINDOWS\SWSC.exe
2008-10-23 14:34:17 ----A---- C:\WINDOWS\SWREG.exe
2008-10-23 14:34:17 ----A---- C:\WINDOWS\sed.exe
2008-10-23 14:34:17 ----A---- C:\WINDOWS\NIRCMD.exe
2008-10-23 14:34:17 ----A---- C:\WINDOWS\grep.exe
2008-10-23 14:34:17 ----A---- C:\WINDOWS\fdsv.exe
2008-10-23 13:34:02 ----D---- C:\WINDOWS\ERDNT
2008-10-22 17:40:42 ----D---- C:\Documents and Settings\Toshiba\Application Data\Samsung
2008-10-22 11:19:54 ----A---- C:\WINDOWS\system32\framedyn.dll
2008-10-22 11:19:21 ----D---- C:\WINDOWS\system32\Samsung_USB_Drivers
2008-10-22 11:17:22 ----D---- C:\Program Files\Samsung
2008-10-16 22:47:26 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-10-16 22:47:21 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-10-16 22:47:14 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-10-16 22:45:19 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-10-16 22:45:02 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-10-12 21:39:52 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-10-11 10:05:43 ----D---- C:\WINDOWS\Prefetch
2008-10-11 09:04:11 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-10-11 09:04:04 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-10-11 09:03:54 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-10-11 09:03:46 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-10-11 09:03:39 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-10-11 09:03:30 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
2008-10-11 09:03:20 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-10-11 09:03:13 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-10-11 09:03:06 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-10-11 09:02:58 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-10-11 09:02:51 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-10-11 08:58:02 ----D---- C:\Program Files\Messenger
2008-10-11 08:57:35 ----D---- C:\Program Files\msn
2008-10-11 08:57:34 ----D---- C:\WINDOWS\system32\fr
2008-10-11 08:57:34 ----D---- C:\WINDOWS\l2schemas
2008-10-11 08:57:33 ----D---- C:\WINDOWS\system32\bits
2008-10-11 08:53:37 ----D---- C:\WINDOWS\ServicePackFiles
2008-10-11 08:40:48 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-10-07 12:48:06 ----N---- C:\WINDOWS\system32\wlanapi.dll
2008-10-07 12:47:51 ----N---- C:\WINDOWS\system32\tspkg.dll
2008-10-07 12:47:50 ----N---- C:\WINDOWS\system32\tsgqec.dll
2008-10-07 12:47:37 ----N---- C:\WINDOWS\system32\spupdwxp.exe
2008-10-07 12:47:35 ----A---- C:\WINDOWS\system32\spdwnwxp.exe
2008-10-07 12:47:33 ----N---- C:\WINDOWS\system32\slserv.exe
2008-10-07 12:47:33 ----N---- C:\WINDOWS\system32\slrundll.exe
2008-10-07 12:47:33 ----N---- C:\WINDOWS\system32\slgen.dll
2008-10-07 12:47:33 ----N---- C:\WINDOWS\slrundll.exe
2008-10-07 12:47:32 ----N---- C:\WINDOWS\system32\slextspk.dll
2008-10-07 12:47:32 ----N---- C:\WINDOWS\system32\slcoinst.dll
2008-10-07 12:47:26 ----N---- C:\WINDOWS\system32\setupn.exe
2008-10-07 12:47:23 ----N---- C:\WINDOWS\system32\s3gnb.dll
2008-10-07 12:47:21 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2008-10-07 12:47:18 ----N---- C:\WINDOWS\system32\rasqec.dll
2008-10-07 12:47:16 ----N---- C:\WINDOWS\system32\qutil.dll
2008-10-07 12:47:15 ----N---- C:\WINDOWS\system32\qcliprov.dll
2008-10-07 12:47:15 ----N---- C:\WINDOWS\system32\qagentrt.dll
2008-10-07 12:47:15 ----N---- C:\WINDOWS\system32\qagent.dll
2008-10-07 12:47:08 ----N---- C:\WINDOWS\system32\onex.dll
2008-10-07 12:46:54 ----N---- C:\WINDOWS\system32\napstat.exe
2008-10-07 12:46:53 ----N---- C:\WINDOWS\system32\napmontr.dll
2008-10-07 12:46:53 ----N---- C:\WINDOWS\system32\napipsec.dll
2008-10-07 12:46:52 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2008-10-07 12:46:52 ----N---- C:\WINDOWS\system32\msxml6r.dll
2008-10-07 12:46:52 ----N---- C:\WINDOWS\system32\msxml6.dll
2008-10-07 12:46:48 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2008-10-07 12:46:48 ----N---- C:\WINDOWS\system32\mssha.dll
2008-10-07 12:46:29 ----N---- C:\WINDOWS\system32\mmcperf.exe
2008-10-07 12:46:28 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-10-07 12:46:28 ----N---- C:\WINDOWS\system32\mmcex.dll
2008-10-07 12:46:28 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-10-07 12:46:25 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2008-10-07 12:46:05 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2008-10-07 12:46:04 ----N---- C:\WINDOWS\system32\kmsvc.dll
2008-10-07 12:46:03 ----N---- C:\WINDOWS\system32\kbdpash.dll
2008-10-07 12:46:02 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2008-10-07 12:46:02 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2008-10-07 12:46:02 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2008-10-07 12:45:55 ----N---- C:\WINDOWS\system32\smtpapi.dll
2008-10-07 12:45:55 ----N---- C:\WINDOWS\system32\rwnh.dll
2008-10-07 12:45:50 ----N---- C:\WINDOWS\system32\comsdupd.exe
2008-10-07 12:45:41 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2008-10-07 12:45:33 ----N---- C:\WINDOWS\system32\faxpatch.exe
2008-10-07 12:45:33 ----A---- C:\WINDOWS\003169_.tmp
2008-10-07 12:45:30 ----N---- C:\WINDOWS\system32\eapsvc.dll
2008-10-07 12:45:30 ----N---- C:\WINDOWS\system32\eapqec.dll
2008-10-07 12:45:30 ----N---- C:\WINDOWS\system32\eappprxy.dll
2008-10-07 12:45:30 ----N---- C:\WINDOWS\system32\eapphost.dll
2008-10-07 12:45:30 ----N---- C:\WINDOWS\system32\eappgnui.dll
2008-10-07 12:45:29 ----N---- C:\WINDOWS\system32\eappcfg.dll
2008-10-07 12:45:29 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2008-10-07 12:45:29 ----N---- C:\WINDOWS\system32\eapolqec.dll
2008-10-07 12:45:25 ----N---- C:\WINDOWS\system32\dot3ui.dll
2008-10-07 12:45:25 ----N---- C:\WINDOWS\system32\dot3svc.dll
2008-10-07 12:45:25 ----N---- C:\WINDOWS\system32\dot3msm.dll
2008-10-07 12:45:25 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-10-07 12:45:25 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2008-10-07 12:45:25 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2008-10-07 12:45:25 ----N---- C:\WINDOWS\system32\dot3api.dll
2008-10-07 12:45:22 ----N---- C:\WINDOWS\system32\dimsroam.dll
2008-10-07 12:45:22 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2008-10-07 12:45:22 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2008-10-07 12:45:17 ----N---- C:\WINDOWS\system32\credssp.dll
2008-10-07 12:45:09 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2008-10-07 12:45:08 ----N---- C:\WINDOWS\system32\azroles.dll
2008-10-07 12:45:06 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2008-10-07 12:45:05 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2008-10-07 12:45:05 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2008-10-07 12:44:56 ----N---- C:\WINDOWS\system32\aaclient.dll
2008-09-13 15:45:03 ----D---- C:\Documents and Settings\Toshiba\Application Data\Apple Computer
2008-09-13 15:42:22 ----D---- C:\Program Files\QuickTime
2008-09-13 15:42:19 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-09-13 15:40:35 ----D---- C:\Program Files\Apple Software Update
2008-09-13 15:39:59 ----D---- C:\Program Files\Fichiers communs\Apple
2008-09-13 15:39:59 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2008-09-10 18:58:54 ----HDC---- C:\WINDOWS\$NtUninstallKB938464_0$
2008-09-10 18:57:24 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2008-09-04 15:23:32 ----D---- C:\Documents and Settings\All Users\Application Data\Emjysoft
2008-08-27 08:15:41 ----A---- C:\WINDOWS\system32\WINGDE.DLL
2008-08-27 08:15:41 ----A---- C:\WINDOWS\system32\WING32.DLL
2008-08-27 08:15:41 ----A---- C:\WINDOWS\system32\WING.DLL

Réponse 35 / 67

tannytane
24 oct. 2008 à 21:28

======List of files/folders modified in the last 2 months======

2008-10-24 20:18:36 ----D---- C:\WINDOWS\Registration
2008-10-24 20:17:43 ----D---- C:\WINDOWS
2008-10-24 20:17:01 ----HD---- C:\WINDOWS\system32\drivers
2008-10-24 20:16:28 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-10-24 19:44:20 ----D---- C:\Program Files\Mozilla Firefox
2008-10-24 18:27:05 ----D---- C:\Program Files\Winamp Remote
2008-10-24 09:18:12 ----RD---- C:\Program Files
2008-10-23 23:21:38 ----D---- C:\WINDOWS\system32
2008-10-23 22:05:51 ----SHD---- C:\System Volume Information
2008-10-23 22:05:51 ----D---- C:\WINDOWS\system32\Restore
2008-10-23 21:33:02 ----D---- C:\Documents and Settings
2008-10-23 19:58:18 ----D---- C:\WINDOWS\Debug
2008-10-23 19:05:24 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-10-23 17:35:52 ----D---- C:\WINDOWS\system32\CatRoot2
2008-10-23 16:00:33 ----HD---- C:\WINDOWS\inf
2008-10-23 15:59:11 ----SHD---- C:\WINDOWS\Installer
2008-10-23 15:58:27 ----D---- C:\Program Files\Grisoft
2008-10-23 15:03:30 ----A---- C:\WINDOWS\system.ini
2008-10-23 15:02:37 ----D---- C:\WINDOWS\AppPatch
2008-10-23 15:02:37 ----D---- C:\Program Files\Fichiers communs
2008-10-23 14:42:15 ----D---- C:\WINDOWS\system32\config
2008-10-22 17:40:48 ----SD---- C:\Documents and Settings\Toshiba\Application Data\Microsoft
2008-10-22 11:22:55 ----HD---- C:\Program Files\InstallShield Installation Information
2008-10-16 22:47:29 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-10-16 22:47:26 ----HD---- C:\WINDOWS\$hf_mig$
2008-10-16 22:47:02 ----D---- C:\Program Files\Internet Explorer
2008-10-16 22:46:47 ----D---- C:\WINDOWS\ie7updates
2008-10-16 22:46:19 ----A---- C:\WINDOWS\win.ini
2008-10-11 10:04:30 ----D---- C:\WINDOWS\system32\Setup
2008-10-11 10:04:28 ----D---- C:\WINDOWS\system32\wbem
2008-10-11 10:04:27 ----RSD---- C:\WINDOWS\Fonts
2008-10-11 09:08:34 ----D---- C:\WINDOWS\security
2008-10-11 09:04:39 ----D---- C:\WINDOWS\system32\CatRoot
2008-10-11 09:00:38 ----RSD---- C:\WINDOWS\assembly
2008-10-11 08:58:11 ----D---- C:\WINDOWS\WinSxS
2008-10-11 08:57:58 ----D---- C:\WINDOWS\system32\inetsrv
2008-10-11 08:57:58 ----D---- C:\WINDOWS\network diagnostic
2008-10-11 08:57:58 ----D---- C:\WINDOWS\Help
2008-10-11 08:57:57 ----D---- C:\WINDOWS\ime
2008-10-11 08:57:38 ----D---- C:\WINDOWS\system32\usmt
2008-10-11 08:57:38 ----D---- C:\WINDOWS\system32\fr-fr
2008-10-11 08:57:33 ----D---- C:\WINDOWS\PeerNet
2008-10-11 08:57:33 ----D---- C:\Program Files\Movie Maker
2008-10-11 08:53:18 ----D---- C:\WINDOWS\system32\npp
2008-10-11 08:53:16 ----D---- C:\WINDOWS\msagent
2008-10-11 08:53:14 ----D---- C:\WINDOWS\srchasst
2008-10-11 08:53:11 ----D---- C:\Program Files\NetMeeting
2008-10-11 08:53:09 ----D---- C:\WINDOWS\system32\Com
2008-10-11 08:53:05 ----D---- C:\Program Files\Windows NT
2008-10-11 08:53:05 ----D---- C:\Program Files\Outlook Express
2008-10-11 08:53:00 ----D---- C:\Program Files\Fichiers communs\System
2008-10-11 08:52:32 ----D---- C:\WINDOWS\system32\oobe
2008-10-11 08:52:29 ----D---- C:\WINDOWS\system
2008-10-11 08:47:02 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-10-11 08:40:45 ----D---- C:\WINDOWS\ehome
2008-10-07 21:19:40 ----A---- C:\WINDOWS\system32\MRT.exe
2008-10-07 11:55:52 ----AC---- C:\WINDOWS\Iedit_.INI
2008-10-03 19:12:27 ----A---- C:\WINDOWS\system32\ieframe.dll
2008-09-29 09:32:32 ----D---- C:\Program Files\IncrediMail
2008-09-13 21:49:55 ----D---- C:\Program Files\Utilitaires-musique
2008-09-13 21:48:53 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-09-13 15:40:45 ----SD---- C:\WINDOWS\Tasks
2008-09-11 14:43:57 ----D---- C:\Program Files\Windows Live
2008-09-11 14:42:12 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-09-10 18:58:07 ----D---- C:\Program Files\Microsoft Works
2008-09-08 16:39:40 ----AC---- C:\WINDOWS\Navigma.INI
2008-09-06 17:04:31 ----D---- C:\temp
2008-09-06 17:02:49 ----D---- C:\Program Files\jeux
2008-09-04 15:32:09 ----D---- C:\Program Files\utilitaire-image
2008-08-29 08:37:24 ----D---- C:\Documents and Settings\Toshiba\Application Data\Mozilla
2008-08-27 11:11:52 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-08-27 08:41:10 ----AC---- C:\WINDOWS\TLCAPPS.INI
2008-08-26 10:11:54 ----A---- C:\WINDOWS\system32\wininet.dll
2008-08-26 10:11:53 ----A---- C:\WINDOWS\system32\webcheck.dll
2008-08-26 10:11:53 ----A---- C:\WINDOWS\system32\urlmon.dll
2008-08-26 10:11:52 ----A---- C:\WINDOWS\system32\url.dll
2008-08-26 10:11:52 ----A---- C:\WINDOWS\system32\pngfilt.dll
2008-08-26 10:11:52 ----A---- C:\WINDOWS\system32\occache.dll
2008-08-26 10:11:52 ----A---- C:\WINDOWS\system32\mstime.dll
2008-08-26 10:11:52 ----A---- C:\WINDOWS\system32\msrating.dll
2008-08-26 10:11:52 ----A---- C:\WINDOWS\system32\mshtmled.dll
2008-08-26 10:11:49 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2008-08-26 10:11:49 ----A---- C:\WINDOWS\system32\msfeeds.dll
2008-08-26 10:11:49 ----A---- C:\WINDOWS\system32\jsproxy.dll
2008-08-26 10:11:48 ----A---- C:\WINDOWS\system32\iertutil.dll
2008-08-26 10:11:48 ----A---- C:\WINDOWS\system32\iernonce.dll
2008-08-26 10:11:46 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2008-08-26 10:11:46 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2008-08-26 10:11:45 ----A---- C:\WINDOWS\system32\ieaksie.dll
2008-08-26 10:11:45 ----A---- C:\WINDOWS\system32\ieakeng.dll
2008-08-26 10:11:45 ----A---- C:\WINDOWS\system32\icardie.dll
2008-08-26 10:11:45 ----A---- C:\WINDOWS\system32\extmgr.dll
2008-08-26 10:11:45 ----A---- C:\WINDOWS\system32\dxtrans.dll
2008-08-26 10:11:45 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2008-08-26 10:11:45 ----A---- C:\WINDOWS\system32\advpack.dll
2008-08-25 10:39:40 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2008-08-25 10:38:00 ----A---- C:\WINDOWS\system32\ieudinit.exe
2008-08-25 05:35:14 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-06-27 75072]
R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2005-08-25 5628]
R1 DLARTL_N;DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [2005-08-25 22684]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys []
R1 InCDPass;InCdPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2003-07-24 28432]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 sdcplh;sdcplh; C:\WINDOWS\System32\drivers\sdcplh.sys [2005-10-18 55168]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.5.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2007-01-24 21419]
R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2005-10-06 25628]
R2 DLADResN;DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2005-10-06 2496]
R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2005-10-06 86524]
R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2005-10-06 14684]
R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2005-10-06 6364]
R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2005-10-06 87036]
R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2005-10-06 94332]
R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2005-08-12 40544]
R2 Netdevio;TOSHIBA Network Device Usermode I/O Protocol; C:\WINDOWS\system32\DRIVERS\netdevio.sys [2003-01-29 12032]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2006-08-02 12544]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2005-12-13 1124097]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 E100B;Intel(R) PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2006-01-13 163328]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2006-03-23 1166972]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-05-05 4271616]
R3 Iviaspi;IVI ASPI Shell; C:\WINDOWS\system32\drivers\iviaspi.sys [2003-09-10 21060]
R3 NETw3x32;Pilote de carte réseau Intel(R) PRO/Wireless 3945ABG pour Windows XP 32 bits; C:\WINDOWS\system32\DRIVERS\NETw3x32.sys [2006-07-26 1707776]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 Pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2005-08-15 10368]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-03-03 191968]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-11-30 162560]
R3 TVALD;Toshiba Mobile PC Service; C:\WINDOWS\system32\DRIVERS\NBSMI.sys [2005-10-20 6144]
R3 Tvs;TOSHIBA Virtual Sound with SRS technologies; C:\WINDOWS\system32\DRIVERS\Tvs.sys [2006-05-30 45696]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 X10Hid;X10 Hid Device; C:\WINDOWS\System32\Drivers\x10hid.sys [2005-11-28 7040]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDfs.sys [2003-07-24 86752]
S2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\Free\LogMeIn\x86\RaInfo.sys []
S2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys []
S3 4676f099-624b-4d5a-81cd-5a97518b0a3a;4676f099-624b-4d5a-81cd-5a97518b0a3a; \??\D:\Player\cds300.dll []
S3 ahbc1od1;ahbc1od1; C:\WINDOWS\system32\drivers\ahbc1od1.sys []
S3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2006-04-02 471264]
S3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-03-22 1522688]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys []
S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys []
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-10-21 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-10-21 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-10-21 21568]
S3 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys []
S3 MHNDRV;Pilote MHN; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys []
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys []
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys []
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-05-01 3643296]
S3 ovt530;Webcam Classic; C:\WINDOWS\System32\Drivers\ov530vid.sys [2005-03-15 161792]
S3 qcusbmdm;Qualcomm Proprietary USB Driver (PID 3197); C:\WINDOWS\system32\DRIVERS\qcusbmdm.sys [2003-03-11 59632]
S3 qcusbser;Qualcomm Diagnostic Port 3197; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [2003-03-11 59632]
S3 SE26bus;Sony Ericsson Device 038 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\SE26bus.sys [2006-05-15 61600]
S3 SE26mdfl;Sony Ericsson Device 038 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\SE26mdfl.sys [2006-05-01 9360]
S3 SE26mdm;Sony Ericsson Device 038 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\SE26mdm.sys [2006-05-01 97184]
S3 SE26mgmt;Sony Ericsson Device 038 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\SE26mgmt.sys [2006-05-01 88688]
S3 se26nd5;Sony Ericsson Device 038 USB Ethernet Emulation SEMC38 (NDIS); C:\WINDOWS\system32\DRIVERS\se26nd5.sys [2006-05-01 18704]
S3 SE26obex;Sony Ericsson Device 038 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\SE26obex.sys [2006-05-15 86560]
S3 se26unic;Sony Ericsson Device 038 USB Ethernet Emulation SEMC38 (WDM); C:\WINDOWS\system32\DRIVERS\se26unic.sys [2006-05-15 90768]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys []
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys []
S3 tosrfec;Bluetooth ACPI from TOSHIBA; C:\WINDOWS\system32\DRIVERS\tosrfec.sys [2005-09-09 9344]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS []
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 LMIRfsClientNP;LMIRfsClientNP; C:\WINDOWS\system32\drivers\LMIRfsClientNP.sys []
S4 mchInjDrv;mchInjDrv; \??\C:\DOCUME~1\Toshiba\LOCALS~1\Temp\mc23.tmp []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-23 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-23 151297]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-09-10 116040]
R2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2005-01-18 40960]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-04-09 237568]
R2 ehSched;Service de planification Media Center; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 103424]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2006-08-02 434176]
R2 InCDsrv;InCD File System Service; C:\Program Files\Utilitaires-musique\nero\InCD\InCD\InCDsrv.exe [2003-07-24 786484]
R2 NeroNET;NeroNET; C:\Program Files\Utilitaires-musique\nero\wizard\NeroNET\NeroNET.exe [2003-02-18 1028096]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2006-08-02 327680]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2006-08-02 937984]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 TAPPSRV;TOSHIBA Application Service; C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe [2006-02-07 35840]
R2 x10nets;X10 Device Network Service; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [2001-11-12 20480]
R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S2 LMIMaint;LogMeIn Maintenance Service; C:\Program Files\Free\LogMeIn\x86\RaMaint.exe []
S2 LogMeIn;LogMeIn; C:\Program Files\Free\LogMeIn\x86\LogMeIn.exe []
S2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-05-01 143428]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-02-03 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-03-26 292864]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-03-22 405504]

-----------------EOF-----------------

Réponse 36 / 67

tannytane
24 oct. 2008 à 21:36

Je crois avoir eut ce virus en essayant de débloquer mon nouveau portable pour avoir des jeux.
J'ai vu ça sur forum mobile.com
Serait-il possible que ces liens soient à l'origine du virus? :

Programmes requis :
Qualcomm USB drivers : http://uploaded.to/?id=u8j08i
BitPim: https://sourceforge.net/projects/bitpim/

Parce que je ne voudrais pas refaire la même bêtise...

Réponse 37 / 67

tannytane
24 oct. 2008 à 21:55

Je vais me coucher demain ya boulot...
Merci de ton aide et j'espère que tu vas me confirmer que tout va bien.
Bonne soirée et bonne nuit à mon sauveur

Réponse 38 / 67

sKe69 Messages postés 21360 Date d'inscription samedi 15 mars 2008 Statut Contributeur sécurité Dernière intervention 30 décembre 2012 463
24 oct. 2008 à 22:09

Bien ...

la suite pour demain :

1- Télécharges OTMoveIt3 (de Old_Timer) sur ton Bureau.

http://oldtimer.geekstogo.com/OTMoveIt3.exe

! Déconnectes toi et fermes toute tes applications en cours !

Double cliques sur "OTMoveIt3.exe" pour ouvrir le prg .
Puis copies ce qui se trouve en citation ci-dessous,

:Processes
explorer.exe

:Services
4676f099-624b-4d5a-81cd-5a97518b0a3a
ahbc1od1

:Reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}]

:Files
C:\WINDOWS\Navigma.INI 

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

et colles le dans le cadre de gauche de OTMoveIt3 :
Paste Instructions for items to be moved.
(ne touche à rien d'autre !)

-> cliques sur MoveIt! pour lancer la suppression.
-> laisses travailler l'outil ...

( Note : ton bureau va disparaitre puis réapparaitre, c'est normal .)

-> une fois finis , un petite fenêtre s'ouvre : cliques sur " Yes " .

Ton PC va redémarrer de lui même ...

-->Postes le contenu du rapport qui se trouve dans le dossier "C:\_OTMoveIt\MovedFiles"
( " xxxx2008_xxxxxx.log " où les "x" correspondent au jour et à l'heure de l'utilisation ).

une fois ce rapport posté , fais la suite :

2- Avoir accès aux fichiers cachés :

Vas dans Menu Démarrer->Poste de travail->Outils->Options des dossiers...->Affichage
* "Afficher les fichiers et dossiers cachés" ---> coché
* "Masquer les extensions des fichiers dont le type est connu" ---> décoché
* "masquer les fichiers du système" ---> décoché
-> valides la modif ( "appliquer" puis "ok" ).
( tu remetteras les paramètres de départ une fois la désinfection terminée , pas avant ... )

3-Rends toi sur ce site :

https://www.virustotal.com/gui/

Copies ce qui suit et colles le dans l'espace pour la recherche :
C:\Config.Msi

Cliques sur Send File ( = " Envoyer le fichier " ).

Un rapport va s'élaborer ligne à ligne.

Attends bien la fin ... Il doit comprendre la taille du fichier envoyé.

Sauvegarde le rapport avec le bloc-note.

Copies le dans ta prochaine réponse ...

( Si VirusTotal indique que le fichier a déjà été analysé, clique sur le bouton Ré-analyse le fichier maintenant )

Fais de même pour :
C:\WINDOWS\system32\CF18964.exe
C:\WINDOWS\system32\CF18516.exe
C:\WINDOWS\system32\CF8586.exe

postes moi donc ces 4 rapports ( surtout le début avec le listing des AV , et en précisant bien au début de chacuns à quel fichier ils correspondent ) et attends la suite ...

Réponse 39 / 67

tannytane
25 oct. 2008 à 19:58

Salut, voici le rapport :

========== PROCESSES ==========
Process explorer.exe killed successfully.
========== SERVICES/DRIVERS ==========
Service 4676f099-624b-4d5a-81cd-5a97518b0a3a stopped successfully.
Service 4676f099-624b-4d5a-81cd-5a97518b0a3a deleted successfully.
Unable to stop service ahbc1od1 .
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}\\ not found.
========== FILES ==========
C:\WINDOWS\Navigma.INI moved successfully.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\Toshiba\LOCALS~1\Temp\Perflib_Perfdata_b30.dat scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Toshiba\LOCALS~1\Temp\Perflib_Perfdata_c18.dat scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be deleted on reboot.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.5.0 log created on 10252008_195210

Files moved on Reboot...
File C:\DOCUME~1\Toshiba\LOCALS~1\Temp\Perflib_Perfdata_b30.dat not found!
File C:\DOCUME~1\Toshiba\LOCALS~1\Temp\Perflib_Perfdata_c18.dat not found!
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be moved on reboot.

Réponse 40 / 67

tannytane
25 oct. 2008 à 20:10

Premier rapport sur virustotal.com pour config msi :

0 bytes size received / Se ha recibido un archivo vacio

C'est normal ça?

Virus bagle

67 réponses

Discussions similaires

Newsletters