S'abonner :

Newsletters

Magazines

01men.

Avis sur les produits

Avis sur les logiciels

Avis sur les jeux

Actualités

A propos de 01net

208 utilisateurs connectés

Forum de 01net / Sécurité / gadcom

gadcom

sepsem le 24 novembre 2008 à 12h45

Bonjour, j'ai gadcom sur mon ordi et c'est ennuyeux, comment faire pour l'enlever ?
voici ce que ma donné en bloc note HijackThis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:37:14, on 24/11/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

EDITION MODERATEUR : Règle du forum à respecter :

Pas de rapport avant qu'il n'en soit demandé un !

Veuillez lire l'article suivant :
http://forum.telecharger.01net.com/telecharger/securite_virus_et_assimiles/a_(...)

Merci d'en prendre connaissance.

merci de m'aider

-->Message édité par totoftotof le 24/11/2008 12:47:02<--

répondre

sepsem le 24 novembre 2008 à 12h48

désolé !!!!

répondre

sepsem le 24 novembre 2008 à 12h56

J'ai lu l'article !!!

encore désolé, quelqu'un peux m'aider s'il vous plaît ?

Merci

répondre

sepsem le 25 novembre 2008 à 11h56

Bonjour,

Y a t'il quelqu'un pour m'aider s'il vous plait ?

Merci d'avance

répondre

Curson le 28 novembre 2008 à 18h09

Bonsoir,

Marche à suivre

1) Télécharge http://images.malwareremoval.com/random/RSIT.exe par random/random et sauvegarde-le sur le Bureau.

- Double-clique sur RSIT.exe afin de lancer RSIT.
- Clique Continue à l'écran Disclaimer.
- Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
- Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
- Si tu ne vois pas ces deux rapports, tu les trouveras dans le dossier C:\rsit

répondre

sepsem le 30 novembre 2008 à 13h35

Bonjour,
merci beaucoup de votre aide.
voici log:
Logfile of random's system information tool 1.04 (written by random/random)
Run by Angelique at 2008-11-30 13:32:32
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 165 GB (72%) free of 229 GB
Total RAM: 2814 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:32:47, on 30/11/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Windows\System32\wpcumi.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\Angelique\AppData\Roaming\gadcom\gadcom.exe
C:\Users\Angelique\AppData\Roaming\Twain\Twain.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\conime.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Angelique\Downloads\RSIT.exe
C:\Downloads\Angelique.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_be&c(...)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/intl/fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_be&c(...)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_be&c(...)
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Uninstall_CToolbar] "C:\Windows\Temp\CTun.exe" "/remove"
O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\yayvtUkK.dll,#1
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [gadcom] "C:\Users\Angelique\AppData\Roaming\gadcom\gadcom.exe" 61A847B5BBF72810329B385575FA01F0B3E35B6638993F4661AA4EBD86D67C56389B284534F310
O4 - HKCU\..\Run: [SfKg6wIPu] C:\Users\Angelique\AppData\Roaming\Microsoft\Windows\pfxhhwt.exe
O4 - HKCU\..\Run: [RegistryBooster 2 d’Uniblue ] c:\program files\uniblue\registrybooster 2\StartRegistryBooster.exe
O4 - HKCU\..\Run: [Twain] C:\Users\Angelique\AppData\Roaming\Twain\Twain.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\fr-BE\local\search.html
O8 - Extra context menu item: &T&élécharger &avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &T&élécharger tout avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &T&élécharger toute vidéo avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O13 - Gopher Prefix:
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://belgacom.extrafilm.be/ImageUploader5.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 9739 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll [2008-08-11 656696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}]
AOL Toolbar BHO - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll [2008-02-03 1185120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{DE9C389F-3316-41A7-809B-AA305ED9D922} - AOL Toolbar - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll [2008-02-03 1185120]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-05-03 13535776]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-05-03 92704]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-04-17 1049896]
"UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2007-12-24 222504]
"QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2008-04-01 468264]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-03-14 202032]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-04-15 70912]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-15 488752]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"Uninstall_CToolbar"=C:\Windows\Temp\CTun.exe [2007-04-20 1184256]
"WPCUMI"=C:\Windows\system32\WpcUmi.exe [2006-11-02 176128]
"MSServer"=C:\Windows\system32\yayvtUkK.dll []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1233920]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-02-26 2289664]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
"gadcom"=C:\Users\Angelique\AppData\Roaming\gadcom\gadcom.exe [2008-11-23 56320]
"SfKg6wIPu"=C:\Users\Angelique\AppData\Roaming\Microsoft\Windows\pfxhhwt.exe []
"RegistryBooster 2 d’Uniblue "=c:\program files\uniblue\registrybooster 2\StartRegistryBooster.exe []
"Twain"=C:\Users\Angelique\AppData\Roaming\Twain\Twain.exe [2008-11-24 61440]

C:\Users\Angelique\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.0.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{D8CADFE4-81E7-4424-887F-DC661B79EAFF}"=C:\Windows\system32\yayvtUkK.dll []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2008-11-30 13:32:32 ----D---- C:\rsit
2008-11-26 13:11:50 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2008-11-26 13:11:49 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2008-11-26 13:11:49 ----A---- C:\Windows\system32\WindowsCodecs.dll
2008-11-26 13:11:49 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2008-11-26 13:11:46 ----A---- C:\Windows\system32\connect.dll
2008-11-24 11:19:28 ----D---- C:\Users\Angelique\AppData\Roaming\Twain
2008-11-24 09:31:11 ----D---- C:\Program Files\SYNTHPRONOP
2008-11-24 09:31:07 ----A---- C:\Windows\GPInstall.exe
2008-11-24 08:24:24 ----D---- C:\Users\Angelique\AppData\Roaming\Uniblue
2008-11-23 11:02:36 ----D---- C:\Users\Angelique\AppData\Roaming\gadcom
2008-11-23 10:56:40 ----D---- C:\Users\Angelique\AppData\Roaming\Shareaza
2008-11-23 10:56:40 ----D---- C:\Program Files\Shareaza
2008-11-22 13:34:03 ----D---- C:\Downloads
2008-11-22 13:33:34 ----D---- C:\Program Files\BitComet
2008-11-22 13:19:18 ----D---- C:\Program Files\SynthPronosPlusSha
2008-11-18 14:35:35 ----A---- C:\Windows\system32\wups2.dll
2008-11-18 14:35:35 ----A---- C:\Windows\system32\wucltux.dll
2008-11-18 14:35:35 ----A---- C:\Windows\system32\wuaueng.dll
2008-11-18 14:35:35 ----A---- C:\Windows\system32\wuauclt.exe
2008-11-18 14:35:15 ----A---- C:\Windows\system32\wups.dll
2008-11-18 14:35:15 ----A---- C:\Windows\system32\wudriver.dll
2008-11-18 14:35:15 ----A---- C:\Windows\system32\wuapi.dll
2008-11-18 14:35:08 ----A---- C:\Windows\system32\wuwebv.dll
2008-11-18 14:35:08 ----A---- C:\Windows\system32\wuapp.exe
2008-11-17 11:04:56 ----D---- C:\Rummy Royal
2008-11-13 12:33:37 ----A---- C:\Windows\system32\msxml3.dll
2008-11-13 12:33:35 ----A---- C:\Windows\system32\msxml6.dll
2008-11-12 21:01:43 ----D---- C:\ProgramData\TrackMania
2008-11-12 20:57:19 ----D---- C:\Program Files\TmNationsForever
2008-11-09 11:17:48 ----D---- C:\ProgramData\eMule
2008-11-09 11:17:13 ----D---- C:\Program Files\eMule
2008-11-09 11:02:03 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2008-11-09 10:54:39 ----SHDC---- C:\Program Files\Common Files\WindowsLiveInstaller
2008-11-09 10:54:31 ----D---- C:\Program Files\Windows Live
2008-11-09 10:53:09 ----D---- C:\ProgramData\WLInstaller
2008-11-07 19:32:48 ----D---- C:\Users\Angelique\AppData\Roaming\Mozilla
2008-11-07 19:32:24 ----D---- C:\Program Files\Mozilla Firefox
2008-11-04 21:28:32 ----D---- C:\BMW M3 Challenge
2008-11-02 14:24:04 ----D---- C:\Users\Angelique\AppData\Roaming\OpenOffice.org
2008-11-02 09:25:51 ----D---- C:\Program Files\directx
2008-11-02 09:23:15 ----D---- C:\Program Files\Davilex
2008-11-01 11:34:42 ----A---- C:\Windows\IsUninst.exe
2008-11-01 11:24:37 ----D---- C:\Electronic Arts
2008-11-01 11:08:01 ----A---- C:\Windows\unin040c.exe
2008-11-01 10:27:42 ----A---- C:\Windows\system32\XAudio2_2.dll
2008-11-01 10:27:42 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2008-11-01 10:27:42 ----A---- C:\Windows\system32\xactengine3_2.dll
2008-11-01 10:27:41 ----A---- C:\Windows\system32\XAudio2_1.dll
2008-11-01 10:27:41 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2008-11-01 10:27:41 ----A---- C:\Windows\system32\xactengine3_1.dll
2008-11-01 10:27:41 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2008-11-01 10:27:41 ----A---- C:\Windows\system32\D3DX9_39.dll
2008-11-01 10:27:41 ----A---- C:\Windows\system32\d3dx10_39.dll
2008-11-01 10:27:41 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2008-11-01 10:27:40 ----A---- C:\Windows\system32\XAudio2_0.dll
2008-11-01 10:27:40 ----A---- C:\Windows\system32\D3DX9_38.dll
2008-11-01 10:27:40 ----A---- C:\Windows\system32\d3dx10_38.dll
2008-11-01 10:27:40 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2008-11-01 10:27:39 ----A---- C:\Windows\system32\xactengine3_0.dll
2008-11-01 10:27:39 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2008-11-01 10:27:38 ----A---- C:\Windows\system32\xactengine2_10.dll
2008-11-01 10:27:38 ----A---- C:\Windows\system32\D3DX9_37.dll
2008-11-01 10:27:38 ----A---- C:\Windows\system32\d3dx10_37.dll
2008-11-01 10:27:38 ----A---- C:\Windows\system32\d3dx10_36.dll
2008-11-01 10:27:38 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2008-11-01 10:27:38 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2008-11-01 10:27:37 ----A---- C:\Windows\system32\d3dx9_36.dll
2008-11-01 10:27:36 ----A---- C:\Windows\system32\xactengine2_9.dll
2008-11-01 10:27:36 ----A---- C:\Windows\system32\d3dx9_35.dll
2008-11-01 10:27:36 ----A---- C:\Windows\system32\d3dx10_35.dll
2008-11-01 10:27:36 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2008-11-01 10:27:35 ----A---- C:\Windows\system32\xinput1_3.dll
2008-11-01 10:27:35 ----A---- C:\Windows\system32\xactengine2_8.dll
2008-11-01 10:27:35 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2008-11-01 10:27:35 ----A---- C:\Windows\system32\d3dx9_34.dll
2008-11-01 10:27:35 ----A---- C:\Windows\system32\d3dx10_34.dll
2008-11-01 10:27:35 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2008-11-01 10:27:34 ----A---- C:\Windows\system32\xactengine2_7.dll
2008-11-01 10:27:34 ----A---- C:\Windows\system32\d3dx9_33.dll
2008-11-01 10:27:34 ----A---- C:\Windows\system32\d3dx10_33.dll
2008-11-01 10:27:34 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2008-11-01 10:27:33 ----A---- C:\Windows\system32\xactengine2_6.dll
2008-11-01 10:27:33 ----A---- C:\Windows\system32\xactengine2_5.dll
2008-11-01 10:27:33 ----A---- C:\Windows\system32\d3dx9_32.dll
2008-11-01 10:27:33 ----A---- C:\Windows\system32\d3dx10.dll
2008-11-01 10:27:32 ----A---- C:\Windows\system32\xinput1_2.dll
2008-11-01 10:27:32 ----A---- C:\Windows\system32\xactengine2_4.dll
2008-11-01 10:27:32 ----A---- C:\Windows\system32\xactengine2_3.dll
2008-11-01 10:27:32 ----A---- C:\Windows\system32\xactengine2_2.dll
2008-11-01 10:27:32 ----A---- C:\Windows\system32\x3daudio1_1.dll
2008-11-01 10:27:32 ----A---- C:\Windows\system32\d3dx9_31.dll
2008-11-01 10:27:31 ----A---- C:\Windows\system32\xinput1_1.dll
2008-11-01 10:27:30 ----A---- C:\Windows\system32\xactengine2_1.dll
2008-11-01 10:27:28 ----A---- C:\Windows\system32\xactengine2_0.dll
2008-11-01 10:27:28 ----A---- C:\Windows\system32\x3daudio1_0.dll
2008-11-01 10:27:28 ----A---- C:\Windows\system32\d3dx9_30.dll
2008-11-01 10:27:28 ----A---- C:\Windows\system32\d3dx9_29.dll
2008-11-01 10:27:27 ----A---- C:\Windows\system32\d3dx9_28.dll
2008-11-01 10:27:27 ----A---- C:\Windows\system32\d3dx9_27.dll
2008-11-01 10:27:27 ----A---- C:\Windows\system32\d3dx9_26.dll
2008-11-01 10:27:27 ----A---- C:\Windows\system32\d3dx9_25.dll
2008-11-01 10:27:24 ----A---- C:\Windows\system32\d3dx9_24.dll
2008-11-01 10:20:13 ----HD---- C:\Windows\msdownld.tmp
2008-11-01 10:20:08 ----D---- C:\Windows\system32\directx

======List of files/folders modified in the last 1 months======

2008-11-30 13:32:47 ----D---- C:\Windows\Temp
2008-11-30 13:32:47 ----D---- C:\Windows\Prefetch
2008-11-30 10:00:32 ----SHD---- C:\System Volume Information
2008-11-30 09:46:36 ----D---- C:\Windows\System32
2008-11-30 09:46:36 ----D---- C:\Windows\inf
2008-11-30 09:46:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2008-11-27 17:49:26 ----D---- C:\Windows\winsxs
2008-11-26 13:11:41 ----D---- C:\Windows\system32\catroot2
2008-11-26 13:11:41 ----D---- C:\Windows\system32\catroot
2008-11-24 13:03:40 ----SD---- C:\Users\Angelique\AppData\Roaming\Microsoft
2008-11-24 09:31:11 ----RD---- C:\Program Files
2008-11-24 09:31:07 ----D---- C:\Windows
2008-11-23 20:53:56 ----D---- C:\Windows\system32\Tasks
2008-11-22 12:48:08 ----SHD---- C:\Windows\Installer
2008-11-22 12:48:08 ----D---- C:\ProgramData\Microsoft Help
2008-11-20 16:42:12 ----D---- C:\Windows\rescache
2008-11-19 21:10:30 ----D---- C:\Windows\system32\WDI
2008-11-19 14:32:27 ----D---- C:\Windows\system32\nl-NL
2008-11-19 14:32:27 ----D---- C:\Windows\system32\fr-FR
2008-11-14 16:37:23 ----D---- C:\Windows\system32\drivers
2008-11-12 21:01:43 ----HD---- C:\ProgramData
2008-11-12 21:01:15 ----RSD---- C:\Windows\assembly
2008-11-10 19:29:20 ----SD---- C:\Windows\Downloaded Program Files
2008-11-10 08:31:47 ----D---- C:\Program Files\Common Files\microsoft shared
2008-11-09 10:54:39 ----D---- C:\Program Files\Common Files
2008-11-04 01:10:25 ----A---- C:\Windows\system32\mrt.exe
2008-11-03 08:21:05 ----D---- C:\Windows\Debug
2008-11-01 10:36:44 ----D---- C:\Users\Angelique\AppData\Roaming\Adobe
2008-11-01 10:27:20 ----D---- C:\Windows\Microsoft.NET
2008-11-01 10:20:07 ----D---- C:\Windows\Logs
2008-11-01 09:37:44 ----D---- C:\Program Files\Common Files\Symantec Shared
2008-11-01 09:36:15 ----D---- C:\ProgramData\Symantec
2008-10-31 17:25:03 ----HD---- C:\Windows\system32\GroupPolicyUsers
2008-10-31 17:17:19 ----HD---- C:\Windows\system32\GroupPolicy

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-18 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-18 8704]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-04-27 909824]
R3 CmBatt;Stuurprogramma voor Microsoft ACPI-besturingsmethode-accu; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-04-17 203776]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 HpqRemHid;HP Remote Control HID Device; C:\Windows\system32\DRIVERS\HpqRemHid.sys [2007-07-11 7168]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-11-01 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-11-01 208896]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2008-01-29 1042464]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-05-03 42528]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-05-03 7446656]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2008-04-24 14848]
R3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2008-04-21 62976]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-04-17 199344]
R3 usbvideo;USB-videoapparaat (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-11-01 661504]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384]
S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-04-15 94208]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-02-26 73728]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-05-03 196608]
R2 Recovery Service for Windows;Recovery Service for Windows; C:\Windows\SMINST\BLService.exe [2008-04-25 361808]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-18 386560]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-01-25 148832]
S3 GameConsoleService;GameConsoleService; C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe [2007-07-24 181800]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

-----------------EOF-----------------
et info:

info.txt logfile of random's system information tool 1.04 2008-11-30 13:32:49

======Uninstall list======

-->"C:\Program Files\HP Games\Bejeweled 2 Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Blasterball 3\Uninstall.exe"
-->"C:\Program Files\HP Games\Bricks of Egypt\Uninstall.exe"
-->"C:\Program Files\HP Games\Chuzzle Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Crystal Maze\Uninstall.exe"
-->"C:\Program Files\HP Games\Digby's Donuts\Uninstall.exe"
-->"C:\Program Files\HP Games\Diner Dash 2 Restaurant Rescue\Uninstall.exe"
-->"C:\Program Files\HP Games\Diner Dash\Uninstall.exe"
-->"C:\Program Files\HP Games\FATE\Uninstall.exe"
-->"C:\Program Files\HP Games\Fish Tycoon\Uninstall.exe"
-->"C:\Program Files\HP Games\Gem Shop\Uninstall.exe"
-->"C:\Program Files\HP Games\Insaniquarium Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Magic Academy\Uninstall.exe"
-->"C:\Program Files\HP Games\Mah Jong Quest\Uninstall.exe"
-->"C:\Program Files\HP Games\My HP Game Console\Uninstall.exe"
-->"C:\Program Files\HP Games\Ocean Express\Uninstall.exe"
-->"C:\Program Files\HP Games\Peggle\Uninstall.exe"
-->"C:\Program Files\HP Games\Penguins!\Uninstall.exe"
-->"C:\Program Files\HP Games\Polar Bowler\Uninstall.exe"
-->"C:\Program Files\HP Games\Polar Golfer Pineapple Cup\Uninstall.exe"
-->"C:\Program Files\HP Games\Polar Golfer\Uninstall.exe"
-->"C:\Program Files\HP Games\Puzzle Express\Uninstall.exe"
-->"C:\Program Files\HP Games\Ricochet Lost Worlds\Uninstall.exe"
-->"C:\Program Files\HP Games\Slingo Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Sudoku Quest\Uninstall.exe"
-->"C:\Program Files\HP Games\Super Granny\Uninstall.exe"
-->"C:\Program Files\HP Games\Tradewinds\Uninstall.exe"
-->"C:\Program Files\HP Games\Treasure Island\Uninstall.exe"
-->"C:\Program Files\HP Games\Virtual Villagers - A New Home\Uninstall.exe"
-->"C:\Program Files\HP Games\Zuma Deluxe\Uninstall.exe"
-->C:\Program Files\Conexant\SmartAudio\SETUP.EXE -U -ISmartAudio -SM=SMAUDIO.EXE,1801
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
Adobe Shockwave Player-->MsiExec.exe /X{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}
AOL Toolbar 5.0-->"C:\Program Files\AOL\AOL Toolbar 5.0\uninstall.exe"
Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Atheros Driver Installation Program-->C:\Program Files\InstallShield Installation Information\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}\setup.exe -runfromtemp -l0x0013
BitComet 1.06-->C:\Program Files\BitComet\uninst.exe
BMW M3 Challenge-->"C:\BMW M3 Challenge\Support\unins000.exe"
Cisco EAP-FAST Module-->MsiExec.exe /I{415B2719-AD3A-4944-B404-C472DB6085B3}
Cisco LEAP Module-->MsiExec.exe /I{83770D14-21B9-44B3-8689-F7B523F94560}
Cisco PEAP Module-->MsiExec.exe /I{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}
Conexant HD Audio-->C:\Program Files\CONEXANT\CNXT_AUDIO_HDA\UIU32a.exe -U -IWAHerza.INF
CyberLink DVD Suite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
CyberLink YouCam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
CyberLink YouCam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
eMule-->"C:\Program Files\eMule\Uninstall.exe"
Galerie de photos Windows Live-->MsiExec.exe /X{A70FA218-6598-4AC9-813D-63597C5DD068}
HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_HERMOSA_HSF\UIU32m.exe -U -IHPQHERzm.inf
Hewlett-Packard Active Check for Health Check-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
Hewlett-Packard Asset Agent for Health Check-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
HijackThis 2.0.2-->"C:\Downloads\HijackThis.exe" /uninstall
HP Active Support Library-->C:\Program Files\InstallShield Installation Information\{9E2CCD5E-1990-4EF2-9B61-32F0BBACC29B}\setup.exe -runfromtemp -l0x0409
HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B16DA0F8-26BC-4FFC-9363-1D9F3E6C3E21}\setup.exe" -l0x9 -removeonly
HP Doc Viewer-->MsiExec.exe /I{082702D5-5DD8-4600-BCE5-48B15174687F}
HP DVD Play 3.7-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall
HP Easy Setup - Frontend-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{51E5C397-0AA0-48DD-9CB6-7259AFFDFB0A}\setup.exe" -l0x9 -removeonly
HP Help and Support-->MsiExec.exe /X{8DF92D68-F8EE-4F9C-89A2-26254C1C4B6B}
HP Quick Launch Buttons 6.40 D3-->C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe -runfromtemp -l0x0013 uninst
HP Update-->MsiExec.exe /X{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}
HP User Guides 0110-->MsiExec.exe /I{B640E7CC-7091-4A24-AE76-2140065D2054}
HP Wireless Assistant-->MsiExec.exe /I{340F521E-3576-4E1A-B75C-EB0ACF751379}
HPNetworkAssistant-->MsiExec.exe /I{228C6B46-64E2-404E-898A-EF0830603EF4}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
K2000, La Revanche de KITT-->C:\PROGRA~1\Davilex\K2000_~1\UNWISE.EXE C:\PROGRA~1\Davilex\K2000_~1\INSTALL.LOG
LabelPrint-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\setup.exe" -uninstall
LightScribe System Software 1.12.33.2-->MsiExec.exe /X{582287DA-0806-4AC0-BF19-C15E3A466034}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works-->MsiExec.exe /I{3B160861-7250-451E-B5EE-8B92BF30A710}
Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Mozilla Firefox (3.0.4)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
My HP Games-->"C:\Program Files\HP Games\Uninstall.exe"
Nathan Français CE2-->C:\Program Files\Nathan\Francais CE2\Uninstal.exe
Nathan Mathématiques CE1-->C:\Program Files\Nathan\Mathematiques CE1\Uninstal.exe
NetWaiting-->C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x0013 -removeonly
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
OpenOffice.org 3.0-->MsiExec.exe /I{6860B340-530D-46B3-91F8-1AE1F70F7C33}
Power2Go-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\setup.exe" -uninstall
PowerDirector-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" /z-uninstall
QuickPlay SlingPlayer 0.4.6-->"C:\Program Files\HP\QuickPlay\unins000.exe"
Rami Royal-->MsiExec.exe /I{A25B578D-E25B-4A4E-9F2A-22E03480F79A}
Realtek USB 2.0 Card Reader-->C:\Program Files\InstallShield Installation Information\{DC24971E-1946-445D-8A82-CE685433FA7D}\setup.exe -runfromtemp -l0x0009 -removeonly
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB955936)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {1D94099C-2BBA-440E-BD5E-093BBDF8F028}
Security Update for Microsoft Office Excel 2007 (KB955470)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6E8637D8-10D6-4568-AA06-E2706F31685E}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office system 2007 (KB951808)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office Word 2007 (KB950113)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}
Shareaza 2.4.0.0-->"C:\Program Files\Shareaza\Uninstall\unins000.exe"
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
SYNTHPRONOS + COMPLETE-->C:\Windows\GPInstall.exe "/UNINST=C:\Program Files\SYNTHPRONOP\UnInst.log" "/APPNAME=SYNTHPRONOS + COMPLETE"
TmNationsForever-->"C:\Program Files\TmNationsForever\unins000.exe"
Update for Microsoft Office Excel 2007 Help (KB957242)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {49E314EE-81FA-4007-8F1A-8D39BDBB4498}
Update for Office 2007 (KB946691)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}

======Security center information======

AS: Windows Defender

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\CyberLink\Power2Go
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=17
"PROCESSOR_IDENTIFIER"=x86 Family 17 Model 3 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=0301
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE
"OnlineServices"=Online Services
"Platform"=MCD
"PCBRAND"=Presario

-----------------EOF-----------------

Merci encore pour votre aide.

Cordialement

répondre

Curson le 30 novembre 2008 à 22h02

Bonsoir Angélique,

Ton système est bien infecté.

1) Désactive Windows Defender.

2) Télécharge OTMoveIt3 de OldTimer :

- Enregistre-le sur ton bureau
- Double-clique sur OTMoveIt3.exe pour le lancer (l'extension peut ne pas apparaître)
- Copie-colle l'entièreté de ceci ci dessous dans la partie "Paste Instructions for Items to be Moved" (en-dessous de la barre jaune) :

:Processes
explorer.exe

:Files
C:\Users\Angelique\AppData\Roaming\gadcom\
C:\Users\Angelique\AppData\Roaming\Twain\
C:\Windows\Temp\CTun.exe
C:\Windows\system32\yayvtUkK.dll
C:\Users\Angelique\AppData\Roaming\Microsoft\Windows\pfxhhwt.exe
C:\Windows\GPInstall.exe
C:\Windows\IsUninst.exe
C:\Windows\unin040c.exe
C:\Windows\msdownld.tmp

:Reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Uninstall_CToolbar"=-
"MSServer"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"gadcom"=-
"SfKg6wIPu"=-
"Twain"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{D8CADFE4-81E7-4424-887F-DC661B79EAFF}"=-

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

- Ferme tous tes programmes et clique sur le bouton rouge Moveit! pour lancer le nettoyage
- Copie-colle dans ta prochaine réponse tout ce qui se trouve dans la fenêtre Results (en vert à droite)
--> Un rapport sera généré dans le dossier C:\ _OTMoveIt\MovedFiles avec la date et l'heure du passage de l'outil (mmddyyyy_hhmmss.log)
- Ferme OTMoveIt3 (en cliquant sur Exit)

Note : Si un fichier ou un dossier ne sait être supprimé directement, l'outil peut demander un redémarrage pour terminer le processus. Clique alors sur "Yes" pour accepter...

3) Télécharge Malwarebytes Anti-Malware.

- Installe-le et fais les mises à jour.

5) Lance MBAM :

- Coche la case "Exécuter un examen complet" puis clique sur Rechercher.
- Sélectionne (coche) toutes tes partitions puis clique sur "Lancer l'examen".
- Lorsque le scan est terminé, un message te prévient. Clique alors sur le bouton "Montrer les résultats".
- Dans la fenêtre suivante clique sur "Supprimer la sélection". Si le programme te propose de redémarrer l'ordinateur, accepte!
- Le rapport de scan va s'afficher. Sauvegarde le puis poste son contenu.

6) Nous allons maintenant télécharger un anti-virus.
Personnellement je conseille l'installation AntiVir PersonalEdition Classic.
Voici un tutorial pour sa configuration : [URL=http://www.malekal.com/tutorial_antivir.php][/URL]

- Fais un scan complet de ton disque dur (voir tutorial).
- Poste le rapport de scan ici.

Où en sont tes problèmes ?

A plus tard.

répondre

sepsem le 01 décembre 2008 à 22h34

Bonsoir,

merci pour votre aide.
Voici les rapports:
Malware:

Malwarebytes' Anti-Malware 1.30
Version de la base de données: 1441
Windows 6.0.6001 Service Pack 1

1/12/2008 22:32:15
mbam-log-2008-12-01 (22-32-15).txt

Type de recherche: Examen complet (C:\|D:\|E:\|)
Eléments examinés: 196398
Temps écoulé: 1 hour(s), 25 minute(s), 36 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{d8cadfe4-81e7-4424-887f-dc661b79eaff} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\IST (Trojan.ISTBar) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{d8cadfe4-81e7-4424-887f-dc661b79eaff} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MSServer (Trojan.Agent) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\_OTMoveIt\MovedFiles\12012008_204526\Users\Angelique\AppData\Roaming\gadcom\gadcom.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\_OTMoveIt\MovedFiles\12012008_204526\Users\Angelique\AppData\Roaming\Twain\Twain.exe (Adware.Agent) -> Quarantined and deleted successfully.

répondre

sepsem le 01 décembre 2008 à 22h37

et OTMOVEIT:

========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
C:\Users\Angelique\AppData\Roaming\gadcom moved successfully.
C:\Users\Angelique\AppData\Roaming\Twain moved successfully.
C:\Windows\Temp\CTun.exe moved successfully.
File/Folder C:\Windows\system32\yayvtUkK.dll not found.
File/Folder C:\Users\Angelique\AppData\Roaming\Microsoft\Windows\pfxhhwt.exe not found.
File move failed. C:\Windows\GPInstall.exe scheduled to be moved on reboot.
File move failed. C:\Windows\IsUninst.exe scheduled to be moved on reboot.
File move failed. C:\Windows\unin040c.exe scheduled to be moved on reboot.
Folder move failed. C:\Windows\msdownld.tmp scheduled to be moved on reboot.
========== REGISTRY ==========
Unable to delete registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}\\ .
Unable to delete registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Uninstall_CToolbar .
Unable to delete registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MSServer .
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\gadcom not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\SfKg6wIPu deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Twain deleted successfully.
Unable to delete registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{D8CADFE4-81E7-4424-887F-DC661B79EAFF} .
Unable to delete registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D8CADFE4-81E7-4424-887F-DC661B79EAFF}\ .
========== COMMANDS ==========
File delete failed. C:\Users\ANGELI~1\AppData\Local\Temp\Low\~DF2402.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\ANGELI~1\AppData\Local\Temp\Low\~DF2408.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\Windows\temp\{4d36e96d-e325-11ce-bfc1-08002be10318}0000\INWPS2.ini scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\{4d36e96d-e325-11ce-bfc1-08002be10318}0000\IPathViS.INI scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\{4d36e96c-e325-11ce-bfc1-08002be10318}0007\CQ70_EQ.INI scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\{4d36e96c-e325-11ce-bfc1-08002be10318}0007\IPathVXS.INI scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\{4d36e96c-e325-11ce-bfc1-08002be10318}0007\ISAPS.INI scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WLXPL_DX\DEC2006_d3dx9_32_x86.cab scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WLXPL_DX\DSETUP.dll scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WLXPL_DX\dsetup32.dll scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WLXPL_DX\dxdllreg_x86.cab scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WLXPL_DX\dxsetup.exe scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WLXPL_DX\dxupdate.cab scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\SMARTAUDIO\SmAudio.ini scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\BootClean.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\conexant.cer scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\DIFXAPI.DLL scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\DMI5688.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile00.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile01.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile02.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile03.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile04.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile05.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile06.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile07.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile08.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile09.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile10.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile11.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile12.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081026-195039-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081026-195620-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081027-190854-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081027-191039-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081028-090028-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081028-090040-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081028-170534-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081028-170544-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081028-172034-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081028-172106-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081029-124750-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081029-124759-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081029-132028-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081029-132057-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081029-180305-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081029-180314-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081029-181806-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081029-181851-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081030-084755-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081030-084813-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081030-091515-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081030-091639-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081030-093008-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081030-093059-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081030-153634-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081030-153658-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081030-155135-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081030-155219-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081030-180940-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081030-180954-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081030-182441-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081030-182528-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081030-185328-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081030-185341-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081030-190827-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081030-190909-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081031-080217-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081031-080232-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081031-130735-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081031-130751-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081031-171220-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081031-171234-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081031-172720-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081031-172806-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081031-182917-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081031-182930-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081031-184418-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081031-184458-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081101-092659-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081101-092712-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081101-093754-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081101-093804-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081101-102904-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081101-102916-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081101-104405-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081101-104443-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081101-192141-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081101-192153-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081101-193641-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081101-193722-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081102-091649-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081102-091700-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081102-093149-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081102-093238-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081103-081629-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081103-081641-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081103-083129-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081103-083212-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081103-115926-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081103-115938-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081103-121425-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081103-121519-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081103-183403-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081103-183416-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081103-184904-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081103-184957-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081104-142241-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081104-142253-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081104-143742-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081104-143831-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081105-130500-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081105-130512-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081105-132000-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081105-132106-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081105-174646-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081105-174658-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081105-180146-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081105-180255-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081106-122606-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081106-122618-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081106-130223-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081106-130235-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081106-175538-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081106-175550-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081106-181038-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081106-181136-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081107-125706-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081107-125718-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081107-131206-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081107-131245-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081107-162219-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081107-162231-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081107-163719-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081107-163810-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081108-093019-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081108-093031-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081108-145649-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081108-145701-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081108-151149-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081108-151240-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081109-101745-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081109-101757-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081110-082315-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081110-082327-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081110-083815-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081110-083929-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081110-144649-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081110-144701-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081110-150148-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081110-150236-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081110-165137-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081110-165149-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081110-170636-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081110-170718-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081111-104535-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081111-104547-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081111-174605-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081111-174617-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081111-180104-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081111-180148-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081112-164141-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081112-164153-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081112-182220-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081112-182232-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081112-183720-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081112-183805-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081113-081737-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081113-081749-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081113-122529-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081113-122541-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081113-124029-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081113-124114-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081113-192349-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081113-192403-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081113-193848-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081113-193939-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081114-100243-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081114-100256-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081114-162737-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081114-162749-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081114-163922-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081114-164004-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081114-165422-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081114-165508-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081115-095120-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081115-095136-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081115-221905-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081115-221917-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081116-105417-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081116-105528-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081116-161701-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081116-161714-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081116-163200-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081116-163248-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081116-202849-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081116-202901-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081116-204349-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081116-204429-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081117-092402-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081117-092413-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081117-125044-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081117-125055-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081117-130543-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081117-130619-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081118-143116-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081118-143128-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081118-144616-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081118-144645-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081119-143303-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081119-143318-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081119-151452-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081119-151506-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081120-075919-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081120-075931-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081120-162153-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081120-162205-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081120-163653-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081120-163744-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081121-123005-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081121-123017-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081121-161521-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081121-161533-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081122-124400-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081122-124412-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081122-203729-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081122-203742-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081122-205230-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081122-205317-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081123-101559-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081123-101611-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081123-103100-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081123-103145-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081123-110525-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081123-110538-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081123-112026-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081123-112054-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081124-081525-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081124-081537-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081124-082746-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081124-082759-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081124-084246-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081124-084317-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081125-120624-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081125-120636-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081125-174412-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081125-174424-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081126-130622-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081126-130634-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081126-132122-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081126-132205-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081127-165355-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081127-165410-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081127-174456-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081127-174508-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081127-175957-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081127-180028-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081127-183252-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081127-183309-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081127-184752-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081127-184838-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081127-192632-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081127-192645-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081127-194132-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081127-194226-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081128-122507-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081128-122519-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081128-124007-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081128-124054-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081129-095935-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081129-095948-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081129-101435-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081129-101521-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081130-094133-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081130-094145-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081130-095633-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081130-095709-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081130-165205-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081130-165217-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081130-170705-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081130-170742-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081201-090730-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081201-090742-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081201-092230-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081201-092306-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081201-163138-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081201-163150-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081201-164638-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20081201-164714-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\MpCmdRun.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\MpSigStub.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\RTWaveTempINI.ini scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\TempINI.ini scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WinSAT_DX.etl scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WinSAT_KernelLog.etl scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WinSAT_StorageAsmt.etl scheduled to be deleted on reboot.
Windows Temp folder emptied.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.7.1 log created on 12012008_204526

Demain j'installe l'antivirus

Merci encore

répondre

sepsem le 01 décembre 2008 à 22h39

C'est encore moi !!!

dois-je remettre windows defender ?

répondre

Curson le 01 décembre 2008 à 23h30

Bonsoir,

Tu peux sans problème réactiver Windows Defender. Il ne fallait le désactiver que durant l'utilisation de OTMoveIt.

Après avoir fait le scan avec AntiVir, peux-tu refaire la manipulation avec RSIT ?

Dans ta prochaine réponse, poste le rapport de scan d'AntiVir ainsi que les rapports générés avec RSIT.

Bonne nuit.

répondre

sepsem le 03 décembre 2008 à 13h17

Bonjour,

je viens d'installer l'antivirus, je vais scanner. Le RSIT que tu demandes correspond a quel programme ?

Merci encore pour tout

répondre

sepsem le 03 décembre 2008 à 14h05

Re:
Voici le rapport de l'antivirus

Avira AntiVir Personal
Report file date: mercredi 3 décembre 2008 13:25

Scanning for 1070676 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows Vista
Windows version: (Service Pack 1) [6.0.6001]
Boot mode: Normally booted
Username: SYSTEM
Computer name: PC-DE-ANGELIQUE

Version information:
BUILD.DAT : 8.2.0.337 16934 Bytes 18/11/2008 13:05:00
AVSCAN.EXE : 8.1.4.10 315649 Bytes 18/11/2008 08:21:26
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 11:30:36
ANTIVIR1.VDF : 7.1.0.56 411136 Bytes 9/11/2008 16:57:13
ANTIVIR2.VDF : 7.1.0.160 571392 Bytes 30/11/2008 12:20:22
ANTIVIR3.VDF : 7.1.0.178 149504 Bytes 3/12/2008 12:20:24
Engineversion : 8.2.0.36
AEVDF.DLL : 8.1.0.6 102772 Bytes 14/10/2008 10:05:56
AESCRIPT.DLL : 8.1.1.15 332156 Bytes 11/11/2008 14:00:07
AESCN.DLL : 8.1.1.5 123251 Bytes 7/11/2008 15:06:41
AERDL.DLL : 8.1.1.3 438645 Bytes 4/11/2008 13:58:38
AEPACK.DLL : 8.1.3.4 393591 Bytes 11/11/2008 09:41:39
AEOFFICE.DLL : 8.1.0.30 196986 Bytes 7/11/2008 15:06:41
AEHEUR.DLL : 8.1.0.71 1487222 Bytes 7/11/2008 15:06:41
AEHELP.DLL : 8.1.2.0 119159 Bytes 3/12/2008 12:20:29
AEGEN.DLL : 8.1.1.6 323955 Bytes 3/12/2008 12:20:28
AEEMU.DLL : 8.1.0.9 393588 Bytes 14/10/2008 10:05:56
AECORE.DLL : 8.1.5.2 172405 Bytes 3/12/2008 12:20:26
AEBB.DLL : 8.1.0.3 53618 Bytes 14/10/2008 10:05:56
AVWINLL.DLL : 1.0.0.12 15105 Bytes 9/07/2008 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 31/07/2008 12:02:15
AVREG.DLL : 8.0.0.1 33537 Bytes 9/05/2008 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: mercredi 3 décembre 2008 13:25

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'TrustedInstaller.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'VSSVC.exe' - '1' Module(s) have been scanned
Scan process 'BitComet.exe' - '1' Module(s) have been scanned
Scan process 'SynTPHelper.exe' - '1' Module(s) have been scanned
Scan process 'WLLoginProxy.exe' - '1' Module(s) have been scanned
Scan process 'conime.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'ieuser.exe' - '1' Module(s) have been scanned
Scan process 'HpqToaster.exe' - '1' Module(s) have been scanned
Scan process 'WiFiMsg.exe' - '1' Module(s) have been scanned
Scan process 'soffice.bin' - '1' Module(s) have been scanned
Scan process 'soffice.exe' - '1' Module(s) have been scanned
Scan process 'wmpnscfg.exe' - '1' Module(s) have been scanned
Scan process 'LightScribeControlPanel.exe' - '1' Module(s) have been scanned
Scan process 'sidebar.exe' - '1' Module(s) have been scanned
Scan process 'wpcumi.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'HPWAMain.exe' - '1' Module(s) have been scanned
Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned
Scan process 'QLBCTRL.exe' - '1' Module(s) have been scanned
Scan process 'MSASCui.exe' - '1' Module(s) have been scanned
Scan process 'QPService.exe' - '1' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'dwm.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'HPHC_Service.exe' - '1' Module(s) have been scanned
Scan process 'Com4QLBEx.exe' - '1' Module(s) have been scanned
Scan process 'hpqwmiex.exe' - '1' Module(s) have been scanned
Scan process 'wmpnetwk.exe' - '1' Module(s) have been scanned
Scan process 'WmiPrvSE.exe' - '1' Module(s) have been scanned
Scan process 'XAudio.exe' - '1' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'RichVideo.exe' - '1' Module(s) have been scanned
Scan process 'BLService.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'wlanext.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'SLsvc.exe' - '1' Module(s) have been scanned
Scan process 'audiodg.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'nvvsvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsm.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'wininit.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
70 processes with 70 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '49' files ).

Starting the file scan:

Begin scan in 'C:\'
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Users\Angelique\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FZQ50UKC\VistaMSNPUpldfr-be[1].cab
[0] Archive type: CAB (Microsoft)
--> MSNPUpld.inf
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\Users\Angelique\AppData\Local\Microsoft\Windows\WER\ReportArchive\Report0c5bb27c\Report.cab
[0] Archive type: CAB (Microsoft)
--> mlJYRLCS.dll.xor
[1] Archive type: HIDDEN
--> MEM\AV00042794.AV$
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was deleted!
Begin scan in 'D:\' <PRESARIO_RP>

End of the scan: mercredi 3 décembre 2008 14:01
Used time: 35:18 Minute(s)

The scan has been done completely.

22175 Scanning directories
536610 Files were scanned
1 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
1 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
536607 Files not concerned
4636 Archives were scanned
3 Warnings
1 Notes

pour le RSIT, j'attend votre info

A +

répondre

Curson le 04 décembre 2008 à 00h09

Bonsoir Angélique,

AntiVir n'a rien trouvé de réellement significatif. A première vue, l'infection a été éradiquée.

Nous allons le vérifier en utilisant RSIT ; revoici la procédure

1) Télécharge (si nécessaire) http://images.malwareremoval.com/random/RSIT.exe par random/random et sauvegarde-le sur le Bureau.

- Double-clique sur RSIT.exe afin de lancer RSIT.
- Clique Continue à l'écran Disclaimer.
- Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
- Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
- Si tu ne vois pas ces deux rapports, tu les trouveras dans le dossier C:\rsit

A plus tard.

répondre

sepsem le 04 décembre 2008 à 20h25

Bonsoir,

voici le log txt :

Logfile of random's system information tool 1.04 (written by random/random)
Run by Angelique at 2008-12-04 20:22:44
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 166 GB (73%) free of 229 GB
Total RAM: 2814 MB (35% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:22:52, on 4/12/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Windows\System32\wpcumi.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\conime.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\BitComet\BitComet.exe
C:\Downloads\RSIT.exe
C:\Downloads\Angelique.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_be&c(...)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/intl/fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_be&c(...)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_be&c(...)
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Uninstall_CToolbar] "C:\Windows\Temp\CTun.exe" "/remove"
O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [RegistryBooster 2 d’Uniblue ] c:\program files\uniblue\registrybooster 2\StartRegistryBooster.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-3559762823-3296672218-2517187657-1001\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'JORDAN')
O4 - HKUS\S-1-5-21-3559762823-3296672218-2517187657-1002\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'ALISON')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\fr-BE\local\search.html
O8 - Extra context menu item: &T&élécharger &avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &T&élécharger tout avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &T&élécharger toute vidéo avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O13 - Gopher Prefix:
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://belgacom.extrafilm.be/ImageUploader5.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 10021 bytes

======Scheduled tasks folder======

C:\Windows\tasks\User_Feed_Synchronization-{A0E6A49C-BEC8-4E93-8F11-2D63D86D62BA}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll [2008-08-11 656696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}]
AOL Toolbar BHO - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll [2008-02-03 1185120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{DE9C389F-3316-41A7-809B-AA305ED9D922} - AOL Toolbar - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll [2008-02-03 1185120]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-05-03 13535776]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-05-03 92704]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-04-17 1049896]
"UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2007-12-24 222504]
"QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2008-04-01 468264]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-03-14 202032]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-04-15 70912]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-15 488752]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"Uninstall_CToolbar"=C:\Windows\Temp\CTun.exe /remove []
"WPCUMI"=C:\Windows\system32\WpcUmi.exe [2006-11-02 176128]
"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1233920]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-02-26 2289664]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
"RegistryBooster 2 d’Uniblue "=c:\program files\uniblue\registrybooster 2\StartRegistryBooster.exe []

C:\Users\Angelique\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.0.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2008-12-03 13:19:27 ----D---- C:\ProgramData\Avira
2008-12-03 13:19:27 ----D---- C:\Program Files\Avira
2008-12-01 20:52:12 ----D---- C:\Users\Angelique\AppData\Roaming\Malwarebytes
2008-12-01 20:52:08 ----D---- C:\ProgramData\Malwarebytes
2008-12-01 20:52:08 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-12-01 20:45:26 ----D---- C:\_OTMoveIt
2008-11-30 13:32:32 ----D---- C:\rsit
2008-11-26 13:11:50 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2008-11-26 13:11:49 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2008-11-26 13:11:49 ----A---- C:\Windows\system32\WindowsCodecs.dll
2008-11-26 13:11:49 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2008-11-26 13:11:46 ----A---- C:\Windows\system32\connect.dll
2008-11-24 09:31:11 ----D---- C:\Program Files\SYNTHPRONOP
2008-11-24 09:31:07 ----A---- C:\Windows\GPInstall.exe
2008-11-24 08:24:24 ----D---- C:\Users\Angelique\AppData\Roaming\Uniblue
2008-11-23 10:56:40 ----D---- C:\Users\Angelique\AppData\Roaming\Shareaza
2008-11-23 10:56:40 ----D---- C:\Program Files\Shareaza
2008-11-22 13:34:03 ----D---- C:\Downloads
2008-11-22 13:33:34 ----D---- C:\Program Files\BitComet
2008-11-22 13:19:18 ----D---- C:\Program Files\SynthPronosPlusSha
2008-11-18 14:35:35 ----A---- C:\Windows\system32\wups2.dll
2008-11-18 14:35:35 ----A---- C:\Windows\system32\wucltux.dll
2008-11-18 14:35:35 ----A---- C:\Windows\system32\wuaueng.dll
2008-11-18 14:35:35 ----A---- C:\Windows\system32\wuauclt.exe
2008-11-18 14:35:15 ----A---- C:\Windows\system32\wups.dll
2008-11-18 14:35:15 ----A---- C:\Windows\system32\wudriver.dll
2008-11-18 14:35:15 ----A---- C:\Windows\system32\wuapi.dll
2008-11-18 14:35:08 ----A---- C:\Windows\system32\wuwebv.dll
2008-11-18 14:35:08 ----A---- C:\Windows\system32\wuapp.exe
2008-11-17 11:04:56 ----D---- C:\Rummy Royal
2008-11-13 12:33:37 ----A---- C:\Windows\system32\msxml3.dll
2008-11-13 12:33:35 ----A---- C:\Windows\system32\msxml6.dll
2008-11-12 21:01:43 ----D---- C:\ProgramData\TrackMania
2008-11-12 20:57:19 ----D---- C:\Program Files\TmNationsForever
2008-11-09 11:17:48 ----D---- C:\ProgramData\eMule
2008-11-09 11:17:13 ----D---- C:\Program Files\eMule
2008-11-09 11:02:03 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2008-11-09 10:54:39 ----SHDC---- C:\Program Files\Common Files\WindowsLiveInstaller
2008-11-09 10:54:31 ----D---- C:\Program Files\Windows Live
2008-11-09 10:53:09 ----D---- C:\ProgramData\WLInstaller
2008-11-07 19:32:48 ----D---- C:\Users\Angelique\AppData\Roaming\Mozilla
2008-11-07 19:32:24 ----D---- C:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 months======

2008-12-04 20:22:52 ----D---- C:\Windows\Prefetch
2008-12-04 20:22:48 ----D---- C:\Windows\Temp
2008-12-04 17:43:19 ----SHD---- C:\System Volume Information
2008-12-04 17:34:17 ----D---- C:\Windows\System32
2008-12-04 17:34:17 ----D---- C:\Windows\inf
2008-12-04 17:34:17 ----A---- C:\Windows\system32\PerfStringBackup.INI
2008-12-03 13:19:27 ----RD---- C:\Program Files
2008-12-03 13:19:27 ----HD---- C:\ProgramData
2008-12-03 13:19:27 ----D---- C:\Windows\system32\drivers
2008-12-01 17:01:57 ----D---- C:\Windows\Tasks
2008-12-01 17:01:57 ----D---- C:\Windows\system32\Tasks
2008-11-27 17:49:26 ----D---- C:\Windows\winsxs
2008-11-26 13:11:41 ----D---- C:\Windows\system32\catroot2
2008-11-26 13:11:41 ----D---- C:\Windows\system32\catroot
2008-11-24 13:03:40 ----SD---- C:\Users\Angelique\AppData\Roaming\Microsoft
2008-11-24 09:31:07 ----D---- C:\Windows
2008-11-22 12:48:08 ----SHD---- C:\Windows\Installer
2008-11-22 12:48:08 ----D---- C:\ProgramData\Microsoft Help
2008-11-20 16:42:12 ----D---- C:\Windows\rescache
2008-11-19 21:10:30 ----D---- C:\Windows\system32\WDI
2008-11-19 14:32:27 ----D---- C:\Windows\system32\nl-NL
2008-11-19 14:32:27 ----D---- C:\Windows\system32\fr-FR
2008-11-17 18:15:02 ----D---- C:\BMW M3 Challenge
2008-11-12 21:01:15 ----RSD---- C:\Windows\assembly
2008-11-10 19:29:20 ----SD---- C:\Windows\Downloaded Program Files
2008-11-10 08:31:47 ----D---- C:\Program Files\Common Files\microsoft shared
2008-11-09 10:54:39 ----D---- C:\Program Files\Common Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [2007-02-27 11840]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2008-10-30 75072]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-18 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-18 8704]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-04-27 909824]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [2008-05-20 52032]
R3 CmBatt;Stuurprogramma voor Microsoft ACPI-besturingsmethode-accu; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-04-17 203776]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 HpqRemHid;HP Remote Control HID Device; C:\Windows\system32\DRIVERS\HpqRemHid.sys [2007-07-11 7168]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-11-01 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-11-01 208896]
R3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2008-01-29 1042464]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-05-03 42528]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-05-03 7446656]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2008-04-24 14848]
R3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2008-04-21 62976]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-04-17 199344]
R3 usbvideo;USB-videoapparaat (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-11-01 661504]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384]
S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]
R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-04-15 94208]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-02-26 73728]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-05-03 196608]
R2 Recovery Service for Windows;Recovery Service for Windows; C:\Windows\SMINST\BLService.exe [2008-04-25 361808]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-18 386560]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-01-25 148832]
R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 GameConsoleService;GameConsoleService; C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe [2007-07-24 181800]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

-----------------EOF-----------

répondre

sepsem le 04 décembre 2008 à 20h29

et info :

info.txt logfile of random's system information tool 1.04 2008-11-30 13:32:49

======Uninstall list======

-->"C:\Program Files\HP Games\Bejeweled 2 Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Blasterball 3\Uninstall.exe"
-->"C:\Program Files\HP Games\Bricks of Egypt\Uninstall.exe"
-->"C:\Program Files\HP Games\Chuzzle Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Crystal Maze\Uninstall.exe"
-->"C:\Program Files\HP Games\Digby's Donuts\Uninstall.exe"
-->"C:\Program Files\HP Games\Diner Dash 2 Restaurant Rescue\Uninstall.exe"
-->"C:\Program Files\HP Games\Diner Dash\Uninstall.exe"
-->"C:\Program Files\HP Games\FATE\Uninstall.exe"
-->"C:\Program Files\HP Games\Fish Tycoon\Uninstall.exe"
-->"C:\Program Files\HP Games\Gem Shop\Uninstall.exe"
-->"C:\Program Files\HP Games\Insaniquarium Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Magic Academy\Uninstall.exe"
-->"C:\Program Files\HP Games\Mah Jong Quest\Uninstall.exe"
-->"C:\Program Files\HP Games\My HP Game Console\Uninstall.exe"
-->"C:\Program Files\HP Games\Ocean Express\Uninstall.exe"
-->"C:\Program Files\HP Games\Peggle\Uninstall.exe"
-->"C:\Program Files\HP Games\Penguins!\Uninstall.exe"
-->"C:\Program Files\HP Games\Polar Bowler\Uninstall.exe"
-->"C:\Program Files\HP Games\Polar Golfer Pineapple Cup\Uninstall.exe"
-->"C:\Program Files\HP Games\Polar Golfer\Uninstall.exe"
-->"C:\Program Files\HP Games\Puzzle Express\Uninstall.exe"
-->"C:\Program Files\HP Games\Ricochet Lost Worlds\Uninstall.exe"
-->"C:\Program Files\HP Games\Slingo Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Sudoku Quest\Uninstall.exe"
-->"C:\Program Files\HP Games\Super Granny\Uninstall.exe"
-->"C:\Program Files\HP Games\Tradewinds\Uninstall.exe"
-->"C:\Program Files\HP Games\Treasure Island\Uninstall.exe"
-->"C:\Program Files\HP Games\Virtual Villagers - A New Home\Uninstall.exe"
-->"C:\Program Files\HP Games\Zuma Deluxe\Uninstall.exe"
-->C:\Program Files\Conexant\SmartAudio\SETUP.EXE -U -ISmartAudio -SM=SMAUDIO.EXE,1801
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
Adobe Shockwave Player-->MsiExec.exe /X{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}
AOL Toolbar 5.0-->"C:\Program Files\AOL\AOL Toolbar 5.0\uninstall.exe"
Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Atheros Driver Installation Program-->C:\Program Files\InstallShield Installation Information\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}\setup.exe -runfromtemp -l0x0013
BitComet 1.06-->C:\Program Files\BitComet\uninst.exe
BMW M3 Challenge-->"C:\BMW M3 Challenge\Support\unins000.exe"
Cisco EAP-FAST Module-->MsiExec.exe /I{415B2719-AD3A-4944-B404-C472DB6085B3}
Cisco LEAP Module-->MsiExec.exe /I{83770D14-21B9-44B3-8689-F7B523F94560}
Cisco PEAP Module-->MsiExec.exe /I{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}
Conexant HD Audio-->C:\Program Files\CONEXANT\CNXT_AUDIO_HDA\UIU32a.exe -U -IWAHerza.INF
CyberLink DVD Suite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
CyberLink YouCam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
CyberLink YouCam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
eMule-->"C:\Program Files\eMule\Uninstall.exe"
Galerie de photos Windows Live-->MsiExec.exe /X{A70FA218-6598-4AC9-813D-63597C5DD068}
HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_HERMOSA_HSF\UIU32m.exe -U -IHPQHERzm.inf
Hewlett-Packard Active Check for Health Check-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
Hewlett-Packard Asset Agent for Health Check-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
HijackThis 2.0.2-->"C:\Downloads\HijackThis.exe" /uninstall
HP Active Support Library-->C:\Program Files\InstallShield Installation Information\{9E2CCD5E-1990-4EF2-9B61-32F0BBACC29B}\setup.exe -runfromtemp -l0x0409
HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B16DA0F8-26BC-4FFC-9363-1D9F3E6C3E21}\setup.exe" -l0x9 -removeonly
HP Doc Viewer-->MsiExec.exe /I{082702D5-5DD8-4600-BCE5-48B15174687F}
HP DVD Play 3.7-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall
HP Easy Setup - Frontend-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{51E5C397-0AA0-48DD-9CB6-7259AFFDFB0A}\setup.exe" -l0x9 -removeonly
HP Help and Support-->MsiExec.exe /X{8DF92D68-F8EE-4F9C-89A2-26254C1C4B6B}
HP Quick Launch Buttons 6.40 D3-->C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe -runfromtemp -l0x0013 uninst
HP Update-->MsiExec.exe /X{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}
HP User Guides 0110-->MsiExec.exe /I{B640E7CC-7091-4A24-AE76-2140065D2054}
HP Wireless Assistant-->MsiExec.exe /I{340F521E-3576-4E1A-B75C-EB0ACF751379}
HPNetworkAssistant-->MsiExec.exe /I{228C6B46-64E2-404E-898A-EF0830603EF4}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
K2000, La Revanche de KITT-->C:\PROGRA~1\Davilex\K2000_~1\UNWISE.EXE C:\PROGRA~1\Davilex\K2000_~1\INSTALL.LOG
LabelPrint-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\setup.exe" -uninstall
LightScribe System Software 1.12.33.2-->MsiExec.exe /X{582287DA-0806-4AC0-BF19-C15E3A466034}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works-->MsiExec.exe /I{3B160861-7250-451E-B5EE-8B92BF30A710}
Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Mozilla Firefox (3.0.4)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
My HP Games-->"C:\Program Files\HP Games\Uninstall.exe"
Nathan Français CE2-->C:\Program Files\Nathan\Francais CE2\Uninstal.exe
Nathan Mathématiques CE1-->C:\Program Files\Nathan\Mathematiques CE1\Uninstal.exe
NetWaiting-->C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x0013 -removeonly
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
OpenOffice.org 3.0-->MsiExec.exe /I{6860B340-530D-46B3-91F8-1AE1F70F7C33}
Power2Go-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\setup.exe" -uninstall
PowerDirector-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" /z-uninstall
QuickPlay SlingPlayer 0.4.6-->"C:\Program Files\HP\QuickPlay\unins000.exe"
Rami Royal-->MsiExec.exe /I{A25B578D-E25B-4A4E-9F2A-22E03480F79A}
Realtek USB 2.0 Card Reader-->C:\Program Files\InstallShield Installation Information\{DC24971E-1946-445D-8A82-CE685433FA7D}\setup.exe -runfromtemp -l0x0009 -removeonly
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB955936)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {1D94099C-2BBA-440E-BD5E-093BBDF8F028}
Security Update for Microsoft Office Excel 2007 (KB955470)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6E8637D8-10D6-4568-AA06-E2706F31685E}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office system 2007 (KB951808)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office Word 2007 (KB950113)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}
Shareaza 2.4.0.0-->"C:\Program Files\Shareaza\Uninstall\unins000.exe"
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
SYNTHPRONOS + COMPLETE-->C:\Windows\GPInstall.exe "/UNINST=C:\Program Files\SYNTHPRONOP\UnInst.log" "/APPNAME=SYNTHPRONOS + COMPLETE"
TmNationsForever-->"C:\Program Files\TmNationsForever\unins000.exe"
Update for Microsoft Office Excel 2007 Help (KB957242)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {49E314EE-81FA-4007-8F1A-8D39BDBB4498}
Update for Office 2007 (KB946691)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}

======Security center information======

AS: Windows Defender

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\CyberLink\Power2Go
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=17
"PROCESSOR_IDENTIFIER"=x86 Family 17 Model 3 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=0301
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE
"OnlineServices"=Online Services
"Platform"=MCD
"PCBRAND"=Presario

-----------------EOF-----------------

Par contre j'ai internet qui rame depuis 2 jours !!!

encore merci pour tout

répondre

Curson le 05 décembre 2008 à 17h43

Bonsoir Angélique,

Ton système n'est plus infecté.

1) Tu peux supprimer les logiciels utilisés ainsi que : C:\_OTMoveIt et C:\rsit

2) Ta version de Java n'est pas à jour ; télécharge JavaRa et suis les instructions.

Quelques conseils de sécurité

- Windows Update parfaitement à jour (catégorie critique, Services Pack et Services Release)
- pare-feu bien paramétré - antivirus bien paramétré et mis à jour régulièrement (quotidiennement s'il le faut) avec un scan complet régulier.
- IMPORTANT : une attitude prudente vis à vis de la navigation (pas de sites douteux : cracks, warez, etc) et vis à vis de la messagerie (les fichiers joints aux messages doivent être scanné avant d'être ouvert ainsi que les fichiers téléchargés dont la provenance n'est pas sûre !!)
- une attitude vigilante (être l'affût de fonctionnements inhabituels de ton système)

Si tu désires mieux connaître le domaine de la sécurité informatique, je ne peux que t'encourager à visiter le site de Malekal_Morte.

Cordialement.

répondre