Se connecter / S'enregistrer
Votre question

[RESOLUT] Le PC du padré

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
2 Avril 2010 21:15:17

bonsoir, je vous écrit depuis mon pc personnel suite a divers problèmes du pc de mon popa
en effet celui ci ne veux plus connecter sont windows live messenger
aprés plusieur tests de solutions et même proposé par microsoft
je suis a bout

son antivirus bitdefender qui me marque ceci en compte rendu
trojan.TDss.AT - bloqué - 09/01/2009
Trojan.Generic.1133786 - effacé - 17/12/2008
Trojan.DiskEraser.D - bloqué - 12/09/2008
Adware.MSNSkinner.B - Effacé - 09/09/2008
Trojan.Html.Cored.A - bloqué - 21/08/2008

je suis un peu septique au niveau de la signification de "bloqué" (je sais c'est de la paranoviral ^^)

hijackthis:


Logfile of random's system information tool 1.06 (written by random/random)
Run by claude at 2010-04-02 18:27:25
Microsoft Windows XP Édition familiale Service Pack 2
System drive I: has 40 GB (52%) free of 76 GB
Total RAM: 2943 MB (79% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:27:29, on 02/04/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
I:\WINDOWS\System32\smss.exe
I:\WINDOWS\system32\winlogon.exe
I:\WINDOWS\system32\services.exe
I:\WINDOWS\system32\lsass.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\System32\svchost.exe
I:\WINDOWS\system32\spoolsv.exe
I:\WINDOWS\Explorer.EXE
I:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
I:\Program Files\Logitech\Video\LogiTray.exe
I:\WINDOWS\SOUNDMAN.EXE
I:\WINDOWS\system32\RUNDLL32.EXE
I:\WINDOWS\system32\LVComsX.exe
I:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
I:\Program Files\AXEL\Pense-bête\pensebet.exe
I:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE
I:\WINDOWS\system32\ctfmon.exe
I:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
I:\Program Files\Bonjour\mDNSResponder.exe
I:\Program Files\Logitech\Video\FxSvr2.exe
I:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
I:\Program Files\Java\jre6\bin\jqs.exe
I:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
I:\WINDOWS\system32\nvsvc32.exe
I:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\system32\SearchIndexer.exe
I:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
I:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
I:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
I:\WINDOWS\System32\svchost.exe
I:\WINDOWS\System32\svchost.exe
I:\Program Files\Windows Live\Messenger\msnmsgr.exe
I:\Program Files\Windows Live\Contacts\wlcomm.exe
I:\WINDOWS\system32\wuauclt.exe
I:\Program Files\BitDefender\BitDefender 2008\history.exe
I:\Program Files\Internet Explorer\iexplore.exe
I:\Program Files\Internet Explorer\iexplore.exe
I:\WINDOWS\system32\SearchProtocolHost.exe
I:\Program Files\Internet Explorer\iexplore.exe
I:\Documents and Settings\claude\Local Settings\Temporary Internet Files\Content.IE5\NE0XJHMV\RSIT[1].exe
I:\Program Files\Trend Micro\HijackThis\claude.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - I:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - I:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - I:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - I:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - I:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - I:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - I:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - I:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [ISUSPM Startup] I:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "I:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [LogitechVideoRepair] I:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] I:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE I:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE I:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HDAudDeck] I:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [Pense-bête] I:\Program Files\AXEL\Pense-bête\pensebet.exe
O4 - HKLM\..\Run: [EPSON Stylus DX4000 Series] I:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "I:\WINDOWS\TEMP\E_S6E.tmp" /EF "HKLM"
O4 - HKCU\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "I:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Raccourci vers bdagent.exe.lnk = I:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://I:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://I:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - I:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} (JordanUploader Class) - http://photoservice.fujicolor.de/ips-opdata/objects/jordan.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://copainsdavant.linternaute.com/framework/lib/objimageuploader/html_include/5.1.1.0/ImageUploader5.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0787FC37-493E-4484-91FD-947E9F880D64}: NameServer = 212.30.96.108,213.203.124.146
O17 - HKLM\System\CS1\Services\Tcpip\..\{0787FC37-493E-4484-91FD-947E9F880D64}: NameServer = 212.30.96.108,213.203.124.146
O17 - HKLM\System\CS4\Services\Tcpip\..\{0787FC37-493E-4484-91FD-947E9F880D64}: NameServer = 212.30.96.108,213.203.124.146
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - I:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - I:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - I:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - I:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - I:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - I:\WINDOWS\system32\drivers\KodakCCS.exe (file missing)
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - I:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: NMIndexingService - Nero AG - I:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - I:\WINDOWS\system32\nvsvc32.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - I:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - I:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe

--
End of file - 9534 bytes

======Scheduled tasks folder======

I:\WINDOWS\tasks\User_Feed_Synchronization-{CC29118B-3DA8-4E69-96F5-57BEEF5097BC}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - I:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - I:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - I:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - I:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - I:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-25 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - I:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - I:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]
{381FFDE8-2394-4f90-B10D-FC6124A40F8C} - BitDefender Toolbar - I:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll [2008-02-28 86016]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - I:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"=I:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe [2004-04-17 196608]
"ISUSScheduler"=I:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2004-04-13 69632]
"LogitechVideoRepair"=I:\Program Files\Logitech\Video\ISStart.exe [2005-01-18 458752]
"LogitechVideoTray"=I:\Program Files\Logitech\Video\LogiTray.exe [2005-01-18 217088]
"SoundMan"=I:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536]
"NvCplDaemon"=I:\WINDOWS\system32\NvCpl.dll [2008-08-01 13529088]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=I:\WINDOWS\system32\NvMcTray.dll [2008-08-01 86016]
"HDAudDeck"=I:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [2008-08-15 30003200]
"Pense-bête"=I:\Program Files\AXEL\Pense-bête\pensebet.exe [2002-06-10 972800]
"EPSON Stylus DX4000 Series"=I:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE [2006-02-21 131072]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=I:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360]
"msnmsgr"=I:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater]
I:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe [2008-11-23 2356088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
I:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe [2008-11-20 178688]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
I:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe [2007-10-23 202024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IncrediMail]
I:\Program Files\IncrediMail\bin\IncMail.exe [2009-02-02 251264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\kawcweu]
i:\documents and settings\claude\local settings\application data\kawcweu.exe kawcweu []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
I:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe [2007-03-01 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
I:\Program Files\QuickTime\QTTask.exe -atboottime []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
I:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe -osboot []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\I:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^KODAK Software Updater.lnk]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\I:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logiciel Kodak EasyShare.lnk]
I:\PROGRA~1\Kodak\KODAKE~1\bin\EASYSH~1.EXE -hx []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\I:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Windows Search.lnk]
I:\PROGRA~1\WI459E~1\WINDOW~1.EXE [2008-05-26 123904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\I:^Documents and Settings^claude^Menu Démarrer^Programmes^Démarrage^Notification de cadeaux MSN.lnk]
I:\DOCUME~1\claude\APPLIC~1\MICROS~1\NOTIFI~1\lsnfier.exe []

I:\Documents and Settings\claude\Menu Démarrer\Programmes\Démarrage
Raccourci vers bdagent.exe.lnk - I:\Program Files\BitDefender\BitDefender 2008\bdagent.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - I:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=I:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=
scecli
scecli

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoWindowsUpdate"=0
"NoFavoritesMenu"=0
"NoSMMyPictures"=0
"NoStartMenuMyMusic"=0
"NoRecentDocsNetHood"=0
"NoRun"=0
"NoUserNameInStartMenu"=1
"NoInstrumentation"=0
"NoStartMenuPinnedList"=0
"ForceStartMenuLogoff"=0
"NoSharedDocuments"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoFavoritesMenu"=
"NoSMMyPictures"=
"NoStartMenuMyMusic"=
"NoRecentDocsNetHood"=
"NoRun"=
"NoInstrumentation"=
"NoSimpleStartMenu"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"I:\Program Files\IncrediMail\bin\ImApp.exe"="I:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
"I:\Program Files\IncrediMail\bin\IncMail.exe"="I:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"I:\Program Files\IncrediMail\bin\ImpCnt.exe"="I:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"I:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe"="I:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare"
"I:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe"="I:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater"
"I:\Program Files\Bonjour\mDNSResponder.exe"="I:\Program Files\Bonjour\mDNSResponder.exe:*:Disabled:Bonjour"
"I:\Program Files\Messenger\msmsgs.exe"="I:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"I:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="I:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"I:\Program Files\Windows Live\Messenger\wlcsdk.exe"="I:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"I:\Program Files\Windows Live\Messenger\msnmsgr.exe"="I:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"I:\Program Files\Windows Live\Messenger\wlcsdk.exe"="I:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"I:\Program Files\Windows Live\Messenger\msnmsgr.exe"="I:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{258ea40c-652c-11dc-ad67-000fea2da77f}]
shell\AutoRun\command - I:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MS32DLL.dll.vbs

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{55325b3c-e0fc-11de-b29e-0014a41f942d}]
shell\AutoRun\command - H:\AutoRun.exe


======File associations======

.js - open - "I:\Program Files\Adobe\Adobe Dreamweaver CS3\dreamweaver.exe","%1"

======List of files/folders created in the last 1 months======

2010-04-02 18:27:25 ----D---- I:\rsit
2010-04-02 14:56:17 ----D---- I:\Program Files\Microsoft Sync Framework
2010-04-02 14:55:27 ----D---- I:\Program Files\Microsoft
2010-04-02 14:54:54 ----D---- I:\Program Files\Windows Live
2010-03-25 21:55:37 ----N---- I:\WINDOWS\system32\browserchoice.exe

======List of files/folders modified in the last 1 months======

2010-04-02 18:54:33 ----A---- I:\WINDOWS\SchedLgU.Txt
2010-04-02 18:54:25 ----A---- I:\WINDOWS\bdagent.INI
2010-04-02 18:27:29 ----D---- I:\WINDOWS\Prefetch
2010-04-02 18:27:13 ----D---- I:\WINDOWS\Temp
2010-04-02 18:21:10 ----D---- I:\Program Files\Mozilla Firefox
2010-04-02 18:20:01 ----D---- I:\WINDOWS\system32
2010-04-02 17:59:55 ----A---- I:\WINDOWS\system32\PerfStringBackup.INI
2010-04-02 16:25:26 ----D---- I:\WINDOWS\system32\CatRoot2
2010-04-02 16:12:00 ----D---- I:\WINDOWS\system32\CatRoot
2010-04-02 14:56:30 ----SHD---- I:\WINDOWS\Installer
2010-04-02 14:56:17 ----RD---- I:\Program Files
2010-04-02 14:56:06 ----SD---- I:\Documents and Settings\All Users\Application Data\Microsoft
2010-04-02 14:48:05 ----D---- I:\Program Files\Unity
2010-04-02 14:41:20 ----D---- I:\Program Files\VS Revo Group
2010-04-02 12:55:16 ----D---- I:\WINDOWS
2010-04-02 12:45:56 ----D---- I:\Program Files\Windows Live SkyDrive
2010-03-31 07:50:59 ----D---- I:\WINDOWS\system32\LogFiles
2010-03-30 14:56:37 ----D---- I:\WINDOWS\Debug
2010-03-30 08:18:36 ----HD---- I:\WINDOWS\inf
2010-03-30 08:18:32 ----RSHDC---- I:\WINDOWS\system32\dllcache
2010-03-28 00:02:19 ----A---- I:\WINDOWS\NeroDigital.ini
2010-03-24 01:29:00 ----D---- I:\WINDOWS\ie8updates
2010-03-24 01:28:58 ----HD---- I:\WINDOWS\$hf_mig$
2010-03-24 01:28:47 ----D---- I:\Program Files\Movie Maker
2010-03-24 01:28:20 ----D---- I:\Documents and Settings\All Users\Application Data\Microsoft Help
2010-03-19 18:58:17 ----AD---- I:\Documents and Settings\All Users\Application Data\TEMP

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 bdftdif;bdftdif; \??\I:\Program Files\Fichiers communs\BitDefender\BitDefender Firewall\bdftdif.sys []
R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; I:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-03 8832]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service; I:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2008-06-29 86792]
R3 bdfsfltr;bdfsfltr; I:\WINDOWS\system32\drivers\bdfsfltr.sys [2008-01-07 196368]
R3 BDSelfPr;BDSelfPr; \??\I:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys []
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; I:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Pilote de classe HID Microsoft; I:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 LVUSBSta;Logitech USB Monitor Filter; I:\WINDOWS\system32\drivers\lvusbsta.sys [2004-10-08 22016]
R3 monfilt;monfilt; I:\WINDOWS\system32\drivers\monfilt.sys [2008-02-14 1389056]
R3 mouhid;Pilote HID de souris; I:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 MTsensor;ATK0110 ACPI UTILITY; I:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-14 5810]
R3 nv;nv; I:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-08-01 6555104]
R3 NVENETFD;NVIDIA nForce 10/100/1000 Mbps Ethernet ; I:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2008-08-01 54784]
R3 nvnetbus;NVIDIA Network Bus Enumerator; I:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2008-08-01 22016]
R3 QCMerced;Logitech QuickCam Communicate; I:\WINDOWS\system32\DRIVERS\LVCM.sys [2004-10-08 585824]
R3 usbaudio;Pilote USB audio (WDM); I:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
R3 usbccgp;Pilote parent générique USB Microsoft; I:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; I:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-05 26624]
R3 usbhub;Concentrateur USB2; I:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-05 57600]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; I:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024]
R3 usbstor;Pilote de stockage de masse USB; I:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 26496]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; I:\WINDOWS\system32\drivers\viahduaa.sys [2008-07-26 845184]
S1 AmdK8;Pilote de processeur AMD; I:\WINDOWS\system32\DRIVERS\AmdK8.sys []
S1 AmdPPM;Pilote de processeur AMD HwPState; I:\WINDOWS\system32\DRIVERS\AmdPPM.sys []
S2 BDRSDRV;BDRSDRV; \??\I:\Program Files\Softwin\BitDefender10\bdrsdrv.sys []
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); I:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-04-25 4030144]
S3 azkwepj6;azkwepj6; I:\WINDOWS\system32\drivers\azkwepj6.sys []
S3 BDFSDRV;BDFSDRV; \??\I:\Program Files\Softwin\BitDefender10\bdfsdrv.sys []
S3 CCDECODE;Décodeur sous-titre fermé; I:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; I:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; I:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; I:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 PALLADIA;Palladia 300/400 Usb Adsl Modem; I:\WINDOWS\system32\DRIVERS\usbiad.sys [2005-06-13 31579]
S3 PCASp50;PCASp50 NDIS Protocol Driver; I:\WINDOWS\System32\Drivers\PCASp50.sys [2005-11-19 20096]
S3 Profos;Profos; \??\I:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\profos.sys []
S3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); I:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 SLIP;Détrameur décalage BDA; I:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; I:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 Trufos;Trufos; \??\I:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\trufos.sys []
S3 usb_rndis;Broadcom USB Remote NDIS Device Driver; I:\WINDOWS\system32\DRIVERS\usb8023.sys [2004-08-05 12672]
S3 usbprint;Classe d'imprimantes USB Microsoft; I:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Pilote de scanneur USB; I:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; I:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-05 20480]
S3 WSTCODEC;Codec Teletext standard; I:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; I:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; I:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; I:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys []
S3 ZTEusbnmea;ZTE NMEA Port; I:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys []
S3 ZTEusbser6k;ZTE Diagnostic Port; I:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys []
S4 IntelIde;IntelIde; I:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;Pilote de filtre de restauration système; I:\WINDOWS\system32\DRIVERS\sr.sys [2004-08-05 73600]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; I:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe [2008-11-19 109056]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; I:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 JavaQuickStarterService;Java Quick Starter; I:\Program Files\Java\jre6\bin\jqs.exe [2009-07-25 153376]
R2 LIVESRV;BitDefender Desktop Update Service; I:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe [2008-11-27 1179648]
R2 MDM;Machine Debug Manager; I:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120]
R2 NVSvc;NVIDIA Display Driver Service; I:\WINDOWS\system32\nvsvc32.exe [2008-08-01 159812]
R2 SeaPort;SeaPort; I:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
R2 VSSERV;BitDefender Virus Shield; I:\Program Files\BitDefender\BitDefender 2008\vsserv.exe [2008-09-15 1261568]
R2 WSearch;Windows Search; I:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R2 XCOMM;BitDefender Communicator; I:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe [2007-11-27 86016]
R3 scan;BitDefender Threat Scanner; I:\WINDOWS\System32\svchost.exe [2004-08-05 14336]
S2 KodakCCS;Kodak Camera Connection Software; I:\WINDOWS\system32\drivers\KodakCCS.exe []
S3 aspnet_state;Service d'état ASP.NET; I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; I:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2007-10-10 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; i:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; I:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S3 idsvc;Windows CardSpace; I:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NMIndexingService;NMIndexingService; I:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe [2007-10-23 382248]
S3 odserv;Microsoft Office Diagnostics Service; I:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; I:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; I:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; I:\WINDOWS\system32\svchost.exe [2004-08-05 14336]
S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; I:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Autres pages sur : resolut padra

2 Avril 2010 21:25:48

la suite avec le fichier info::


info.txt logfile of random's system information tool 1.06 2010-04-02 18:27:30

======Uninstall list======

-->I:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
ABBYY FineReader 6.0 Sprint-->MsiExec.exe /I{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
Adobe After Effects CS3 Presets-->MsiExec.exe /I{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}
Adobe After Effects CS3 Third Party Content-->I:\Program Files\Fichiers communs\Adobe\Installers\3675c95c239b992d5d0ee8fce969b9e\Setup.exe
Adobe After Effects CS3 Third Party Content-->MsiExec.exe /I{7ECEF10B-F1C2-4FD5-861F-A3FCB4653304}
Adobe After Effects CS3-->MsiExec.exe /I{EB0202F7-016A-410C-ADE4-40F848CCC661}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe BridgeTalk Plugin CS3-->MsiExec.exe /I{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings-->I:\Program Files\Fichiers communs\Adobe\Installers\6c8e2cb4fd241c55406016127a6ab2e\Setup.exe
Adobe Color Common Settings-->MsiExec.exe /I{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}
Adobe Color EU Recommended Settings-->MsiExec.exe /I{73B5D990-04EA-4751-B10F-5534770B91F2}
Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Extra Settings-->MsiExec.exe /I{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}
Adobe Creative Suite 3 Master Collection-->MsiExec.exe /I{5D2398DF-3022-4820-93BA-F1175FBEA9CA}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe Dreamweaver CS3-->MsiExec.exe /I{4BDB76C6-902E-41D5-9064-68768E02886B}
Adobe Encore CS3 Codecs-->MsiExec.exe /I{B8B7A4D8-80E1-4DAE-BD33-7FD535BA3931}
Adobe Encore CS3-->MsiExec.exe /I{54B2EAD9-A110-43F7-B010-2859A1BD2AFE}
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}
Adobe Extension Manager CS3-->MsiExec.exe /I{BE5F3842-8309-4754-92D5-83E02E6077A3}
Adobe Fireworks CS3-->MsiExec.exe /I{21C4D775-368A-46C4-8DC3-4207165B7115}
Adobe Flash CS3-->MsiExec.exe /I{80FD3971-8482-49C8-BA8C-B6464A15882F}
Adobe Flash Player 10 ActiveX-->I:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->I:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Video Encoder-->MsiExec.exe /I{1B0BCA28-1F11-4D60-8A2F-DEBE04B5341E}
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3-->MsiExec.exe /I{7ACFB90E-8FD0-4397-AD3A-5195412623A3}
Adobe Illustrator CS3-->MsiExec.exe /I{6E08CE13-C2AB-4749-9335-5900B958929E}
Adobe InDesign CS3 Icon Handler-->MsiExec.exe /I{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}
Adobe InDesign CS3-->MsiExec.exe /I{FE8327F9-3AC1-4586-8C7E-3DEE2BC92441}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe MotionPicture Color Files-->MsiExec.exe /I{6B708481-748A-4EB4-97C1-CD386244FF77}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3-->MsiExec.exe /I{C1FA4B3B-1625-4922-9C9D-780E8FCE161A}
Adobe Premiere Pro CS3 Functional Content-->MsiExec.exe /I{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}
Adobe Premiere Pro CS3 Third Party Content-->MsiExec.exe /I{485ACF57-F364-440A-8496-E1E81C8FA1AA}
Adobe Premiere Pro CS3-->MsiExec.exe /I{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}
Adobe Setup-->MsiExec.exe /I{004685F7-9FB6-4789-812F-59ABB34A55AF}
Adobe Setup-->MsiExec.exe /I{1628F6BD-5ED1-4FD1-B90F-C106AF4E00F0}
Adobe Setup-->MsiExec.exe /I{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}
Adobe SING CS3-->MsiExec.exe /I{B671CBFD-4109-4D35-9252-3062D3CCB7B2}
Adobe Soundbooth CS3 Codecs-->MsiExec.exe /I{0327FA9D-975C-448C-A086-577D57BB25B8}
Adobe Soundbooth CS3-->MsiExec.exe /I{A6B23EFA-6590-482C-A11F-5ACE1B91F5B9}
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe Video Profiles-->MsiExec.exe /I{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}
Adobe WAS CS3-->MsiExec.exe /I{C5BD220A-EFE8-48A5-B70E-9503D535FACE}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP DVA Panels CS3-->MsiExec.exe /I{0224CACC-994D-45F8-B973-D65056EA9C2F}
Adobe XMP Panels CS3-->MsiExec.exe /I{D5A31AB1-345D-47C7-A87B-036A669F6DF1}
AHV content for Acrobat and Flash-->MsiExec.exe /I{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}
Ajouter ou supprimer Adobe Creative Suite 3 Master Collection-->I:\Program Files\Fichiers communs\Adobe\Installers\b5d5789539ea1f004a4defceea74312\Setup.exe
Archiveur WinRAR-->I:\Program Files\WinRAR\uninstall.exe
ArcSoft Print Creations - Album Page-->RunDll32 I:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x40c -1AlbumPage
ArcSoft Print Creations - Funhouse-->RunDll32 I:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x40c -1Funhouse
ArcSoft Print Creations - Greeting Card-->RunDll32 I:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x40c -1GreetingCard
ArcSoft Print Creations - Photo Book-->RunDll32 I:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x40c -1PhotoBook
ArcSoft Print Creations - Photo Calendar-->RunDll32 I:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x40c -1Calendar
ArcSoft Print Creations - Scrapbook-->RunDll32 I:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x40c -1ScrapBook
ArcSoft Print Creations - Slimline Card-->RunDll32 I:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x40c -1Slimline
ArcSoft Print Creations-->RunDll32 I:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x40c
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
BitDefender Internet Security 2008-->MsiExec.exe /I{BF7D87C5-CFC3-40C5-A367-24586EEBB8CA}
CCleaner (remove only)-->"I:\Program Files\CCleaner\uninst.exe"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"I:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB979306)-->"I:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe"
Dream Vacation Solitaire FREE-->"I:\Program Files\Incredijeux\Dream Vacation Solitaire FREE\Uninstall.exe" "I:\Program Files\Incredijeux\Dream Vacation Solitaire FREE\install.log"
eMule-->"I:\Program Files\eMule\Uninstall.exe"
EPSON Attach To Email-->I:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{20C45B32-5AB6-46A4-94EF-58950CAF05E5} /l1033 ADDREMOVEDLG
EPSON Copy Utility 3-->RunDll32 I:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\SETUP.EXE" -l0x40c -UnInstall
EPSON Easy Photo Print-->RunDll32 I:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{BC69DDB8-4840-4D9B-BB31-0D4DB2BA1312}\SETUP.EXE" -l0x40c UNINST
EPSON File Manager-->RunDll32 I:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{E86BC406-944E-41F6-ADE6-2C136734C96B}\Setup.exe" -l0x40c UNINST
EPSON Logiciel imprimante-->I:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
EPSON Scan Assistant-->RunDll32 I:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}\Setup.exe" -l0x40c -u
EPSON Scan-->I:\Program Files\epson\escndv\setup\setup.exe /r
EPSON Web-To-Page-->RunDll32 I:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}\SETUP.EXE" -l0x40c -anything
ESDX4000_4050_CX3900-->I:\Program Files\EPSON\TPMANUAL\ESDX4000_4050_CX3900\USE_G\DOCUNINS.EXE
ESSSONIC-->MsiExec.exe /I{073F22CE-9A5B-4A40-A604-C7270AC6BF34}
HijackThis 2.0.2-->"I:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.0 (KB932471)-->I:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {ECD292A0-0347-4244-8C24-5DBCE990FB40} /package {BAF78226-3200-4DB4-BE33-4D922A799840}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->I:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->I:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
IncrediMail-->I:\Program Files\IncrediMail\bin\ImSetup.exe /remove /addon:IncrediMail /log:IncMail.log
Installation Windows Live-->I:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Java(TM) 6 Update 15-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216012FF}
kgcbaby-->MsiExec.exe /I{E18B549C-5D15-45DA-8D8F-8FD2BD946344}
kgcbase-->MsiExec.exe /I{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}
kgchday-->MsiExec.exe /I{11F3F858-4131-4FFA-A560-3FE282933B6E}
kgchlwn-->MsiExec.exe /I{03EDED24-8375-407D-A721-4643D9768BE1}
kgcinvt-->MsiExec.exe /I{9BD54685-1496-46A5-AB62-357CD140ED8B}
kgckids-->MsiExec.exe /I{693C08A7-9E76-43FF-B11E-9A58175474C4}
kgcmove-->MsiExec.exe /I{A1588373-1D86-4D44-86C9-78ABD190F9CC}
kgcvday-->MsiExec.exe /I{8A8664E1-84C8-4936-891C-BC1F07797549}
K-Lite Codec Pack 4.5.3 (Full)-->"I:\Program Files\K-Lite Codec Pack\unins000.exe"
Lecteur Windows Media 11-->"I:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Logiciel QuickCam de Logitech-->RunDll32 I:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{C43048A9-742C-4DAD-90D2-E3B53C9DB825}\setup.exe" -l0x40c
Logitech Print Service-->I:\PROGRA~1\Logitech\PRINTS~1\UNWISE.EXE I:\PROGRA~1\Logitech\PRINTS~1\INSTALL.LOG
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"I:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "I:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 French Language Pack-->MsiExec.exe /X{E3C080B0-23F5-49AF-89F8-8E8DBC89E659}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->I:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Compression Client Pack 1.0 for Windows XP-->"I:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"I:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"I:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Excel Viewer 2003-->MsiExec.exe /I{9084040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2003-->MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Professional Plus 2007-->"I:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Search Enhancement Pack-->MsiExec.exe /I{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"I:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)-->"I:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"I:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"I:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"I:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"I:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"I:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"I:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"I:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"I:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"I:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB969897)-->"I:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"I:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB972260)-->"I:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB974455)-->"I:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB976325)-->"I:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB978207)-->"I:\WINDOWS\ie8updates\KB978207-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971468)-->"I:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975560)-->"I:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975561)-->"I:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975713)-->"I:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB977165)-->"I:\WINDOWS\$NtUninstallKB977165$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB977914)-->"I:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB978037)-->"I:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB978251)-->"I:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB978262)-->"I:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB978706)-->"I:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB968220)-->"I:\WINDOWS\ie8updates\KB968220-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB976662)-->"I:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB976749)-->"I:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe"
Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0-->i:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\setup.exe
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->i:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Mozilla Firefox (3.0.8)-->I:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 6 Service Pack 2 (KB973686)-->MsiExec.exe /I{56EA8BC0-3751-4B93-BC9D-6651CC36E5AA}
Nero 8-->MsiExec.exe /X{88589E19-665C-4575-A4A0-CE9C43C51036}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA Drivers-->I:\WINDOWS\system32\nvuninst.exe UninstallGUI
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Package de base Microsoft de service de chiffrement pour cartes à puce-->"I:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
Pense-bête-->"I:\Program Files\AXEL\Pense-bête\unins000.exe"
Picasa 3-->"I:\Program Files\Google\Picasa3\Uninstall.exe"
PIF DESIGNER-->RunDll32 I:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{B90450DF-E781-46FD-B1F1-0C86DA40E443}\SETUP.EXE" -l0x40c anything
Programme de gestion Camera de Logitech®-->"I:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
Realtek AC'97 Audio-->RunDll32 I:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x40c -removeonly
REALTEK GbE & FE Ethernet PCI NIC Driver-->I:\Program Files\InstallShield Installation Information\{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}\setup.exe -runfromtemp -removeonly
REALTEK GbE & FE Ethernet PCI-E NIC Driver-->I:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\setup.exe -runfromtemp -removeonly
REALTEK Gigabit and Fast Ethernet NIC Driver-->RunDll32 I:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{94FB906A-CF42-4128-A509-D353026A607E}\Setup.exe" -l0x40c REMOVE
Revo Uninstaller 1.85-->I:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB978380)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {667A88D1-0369-4070-A62A-70672D68A9BF}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office Excel 2007 (KB978382)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6DE3DABF-0203-426B-B330-7287D1003E86}
Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office Publisher 2007 (KB969693)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB969604)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {CF3D6499-709C-43D0-8908-BC5652656050}
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Sélecteur d'installation de Microsoft Works Suite 2003-->I:\Program Files\Microsoft Works Suite 2003\Setup\Launcher.exe H:\
Songbeat-->MsiExec.exe /I{0821AE51-3BF1-471E-9967-DA4063789388}
Unlocker 1.8.7-->I:\Program Files\Unlocker\uninst.exe
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->I:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7}
Update for Outlook 2007 Junk Email Filter (kb979895)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {D45674C6-9127-4C84-8826-93FBC552DF53}
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
VIA Gestionnaire de périphériques de plate-forme-->I:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray-->"I:\WINDOWS\$NtUninstallKB952011$\spuninst\spuninst.exe"
Windows Imaging Component-->"I:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Internet Explorer 8-->"I:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Media Format 11 runtime-->"I:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"I:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"I:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Presentation Foundation Language Pack (FRA)-->MsiExec.exe /X{6901DD22-527A-41EF-9059-E81FEDE9E494}
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
XML Paper Specification Shared Components Language Pack 1.0-->"I:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"

=====HijackThis Backups=====

O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - I:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll [2009-01-31]
O4 - Startup: Outil de notification Live Search.lnk = I:\Documents and Settings\claude\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe [2009-01-31]
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - I:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2009-01-31]
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "I:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2009-01-31]
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe [2009-01-31]
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - I:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-01-31]
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - I:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-01-31]
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - I:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-31]
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) [2009-01-31]
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - I:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll [2009-01-31]
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - I:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll [2009-01-31]
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - I:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe [2009-01-31]
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe [2009-01-31]
O17 - HKLM\System\CCS\Services\Tcpip\..\{FA4EFFB3-FBB0-45F4-87FA-A5414E5D166D}: NameServer = 212.30.96.108,213.203.124.146 [2009-01-31]
O16 - DPF: CabBuilder - http://ak.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab [2009-01-31]
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe [2009-01-31]

======Security center information======

AV: Bitdefender Antivirus
FW: Bitdefender Firewall

======System event log======

Computer Name: CLAUDE-68DE0D09
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 2 Multiprocessor Free.

Record Number: 67668
Source Name: EventLog
Time Written: 20100315181308.000000+000
Event Type: Informations
User:

Computer Name: CLAUDE-68DE0D09
Event Code: 6006
Message: Le service d'Enregistrement d'événement a été arrêté.

Record Number: 67667
Source Name: EventLog
Time Written: 20100314203155.000000+000
Event Type: Informations
User:

Computer Name: CLAUDE-68DE0D09
Event Code: 7036
Message: Le service Gestionnaire de connexions d'accès distant est entré dans l'état : arrêté.

Record Number: 67666
Source Name: Service Control Manager
Time Written: 20100314203153.000000+000
Event Type: Informations
User:

Computer Name: CLAUDE-68DE0D09
Event Code: 7036
Message: Le service Service COM de gravage de CD IMAPI est entré dans l'état : arrêté.

Record Number: 67665
Source Name: Service Control Manager
Time Written: 20100314194017.000000+000
Event Type: Informations
User:

Computer Name: CLAUDE-68DE0D09
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service bdfsfltr.

Record Number: 67664
Source Name: Service Control Manager
Time Written: 20100314194017.000000+000
Event Type: Informations
User: AUTORITE NT\SYSTEM

=====Application event log=====

Computer Name: CLAUDE-68DE0D09
Event Code: 1001
Message: Les compteurs de performances pour le service WmiApRpl (WmiApRpl) ont été supprimés.
Les données d'enregistrement contiennent les nouvelles valeurs du dernier compteur système
et les dernières entrées du registre d'aide.

Record Number: 15367
Source Name: LoadPerf
Time Written: 20091017101652.000000+060
Event Type: Informations
User:

Computer Name: CLAUDE-68DE0D09
Event Code: 0
Message:
Record Number: 15366
Source Name: NMIndexingService
Time Written: 20091017101259.000000+060
Event Type: Informations
User:

Computer Name: CLAUDE-68DE0D09
Event Code: 0
Message:
Record Number: 15365
Source Name: scan
Time Written: 20091017101252.000000+060
Event Type: Informations
User:

Computer Name: CLAUDE-68DE0D09
Event Code: 1
Message:
Record Number: 15364
Source Name: Bonjour Service
Time Written: 20091017101250.000000+060
Event Type: Informations
User:

Computer Name: CLAUDE-68DE0D09
Event Code: 11729
Message: Produit : Microsoft .NET Framework 1.1 -- Configuration failed.

Record Number: 15363
Source Name: MsiInstaller
Time Written: 20091016224602.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 67 Stepping 3, AuthenticAMD
"PROCESSOR_REVISION"=4303
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------



désolé de faire en deux ca rentré pas en un seul post

je remercie d'avance les gens qui arrivent a décortiquer ce genre de fichiers moi ca m'aveugle

2 Avril 2010 21:27:26

Bonsoir ,

Tu as une infection via disque dur amovible

• Télécharge UsbFix http://www.commentcamarche.net/telecharger/telecharger-... (de Chiquitine29 & C_XX) sur ton Bureau.

/!\ Utilisateur de vista et windows 7 : ne pas oublier de désactiver Le contrôle des comptes utilisateurs
http://www.commentcamarche.net/faq/sujet-8343-vista-des...

• Lance l'installation avec les paramètres par défaut.
• Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.
• Double-clique sur le raccourci UsbFix sur ton Bureau.
• Choisis l'option 1 (Recherche).
• Laisse travailler l'outil.
• Poste le rapport UsbFix.txt.


Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).

"Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Contenus similaires
3 Avril 2010 10:09:56

je te remercie je fais ca des que ma mère est levé ^^ son os xp.
c'est cette infection qui fait delirer msn?
3 Avril 2010 10:21:40

Bonjour,

Il y a peut d'être d'autres infections on va commencer par celle la , a la fin MSN va fonctionner parfaitement.
3 Avril 2010 10:26:51

je te remercie de ton aide; c'est le but; mes parents reçoivent au moins 150 mails par jours et ca fait une semaine qu'il l'ont plus msn imagine la boite aux lettres XD
je repasserai plus tard ^^
3 Avril 2010 13:14:17

effectivement d'autres virus etait bien present
mais le probleme du msn ne venait pas de là je pense meme si il etait bien infecté.
à l'heure actuel le messenger fonctionne parfaitement.
aprés appel à un ami technicien

spybot ne fonctionne pas coreectement dut a une mauvaise installation du windows xp
ca ce n'est aps tres grave
un coup de smitfraudfix
un coup de msn fix

mais le msn ne fonctionnait pas a cause d'un reglage en ip fixe de cette s*******e de neufbox
apres mise en reglage par defaut de la dite box msn refonctionne

mais bon autant nettoyer son pc a fond donc resultat de ce que tu me demande avec le seul périphérique amovible
(carte sd de l'appareil photo)



############################## | UsbFix V6.100 |


################## | Elements infectieux |


################## | Registre |

[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoRecentDocsHistory"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoRecentDocsHistory"
[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoRecentDocsMenu"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoRecentDocsMenu"
[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoRun"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoRun"

################## | Mountpoints2 |

HKCU\..\..\Explorer\MountPoints2\{258ea40c-652c-11dc-ad67-000fea2da77f}
Shell\AutoRun\command =I:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MS32DLL.dll.vbs

HKCU\..\..\Explorer\MountPoints2\{55325b3c-e0fc-11de-b29e-0014a41f942d}
Shell\AutoRun\command =H:\AutoRun.exe

################## | Vaccin |

(!) Cet ordinateur n'est pas vacciné !

################## | ! Fin du rapport # UsbFix V6.100 ! |


si ca t'interresse le rapport smitfraudfix


SmitFraudFix v2.424

Rapport fait à 11:04:17,07, 03/04/2010
Executé à partir de I:\Documents and Settings\claude\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus


»»»»»»»»»»»»»»»»»»»»»»»» hosts


127.0.0.1 localhost

»»»»»»»»»»»»»»»»»»»»»»»» VACFix

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.


»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés

I:\Documents and Settings\claude\Application Data\Skinux\ supprimé

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix

Agent.OMZ.Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» 404Fix

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» RK


»»»»»»»»»»»»»»»»»»»»»»»» DNS



»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» RK.2



»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

Nettoyage terminé.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin


je repost un rapport hijackjackthis et puis je vais manger ^^ bonne apetit a ceux qui lisent ^^
3 Avril 2010 13:19:17

regler sur deux mois

log.txt::


Logfile of random's system information tool 1.06 (written by random/random)
Run by claude at 2010-04-03 12:16:08
Microsoft Windows XP Édition familiale Service Pack 2
System drive I: has 40 GB (53%) free of 76 GB
Total RAM: 2943 MB (77% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:16:14, on 03/04/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
I:\WINDOWS\System32\smss.exe
I:\WINDOWS\system32\winlogon.exe
I:\WINDOWS\system32\services.exe
I:\WINDOWS\system32\lsass.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\System32\svchost.exe
I:\WINDOWS\system32\spoolsv.exe
I:\WINDOWS\Explorer.EXE
I:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
I:\Program Files\Bonjour\mDNSResponder.exe
I:\Program Files\Java\jre6\bin\jqs.exe
I:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
I:\WINDOWS\system32\nvsvc32.exe
I:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
I:\WINDOWS\system32\svchost.exe
I:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
I:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
I:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
I:\WINDOWS\system32\SearchIndexer.exe
I:\WINDOWS\System32\svchost.exe
I:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
I:\Program Files\Logitech\Video\LogiTray.exe
I:\WINDOWS\SOUNDMAN.EXE
I:\WINDOWS\system32\RUNDLL32.EXE
I:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
I:\Program Files\AXEL\Pense-bête\pensebet.exe
I:\WINDOWS\system32\LVComsX.exe
I:\WINDOWS\system32\ctfmon.exe
I:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
I:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
I:\Program Files\Logitech\Video\FxSvr2.exe
I:\WINDOWS\System32\svchost.exe
I:\WINDOWS\system32\wuauclt.exe
I:\Program Files\Windows Live\Messenger\msnmsgr.exe
I:\Program Files\Windows Live\Contacts\wlcomm.exe
I:\WINDOWS\system32\NOTEPAD.EXE
I:\WINDOWS\system32\SearchProtocolHost.exe
I:\WINDOWS\system32\SearchProtocolHost.exe
I:\Documents and Settings\claude\Bureau\RSIT.exe
I:\Program Files\Trend Micro\HijackThis\claude.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - I:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - I:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - I:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - I:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - I:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - I:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - I:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - I:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - I:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [ISUSPM Startup] I:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "I:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [LogitechVideoRepair] I:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] I:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE I:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE I:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HDAudDeck] I:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [Pense-bête] I:\Program Files\AXEL\Pense-bête\pensebet.exe
O4 - HKLM\..\Run: [EPSON Stylus DX4000 Series] I:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "I:\WINDOWS\TEMP\E_S6E.tmp" /EF "HKLM"
O4 - HKCU\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] I:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Raccourci vers bdagent.exe.lnk = I:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://I:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://I:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - I:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - I:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - I:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} (JordanUploader Class) - http://photoservice.fujicolor.de/ips-opdata/objects/jordan.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://copainsdavant.linternaute.com/framework/lib/objimageuploader/html_include/5.1.1.0/ImageUploader5.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
O17 - HKLM\System\CS4\Services\Tcpip\..\{0787FC37-493E-4484-91FD-947E9F880D64}: NameServer = 212.30.96.108,213.203.124.146
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - I:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - I:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - I:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - I:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - I:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - I:\WINDOWS\system32\drivers\KodakCCS.exe (file missing)
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - I:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: NMIndexingService - Nero AG - I:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - I:\WINDOWS\system32\nvsvc32.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - I:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - I:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe

--
End of file - 8750 bytes

======Scheduled tasks folder======

I:\WINDOWS\tasks\User_Feed_Synchronization-{CC29118B-3DA8-4E69-96F5-57BEEF5097BC}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - I:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - I:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - I:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - I:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - I:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - I:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-25 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - I:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - I:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]
{381FFDE8-2394-4f90-B10D-FC6124A40F8C} - BitDefender Toolbar - I:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll [2008-02-28 86016]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - I:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"=I:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe [2004-04-17 196608]
"ISUSScheduler"=I:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2004-04-13 69632]
"LogitechVideoRepair"=I:\Program Files\Logitech\Video\ISStart.exe [2005-01-18 458752]
"LogitechVideoTray"=I:\Program Files\Logitech\Video\LogiTray.exe [2005-01-18 217088]
"SoundMan"=I:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536]
"NvCplDaemon"=I:\WINDOWS\system32\NvCpl.dll [2008-08-01 13529088]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=I:\WINDOWS\system32\NvMcTray.dll [2008-08-01 86016]
"HDAudDeck"=I:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [2008-08-15 30003200]
"Pense-bête"=I:\Program Files\AXEL\Pense-bête\pensebet.exe [2002-06-10 972800]
"EPSON Stylus DX4000 Series"=I:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE [2006-02-21 131072]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=I:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360]
"SpybotSD TeaTimer"=I:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater]
I:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe [2008-11-23 2356088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
I:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe [2008-11-20 178688]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
I:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe [2007-10-23 202024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IncrediMail]
I:\Program Files\IncrediMail\bin\IncMail.exe [2009-02-02 251264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\kawcweu]
i:\documents and settings\claude\local settings\application data\kawcweu.exe kawcweu []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
I:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe [2007-03-01 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
I:\Program Files\QuickTime\QTTask.exe -atboottime []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
I:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe -osboot []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\I:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^KODAK Software Updater.lnk]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\I:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logiciel Kodak EasyShare.lnk]
I:\PROGRA~1\Kodak\KODAKE~1\bin\EASYSH~1.EXE -hx []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\I:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Windows Search.lnk]
I:\PROGRA~1\WI459E~1\WINDOW~1.EXE [2008-05-26 123904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\I:^Documents and Settings^claude^Menu Démarrer^Programmes^Démarrage^Notification de cadeaux MSN.lnk]
I:\DOCUME~1\claude\APPLIC~1\MICROS~1\NOTIFI~1\lsnfier.exe []

I:\Documents and Settings\claude\Menu Démarrer\Programmes\Démarrage
Raccourci vers bdagent.exe.lnk - I:\Program Files\BitDefender\BitDefender 2008\bdagent.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - I:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=I:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=
scecli
scecli

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoFavoritesMenu"=0
"NoSMMyPictures"=0
"NoStartMenuMyMusic"=0
"NoRecentDocsNetHood"=0
"NoRun"=0
"NoUserNameInStartMenu"=1
"NoInstrumentation"=0
"NoStartMenuPinnedList"=0
"ForceStartMenuLogoff"=0
"NoSharedDocuments"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoFavoritesMenu"=
"NoSMMyPictures"=
"NoStartMenuMyMusic"=
"NoRecentDocsNetHood"=
"NoRun"=
"NoInstrumentation"=
"NoSimpleStartMenu"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"I:\Program Files\IncrediMail\bin\ImApp.exe"="I:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
"I:\Program Files\IncrediMail\bin\IncMail.exe"="I:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"I:\Program Files\IncrediMail\bin\ImpCnt.exe"="I:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"I:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe"="I:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare"
"I:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe"="I:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater"
"I:\Program Files\Bonjour\mDNSResponder.exe"="I:\Program Files\Bonjour\mDNSResponder.exe:*:Disabled:Bonjour"
"I:\Program Files\Messenger\msmsgs.exe"="I:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"I:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="I:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"I:\Program Files\Windows Live\Messenger\wlcsdk.exe"="I:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"I:\Program Files\Windows Live\Messenger\msnmsgr.exe"="I:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"I:\Program Files\Windows Live\Messenger\wlcsdk.exe"="I:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"I:\Program Files\Windows Live\Messenger\msnmsgr.exe"="I:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{258ea40c-652c-11dc-ad67-000fea2da77f}]
shell\AutoRun\command - I:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MS32DLL.dll.vbs

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{55325b3c-e0fc-11de-b29e-0014a41f942d}]
shell\AutoRun\command - H:\AutoRun.exe


======File associations======

.js - open - "I:\Program Files\Adobe\Adobe Dreamweaver CS3\dreamweaver.exe","%1"

======List of files/folders created in the last 2 months======

2010-04-03 12:04:48 ----A---- I:\UsbFix.txt
2010-04-03 11:42:55 ----A---- I:\WINDOWS\msnfix.txt
2010-04-03 11:02:19 ----A---- I:\rapport.txt
2010-04-03 11:00:49 ----A---- I:\WINDOWS\ntbtlog.txt
2010-04-03 10:45:52 ----D---- I:\Program Files\Spybot - Search & Destroy
2010-04-03 10:45:52 ----D---- I:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2010-04-03 10:07:49 ----D---- I:\UsbFix
2010-04-02 18:27:25 ----D---- I:\rsit
2010-04-02 14:56:17 ----D---- I:\Program Files\Microsoft Sync Framework
2010-04-02 14:55:27 ----D---- I:\Program Files\Microsoft
2010-04-02 14:54:54 ----D---- I:\Program Files\Windows Live
2010-03-25 21:55:37 ----N---- I:\WINDOWS\system32\browserchoice.exe
2010-02-17 17:33:54 ----D---- I:\Program Files\ABBYY FineReader 6.0 Sprint
2010-02-17 17:30:23 ----A---- I:\WINDOWS\EPSMTL32.TXT

======List of files/folders modified in the last 2 months======

2010-04-03 12:16:10 ----D---- I:\WINDOWS\Temp
2010-04-03 12:15:48 ----D---- I:\WINDOWS\system32
2010-04-03 12:05:52 ----D---- I:\Program Files\Mozilla Firefox
2010-04-03 11:49:38 ----A---- I:\WINDOWS\system32\PerfStringBackup.INI
2010-04-03 11:49:17 ----D---- I:\WINDOWS\system32\CatRoot2
2010-04-03 11:44:03 ----D---- I:\WINDOWS
2010-04-03 11:38:50 ----A---- I:\WINDOWS\SchedLgU.Txt
2010-04-03 11:35:38 ----A---- I:\WINDOWS\bdagent.INI
2010-04-03 10:54:48 ----D---- I:\WINDOWS\Prefetch
2010-04-03 10:45:52 ----RD---- I:\Program Files
2010-04-02 16:12:00 ----D---- I:\WINDOWS\system32\CatRoot
2010-04-02 14:56:30 ----SHD---- I:\WINDOWS\Installer
2010-04-02 14:56:06 ----SD---- I:\Documents and Settings\All Users\Application Data\Microsoft
2010-04-02 14:48:05 ----D---- I:\Program Files\Unity
2010-04-02 14:41:20 ----D---- I:\Program Files\VS Revo Group
2010-04-02 12:45:56 ----D---- I:\Program Files\Windows Live SkyDrive
2010-03-31 07:50:59 ----D---- I:\WINDOWS\system32\LogFiles
2010-03-30 14:56:37 ----D---- I:\WINDOWS\Debug
2010-03-30 08:18:36 ----HD---- I:\WINDOWS\inf
2010-03-30 08:18:32 ----RSHDC---- I:\WINDOWS\system32\dllcache
2010-03-28 00:02:19 ----A---- I:\WINDOWS\NeroDigital.ini
2010-03-24 01:29:00 ----D---- I:\WINDOWS\ie8updates
2010-03-24 01:28:58 ----HD---- I:\WINDOWS\$hf_mig$
2010-03-24 01:28:47 ----D---- I:\Program Files\Movie Maker
2010-03-24 01:28:20 ----D---- I:\Documents and Settings\All Users\Application Data\Microsoft Help
2010-03-19 18:58:17 ----AD---- I:\Documents and Settings\All Users\Application Data\TEMP
2010-03-02 06:30:12 ----A---- I:\WINDOWS\system32\MRT.exe
2010-02-17 17:39:08 ----HD---- I:\Program Files\InstallShield Installation Information
2010-02-17 17:39:01 ----D---- I:\Documents and Settings\All Users\Application Data\UDL
2010-02-17 17:34:41 ----D---- I:\Program Files\epson
2010-02-12 15:13:48 ----D---- I:\Program Files\Microsoft Silverlight
2010-02-12 15:13:48 ----D---- I:\Program Files\Internet Explorer
2010-02-12 15:03:45 ----D---- I:\WINDOWS\system32\drivers
2010-02-12 01:57:17 ----D---- I:\Documents and Settings\claude\Application Data\Arcsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 bdftdif;bdftdif; \??\I:\Program Files\Fichiers communs\BitDefender\BitDefender Firewall\bdftdif.sys []
R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; I:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-03 8832]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service; I:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2008-06-29 86792]
R3 bdfsfltr;bdfsfltr; I:\WINDOWS\system32\drivers\bdfsfltr.sys [2008-01-07 196368]
R3 BDSelfPr;BDSelfPr; \??\I:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys []
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; I:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Pilote de classe HID Microsoft; I:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 LVUSBSta;Logitech USB Monitor Filter; I:\WINDOWS\system32\drivers\lvusbsta.sys [2004-10-08 22016]
R3 monfilt;monfilt; I:\WINDOWS\system32\drivers\monfilt.sys [2008-02-14 1389056]
R3 mouhid;Pilote HID de souris; I:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 MTsensor;ATK0110 ACPI UTILITY; I:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-14 5810]
R3 nv;nv; I:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-08-01 6555104]
R3 NVENETFD;NVIDIA nForce 10/100/1000 Mbps Ethernet ; I:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2008-08-01 54784]
R3 nvnetbus;NVIDIA Network Bus Enumerator; I:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2008-08-01 22016]
R3 QCMerced;Logitech QuickCam Communicate; I:\WINDOWS\system32\DRIVERS\LVCM.sys [2004-10-08 585824]
R3 usbaudio;Pilote USB audio (WDM); I:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
R3 usbccgp;Pilote parent générique USB Microsoft; I:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; I:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-05 26624]
R3 usbhub;Concentrateur USB2; I:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-05 57600]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; I:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024]
R3 usbstor;Pilote de stockage de masse USB; I:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 26496]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; I:\WINDOWS\system32\drivers\viahduaa.sys [2008-07-26 845184]
S1 AmdK8;Pilote de processeur AMD; I:\WINDOWS\system32\DRIVERS\AmdK8.sys []
S1 AmdPPM;Pilote de processeur AMD HwPState; I:\WINDOWS\system32\DRIVERS\AmdPPM.sys []
S2 BDRSDRV;BDRSDRV; \??\I:\Program Files\Softwin\BitDefender10\bdrsdrv.sys []
S3 afc2wasc;afc2wasc; I:\WINDOWS\system32\drivers\afc2wasc.sys []
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); I:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-04-25 4030144]
S3 BDFSDRV;BDFSDRV; \??\I:\Program Files\Softwin\BitDefender10\bdfsdrv.sys []
S3 catchme;catchme; \??\I:\DOCUME~1\claude\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; I:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; I:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; I:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; I:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 PALLADIA;Palladia 300/400 Usb Adsl Modem; I:\WINDOWS\system32\DRIVERS\usbiad.sys [2005-06-13 31579]
S3 PCASp50;PCASp50 NDIS Protocol Driver; I:\WINDOWS\System32\Drivers\PCASp50.sys [2005-11-19 20096]
S3 Profos;Profos; \??\I:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\profos.sys []
S3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); I:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 SLIP;Détrameur décalage BDA; I:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; I:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 Trufos;Trufos; \??\I:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\trufos.sys []
S3 usb_rndis;Broadcom USB Remote NDIS Device Driver; I:\WINDOWS\system32\DRIVERS\usb8023.sys [2004-08-05 12672]
S3 usbprint;Classe d'imprimantes USB Microsoft; I:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Pilote de scanneur USB; I:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; I:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-05 20480]
S3 WSTCODEC;Codec Teletext standard; I:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; I:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; I:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; I:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys []
S3 ZTEusbnmea;ZTE NMEA Port; I:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys []
S3 ZTEusbser6k;ZTE Diagnostic Port; I:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys []
S4 IntelIde;IntelIde; I:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;Pilote de filtre de restauration système; I:\WINDOWS\system32\DRIVERS\sr.sys [2004-08-05 73600]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; I:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe [2008-11-19 109056]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; I:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 JavaQuickStarterService;Java Quick Starter; I:\Program Files\Java\jre6\bin\jqs.exe [2009-07-25 153376]
R2 LIVESRV;BitDefender Desktop Update Service; I:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe [2008-11-27 1179648]
R2 MDM;Machine Debug Manager; I:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120]
R2 NVSvc;NVIDIA Display Driver Service; I:\WINDOWS\system32\nvsvc32.exe [2008-08-01 159812]
R2 SeaPort;SeaPort; I:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
R2 VSSERV;BitDefender Virus Shield; I:\Program Files\BitDefender\BitDefender 2008\vsserv.exe [2008-09-15 1261568]
R2 WSearch;Windows Search; I:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R2 XCOMM;BitDefender Communicator; I:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe [2007-11-27 86016]
R3 scan;BitDefender Threat Scanner; I:\WINDOWS\System32\svchost.exe [2004-08-05 14336]
S2 KodakCCS;Kodak Camera Connection Software; I:\WINDOWS\system32\drivers\KodakCCS.exe []
S3 aspnet_state;Service d'état ASP.NET; I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; I:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2007-10-10 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; i:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; I:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S3 idsvc;Windows CardSpace; I:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NMIndexingService;NMIndexingService; I:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe [2007-10-23 382248]
S3 odserv;Microsoft Office Diagnostics Service; I:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; I:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; I:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; I:\WINDOWS\system32\svchost.exe [2004-08-05 14336]
S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; I:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
3 Avril 2010 23:26:00

Bonsoir ,


Écoute tu es la pour demander conseil , si tu ne suis pas les instructions l'aide ne sert a rien .

MsnFix et Smitfraudfix sont deux utilitaires qui ne sont plus mises à jour.
4 Avril 2010 17:34:21

oui mais j'ai utilisé ton logiciel aussi t'inquiète je savais pas que ces logiciels étaient dépassés c'est un ami qui est très calé question virus qui me l'a conseillé donc je lui ai fait confiance est d'ailleurs c'est logiciels ont éradiquer certains virus. je voulais pas t'énerver.. sur ceux bonne pâques a tous quand même.
4 Avril 2010 17:37:32

Peut être de bon conseils mais en attendant il utilise des outils qui sont maintenant dépassé , ensuite pour une bonne désinfection il faut un seul interlocuteur car sinon c'est un mélange d'instructions qui sont données .

A toi de voir si ton ami très calé t'aide ou si tu as besoin d'aide ici .

Bon dimanche
5 Avril 2010 12:40:54

et bien j'ai toujours besoin d'aide ici bien sure.
un autre soucis surement dut a un virus une mise a jour windows ne s'installe jamais, elle se remet en demande d'installation a chaque fois:
-mise a jour de sécurité pour la visionneuse microsoft office power point 2003 (KB969615)

ok je suis a ton entière écoute sauf que moi je me casse chez moi ce soir et je pourrais revenir que vendredi chez mes parents.
je reviendrais vérifier ta réponses dans l'après midi, j'attends tes instructions.
5 Avril 2010 12:54:19

Déjà on va passer au nettoyage via USBFIX

Désactiver Spybot - Search & Destroy\TeaTimer.exe

•Lance spybot
•Menu mode : clique sur avancé"
•Puis sur "outils"
•clique sur l'icone "résident"
•Ensuite à droite décoches Teatimer

Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.

• Double-clique sur le raccourci UsbFix présent sur ton Bureau pour le lancer.
• Choisis l'option 2 (Suppression).
• Ton Bureau disparaîtra et le PC redémarrera.
• Au redémarrage, UsbFix scannera ton PC, laisse travailler l'outil.
• Ensuite, poste le rapport UsbFix.txt qui apparaîtra avec le Bureau.


Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).
5 Avril 2010 13:34:09

fait

usbfix.txt::


############################## | UsbFix V6.100 |


################## | Elements infectieux |

Supprimé ! I:\Recycler\S-1-5-21-1390067357-1614895754-839522115-1004

################## | Registre |

Supprimé ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoRecentDocsHistory"
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoRecentDocsHistory"
Supprimé ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoRecentDocsMenu"
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoRecentDocsMenu"
Supprimé ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoRun"
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoRun"

################## | Mountpoints2 |

Supprimé ! HKCU\...\Explorer\MountPoints2\{258ea40c-652c-11dc-ad67-000fea2da77f}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{55325b3c-e0fc-11de-b29e-0014a41f942d}\Shell\AutoRun\Command

################## | Listing des fichiers présent |

[04/04/2010 16:43|-rahs----|0] C:\MSDOS.SYS
[04/04/2010 16:43|-rahs----|0] C:\IO.SYS
[29/11/2007 10:32|--a------|597] I:\Arovax AntiSpyware.lnk
[17/09/2007 17:17|---hs----|215] I:\boot.ini
[05/08/2004 13:00|-rahs----|4952] I:\Bootfont.bin
[?|?|?] I:\hiberfil.sys
[29/11/2007 10:40|--a------|258] I:\MSNCleaner.txt
[05/08/2004 13:00|-rahs----|47564] I:\NTDETECT.COM
[20/09/2008 20:42|-rahs----|251712] I:\ntldr
[?|?|?] I:\pagefile.sys
[28/09/2008 20:55|--a------|861] I:\Raccourci vers bdagent.exe.lnk
[03/04/2010 11:08|--a------|1881] I:\rapport.txt
[17/08/2008 16:59|--a------|411] I:\TB.txt
[05/04/2010 12:31|--a------|1717] I:\UsbFix.txt

################## | Vaccination |

# C:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido).
# I:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido).

################## | Upload |

Veuillez envoyer le fichier : I:\UsbFix_Upload_Me_CLAUDE-68DE0D09.zip : http://chiquitine.changelog.fr/Sample/Upload.php
Merci pour votre contribution .

################## | ! Fin du rapport # UsbFix V6.100 ! |
5 Avril 2010 13:39:32

Parfait maintenant lance cette analyse ( un peu long ) mais très efficace :


•Télécharge Malwarebytes' Anti-Malware (MBAM) http://www.malwarebytes.org/mbam/program/mbam-setup.exe

Avant tous il faut brancher tous les supports amovibles que tu possède avant de faire ce scan ( disque dur externes , clé usb ... )

•Double clique sur le fichier téléchargé
•Dans l'onglet "Mise à jour" clique sur "Recherche de mise à jour": si ton parefeu te demande de d'autoriser MBAM accepte
•Quand la mise à jour est terminé va dans l'onglet scanner
•Tu sélectionne "Exécuter un examen complet"
•Puis tu clique su"Rechercher"

L'analyse démarre, le scan est relativement long, c'est normal.

A la fin de l'analyse, un message s'affiche :

•L'examen s'est terminé normalement. Il te reste a cliquer sur"Afficher les résultats" pour afficher tous les objets trouvés.
•Maintenant tu clique sur "Ok"pour poursuivre.
Ferme tes navigateurs ( firefox , internet explorer , chrome , opéra...)
•Si MBAM à détecter des malwares, clique sur "Afficher les résultats".
Sélectionne tout et clique sur"Supprimer la sélection",MBAM va supprimer tous les fichiers infectés.
•Le Bloc-notes va s'ouvrir avec le rapport d'analyse>
•Fais un copier coller de ce rapport etposte-le dans ton prochain message.
5 Avril 2010 15:56:19

voici la rapport après redémarrage du pc par l'application::



Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Version de la base de données: 3955

Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702

05/04/2010 14:35:05
mbam-log-2010-04-05 (14-35-05).txt

Type d'examen: Examen complet (C:\|I:\|)
Elément(s) analysé(s): 247969
Temps écoulé: 1 heure(s), 3 minute(s), 9 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 2

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\pense-bête (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
I:\Program Files\Spyware-Secure (Rogue.SpywareSecure) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
I:\Program Files\AXEL\Pense-bête\pensebet.exe (Trojan.FakeAlert.H) -> Delete on reboot.
I:\Documents and Settings\claude\Application Data\Desktopicon\eBayShortcuts.exe (Adware.ADON) -> Quarantined and deleted successfully.

5 Avril 2010 16:02:05

Parfait , réalise une nouvelle analyse avec RSIT et poste moi les nouveaux rapports
5 Avril 2010 16:08:42

log.txt::

Logfile of random's system information tool 1.06 (written by random/random)
Run by claude at 2010-04-05 15:06:50
Microsoft Windows XP Édition familiale Service Pack 2
System drive I: has 40 GB (53%) free of 76 GB
Total RAM: 2943 MB (83% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:06:59, on 05/04/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
I:\WINDOWS\System32\smss.exe
I:\WINDOWS\system32\winlogon.exe
I:\WINDOWS\system32\services.exe
I:\WINDOWS\system32\lsass.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\System32\svchost.exe
I:\WINDOWS\system32\spoolsv.exe
I:\WINDOWS\Explorer.EXE
I:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
I:\Program Files\Logitech\Video\LogiTray.exe
I:\WINDOWS\SOUNDMAN.EXE
I:\WINDOWS\system32\RUNDLL32.EXE
I:\WINDOWS\system32\LVComsX.exe
I:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
I:\Program Files\Logitech\Video\FxSvr2.exe
I:\WINDOWS\system32\ctfmon.exe
I:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
I:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
I:\Program Files\Bonjour\mDNSResponder.exe
I:\Program Files\Java\jre6\bin\jqs.exe
I:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
I:\WINDOWS\system32\nvsvc32.exe
I:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
I:\WINDOWS\system32\svchost.exe
I:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
I:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
I:\WINDOWS\system32\SearchIndexer.exe
I:\WINDOWS\System32\svchost.exe
I:\WINDOWS\system32\wuauclt.exe
I:\Program Files\Mozilla Firefox\firefox.exe
I:\Documents and Settings\claude\Bureau\RSIT.exe
I:\Program Files\Trend Micro\HijackThis\claude.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - I:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - I:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - I:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - I:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - I:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - I:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - I:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - I:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - I:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [ISUSPM Startup] I:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "I:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [LogitechVideoRepair] I:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] I:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE I:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE I:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HDAudDeck] I:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [EPSON Stylus DX4000 Series] I:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "I:\WINDOWS\TEMP\E_S6E.tmp" /EF "HKLM"
O4 - HKCU\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Raccourci vers bdagent.exe.lnk = I:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://I:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://I:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - I:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - I:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - I:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} (JordanUploader Class) - http://photoservice.fujicolor.de/ips-opdata/objects/jordan.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://copainsdavant.linternaute.com/framework/lib/objimageuploader/html_include/5.1.1.0/ImageUploader5.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - I:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - I:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - I:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - I:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - I:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - I:\WINDOWS\system32\drivers\KodakCCS.exe (file missing)
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - I:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: NMIndexingService - Nero AG - I:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - I:\WINDOWS\system32\nvsvc32.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - I:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - I:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe

--
End of file - 8263 bytes

======Scheduled tasks folder======

I:\WINDOWS\tasks\User_Feed_Synchronization-{CC29118B-3DA8-4E69-96F5-57BEEF5097BC}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - I:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - I:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - I:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - I:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - I:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - I:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-25 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - I:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - I:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]
{381FFDE8-2394-4f90-B10D-FC6124A40F8C} - BitDefender Toolbar - I:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll [2008-02-28 86016]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - I:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"=I:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe [2004-04-17 196608]
"ISUSScheduler"=I:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2004-04-13 69632]
"LogitechVideoRepair"=I:\Program Files\Logitech\Video\ISStart.exe [2005-01-18 458752]
"LogitechVideoTray"=I:\Program Files\Logitech\Video\LogiTray.exe [2005-01-18 217088]
"SoundMan"=I:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536]
"NvCplDaemon"=I:\WINDOWS\system32\NvCpl.dll [2008-08-01 13529088]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=I:\WINDOWS\system32\NvMcTray.dll [2008-08-01 86016]
"HDAudDeck"=I:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [2008-08-15 30003200]
"EPSON Stylus DX4000 Series"=I:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE [2006-02-21 131072]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=I:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater]
I:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe [2008-11-23 2356088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
I:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe [2008-11-20 178688]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
I:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe [2007-10-23 202024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IncrediMail]
I:\Program Files\IncrediMail\bin\IncMail.exe [2009-02-02 251264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\kawcweu]
i:\documents and settings\claude\local settings\application data\kawcweu.exe kawcweu []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
I:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe [2007-03-01 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
I:\Program Files\QuickTime\QTTask.exe -atboottime []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
I:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe -osboot []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\I:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^KODAK Software Updater.lnk]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\I:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logiciel Kodak EasyShare.lnk]
I:\PROGRA~1\Kodak\KODAKE~1\bin\EASYSH~1.EXE -hx []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\I:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Windows Search.lnk]
I:\PROGRA~1\WI459E~1\WINDOW~1.EXE [2008-05-26 123904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\I:^Documents and Settings^claude^Menu Démarrer^Programmes^Démarrage^Notification de cadeaux MSN.lnk]
I:\DOCUME~1\claude\APPLIC~1\MICROS~1\NOTIFI~1\lsnfier.exe []

I:\Documents and Settings\claude\Menu Démarrer\Programmes\Démarrage
Raccourci vers bdagent.exe.lnk - I:\Program Files\BitDefender\BitDefender 2008\bdagent.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - I:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=I:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=
scecli
scecli

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoFavoritesMenu"=0
"NoSMMyPictures"=0
"NoStartMenuMyMusic"=0
"NoRecentDocsNetHood"=0
"NoUserNameInStartMenu"=1
"NoInstrumentation"=0
"NoStartMenuPinnedList"=0
"ForceStartMenuLogoff"=0
"NoSharedDocuments"=1
"NoDriveAutoRun"=255
"NoDriveTypeAutoRun"=255
"HonorAutoRunSetting"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoFavoritesMenu"=
"NoSMMyPictures"=
"NoStartMenuMyMusic"=
"NoRecentDocsNetHood"=
"NoInstrumentation"=
"NoSimpleStartMenu"=
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"I:\Program Files\IncrediMail\bin\ImApp.exe"="I:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
"I:\Program Files\IncrediMail\bin\IncMail.exe"="I:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"I:\Program Files\IncrediMail\bin\ImpCnt.exe"="I:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"I:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe"="I:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare"
"I:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe"="I:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater"
"I:\Program Files\Bonjour\mDNSResponder.exe"="I:\Program Files\Bonjour\mDNSResponder.exe:*:Disabled:Bonjour"
"I:\Program Files\Messenger\msmsgs.exe"="I:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"I:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="I:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"I:\Program Files\Windows Live\Messenger\wlcsdk.exe"="I:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"I:\Program Files\Windows Live\Messenger\msnmsgr.exe"="I:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"I:\Program Files\Windows Live\Messenger\wlcsdk.exe"="I:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"I:\Program Files\Windows Live\Messenger\msnmsgr.exe"="I:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

======File associations======

.js - open - "I:\Program Files\Adobe\Adobe Dreamweaver CS3\dreamweaver.exe","%1"

======List of files/folders created in the last 2 months======

2010-04-05 12:47:31 ----D---- I:\Documents and Settings\claude\Application Data\Malwarebytes
2010-04-05 12:47:22 ----D---- I:\Documents and Settings\All Users\Application Data\Malwarebytes
2010-04-05 12:47:21 ----D---- I:\Program Files\Malwarebytes' Anti-Malware
2010-04-05 12:31:13 ----RASHD---- I:\autorun.inf
2010-04-05 12:25:11 ----A---- I:\UsbFix.txt
2010-04-03 13:00:35 ----D---- I:\Program Files\Super macro
2010-04-03 11:42:55 ----A---- I:\WINDOWS\msnfix.txt
2010-04-03 11:02:19 ----A---- I:\rapport.txt
2010-04-03 10:45:52 ----D---- I:\Program Files\Spybot - Search & Destroy
2010-04-03 10:45:52 ----D---- I:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2010-04-03 10:07:49 ----D---- I:\UsbFix
2010-04-02 18:27:25 ----D---- I:\rsit
2010-04-02 14:56:17 ----D---- I:\Program Files\Microsoft Sync Framework
2010-04-02 14:55:27 ----D---- I:\Program Files\Microsoft
2010-04-02 14:54:54 ----D---- I:\Program Files\Windows Live
2010-03-25 21:55:37 ----N---- I:\WINDOWS\system32\browserchoice.exe
2010-02-17 17:33:54 ----D---- I:\Program Files\ABBYY FineReader 6.0 Sprint
2010-02-17 17:30:23 ----A---- I:\WINDOWS\EPSMTL32.TXT

======List of files/folders modified in the last 2 months======

2010-04-05 15:06:56 ----D---- I:\WINDOWS\Prefetch
2010-04-05 15:05:10 ----RD---- I:\Program Files
2010-04-05 15:03:56 ----D---- I:\WINDOWS\Temp
2010-04-05 14:57:46 ----D---- I:\Program Files\Mozilla Firefox
2010-04-05 14:41:40 ----D---- I:\WINDOWS\system32
2010-04-05 14:41:40 ----A---- I:\WINDOWS\system32\PerfStringBackup.INI
2010-04-05 14:37:02 ----D---- I:\WINDOWS\system32\drivers
2010-04-05 14:35:57 ----A---- I:\WINDOWS\SchedLgU.Txt
2010-04-05 14:35:55 ----D---- I:\WINDOWS\system32\CatRoot2
2010-04-05 14:35:41 ----A---- I:\WINDOWS\bdagent.INI
2010-04-05 14:35:33 ----D---- I:\WINDOWS\Sun
2010-04-05 14:35:04 ----D---- I:\Documents and Settings\claude\Application Data\Desktopicon
2010-04-05 12:31:09 ----SHD---- I:\RECYCLER
2010-04-04 16:43:15 ----D---- I:\WINDOWS
2010-04-03 23:09:08 ----SHD---- I:\WINDOWS\Installer
2010-04-03 23:08:50 ----HD---- I:\WINDOWS\inf
2010-04-03 23:08:41 ----RSHDC---- I:\WINDOWS\system32\dllcache
2010-04-03 23:08:41 ----D---- I:\Program Files\Internet Explorer
2010-04-03 23:08:30 ----D---- I:\WINDOWS\ie8updates
2010-04-03 23:08:18 ----HD---- I:\WINDOWS\$hf_mig$
2010-04-03 16:15:05 ----A---- I:\WINDOWS\NeroDigital.ini
2010-04-03 13:18:33 ----A---- I:\WINDOWS\wininit.ini
2010-04-02 16:12:00 ----D---- I:\WINDOWS\system32\CatRoot
2010-04-02 14:56:06 ----SD---- I:\Documents and Settings\All Users\Application Data\Microsoft
2010-04-02 14:48:05 ----D---- I:\Program Files\Unity
2010-04-02 14:41:20 ----D---- I:\Program Files\VS Revo Group
2010-04-02 12:45:56 ----D---- I:\Program Files\Windows Live SkyDrive
2010-03-31 07:50:59 ----D---- I:\WINDOWS\system32\LogFiles
2010-03-30 14:56:37 ----D---- I:\WINDOWS\Debug
2010-03-24 01:28:47 ----D---- I:\Program Files\Movie Maker
2010-03-24 01:28:20 ----D---- I:\Documents and Settings\All Users\Application Data\Microsoft Help
2010-03-19 18:58:17 ----AD---- I:\Documents and Settings\All Users\Application Data\TEMP
2010-03-02 06:30:12 ----A---- I:\WINDOWS\system32\MRT.exe
2010-02-25 11:47:32 ----A---- I:\WINDOWS\system32\ieframe.dll
2010-02-25 07:17:37 ----A---- I:\WINDOWS\system32\wininet.dll
2010-02-25 07:17:37 ----A---- I:\WINDOWS\system32\urlmon.dll
2010-02-25 07:17:36 ----A---- I:\WINDOWS\system32\occache.dll
2010-02-25 07:17:36 ----A---- I:\WINDOWS\system32\mstime.dll
2010-02-25 07:17:36 ----A---- I:\WINDOWS\system32\mshtml.dll
2010-02-25 07:17:33 ----A---- I:\WINDOWS\system32\msfeedsbs.dll
2010-02-25 07:17:33 ----A---- I:\WINDOWS\system32\msfeeds.dll
2010-02-25 07:17:32 ----A---- I:\WINDOWS\system32\jsproxy.dll
2010-02-25 07:17:32 ----A---- I:\WINDOWS\system32\iertutil.dll
2010-02-25 07:17:31 ----A---- I:\WINDOWS\system32\iepeers.dll
2010-02-25 07:17:27 ----A---- I:\WINDOWS\system32\iedkcs32.dll
2010-02-24 10:55:29 ----A---- I:\WINDOWS\system32\ie4uinit.exe
2010-02-17 17:39:08 ----HD---- I:\Program Files\InstallShield Installation Information
2010-02-17 17:39:01 ----D---- I:\Documents and Settings\All Users\Application Data\UDL
2010-02-17 17:34:41 ----D---- I:\Program Files\epson
2010-02-12 15:13:48 ----D---- I:\Program Files\Microsoft Silverlight
2010-02-12 01:57:17 ----D---- I:\Documents and Settings\claude\Application Data\Arcsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 bdftdif;bdftdif; \??\I:\Program Files\Fichiers communs\BitDefender\BitDefender Firewall\bdftdif.sys []
R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; I:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-03 8832]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service; I:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2008-06-29 86792]
R3 bdfsfltr;bdfsfltr; I:\WINDOWS\system32\drivers\bdfsfltr.sys [2008-01-07 196368]
R3 BDSelfPr;BDSelfPr; \??\I:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys []
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; I:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Pilote de classe HID Microsoft; I:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 LVUSBSta;Logitech USB Monitor Filter; I:\WINDOWS\system32\drivers\lvusbsta.sys [2004-10-08 22016]
R3 monfilt;monfilt; I:\WINDOWS\system32\drivers\monfilt.sys [2008-02-14 1389056]
R3 mouhid;Pilote HID de souris; I:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 MTsensor;ATK0110 ACPI UTILITY; I:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-14 5810]
R3 nv;nv; I:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-08-01 6555104]
R3 NVENETFD;NVIDIA nForce 10/100/1000 Mbps Ethernet ; I:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2008-08-01 54784]
R3 nvnetbus;NVIDIA Network Bus Enumerator; I:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2008-08-01 22016]
R3 QCMerced;Logitech QuickCam Communicate; I:\WINDOWS\system32\DRIVERS\LVCM.sys [2004-10-08 585824]
R3 usbaudio;Pilote USB audio (WDM); I:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
R3 usbccgp;Pilote parent générique USB Microsoft; I:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; I:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-05 26624]
R3 usbhub;Concentrateur USB2; I:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-05 57600]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; I:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024]
R3 usbprint;Classe d'imprimantes USB Microsoft; I:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
R3 usbscan;Pilote de scanneur USB; I:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
R3 usbstor;Pilote de stockage de masse USB; I:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 26496]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; I:\WINDOWS\system32\drivers\viahduaa.sys [2008-07-26 845184]
S1 AmdK8;Pilote de processeur AMD; I:\WINDOWS\system32\DRIVERS\AmdK8.sys []
S1 AmdPPM;Pilote de processeur AMD HwPState; I:\WINDOWS\system32\DRIVERS\AmdPPM.sys []
S2 BDRSDRV;BDRSDRV; \??\I:\Program Files\Softwin\BitDefender10\bdrsdrv.sys []
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); I:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-04-25 4030144]
S3 auzz5mh6;auzz5mh6; I:\WINDOWS\system32\drivers\auzz5mh6.sys []
S3 BDFSDRV;BDFSDRV; \??\I:\Program Files\Softwin\BitDefender10\bdfsdrv.sys []
S3 catchme;catchme; \??\I:\DOCUME~1\claude\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; I:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; I:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; I:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; I:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 PALLADIA;Palladia 300/400 Usb Adsl Modem; I:\WINDOWS\system32\DRIVERS\usbiad.sys [2005-06-13 31579]
S3 PCASp50;PCASp50 NDIS Protocol Driver; I:\WINDOWS\System32\Drivers\PCASp50.sys [2005-11-19 20096]
S3 Profos;Profos; \??\I:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\profos.sys []
S3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); I:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 SLIP;Détrameur décalage BDA; I:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; I:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 Trufos;Trufos; \??\I:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\trufos.sys []
S3 usb_rndis;Broadcom USB Remote NDIS Device Driver; I:\WINDOWS\system32\DRIVERS\usb8023.sys [2004-08-05 12672]
S3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; I:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-05 20480]
S3 WSTCODEC;Codec Teletext standard; I:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; I:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; I:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; I:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys []
S3 ZTEusbnmea;ZTE NMEA Port; I:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys []
S3 ZTEusbser6k;ZTE Diagnostic Port; I:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys []
S4 IntelIde;IntelIde; I:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;Pilote de filtre de restauration système; I:\WINDOWS\system32\DRIVERS\sr.sys [2004-08-05 73600]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; I:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe [2008-11-19 109056]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; I:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 JavaQuickStarterService;Java Quick Starter; I:\Program Files\Java\jre6\bin\jqs.exe [2009-07-25 153376]
R2 LIVESRV;BitDefender Desktop Update Service; I:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe [2008-11-27 1179648]
R2 MDM;Machine Debug Manager; I:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120]
R2 NVSvc;NVIDIA Display Driver Service; I:\WINDOWS\system32\nvsvc32.exe [2008-08-01 159812]
R2 SeaPort;SeaPort; I:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 WSearch;Windows Search; I:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R2 XCOMM;BitDefender Communicator; I:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe [2007-11-27 86016]
R3 scan;BitDefender Threat Scanner; I:\WINDOWS\System32\svchost.exe [2004-08-05 14336]
S2 KodakCCS;Kodak Camera Connection Software; I:\WINDOWS\system32\drivers\KodakCCS.exe []
S2 VSSERV;BitDefender Virus Shield; I:\Program Files\BitDefender\BitDefender 2008\vsserv.exe [2008-09-15 1261568]
S3 aspnet_state;Service d'état ASP.NET; I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; I:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2007-10-10 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; i:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; I:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S3 idsvc;Windows CardSpace; I:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NMIndexingService;NMIndexingService; I:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe [2007-10-23 382248]
S3 odserv;Microsoft Office Diagnostics Service; I:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; I:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; I:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; I:\WINDOWS\system32\svchost.exe [2004-08-05 14336]
S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; I:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

:bounce: 
5 Avril 2010 16:17:23

1/Suppression du dossier ci dessous

Va à cette emplacement et supprime le dossier suivant :
  1. I:\Documents and Settings\claude\Application Data\Desktopicon


2/Suppression des outils utilisés avec Toolcleaner

•Télécharge Toolscleaner http://www.commentcamarche.net/telecharger/telechargeme... sur ton Bureau
•Double-clique sur ToolsCleaner2.exe et laisse le travailler
•Clique sur Recherche et laisse le scan se terminer.
•Clique sur Suppression pour finaliser.
•Tu peux, si tu le souhaites, te servir des Options facultatives.
•Clique sur Quitter, pour que le rapport puisse se créer.
•Le rapport (TCleaner.txt) se trouve à la racine de votre disque dur (C:\)...colle le dans ta prochaine réponse


3/Nettoyage du pc avec ATF Cleaner


•Téléchargez ATF-Cleaner depuis http://www.atribune.org/ccount/click.php?id=1
Double clique sur ce programme pour en lancer l'exécution.
•Sélectionnez la boîte appelée "Select All" et cliquez sur le bouton "Empty Selected"
•Une fois terminé, fermez le programme.


4/Création d'un nouveau point de restauration système

Il faut purger la restauration système puis créer un nouveau point de restauration

5/Mise à jour Windows ( car version dépassée )

Il faudra réaliser les mises à jours de XP car tu es encore au Service Pack 2

6/Informations complémentaires

•Garde MBAM qui permettra de faire des scan réguliers en complément de ton antivirus.

6/Problème résolu

Si tu estime ton problème Résolu il faut ajouter [Résolu] au titre de ton sujet pour cela :

Clique sur le bouton Editer dans ton premier message
Ajouter [Résolu] devant le titre
Puis clique sur valider votre message.
5 Avril 2010 16:46:30

je ne sais pas comment te remercier le pc fonctionne beaucoup a part la mise a jour automatique mais ça s'arrangera surement après une mise à jour depuis le site web microsoft update qui est en train de lui installer la sp3
joyeuse pâques je pense que je ferais un contrôle de mes pc depuis ce site un peu plus tard juste pour nettoyer en espérant tomber sur toi ^^
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS