Virus Msn
Hido
-
JOJO -
JOJO -
Bonjour,
Je me suis fait avoir par un virus msn photo.zip et depuis msn se bloque et envoi à mes contactes ce virus.
J'ai fait 2/3 scan rien n'a été détecté et meme msnfix ne trouve rien.
Je vous envoie le rapport voir si vous pouvez m'aider.
Merci d'avance :)
MSN_Fix 1.339
J:\Softs\MSNFix
Fix exécuté le 23/03/2009 - 19:00:13,50 By Hido
mode normal
************************ Recherche les fichiers présents
Aucun Fichier trouvé
************************ Recherche les dossiers présents
Aucun dossier trouvé
************************ Fichiers suspects
/!\ ces fichiers nécessitent un avis expérimenté avant toute intervention
------------------------------------------------------------------------
Auteur : !aur3n7 Contact: https://www.aceboard.fr/
------------------------------------------------------------------------
Commande ECHO d‚sactiv‚e.
--------------------------------------------- END ------------------------------------------
Je me suis fait avoir par un virus msn photo.zip et depuis msn se bloque et envoi à mes contactes ce virus.
J'ai fait 2/3 scan rien n'a été détecté et meme msnfix ne trouve rien.
Je vous envoie le rapport voir si vous pouvez m'aider.
Merci d'avance :)
MSN_Fix 1.339
J:\Softs\MSNFix
Fix exécuté le 23/03/2009 - 19:00:13,50 By Hido
mode normal
************************ Recherche les fichiers présents
Aucun Fichier trouvé
************************ Recherche les dossiers présents
Aucun dossier trouvé
************************ Fichiers suspects
/!\ ces fichiers nécessitent un avis expérimenté avant toute intervention
------------------------------------------------------------------------
Auteur : !aur3n7 Contact: https://www.aceboard.fr/
------------------------------------------------------------------------
Commande ECHO d‚sactiv‚e.
--------------------------------------------- END ------------------------------------------
A voir également:
- Virus Msn
- Virus mcafee - Accueil - Piratage
- Telecharger msn - Télécharger - Messagerie
- Msn messenger - Télécharger - Messagerie
- Virus facebook demande d'amis - Accueil - Facebook
- Msn explorer - Télécharger - Divers Web & Internet
5 réponses
slt,
msncleaner
https://forospyware.com
Télécharge MsnCleaner.zip de ElPiedra et décompresse le sur ton bureau. (Clic droit sur le fichier .zip puis Extraire tout).
Copier l’adresse suivante dans ton lien :
https://forospyware.com
Redémarre le PC en Mode sans échec et connecte toi sous ton nom d'utilisateur habituel.Pour démarrer en mode sans échec.
Double-clique sur MsnCleaner.exe pour le lancer.
Sous Language, clique sur la petite flèche et choisis French.
Clique sur le bouton Analyse.
A la fin du scan un rapport va être créé.
Si l'outil trouve une infection, clique sur le bouton Supprimer.
Redémarre en mode normal.
Poste le rapport C:\MsnCleaner.txt dans ta prochaine réponse..
____________________
Télécharge ici :
http://images.malwareremoval.com/random/RSIT.exe
random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.
Double-clique sur RSIT.exe afin de lancer RSIT.
Clique Continue à l'écran Disclaimer.
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.
Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
NB : Les rapports sont sauvegardés dans le dossier C:\rsit
msncleaner
https://forospyware.com
Télécharge MsnCleaner.zip de ElPiedra et décompresse le sur ton bureau. (Clic droit sur le fichier .zip puis Extraire tout).
Copier l’adresse suivante dans ton lien :
https://forospyware.com
Redémarre le PC en Mode sans échec et connecte toi sous ton nom d'utilisateur habituel.Pour démarrer en mode sans échec.
Double-clique sur MsnCleaner.exe pour le lancer.
Sous Language, clique sur la petite flèche et choisis French.
Clique sur le bouton Analyse.
A la fin du scan un rapport va être créé.
Si l'outil trouve une infection, clique sur le bouton Supprimer.
Redémarre en mode normal.
Poste le rapport C:\MsnCleaner.txt dans ta prochaine réponse..
____________________
Télécharge ici :
http://images.malwareremoval.com/random/RSIT.exe
random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.
Double-clique sur RSIT.exe afin de lancer RSIT.
Clique Continue à l'écran Disclaimer.
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.
Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
NB : Les rapports sont sauvegardés dans le dossier C:\rsit
J'ai u ce virus "trojan horse" et j'ai réussi a l'enlever, il m'était arriver sur "messager skinner" ou quelque chose comme ça !
Alors, n'installer pas ce logiciel.
Alors, n'installer pas ce logiciel.
Merci de cette réponse rapide.
Msn Cleaner ne marche pas impossible de le lancer cela me met qu'il manque l'application MSVBVM60.
J'ai fait la deuxieme manipe, je te poste les 2 rapport.
info.txt logfile of random's system information tool 1.06 2009-03-23 19:39:07
======Uninstall list======
-->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver-->"C:\Program Files\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\Setup.exe" -runfromtemp -l0x040c -removeonly
Canon PhotoRecord-->MsiExec.exe /X{D958FAC4-BAE0-4B1D-A42E-DE9BFDE7DDEE}
Canon PIXMA iP1500-->C:\WINDOWS\system32\CNMCP5y.exe "-PRINTERNAMECanon PIXMA iP1500" "-HELPERDLLC:\BJPrinter\CNMWINDOWS\Canon PIXMA iP1500 Installer\Inst2\cnmis.dll" "-RCDLLC:\BJPrinter\CNMWINDOWS\Canon PIXMA iP1500 Installer\Inst2\cnmi040c.dll"
Canon Utilities Easy-PhotoPrint-->C:\Program Files\Canon\Easy-PhotoPrint\uninst.exe C:\Program Files\Canon\Easy-PhotoPrint\uninst.ini
Canon Utilities Easy-PrintToolBox-->C:\WINDOWS\BJPSUNST.EXE
Clean Virus MSN-->"C:\Program Files\AxBx\Clean Virus MSN\unins000.exe"
DAEMON Tools-->MsiExec.exe /I{2DF9A978-DEA1-4433-805D-66790FC28C62}
DAoC Portal-->MsiExec.exe /I{D611CBD6-B6D6-404D-82AE-EC12041389D6}
Dark Age of Camelot - Catacombs-->"C:\Dark Age of Camelot - Catacombs\unins000.exe"
Dark Age of Camelot: Darkness Rising-->"C:\Dark Age of Camelot - Catacombs\unins001.exe"
Easy-WebPrint-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Canon\Easy-WebPrint\Uninst.isu"
eMule-->"C:\Program Files\eMule\Uninstall.exe"
EPU-6 Engine-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{56B83336-FBC1-4C46-8613-90A9E3B440D6}\setup.exe" -l0x40c
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0531C63A913CC9D1.exe" /uninstall
Grand Theft Auto IV-->"C:\Program Files\InstallShield Installation Information\{579BA58C-F33D-4970-9953-B94B43768AC3}\setup.exe" -runfromtemp -l0x040c -removeonly
Hospital Tycoon-->C:\Program Files\Codemasters\Hospital Tycoon\uninstall.exe
Java(TM) 6 Update 12-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216012FF}
Les Sims 2 : Nuits de Folie-->C:\Program Files\EA GAMES\Les Sims 2 Nuits de Folie\EAUninstall.exe
Les Sims 2 Académie-->C:\Program Files\EA GAMES\Les Sims 2 Académie\EAUninstall.exe
Les Sims 2 Fun en Famille Kit-->C:\Program Files\EA GAMES\Les Sims 2 Fun en Famille Kit\EAUninstall.exe
Les Sims 2 : La bonne affaire-->C:\Program Files\EA GAMES\Les Sims 2 La bonne affaire\EAUninstall.exe
Les Sims 2-->C:\Program Files\EA GAMES\Les Sims 2\EAUninstall.exe
Les Sims™ 2 Animaux & Cie-->C:\Program Files\EA GAMES\Les Sims 2 Animaux & Cie\EAUninstall.exe
Les Sims™ 2 Demeures de rêve Kit-->C:\Program Files\EA GAMES\Les Sims 2 Demeures de rêve Kit\EAUninstall.exe
Les Sims™ 2 H&M® Fashion Kit-->C:\Program Files\EA GAMES\Les Sims 2 H&M® Fashion Kit\EAUninstall.exe
Les Sims™ 2 Jour de fête ! Kit -->C:\Program Files\EA GAMES\Les Sims 2 Jour de fête ! Kit \EAUninstall.exe
Les Sims™ 2 Kit design Cuisine et Salle de bain-->C:\Program Files\EA GAMES\Les Sims 2 Kit design Cuisine et Salle de bain\EAUninstall.exe
Les Sims™ 2 Kit Glamour-->C:\Program Files\EA GAMES\Les Sims 2 Kit Glamour\EAUninstall.exe
Les Sims™ 2 Au fil des saisons-->C:\Program Files\EA GAMES\Les Sims 2 Au fil des saisons\EAUninstall.exe
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe" -l0x40c UNINSTALL
Logitech Print Service-->C:\PROGRA~1\Logitech\PRINTS~1\UNWISE.EXE C:\PROGRA~1\Logitech\PRINTS~1\INSTALL.LOG
Logitech QuickCam-->MsiExec.exe /I{0496D9E9-224B-4AFA-8F37-23B98D52F1EB}
marvell 61xx-->C:\Program Files\Marvell\61xx\uninst-61xx.exe
Micro Application - 3D Architecte Pro-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3CF0F6D1-2C70-4BF6-98EE-8246EEB976D1}\setup.exe" -l0x40c
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft .NET Framework 3.0 French Language Pack-->MsiExec.exe /X{E3C080B0-23F5-49AF-89F8-8E8DBC89E659}
Microsoft .NET Framework 3.0-->c:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setup.exe
Microsoft .NET Framework 3.0-->MsiExec.exe /X{15095BF3-A3D7-4DDF-B193-3A496881E003}
Microsoft Games for Windows - LIVE -->MsiExec.exe /X{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{FD052FB9-FE90-4438-B355-15EDC89D8FB1}
Microsoft Kernel-Mode Driver Framework Feature Pack 1.1-->"C:\WINDOWS\$NtUninstallWdf01001$\spuninst\spuninst.exe"
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Xbox 360 Accessories 1.1-->MsiExec.exe /X{9F5DF7FC-3AF2-4502-9084-F62FC00A5A3F}
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0-->c:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\setup.exe
MSXML 6.0 Parser (KB925673)-->MsiExec.exe /I{FE9126DB-5F84-495A-BB46-3C724F1C2D08}
Nero 8 Essentials-->MsiExec.exe /X{51F76D4E-E924-4DF7-8B88-B6CA8A611036}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA Drivers-->C:\WINDOWS\System32\nvudisp.exe UninstallGUI
Programme de gestion Camera de Logitech®-->"C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
Rappelz-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{01A8838A-9469-425F-A5FB-FC14D4CF93B9}\setup.exe" -l0x40c -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x40c -removeonly
Rockstar Games Social Club-->"C:\Program Files\InstallShield Installation Information\{08B3869E-D282-424C-9AFC-870E04A4BA14}\setup.exe" -runfromtemp -l0x040c -removeonly
RollerCoaster Tycoon® 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\setup.exe" -l0x40c
RUNAWAY 2 - The dream of the turtle-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79DE0CE4-F38A-4DA7-81DF-949E615EA0AB}\setup.exe"
SFR - Kit de connexion-->C:\Program Files\SFR\Kit\uninstall.exe
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
The Witcher Enhanced Edition-->"C:\Program Files\InstallShield Installation Information\{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}\setup.exe" -runfromtemp -l0x040c -removeonly
Tomb Raider: Legend 1.0-->C:\Program Files\Tomb Raider - Legend\uninsttrl.exe
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
VideoLAN VLC media player 0.8.6c-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Communication Foundation-->MsiExec.exe /X{491DD792-AD81-429C-9EB4-86DD3D22E333}
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Presentation Foundation Language Pack (FRA)-->MsiExec.exe /X{6901DD22-527A-41EF-9059-E81FEDE9E494}
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Workflow Foundation FR Language Pack-->MsiExec.exe /I{B84C141C-9A13-44BE-9A69-301D7B11D836}
Windows Workflow Foundation-->MsiExec.exe /I{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
======System event log======
Computer Name: FAB
Event Code: 7
Message: Le périphérique \Device\CdRom2 comporte un bloc défectueux.
Record Number: 3694
Source Name: Cdrom
Time Written: 20090202182209.000000+060
Event Type: erreur
User:
Computer Name: FAB
Event Code: 7
Message: Le périphérique \Device\Harddisk1\D comporte un bloc défectueux.
Record Number: 3693
Source Name: Disk
Time Written: 20090202182208.000000+060
Event Type: erreur
User:
Computer Name: FAB
Event Code: 7
Message: Le périphérique \Device\CdRom2 comporte un bloc défectueux.
Record Number: 3692
Source Name: Cdrom
Time Written: 20090202182207.000000+060
Event Type: erreur
User:
Computer Name: FAB
Event Code: 7
Message: Le périphérique \Device\Harddisk1\D comporte un bloc défectueux.
Record Number: 3691
Source Name: Disk
Time Written: 20090202182206.000000+060
Event Type: erreur
User:
Computer Name: FAB
Event Code: 7
Message: Le périphérique \Device\CdRom2 comporte un bloc défectueux.
Record Number: 3690
Source Name: Cdrom
Time Written: 20090202182204.000000+060
Event Type: erreur
User:
=====Application event log=====
Computer Name: FAB
Event Code: 0
Message:
Record Number: 2006
Source Name: gusvc
Time Written: 20090214001229.000000+060
Event Type: Informations
User:
Computer Name: FAB
Event Code: 4097
Message: L'application, C:\Program Files\The Witcher Enhanced Edition\SYSTEM\witcher.EXE, a généré une erreur d'application
L'erreur s'est produite le 02/13/2009 à 21:29:25.453
L'exception générée était c0000005 à l'adresse 00408D62 (witcher)
Record Number: 2005
Source Name: DrWatson
Time Written: 20090213212925.000000+060
Event Type: Informations
User:
Computer Name: FAB
Event Code: 1000
Message: Application défaillante witcher.exe, version 1.0.0.1103, module défaillant witcher.exe, version 1.0.0.1103, adresse de défaillance 0x00008d62.
Record Number: 2004
Source Name: Application Error
Time Written: 20090213212924.000000+060
Event Type: erreur
User:
Computer Name: FAB
Event Code: 4097
Message: L'application, C:\Program Files\The Witcher Enhanced Edition\SYSTEM\witcher.EXE, a généré une erreur d'application
L'erreur s'est produite le 02/13/2009 à 21:23:34.812
L'exception générée était c0000005 à l'adresse 00408D62 (witcher)
Record Number: 2003
Source Name: DrWatson
Time Written: 20090213212334.000000+060
Event Type: Informations
User:
Computer Name: FAB
Event Code: 1000
Message: Application défaillante witcher.exe, version 1.0.0.1103, module défaillant witcher.exe, version 1.0.0.1103, adresse de défaillance 0x00008d62.
Record Number: 2002
Source Name: Application Error
Time Written: 20090213212331.000000+060
Event Type: erreur
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\WbemC:\Program Files\DMV\MaxTV4\plugins;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 11, GenuineIntel
"PROCESSOR_REVISION"=0f0b
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"RGSCLauncher"=C:\Program Files\Rockstar Games\Rockstar Games Social Club
"RGSC"=C:\Program Files\Rockstar Games\Rockstar Games Social Club\1_0_0_0
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip
-----------------EOF-----------------
et le 2eme
Logfile of random's system information tool 1.06 (written by random/random)
Run by Hido at 2009-03-23 19:39:00
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 6 GB (7%) free of 80 GB
Total RAM: 3071 MB (82% free)
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-12-10 251504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2008-12-10 657904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2008-12-10 522224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-22 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-22 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-12-10 251504]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2004-04-16 405504]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-05-16 16862720]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"Six Engine"=C:\Program Files\ASUS\Six Engine\SixEngine.exe [2008-06-03 5964800]
"NvCplDaemon"=C:\WINDOWS\System32\NvCpl.dll [2007-04-12 8429568]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\System32\NvMcTray.dll [2007-04-12 81920]
"RavAV"=C:\WINDOWS\RavMonE.exe [2008-12-10 3511570]
"Easy-PrintToolBox"=C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE [2004-01-14 409600]
"XboxStat"=C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [2007-09-27 734264]
"DAEMON Tools-1033"=C:\Program Files\D-Tools\daemon.exe [2003-10-02 81920]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2004-05-21 221184]
"LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe [2004-06-01 458752]
"LogitechVideoTray"=C:\Program Files\Logitech\Video\LogiTray.exe [2004-06-01 217088]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-22 148888]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-12-10 39408]
"MsnMsgr"=C:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352]
"RGSC"=C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [2008-12-13 306088]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]
"LogitechSoftwareUpdate"=C:\Program Files\Logitech\Video\ManifestEngine.exe [2004-06-01 196608]
"LDM"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe [2009-03-16 20480]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"NT Printing Services6"=C:\WINDOWS\system32\dllhosts.exe [2009-02-13 51712]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
C:\Documents and Settings\Hido\Menu Démarrer\Programmes\Démarrage
MaxTV.lnk - C:\Program Files\DMV\MaxTV4\maxtv.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=95000000
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe"="C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe"="C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe"="C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"J:\Softs\Spellborn_Downloader_1_0_0_4-fr.exe"="J:\Softs\Spellborn_Downloader_1_0_0_4-fr.exe:*:Enabled:Spellborn Downloader"
"C:\Program Files\adslTV\adsltv.exe"="C:\Program Files\adslTV\adsltv.exe:*:Enabled:adsltv"
"C:\Program Files\DMV\MaxTV4\maxtv.exe"="C:\Program Files\DMV\MaxTV4\maxtv.exe:*:Enabled:maxtv"
"C:\Program Files\DMV\MaxTV4\core\maxtv_xul.exe"="C:\Program Files\DMV\MaxTV4\core\maxtv_xul.exe:*:Enabled:maxtv_xul"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe:*:Enabled:Logitech Desktop Messenger"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J]
shell\Auto\command - J:\RavMonE.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{19d89686-de6f-11dd-bbb8-002215f27cc6}]
shell\Auto\command - G:\RavMonE.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2500a744-0f1e-11de-bc22-002215f27cc6}]
shell\Auto\command - H:\RavMonE.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b18b88a1-dcd2-11dd-bbb3-002215f27cc6}]
shell\Auto\command - H:\RavMonE.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e97e32ac-cf5f-11dd-bb99-002215f27cc6}]
shell\Auto\command - G:\RavMonE.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e
======List of files/folders created in the last 1 months======
2009-03-23 19:39:00 ----D---- C:\rsit
2009-03-23 19:39:00 ----D---- C:\Program Files\trend micro
2009-03-23 19:34:09 ----A---- C:\WINDOWS\ntbtlog.txt
2009-03-23 18:49:03 ----A---- C:\sdse.exe
2009-03-23 18:39:06 ----A---- C:\WINDOWS\msnfix.txt
2009-03-23 18:33:59 ----A---- C:\sds.exe
2009-03-23 18:27:42 ----D---- C:\Program Files\AxBx
2009-03-23 18:13:37 ----RSH---- C:\WINDOWS\fxsteller.exe
2009-03-22 19:56:25 ----D---- C:\WINDOWS\Sun
2009-03-22 19:56:14 ----A---- C:\WINDOWS\system32\javaws.exe
2009-03-22 19:56:14 ----A---- C:\WINDOWS\system32\javaw.exe
2009-03-22 19:56:14 ----A---- C:\WINDOWS\system32\java.exe
2009-03-22 19:56:14 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-03-22 19:55:59 ----D---- C:\Program Files\Java
2009-03-22 19:54:47 ----D---- C:\Documents and Settings\Hido\Application Data\Sun
2009-03-17 12:36:55 ----D---- C:\Documents and Settings\Hido\Application Data\Atari
2009-03-17 12:36:07 ----D---- C:\Program Files\Fichiers communs\PocketSoft
2009-03-17 12:36:07 ----A---- C:\WINDOWS\patchw32.dll
2009-03-17 12:34:07 ----D---- C:\Program Files\Atari
2009-03-16 20:29:01 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2009-03-16 20:26:27 ----N---- C:\WINDOWS\system32\capicom.dll
2009-03-16 20:26:09 ----D---- C:\Documents and Settings\Hido\Application Data\FotoWire
2009-03-16 20:26:08 ----D---- C:\Program Files\Fichiers communs\FotoWire
2009-03-16 20:24:59 ----RA---- C:\WINDOWS\system32\InstMed.exe
2009-03-16 20:24:49 ----A---- C:\WINDOWS\system32\LVUI2RC.dll
2009-03-16 20:24:49 ----A---- C:\WINDOWS\system32\LVUI2.dll
2009-03-16 20:24:49 ----A---- C:\WINDOWS\system32\lvcoinst.ini
2009-03-16 20:24:49 ----A---- C:\WINDOWS\system32\lvcoinst.dll
2009-03-16 20:24:49 ----A---- C:\WINDOWS\system32\LVCodec2.dll
2009-03-16 20:24:37 ----D---- C:\Program Files\Fichiers communs\Logitech
2009-03-16 20:24:32 ----A---- C:\WINDOWS\_delis32.ini
2009-03-16 20:24:20 ----R---- C:\WINDOWS\bwUnin-6.1.4.68-8876480L.exe
2009-03-16 20:24:14 ----D---- C:\Program Files\Logitech
2009-03-11 20:20:57 ----D---- C:\Program Files\SFR
2009-03-05 23:06:18 ----D---- C:\Program Files\Adobe
2009-03-05 23:04:28 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-03-05 23:04:27 ----D---- C:\Program Files\NOS
======List of files/folders modified in the last 1 months======
2009-03-23 19:39:05 ----D---- C:\WINDOWS\Prefetch
2009-03-23 19:39:00 ----RD---- C:\Program Files
2009-03-23 19:37:08 ----D---- C:\WINDOWS\Temp
2009-03-23 19:34:09 ----D---- C:\WINDOWS
2009-03-23 19:27:22 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-03-23 19:20:05 ----A---- C:\WINDOWS\NeroDigital.ini
2009-03-22 19:56:25 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-03-22 19:56:24 ----D---- C:\WINDOWS\system32\CatRoot2
2009-03-22 19:56:23 ----SHD---- C:\WINDOWS\Installer
2009-03-22 19:56:14 ----D---- C:\WINDOWS\system32
2009-03-22 18:48:07 ----D---- C:\Program Files\eMule
2009-03-17 14:09:42 ----D---- C:\WINDOWS\Help
2009-03-17 12:36:07 ----D---- C:\Program Files\Fichiers communs
2009-03-17 12:34:08 ----HD---- C:\Program Files\InstallShield Installation Information
2009-03-16 20:29:06 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-03-16 20:29:05 ----D---- C:\WINDOWS\system32\drivers
2009-03-16 20:29:02 ----D---- C:\WINDOWS\twain_32
2009-03-16 20:28:59 ----HD---- C:\WINDOWS\inf
2009-03-05 23:13:10 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-03-05 23:06:35 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-02-25 13:59:56 ----D---- C:\WINDOWS\system32\Macromed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2007-12-17 12400]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 40576]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-02-12 279712]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-02-12 25888]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-05-20 4800000]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\System32\DRIVERS\l1e51x86.sys [2008-06-25 36864]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\DRIVERS\LVUSBSta.sys [2004-05-27 19968]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-28 12288]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2007-04-12 6738656]
R3 PID_0920;Logitech QuickCam Express(PID_0920); C:\WINDOWS\system32\DRIVERS\LV532AV.SYS [2004-05-21 163328]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-04-20 479200]
R3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\WINDOWS\system32\DRIVERS\xusb21.sys [2007-02-27 61984]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 PciCon;PciCon; \??\E:\PciCon.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-22 152984]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-09-20 853288]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\System32\nvsvc32.exe [2007-04-12 163908]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-12-10 137200]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe [2008-01-04 382248]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]
-----------------EOF-----------------
Msn Cleaner ne marche pas impossible de le lancer cela me met qu'il manque l'application MSVBVM60.
J'ai fait la deuxieme manipe, je te poste les 2 rapport.
info.txt logfile of random's system information tool 1.06 2009-03-23 19:39:07
======Uninstall list======
-->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver-->"C:\Program Files\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\Setup.exe" -runfromtemp -l0x040c -removeonly
Canon PhotoRecord-->MsiExec.exe /X{D958FAC4-BAE0-4B1D-A42E-DE9BFDE7DDEE}
Canon PIXMA iP1500-->C:\WINDOWS\system32\CNMCP5y.exe "-PRINTERNAMECanon PIXMA iP1500" "-HELPERDLLC:\BJPrinter\CNMWINDOWS\Canon PIXMA iP1500 Installer\Inst2\cnmis.dll" "-RCDLLC:\BJPrinter\CNMWINDOWS\Canon PIXMA iP1500 Installer\Inst2\cnmi040c.dll"
Canon Utilities Easy-PhotoPrint-->C:\Program Files\Canon\Easy-PhotoPrint\uninst.exe C:\Program Files\Canon\Easy-PhotoPrint\uninst.ini
Canon Utilities Easy-PrintToolBox-->C:\WINDOWS\BJPSUNST.EXE
Clean Virus MSN-->"C:\Program Files\AxBx\Clean Virus MSN\unins000.exe"
DAEMON Tools-->MsiExec.exe /I{2DF9A978-DEA1-4433-805D-66790FC28C62}
DAoC Portal-->MsiExec.exe /I{D611CBD6-B6D6-404D-82AE-EC12041389D6}
Dark Age of Camelot - Catacombs-->"C:\Dark Age of Camelot - Catacombs\unins000.exe"
Dark Age of Camelot: Darkness Rising-->"C:\Dark Age of Camelot - Catacombs\unins001.exe"
Easy-WebPrint-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Canon\Easy-WebPrint\Uninst.isu"
eMule-->"C:\Program Files\eMule\Uninstall.exe"
EPU-6 Engine-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{56B83336-FBC1-4C46-8613-90A9E3B440D6}\setup.exe" -l0x40c
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0531C63A913CC9D1.exe" /uninstall
Grand Theft Auto IV-->"C:\Program Files\InstallShield Installation Information\{579BA58C-F33D-4970-9953-B94B43768AC3}\setup.exe" -runfromtemp -l0x040c -removeonly
Hospital Tycoon-->C:\Program Files\Codemasters\Hospital Tycoon\uninstall.exe
Java(TM) 6 Update 12-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216012FF}
Les Sims 2 : Nuits de Folie-->C:\Program Files\EA GAMES\Les Sims 2 Nuits de Folie\EAUninstall.exe
Les Sims 2 Académie-->C:\Program Files\EA GAMES\Les Sims 2 Académie\EAUninstall.exe
Les Sims 2 Fun en Famille Kit-->C:\Program Files\EA GAMES\Les Sims 2 Fun en Famille Kit\EAUninstall.exe
Les Sims 2 : La bonne affaire-->C:\Program Files\EA GAMES\Les Sims 2 La bonne affaire\EAUninstall.exe
Les Sims 2-->C:\Program Files\EA GAMES\Les Sims 2\EAUninstall.exe
Les Sims™ 2 Animaux & Cie-->C:\Program Files\EA GAMES\Les Sims 2 Animaux & Cie\EAUninstall.exe
Les Sims™ 2 Demeures de rêve Kit-->C:\Program Files\EA GAMES\Les Sims 2 Demeures de rêve Kit\EAUninstall.exe
Les Sims™ 2 H&M® Fashion Kit-->C:\Program Files\EA GAMES\Les Sims 2 H&M® Fashion Kit\EAUninstall.exe
Les Sims™ 2 Jour de fête ! Kit -->C:\Program Files\EA GAMES\Les Sims 2 Jour de fête ! Kit \EAUninstall.exe
Les Sims™ 2 Kit design Cuisine et Salle de bain-->C:\Program Files\EA GAMES\Les Sims 2 Kit design Cuisine et Salle de bain\EAUninstall.exe
Les Sims™ 2 Kit Glamour-->C:\Program Files\EA GAMES\Les Sims 2 Kit Glamour\EAUninstall.exe
Les Sims™ 2 Au fil des saisons-->C:\Program Files\EA GAMES\Les Sims 2 Au fil des saisons\EAUninstall.exe
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe" -l0x40c UNINSTALL
Logitech Print Service-->C:\PROGRA~1\Logitech\PRINTS~1\UNWISE.EXE C:\PROGRA~1\Logitech\PRINTS~1\INSTALL.LOG
Logitech QuickCam-->MsiExec.exe /I{0496D9E9-224B-4AFA-8F37-23B98D52F1EB}
marvell 61xx-->C:\Program Files\Marvell\61xx\uninst-61xx.exe
Micro Application - 3D Architecte Pro-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3CF0F6D1-2C70-4BF6-98EE-8246EEB976D1}\setup.exe" -l0x40c
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft .NET Framework 3.0 French Language Pack-->MsiExec.exe /X{E3C080B0-23F5-49AF-89F8-8E8DBC89E659}
Microsoft .NET Framework 3.0-->c:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setup.exe
Microsoft .NET Framework 3.0-->MsiExec.exe /X{15095BF3-A3D7-4DDF-B193-3A496881E003}
Microsoft Games for Windows - LIVE -->MsiExec.exe /X{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{FD052FB9-FE90-4438-B355-15EDC89D8FB1}
Microsoft Kernel-Mode Driver Framework Feature Pack 1.1-->"C:\WINDOWS\$NtUninstallWdf01001$\spuninst\spuninst.exe"
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Xbox 360 Accessories 1.1-->MsiExec.exe /X{9F5DF7FC-3AF2-4502-9084-F62FC00A5A3F}
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0-->c:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\setup.exe
MSXML 6.0 Parser (KB925673)-->MsiExec.exe /I{FE9126DB-5F84-495A-BB46-3C724F1C2D08}
Nero 8 Essentials-->MsiExec.exe /X{51F76D4E-E924-4DF7-8B88-B6CA8A611036}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA Drivers-->C:\WINDOWS\System32\nvudisp.exe UninstallGUI
Programme de gestion Camera de Logitech®-->"C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
Rappelz-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{01A8838A-9469-425F-A5FB-FC14D4CF93B9}\setup.exe" -l0x40c -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x40c -removeonly
Rockstar Games Social Club-->"C:\Program Files\InstallShield Installation Information\{08B3869E-D282-424C-9AFC-870E04A4BA14}\setup.exe" -runfromtemp -l0x040c -removeonly
RollerCoaster Tycoon® 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\setup.exe" -l0x40c
RUNAWAY 2 - The dream of the turtle-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79DE0CE4-F38A-4DA7-81DF-949E615EA0AB}\setup.exe"
SFR - Kit de connexion-->C:\Program Files\SFR\Kit\uninstall.exe
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
The Witcher Enhanced Edition-->"C:\Program Files\InstallShield Installation Information\{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}\setup.exe" -runfromtemp -l0x040c -removeonly
Tomb Raider: Legend 1.0-->C:\Program Files\Tomb Raider - Legend\uninsttrl.exe
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
VideoLAN VLC media player 0.8.6c-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Communication Foundation-->MsiExec.exe /X{491DD792-AD81-429C-9EB4-86DD3D22E333}
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Presentation Foundation Language Pack (FRA)-->MsiExec.exe /X{6901DD22-527A-41EF-9059-E81FEDE9E494}
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Workflow Foundation FR Language Pack-->MsiExec.exe /I{B84C141C-9A13-44BE-9A69-301D7B11D836}
Windows Workflow Foundation-->MsiExec.exe /I{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
======System event log======
Computer Name: FAB
Event Code: 7
Message: Le périphérique \Device\CdRom2 comporte un bloc défectueux.
Record Number: 3694
Source Name: Cdrom
Time Written: 20090202182209.000000+060
Event Type: erreur
User:
Computer Name: FAB
Event Code: 7
Message: Le périphérique \Device\Harddisk1\D comporte un bloc défectueux.
Record Number: 3693
Source Name: Disk
Time Written: 20090202182208.000000+060
Event Type: erreur
User:
Computer Name: FAB
Event Code: 7
Message: Le périphérique \Device\CdRom2 comporte un bloc défectueux.
Record Number: 3692
Source Name: Cdrom
Time Written: 20090202182207.000000+060
Event Type: erreur
User:
Computer Name: FAB
Event Code: 7
Message: Le périphérique \Device\Harddisk1\D comporte un bloc défectueux.
Record Number: 3691
Source Name: Disk
Time Written: 20090202182206.000000+060
Event Type: erreur
User:
Computer Name: FAB
Event Code: 7
Message: Le périphérique \Device\CdRom2 comporte un bloc défectueux.
Record Number: 3690
Source Name: Cdrom
Time Written: 20090202182204.000000+060
Event Type: erreur
User:
=====Application event log=====
Computer Name: FAB
Event Code: 0
Message:
Record Number: 2006
Source Name: gusvc
Time Written: 20090214001229.000000+060
Event Type: Informations
User:
Computer Name: FAB
Event Code: 4097
Message: L'application, C:\Program Files\The Witcher Enhanced Edition\SYSTEM\witcher.EXE, a généré une erreur d'application
L'erreur s'est produite le 02/13/2009 à 21:29:25.453
L'exception générée était c0000005 à l'adresse 00408D62 (witcher)
Record Number: 2005
Source Name: DrWatson
Time Written: 20090213212925.000000+060
Event Type: Informations
User:
Computer Name: FAB
Event Code: 1000
Message: Application défaillante witcher.exe, version 1.0.0.1103, module défaillant witcher.exe, version 1.0.0.1103, adresse de défaillance 0x00008d62.
Record Number: 2004
Source Name: Application Error
Time Written: 20090213212924.000000+060
Event Type: erreur
User:
Computer Name: FAB
Event Code: 4097
Message: L'application, C:\Program Files\The Witcher Enhanced Edition\SYSTEM\witcher.EXE, a généré une erreur d'application
L'erreur s'est produite le 02/13/2009 à 21:23:34.812
L'exception générée était c0000005 à l'adresse 00408D62 (witcher)
Record Number: 2003
Source Name: DrWatson
Time Written: 20090213212334.000000+060
Event Type: Informations
User:
Computer Name: FAB
Event Code: 1000
Message: Application défaillante witcher.exe, version 1.0.0.1103, module défaillant witcher.exe, version 1.0.0.1103, adresse de défaillance 0x00008d62.
Record Number: 2002
Source Name: Application Error
Time Written: 20090213212331.000000+060
Event Type: erreur
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\WbemC:\Program Files\DMV\MaxTV4\plugins;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 11, GenuineIntel
"PROCESSOR_REVISION"=0f0b
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"RGSCLauncher"=C:\Program Files\Rockstar Games\Rockstar Games Social Club
"RGSC"=C:\Program Files\Rockstar Games\Rockstar Games Social Club\1_0_0_0
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip
-----------------EOF-----------------
et le 2eme
Logfile of random's system information tool 1.06 (written by random/random)
Run by Hido at 2009-03-23 19:39:00
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 6 GB (7%) free of 80 GB
Total RAM: 3071 MB (82% free)
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-12-10 251504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2008-12-10 657904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2008-12-10 522224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-22 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-22 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-12-10 251504]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2004-04-16 405504]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-05-16 16862720]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"Six Engine"=C:\Program Files\ASUS\Six Engine\SixEngine.exe [2008-06-03 5964800]
"NvCplDaemon"=C:\WINDOWS\System32\NvCpl.dll [2007-04-12 8429568]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\System32\NvMcTray.dll [2007-04-12 81920]
"RavAV"=C:\WINDOWS\RavMonE.exe [2008-12-10 3511570]
"Easy-PrintToolBox"=C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE [2004-01-14 409600]
"XboxStat"=C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [2007-09-27 734264]
"DAEMON Tools-1033"=C:\Program Files\D-Tools\daemon.exe [2003-10-02 81920]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2004-05-21 221184]
"LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe [2004-06-01 458752]
"LogitechVideoTray"=C:\Program Files\Logitech\Video\LogiTray.exe [2004-06-01 217088]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-22 148888]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-12-10 39408]
"MsnMsgr"=C:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352]
"RGSC"=C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [2008-12-13 306088]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]
"LogitechSoftwareUpdate"=C:\Program Files\Logitech\Video\ManifestEngine.exe [2004-06-01 196608]
"LDM"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe [2009-03-16 20480]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"NT Printing Services6"=C:\WINDOWS\system32\dllhosts.exe [2009-02-13 51712]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
C:\Documents and Settings\Hido\Menu Démarrer\Programmes\Démarrage
MaxTV.lnk - C:\Program Files\DMV\MaxTV4\maxtv.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=95000000
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe"="C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe"="C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe"="C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"J:\Softs\Spellborn_Downloader_1_0_0_4-fr.exe"="J:\Softs\Spellborn_Downloader_1_0_0_4-fr.exe:*:Enabled:Spellborn Downloader"
"C:\Program Files\adslTV\adsltv.exe"="C:\Program Files\adslTV\adsltv.exe:*:Enabled:adsltv"
"C:\Program Files\DMV\MaxTV4\maxtv.exe"="C:\Program Files\DMV\MaxTV4\maxtv.exe:*:Enabled:maxtv"
"C:\Program Files\DMV\MaxTV4\core\maxtv_xul.exe"="C:\Program Files\DMV\MaxTV4\core\maxtv_xul.exe:*:Enabled:maxtv_xul"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe:*:Enabled:Logitech Desktop Messenger"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J]
shell\Auto\command - J:\RavMonE.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{19d89686-de6f-11dd-bbb8-002215f27cc6}]
shell\Auto\command - G:\RavMonE.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2500a744-0f1e-11de-bc22-002215f27cc6}]
shell\Auto\command - H:\RavMonE.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b18b88a1-dcd2-11dd-bbb3-002215f27cc6}]
shell\Auto\command - H:\RavMonE.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e97e32ac-cf5f-11dd-bb99-002215f27cc6}]
shell\Auto\command - G:\RavMonE.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e
======List of files/folders created in the last 1 months======
2009-03-23 19:39:00 ----D---- C:\rsit
2009-03-23 19:39:00 ----D---- C:\Program Files\trend micro
2009-03-23 19:34:09 ----A---- C:\WINDOWS\ntbtlog.txt
2009-03-23 18:49:03 ----A---- C:\sdse.exe
2009-03-23 18:39:06 ----A---- C:\WINDOWS\msnfix.txt
2009-03-23 18:33:59 ----A---- C:\sds.exe
2009-03-23 18:27:42 ----D---- C:\Program Files\AxBx
2009-03-23 18:13:37 ----RSH---- C:\WINDOWS\fxsteller.exe
2009-03-22 19:56:25 ----D---- C:\WINDOWS\Sun
2009-03-22 19:56:14 ----A---- C:\WINDOWS\system32\javaws.exe
2009-03-22 19:56:14 ----A---- C:\WINDOWS\system32\javaw.exe
2009-03-22 19:56:14 ----A---- C:\WINDOWS\system32\java.exe
2009-03-22 19:56:14 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-03-22 19:55:59 ----D---- C:\Program Files\Java
2009-03-22 19:54:47 ----D---- C:\Documents and Settings\Hido\Application Data\Sun
2009-03-17 12:36:55 ----D---- C:\Documents and Settings\Hido\Application Data\Atari
2009-03-17 12:36:07 ----D---- C:\Program Files\Fichiers communs\PocketSoft
2009-03-17 12:36:07 ----A---- C:\WINDOWS\patchw32.dll
2009-03-17 12:34:07 ----D---- C:\Program Files\Atari
2009-03-16 20:29:01 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2009-03-16 20:26:27 ----N---- C:\WINDOWS\system32\capicom.dll
2009-03-16 20:26:09 ----D---- C:\Documents and Settings\Hido\Application Data\FotoWire
2009-03-16 20:26:08 ----D---- C:\Program Files\Fichiers communs\FotoWire
2009-03-16 20:24:59 ----RA---- C:\WINDOWS\system32\InstMed.exe
2009-03-16 20:24:49 ----A---- C:\WINDOWS\system32\LVUI2RC.dll
2009-03-16 20:24:49 ----A---- C:\WINDOWS\system32\LVUI2.dll
2009-03-16 20:24:49 ----A---- C:\WINDOWS\system32\lvcoinst.ini
2009-03-16 20:24:49 ----A---- C:\WINDOWS\system32\lvcoinst.dll
2009-03-16 20:24:49 ----A---- C:\WINDOWS\system32\LVCodec2.dll
2009-03-16 20:24:37 ----D---- C:\Program Files\Fichiers communs\Logitech
2009-03-16 20:24:32 ----A---- C:\WINDOWS\_delis32.ini
2009-03-16 20:24:20 ----R---- C:\WINDOWS\bwUnin-6.1.4.68-8876480L.exe
2009-03-16 20:24:14 ----D---- C:\Program Files\Logitech
2009-03-11 20:20:57 ----D---- C:\Program Files\SFR
2009-03-05 23:06:18 ----D---- C:\Program Files\Adobe
2009-03-05 23:04:28 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-03-05 23:04:27 ----D---- C:\Program Files\NOS
======List of files/folders modified in the last 1 months======
2009-03-23 19:39:05 ----D---- C:\WINDOWS\Prefetch
2009-03-23 19:39:00 ----RD---- C:\Program Files
2009-03-23 19:37:08 ----D---- C:\WINDOWS\Temp
2009-03-23 19:34:09 ----D---- C:\WINDOWS
2009-03-23 19:27:22 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-03-23 19:20:05 ----A---- C:\WINDOWS\NeroDigital.ini
2009-03-22 19:56:25 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-03-22 19:56:24 ----D---- C:\WINDOWS\system32\CatRoot2
2009-03-22 19:56:23 ----SHD---- C:\WINDOWS\Installer
2009-03-22 19:56:14 ----D---- C:\WINDOWS\system32
2009-03-22 18:48:07 ----D---- C:\Program Files\eMule
2009-03-17 14:09:42 ----D---- C:\WINDOWS\Help
2009-03-17 12:36:07 ----D---- C:\Program Files\Fichiers communs
2009-03-17 12:34:08 ----HD---- C:\Program Files\InstallShield Installation Information
2009-03-16 20:29:06 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-03-16 20:29:05 ----D---- C:\WINDOWS\system32\drivers
2009-03-16 20:29:02 ----D---- C:\WINDOWS\twain_32
2009-03-16 20:28:59 ----HD---- C:\WINDOWS\inf
2009-03-05 23:13:10 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-03-05 23:06:35 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-02-25 13:59:56 ----D---- C:\WINDOWS\system32\Macromed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2007-12-17 12400]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 40576]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-02-12 279712]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-02-12 25888]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-05-20 4800000]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\System32\DRIVERS\l1e51x86.sys [2008-06-25 36864]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\DRIVERS\LVUSBSta.sys [2004-05-27 19968]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-28 12288]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2007-04-12 6738656]
R3 PID_0920;Logitech QuickCam Express(PID_0920); C:\WINDOWS\system32\DRIVERS\LV532AV.SYS [2004-05-21 163328]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-04-20 479200]
R3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\WINDOWS\system32\DRIVERS\xusb21.sys [2007-02-27 61984]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 PciCon;PciCon; \??\E:\PciCon.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-22 152984]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-09-20 853288]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\System32\nvsvc32.exe [2007-04-12 163908]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-12-10 137200]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe [2008-01-04 382248]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]
-----------------EOF-----------------
Hum j'ai mal posté les deux rapport dsl je repost.
info.txt logfile of random's system information tool 1.06 2009-03-23 19:39:07
======Uninstall list======
-->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver-->"C:\Program Files\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\Setup.exe" -runfromtemp -l0x040c -removeonly
Canon PhotoRecord-->MsiExec.exe /X{D958FAC4-BAE0-4B1D-A42E-DE9BFDE7DDEE}
Canon PIXMA iP1500-->C:\WINDOWS\system32\CNMCP5y.exe "-PRINTERNAMECanon PIXMA iP1500" "-HELPERDLLC:\BJPrinter\CNMWINDOWS\Canon PIXMA iP1500 Installer\Inst2\cnmis.dll" "-RCDLLC:\BJPrinter\CNMWINDOWS\Canon PIXMA iP1500 Installer\Inst2\cnmi040c.dll"
Canon Utilities Easy-PhotoPrint-->C:\Program Files\Canon\Easy-PhotoPrint\uninst.exe C:\Program Files\Canon\Easy-PhotoPrint\uninst.ini
Canon Utilities Easy-PrintToolBox-->C:\WINDOWS\BJPSUNST.EXE
Clean Virus MSN-->"C:\Program Files\AxBx\Clean Virus MSN\unins000.exe"
DAEMON Tools-->MsiExec.exe /I{2DF9A978-DEA1-4433-805D-66790FC28C62}
DAoC Portal-->MsiExec.exe /I{D611CBD6-B6D6-404D-82AE-EC12041389D6}
Dark Age of Camelot - Catacombs-->"C:\Dark Age of Camelot - Catacombs\unins000.exe"
Dark Age of Camelot: Darkness Rising-->"C:\Dark Age of Camelot - Catacombs\unins001.exe"
Easy-WebPrint-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Canon\Easy-WebPrint\Uninst.isu"
eMule-->"C:\Program Files\eMule\Uninstall.exe"
EPU-6 Engine-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{56B83336-FBC1-4C46-8613-90A9E3B440D6}\setup.exe" -l0x40c
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0531C63A913CC9D1.exe" /uninstall
Grand Theft Auto IV-->"C:\Program Files\InstallShield Installation Information\{579BA58C-F33D-4970-9953-B94B43768AC3}\setup.exe" -runfromtemp -l0x040c -removeonly
Hospital Tycoon-->C:\Program Files\Codemasters\Hospital Tycoon\uninstall.exe
Java(TM) 6 Update 12-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216012FF}
Les Sims 2 : Nuits de Folie-->C:\Program Files\EA GAMES\Les Sims 2 Nuits de Folie\EAUninstall.exe
Les Sims 2 Académie-->C:\Program Files\EA GAMES\Les Sims 2 Académie\EAUninstall.exe
Les Sims 2 Fun en Famille Kit-->C:\Program Files\EA GAMES\Les Sims 2 Fun en Famille Kit\EAUninstall.exe
Les Sims 2 : La bonne affaire-->C:\Program Files\EA GAMES\Les Sims 2 La bonne affaire\EAUninstall.exe
Les Sims 2-->C:\Program Files\EA GAMES\Les Sims 2\EAUninstall.exe
Les Sims™ 2 Animaux & Cie-->C:\Program Files\EA GAMES\Les Sims 2 Animaux & Cie\EAUninstall.exe
Les Sims™ 2 Demeures de rêve Kit-->C:\Program Files\EA GAMES\Les Sims 2 Demeures de rêve Kit\EAUninstall.exe
Les Sims™ 2 H&M® Fashion Kit-->C:\Program Files\EA GAMES\Les Sims 2 H&M® Fashion Kit\EAUninstall.exe
Les Sims™ 2 Jour de fête ! Kit -->C:\Program Files\EA GAMES\Les Sims 2 Jour de fête ! Kit \EAUninstall.exe
Les Sims™ 2 Kit design Cuisine et Salle de bain-->C:\Program Files\EA GAMES\Les Sims 2 Kit design Cuisine et Salle de bain\EAUninstall.exe
Les Sims™ 2 Kit Glamour-->C:\Program Files\EA GAMES\Les Sims 2 Kit Glamour\EAUninstall.exe
Les Sims™ 2 Au fil des saisons-->C:\Program Files\EA GAMES\Les Sims 2 Au fil des saisons\EAUninstall.exe
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe" -l0x40c UNINSTALL
Logitech Print Service-->C:\PROGRA~1\Logitech\PRINTS~1\UNWISE.EXE C:\PROGRA~1\Logitech\PRINTS~1\INSTALL.LOG
Logitech QuickCam-->MsiExec.exe /I{0496D9E9-224B-4AFA-8F37-23B98D52F1EB}
marvell 61xx-->C:\Program Files\Marvell\61xx\uninst-61xx.exe
Micro Application - 3D Architecte Pro-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3CF0F6D1-2C70-4BF6-98EE-8246EEB976D1}\setup.exe" -l0x40c
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft .NET Framework 3.0 French Language Pack-->MsiExec.exe /X{E3C080B0-23F5-49AF-89F8-8E8DBC89E659}
Microsoft .NET Framework 3.0-->c:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setup.exe
Microsoft .NET Framework 3.0-->MsiExec.exe /X{15095BF3-A3D7-4DDF-B193-3A496881E003}
Microsoft Games for Windows - LIVE -->MsiExec.exe /X{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{FD052FB9-FE90-4438-B355-15EDC89D8FB1}
Microsoft Kernel-Mode Driver Framework Feature Pack 1.1-->"C:\WINDOWS\$NtUninstallWdf01001$\spuninst\spuninst.exe"
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Xbox 360 Accessories 1.1-->MsiExec.exe /X{9F5DF7FC-3AF2-4502-9084-F62FC00A5A3F}
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0-->c:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\setup.exe
MSXML 6.0 Parser (KB925673)-->MsiExec.exe /I{FE9126DB-5F84-495A-BB46-3C724F1C2D08}
Nero 8 Essentials-->MsiExec.exe /X{51F76D4E-E924-4DF7-8B88-B6CA8A611036}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA Drivers-->C:\WINDOWS\System32\nvudisp.exe UninstallGUI
Programme de gestion Camera de Logitech®-->"C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
Rappelz-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{01A8838A-9469-425F-A5FB-FC14D4CF93B9}\setup.exe" -l0x40c -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x40c -removeonly
Rockstar Games Social Club-->"C:\Program Files\InstallShield Installation Information\{08B3869E-D282-424C-9AFC-870E04A4BA14}\setup.exe" -runfromtemp -l0x040c -removeonly
RollerCoaster Tycoon® 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\setup.exe" -l0x40c
RUNAWAY 2 - The dream of the turtle-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79DE0CE4-F38A-4DA7-81DF-949E615EA0AB}\setup.exe"
SFR - Kit de connexion-->C:\Program Files\SFR\Kit\uninstall.exe
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
The Witcher Enhanced Edition-->"C:\Program Files\InstallShield Installation Information\{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}\setup.exe" -runfromtemp -l0x040c -removeonly
Tomb Raider: Legend 1.0-->C:\Program Files\Tomb Raider - Legend\uninsttrl.exe
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
VideoLAN VLC media player 0.8.6c-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Communication Foundation-->MsiExec.exe /X{491DD792-AD81-429C-9EB4-86DD3D22E333}
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Presentation Foundation Language Pack (FRA)-->MsiExec.exe /X{6901DD22-527A-41EF-9059-E81FEDE9E494}
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Workflow Foundation FR Language Pack-->MsiExec.exe /I{B84C141C-9A13-44BE-9A69-301D7B11D836}
Windows Workflow Foundation-->MsiExec.exe /I{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
======System event log======
Computer Name: FAB
Event Code: 7
Message: Le périphérique \Device\CdRom2 comporte un bloc défectueux.
Record Number: 3694
Source Name: Cdrom
Time Written: 20090202182209.000000+060
Event Type: erreur
User:
Computer Name: FAB
Event Code: 7
Message: Le périphérique \Device\Harddisk1\D comporte un bloc défectueux.
Record Number: 3693
Source Name: Disk
Time Written: 20090202182208.000000+060
Event Type: erreur
User:
Computer Name: FAB
Event Code: 7
Message: Le périphérique \Device\CdRom2 comporte un bloc défectueux.
Record Number: 3692
Source Name: Cdrom
Time Written: 20090202182207.000000+060
Event Type: erreur
User:
Computer Name: FAB
Event Code: 7
Message: Le périphérique \Device\Harddisk1\D comporte un bloc défectueux.
Record Number: 3691
Source Name: Disk
Time Written: 20090202182206.000000+060
Event Type: erreur
User:
Computer Name: FAB
Event Code: 7
Message: Le périphérique \Device\CdRom2 comporte un bloc défectueux.
Record Number: 3690
Source Name: Cdrom
Time Written: 20090202182204.000000+060
Event Type: erreur
User:
=====Application event log=====
Computer Name: FAB
Event Code: 0
Message:
Record Number: 2006
Source Name: gusvc
Time Written: 20090214001229.000000+060
Event Type: Informations
User:
Computer Name: FAB
Event Code: 4097
Message: L'application, C:\Program Files\The Witcher Enhanced Edition\SYSTEM\witcher.EXE, a généré une erreur d'application
L'erreur s'est produite le 02/13/2009 à 21:29:25.453
L'exception générée était c0000005 à l'adresse 00408D62 (witcher)
Record Number: 2005
Source Name: DrWatson
Time Written: 20090213212925.000000+060
Event Type: Informations
User:
Computer Name: FAB
Event Code: 1000
Message: Application défaillante witcher.exe, version 1.0.0.1103, module défaillant witcher.exe, version 1.0.0.1103, adresse de défaillance 0x00008d62.
Record Number: 2004
Source Name: Application Error
Time Written: 20090213212924.000000+060
Event Type: erreur
User:
Computer Name: FAB
Event Code: 4097
Message: L'application, C:\Program Files\The Witcher Enhanced Edition\SYSTEM\witcher.EXE, a généré une erreur d'application
L'erreur s'est produite le 02/13/2009 à 21:23:34.812
L'exception générée était c0000005 à l'adresse 00408D62 (witcher)
Record Number: 2003
Source Name: DrWatson
Time Written: 20090213212334.000000+060
Event Type: Informations
User:
Computer Name: FAB
Event Code: 1000
Message: Application défaillante witcher.exe, version 1.0.0.1103, module défaillant witcher.exe, version 1.0.0.1103, adresse de défaillance 0x00008d62.
Record Number: 2002
Source Name: Application Error
Time Written: 20090213212331.000000+060
Event Type: erreur
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\WbemC:\Program Files\DMV\MaxTV4\plugins;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 11, GenuineIntel
"PROCESSOR_REVISION"=0f0b
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"RGSCLauncher"=C:\Program Files\Rockstar Games\Rockstar Games Social Club
"RGSC"=C:\Program Files\Rockstar Games\Rockstar Games Social Club\1_0_0_0
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip
-----------------EOF-----------------
le 2 eme
Logfile of random's system information tool 1.06 (written by random/random)
Run by Hido at 2009-03-23 19:39:00
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 6 GB (7%) free of 80 GB
Total RAM: 3071 MB (82% free)
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-12-10 251504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2008-12-10 657904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2008-12-10 522224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-22 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-22 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-12-10 251504]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2004-04-16 405504]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-05-16 16862720]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"Six Engine"=C:\Program Files\ASUS\Six Engine\SixEngine.exe [2008-06-03 5964800]
"NvCplDaemon"=C:\WINDOWS\System32\NvCpl.dll [2007-04-12 8429568]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\System32\NvMcTray.dll [2007-04-12 81920]
"RavAV"=C:\WINDOWS\RavMonE.exe [2008-12-10 3511570]
"Easy-PrintToolBox"=C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE [2004-01-14 409600]
"XboxStat"=C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [2007-09-27 734264]
"DAEMON Tools-1033"=C:\Program Files\D-Tools\daemon.exe [2003-10-02 81920]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2004-05-21 221184]
"LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe [2004-06-01 458752]
"LogitechVideoTray"=C:\Program Files\Logitech\Video\LogiTray.exe [2004-06-01 217088]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-22 148888]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-12-10 39408]
"MsnMsgr"=C:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352]
"RGSC"=C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [2008-12-13 306088]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]
"LogitechSoftwareUpdate"=C:\Program Files\Logitech\Video\ManifestEngine.exe [2004-06-01 196608]
"LDM"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe [2009-03-16 20480]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"NT Printing Services6"=C:\WINDOWS\system32\dllhosts.exe [2009-02-13 51712]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
C:\Documents and Settings\Hido\Menu Démarrer\Programmes\Démarrage
MaxTV.lnk - C:\Program Files\DMV\MaxTV4\maxtv.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=95000000
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe"="C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe"="C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe"="C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"J:\Softs\Spellborn_Downloader_1_0_0_4-fr.exe"="J:\Softs\Spellborn_Downloader_1_0_0_4-fr.exe:*:Enabled:Spellborn Downloader"
"C:\Program Files\adslTV\adsltv.exe"="C:\Program Files\adslTV\adsltv.exe:*:Enabled:adsltv"
"C:\Program Files\DMV\MaxTV4\maxtv.exe"="C:\Program Files\DMV\MaxTV4\maxtv.exe:*:Enabled:maxtv"
"C:\Program Files\DMV\MaxTV4\core\maxtv_xul.exe"="C:\Program Files\DMV\MaxTV4\core\maxtv_xul.exe:*:Enabled:maxtv_xul"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe:*:Enabled:Logitech Desktop Messenger"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J]
shell\Auto\command - J:\RavMonE.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{19d89686-de6f-11dd-bbb8-002215f27cc6}]
shell\Auto\command - G:\RavMonE.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2500a744-0f1e-11de-bc22-002215f27cc6}]
shell\Auto\command - H:\RavMonE.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b18b88a1-dcd2-11dd-bbb3-002215f27cc6}]
shell\Auto\command - H:\RavMonE.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e97e32ac-cf5f-11dd-bb99-002215f27cc6}]
shell\Auto\command - G:\RavMonE.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e
======List of files/folders created in the last 1 months======
2009-03-23 19:39:00 ----D---- C:\rsit
2009-03-23 19:39:00 ----D---- C:\Program Files\trend micro
2009-03-23 19:34:09 ----A---- C:\WINDOWS\ntbtlog.txt
2009-03-23 18:49:03 ----A---- C:\sdse.exe
2009-03-23 18:39:06 ----A---- C:\WINDOWS\msnfix.txt
2009-03-23 18:33:59 ----A---- C:\sds.exe
2009-03-23 18:27:42 ----D---- C:\Program Files\AxBx
2009-03-23 18:13:37 ----RSH---- C:\WINDOWS\fxsteller.exe
2009-03-22 19:56:25 ----D---- C:\WINDOWS\Sun
2009-03-22 19:56:14 ----A---- C:\WINDOWS\system32\javaws.exe
2009-03-22 19:56:14 ----A---- C:\WINDOWS\system32\javaw.exe
2009-03-22 19:56:14 ----A---- C:\WINDOWS\system32\java.exe
2009-03-22 19:56:14 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-03-22 19:55:59 ----D---- C:\Program Files\Java
2009-03-22 19:54:47 ----D---- C:\Documents and Settings\Hido\Application Data\Sun
2009-03-17 12:36:55 ----D---- C:\Documents and Settings\Hido\Application Data\Atari
2009-03-17 12:36:07 ----D---- C:\Program Files\Fichiers communs\PocketSoft
2009-03-17 12:36:07 ----A---- C:\WINDOWS\patchw32.dll
2009-03-17 12:34:07 ----D---- C:\Program Files\Atari
2009-03-16 20:29:01 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2009-03-16 20:26:27 ----N---- C:\WINDOWS\system32\capicom.dll
2009-03-16 20:26:09 ----D---- C:\Documents and Settings\Hido\Application Data\FotoWire
2009-03-16 20:26:08 ----D---- C:\Program Files\Fichiers communs\FotoWire
2009-03-16 20:24:59 ----RA---- C:\WINDOWS\system32\InstMed.exe
2009-03-16 20:24:49 ----A---- C:\WINDOWS\system32\LVUI2RC.dll
2009-03-16 20:24:49 ----A---- C:\WINDOWS\system32\LVUI2.dll
2009-03-16 20:24:49 ----A---- C:\WINDOWS\system32\lvcoinst.ini
2009-03-16 20:24:49 ----A---- C:\WINDOWS\system32\lvcoinst.dll
2009-03-16 20:24:49 ----A---- C:\WINDOWS\system32\LVCodec2.dll
2009-03-16 20:24:37 ----D---- C:\Program Files\Fichiers communs\Logitech
2009-03-16 20:24:32 ----A---- C:\WINDOWS\_delis32.ini
2009-03-16 20:24:20 ----R---- C:\WINDOWS\bwUnin-6.1.4.68-8876480L.exe
2009-03-16 20:24:14 ----D---- C:\Program Files\Logitech
2009-03-11 20:20:57 ----D---- C:\Program Files\SFR
2009-03-05 23:06:18 ----D---- C:\Program Files\Adobe
2009-03-05 23:04:28 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-03-05 23:04:27 ----D---- C:\Program Files\NOS
======List of files/folders modified in the last 1 months======
2009-03-23 19:39:05 ----D---- C:\WINDOWS\Prefetch
2009-03-23 19:39:00 ----RD---- C:\Program Files
2009-03-23 19:37:08 ----D---- C:\WINDOWS\Temp
2009-03-23 19:34:09 ----D---- C:\WINDOWS
2009-03-23 19:27:22 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-03-23 19:20:05 ----A---- C:\WINDOWS\NeroDigital.ini
2009-03-22 19:56:25 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-03-22 19:56:24 ----D---- C:\WINDOWS\system32\CatRoot2
2009-03-22 19:56:23 ----SHD---- C:\WINDOWS\Installer
2009-03-22 19:56:14 ----D---- C:\WINDOWS\system32
2009-03-22 18:48:07 ----D---- C:\Program Files\eMule
2009-03-17 14:09:42 ----D---- C:\WINDOWS\Help
2009-03-17 12:36:07 ----D---- C:\Program Files\Fichiers communs
2009-03-17 12:34:08 ----HD---- C:\Program Files\InstallShield Installation Information
2009-03-16 20:29:06 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-03-16 20:29:05 ----D---- C:\WINDOWS\system32\drivers
2009-03-16 20:29:02 ----D---- C:\WINDOWS\twain_32
2009-03-16 20:28:59 ----HD---- C:\WINDOWS\inf
2009-03-05 23:13:10 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-03-05 23:06:35 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-02-25 13:59:56 ----D---- C:\WINDOWS\system32\Macromed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2007-12-17 12400]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 40576]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-02-12 279712]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-02-12 25888]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-05-20 4800000]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\System32\DRIVERS\l1e51x86.sys [2008-06-25 36864]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\DRIVERS\LVUSBSta.sys [2004-05-27 19968]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-28 12288]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2007-04-12 6738656]
R3 PID_0920;Logitech QuickCam Express(PID_0920); C:\WINDOWS\system32\DRIVERS\LV532AV.SYS [2004-05-21 163328]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-04-20 479200]
R3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\WINDOWS\system32\DRIVERS\xusb21.sys [2007-02-27 61984]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 PciCon;PciCon; \??\E:\PciCon.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-22 152984]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-09-20 853288]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\System32\nvsvc32.exe [2007-04-12 163908]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-12-10 137200]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe [2008-01-04 382248]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.06 2009-03-23 19:39:07
======Uninstall list======
-->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver-->"C:\Program Files\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\Setup.exe" -runfromtemp -l0x040c -removeonly
Canon PhotoRecord-->MsiExec.exe /X{D958FAC4-BAE0-4B1D-A42E-DE9BFDE7DDEE}
Canon PIXMA iP1500-->C:\WINDOWS\system32\CNMCP5y.exe "-PRINTERNAMECanon PIXMA iP1500" "-HELPERDLLC:\BJPrinter\CNMWINDOWS\Canon PIXMA iP1500 Installer\Inst2\cnmis.dll" "-RCDLLC:\BJPrinter\CNMWINDOWS\Canon PIXMA iP1500 Installer\Inst2\cnmi040c.dll"
Canon Utilities Easy-PhotoPrint-->C:\Program Files\Canon\Easy-PhotoPrint\uninst.exe C:\Program Files\Canon\Easy-PhotoPrint\uninst.ini
Canon Utilities Easy-PrintToolBox-->C:\WINDOWS\BJPSUNST.EXE
Clean Virus MSN-->"C:\Program Files\AxBx\Clean Virus MSN\unins000.exe"
DAEMON Tools-->MsiExec.exe /I{2DF9A978-DEA1-4433-805D-66790FC28C62}
DAoC Portal-->MsiExec.exe /I{D611CBD6-B6D6-404D-82AE-EC12041389D6}
Dark Age of Camelot - Catacombs-->"C:\Dark Age of Camelot - Catacombs\unins000.exe"
Dark Age of Camelot: Darkness Rising-->"C:\Dark Age of Camelot - Catacombs\unins001.exe"
Easy-WebPrint-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Canon\Easy-WebPrint\Uninst.isu"
eMule-->"C:\Program Files\eMule\Uninstall.exe"
EPU-6 Engine-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{56B83336-FBC1-4C46-8613-90A9E3B440D6}\setup.exe" -l0x40c
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0531C63A913CC9D1.exe" /uninstall
Grand Theft Auto IV-->"C:\Program Files\InstallShield Installation Information\{579BA58C-F33D-4970-9953-B94B43768AC3}\setup.exe" -runfromtemp -l0x040c -removeonly
Hospital Tycoon-->C:\Program Files\Codemasters\Hospital Tycoon\uninstall.exe
Java(TM) 6 Update 12-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216012FF}
Les Sims 2 : Nuits de Folie-->C:\Program Files\EA GAMES\Les Sims 2 Nuits de Folie\EAUninstall.exe
Les Sims 2 Académie-->C:\Program Files\EA GAMES\Les Sims 2 Académie\EAUninstall.exe
Les Sims 2 Fun en Famille Kit-->C:\Program Files\EA GAMES\Les Sims 2 Fun en Famille Kit\EAUninstall.exe
Les Sims 2 : La bonne affaire-->C:\Program Files\EA GAMES\Les Sims 2 La bonne affaire\EAUninstall.exe
Les Sims 2-->C:\Program Files\EA GAMES\Les Sims 2\EAUninstall.exe
Les Sims™ 2 Animaux & Cie-->C:\Program Files\EA GAMES\Les Sims 2 Animaux & Cie\EAUninstall.exe
Les Sims™ 2 Demeures de rêve Kit-->C:\Program Files\EA GAMES\Les Sims 2 Demeures de rêve Kit\EAUninstall.exe
Les Sims™ 2 H&M® Fashion Kit-->C:\Program Files\EA GAMES\Les Sims 2 H&M® Fashion Kit\EAUninstall.exe
Les Sims™ 2 Jour de fête ! Kit -->C:\Program Files\EA GAMES\Les Sims 2 Jour de fête ! Kit \EAUninstall.exe
Les Sims™ 2 Kit design Cuisine et Salle de bain-->C:\Program Files\EA GAMES\Les Sims 2 Kit design Cuisine et Salle de bain\EAUninstall.exe
Les Sims™ 2 Kit Glamour-->C:\Program Files\EA GAMES\Les Sims 2 Kit Glamour\EAUninstall.exe
Les Sims™ 2 Au fil des saisons-->C:\Program Files\EA GAMES\Les Sims 2 Au fil des saisons\EAUninstall.exe
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe" -l0x40c UNINSTALL
Logitech Print Service-->C:\PROGRA~1\Logitech\PRINTS~1\UNWISE.EXE C:\PROGRA~1\Logitech\PRINTS~1\INSTALL.LOG
Logitech QuickCam-->MsiExec.exe /I{0496D9E9-224B-4AFA-8F37-23B98D52F1EB}
marvell 61xx-->C:\Program Files\Marvell\61xx\uninst-61xx.exe
Micro Application - 3D Architecte Pro-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3CF0F6D1-2C70-4BF6-98EE-8246EEB976D1}\setup.exe" -l0x40c
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft .NET Framework 3.0 French Language Pack-->MsiExec.exe /X{E3C080B0-23F5-49AF-89F8-8E8DBC89E659}
Microsoft .NET Framework 3.0-->c:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setup.exe
Microsoft .NET Framework 3.0-->MsiExec.exe /X{15095BF3-A3D7-4DDF-B193-3A496881E003}
Microsoft Games for Windows - LIVE -->MsiExec.exe /X{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{FD052FB9-FE90-4438-B355-15EDC89D8FB1}
Microsoft Kernel-Mode Driver Framework Feature Pack 1.1-->"C:\WINDOWS\$NtUninstallWdf01001$\spuninst\spuninst.exe"
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Xbox 360 Accessories 1.1-->MsiExec.exe /X{9F5DF7FC-3AF2-4502-9084-F62FC00A5A3F}
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0-->c:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\setup.exe
MSXML 6.0 Parser (KB925673)-->MsiExec.exe /I{FE9126DB-5F84-495A-BB46-3C724F1C2D08}
Nero 8 Essentials-->MsiExec.exe /X{51F76D4E-E924-4DF7-8B88-B6CA8A611036}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA Drivers-->C:\WINDOWS\System32\nvudisp.exe UninstallGUI
Programme de gestion Camera de Logitech®-->"C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
Rappelz-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{01A8838A-9469-425F-A5FB-FC14D4CF93B9}\setup.exe" -l0x40c -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x40c -removeonly
Rockstar Games Social Club-->"C:\Program Files\InstallShield Installation Information\{08B3869E-D282-424C-9AFC-870E04A4BA14}\setup.exe" -runfromtemp -l0x040c -removeonly
RollerCoaster Tycoon® 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\setup.exe" -l0x40c
RUNAWAY 2 - The dream of the turtle-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79DE0CE4-F38A-4DA7-81DF-949E615EA0AB}\setup.exe"
SFR - Kit de connexion-->C:\Program Files\SFR\Kit\uninstall.exe
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
The Witcher Enhanced Edition-->"C:\Program Files\InstallShield Installation Information\{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}\setup.exe" -runfromtemp -l0x040c -removeonly
Tomb Raider: Legend 1.0-->C:\Program Files\Tomb Raider - Legend\uninsttrl.exe
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
VideoLAN VLC media player 0.8.6c-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Communication Foundation-->MsiExec.exe /X{491DD792-AD81-429C-9EB4-86DD3D22E333}
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Presentation Foundation Language Pack (FRA)-->MsiExec.exe /X{6901DD22-527A-41EF-9059-E81FEDE9E494}
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Workflow Foundation FR Language Pack-->MsiExec.exe /I{B84C141C-9A13-44BE-9A69-301D7B11D836}
Windows Workflow Foundation-->MsiExec.exe /I{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
======System event log======
Computer Name: FAB
Event Code: 7
Message: Le périphérique \Device\CdRom2 comporte un bloc défectueux.
Record Number: 3694
Source Name: Cdrom
Time Written: 20090202182209.000000+060
Event Type: erreur
User:
Computer Name: FAB
Event Code: 7
Message: Le périphérique \Device\Harddisk1\D comporte un bloc défectueux.
Record Number: 3693
Source Name: Disk
Time Written: 20090202182208.000000+060
Event Type: erreur
User:
Computer Name: FAB
Event Code: 7
Message: Le périphérique \Device\CdRom2 comporte un bloc défectueux.
Record Number: 3692
Source Name: Cdrom
Time Written: 20090202182207.000000+060
Event Type: erreur
User:
Computer Name: FAB
Event Code: 7
Message: Le périphérique \Device\Harddisk1\D comporte un bloc défectueux.
Record Number: 3691
Source Name: Disk
Time Written: 20090202182206.000000+060
Event Type: erreur
User:
Computer Name: FAB
Event Code: 7
Message: Le périphérique \Device\CdRom2 comporte un bloc défectueux.
Record Number: 3690
Source Name: Cdrom
Time Written: 20090202182204.000000+060
Event Type: erreur
User:
=====Application event log=====
Computer Name: FAB
Event Code: 0
Message:
Record Number: 2006
Source Name: gusvc
Time Written: 20090214001229.000000+060
Event Type: Informations
User:
Computer Name: FAB
Event Code: 4097
Message: L'application, C:\Program Files\The Witcher Enhanced Edition\SYSTEM\witcher.EXE, a généré une erreur d'application
L'erreur s'est produite le 02/13/2009 à 21:29:25.453
L'exception générée était c0000005 à l'adresse 00408D62 (witcher)
Record Number: 2005
Source Name: DrWatson
Time Written: 20090213212925.000000+060
Event Type: Informations
User:
Computer Name: FAB
Event Code: 1000
Message: Application défaillante witcher.exe, version 1.0.0.1103, module défaillant witcher.exe, version 1.0.0.1103, adresse de défaillance 0x00008d62.
Record Number: 2004
Source Name: Application Error
Time Written: 20090213212924.000000+060
Event Type: erreur
User:
Computer Name: FAB
Event Code: 4097
Message: L'application, C:\Program Files\The Witcher Enhanced Edition\SYSTEM\witcher.EXE, a généré une erreur d'application
L'erreur s'est produite le 02/13/2009 à 21:23:34.812
L'exception générée était c0000005 à l'adresse 00408D62 (witcher)
Record Number: 2003
Source Name: DrWatson
Time Written: 20090213212334.000000+060
Event Type: Informations
User:
Computer Name: FAB
Event Code: 1000
Message: Application défaillante witcher.exe, version 1.0.0.1103, module défaillant witcher.exe, version 1.0.0.1103, adresse de défaillance 0x00008d62.
Record Number: 2002
Source Name: Application Error
Time Written: 20090213212331.000000+060
Event Type: erreur
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\WbemC:\Program Files\DMV\MaxTV4\plugins;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 11, GenuineIntel
"PROCESSOR_REVISION"=0f0b
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"RGSCLauncher"=C:\Program Files\Rockstar Games\Rockstar Games Social Club
"RGSC"=C:\Program Files\Rockstar Games\Rockstar Games Social Club\1_0_0_0
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip
-----------------EOF-----------------
le 2 eme
Logfile of random's system information tool 1.06 (written by random/random)
Run by Hido at 2009-03-23 19:39:00
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 6 GB (7%) free of 80 GB
Total RAM: 3071 MB (82% free)
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-12-10 251504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2008-12-10 657904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2008-12-10 522224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-22 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-22 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-12-10 251504]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2004-04-16 405504]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-05-16 16862720]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"Six Engine"=C:\Program Files\ASUS\Six Engine\SixEngine.exe [2008-06-03 5964800]
"NvCplDaemon"=C:\WINDOWS\System32\NvCpl.dll [2007-04-12 8429568]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\System32\NvMcTray.dll [2007-04-12 81920]
"RavAV"=C:\WINDOWS\RavMonE.exe [2008-12-10 3511570]
"Easy-PrintToolBox"=C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE [2004-01-14 409600]
"XboxStat"=C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [2007-09-27 734264]
"DAEMON Tools-1033"=C:\Program Files\D-Tools\daemon.exe [2003-10-02 81920]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2004-05-21 221184]
"LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe [2004-06-01 458752]
"LogitechVideoTray"=C:\Program Files\Logitech\Video\LogiTray.exe [2004-06-01 217088]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-22 148888]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-12-10 39408]
"MsnMsgr"=C:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352]
"RGSC"=C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [2008-12-13 306088]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]
"LogitechSoftwareUpdate"=C:\Program Files\Logitech\Video\ManifestEngine.exe [2004-06-01 196608]
"LDM"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe [2009-03-16 20480]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"NT Printing Services6"=C:\WINDOWS\system32\dllhosts.exe [2009-02-13 51712]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
C:\Documents and Settings\Hido\Menu Démarrer\Programmes\Démarrage
MaxTV.lnk - C:\Program Files\DMV\MaxTV4\maxtv.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=95000000
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe"="C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe"="C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe"="C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"J:\Softs\Spellborn_Downloader_1_0_0_4-fr.exe"="J:\Softs\Spellborn_Downloader_1_0_0_4-fr.exe:*:Enabled:Spellborn Downloader"
"C:\Program Files\adslTV\adsltv.exe"="C:\Program Files\adslTV\adsltv.exe:*:Enabled:adsltv"
"C:\Program Files\DMV\MaxTV4\maxtv.exe"="C:\Program Files\DMV\MaxTV4\maxtv.exe:*:Enabled:maxtv"
"C:\Program Files\DMV\MaxTV4\core\maxtv_xul.exe"="C:\Program Files\DMV\MaxTV4\core\maxtv_xul.exe:*:Enabled:maxtv_xul"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe:*:Enabled:Logitech Desktop Messenger"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J]
shell\Auto\command - J:\RavMonE.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{19d89686-de6f-11dd-bbb8-002215f27cc6}]
shell\Auto\command - G:\RavMonE.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2500a744-0f1e-11de-bc22-002215f27cc6}]
shell\Auto\command - H:\RavMonE.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b18b88a1-dcd2-11dd-bbb3-002215f27cc6}]
shell\Auto\command - H:\RavMonE.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e97e32ac-cf5f-11dd-bb99-002215f27cc6}]
shell\Auto\command - G:\RavMonE.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e
======List of files/folders created in the last 1 months======
2009-03-23 19:39:00 ----D---- C:\rsit
2009-03-23 19:39:00 ----D---- C:\Program Files\trend micro
2009-03-23 19:34:09 ----A---- C:\WINDOWS\ntbtlog.txt
2009-03-23 18:49:03 ----A---- C:\sdse.exe
2009-03-23 18:39:06 ----A---- C:\WINDOWS\msnfix.txt
2009-03-23 18:33:59 ----A---- C:\sds.exe
2009-03-23 18:27:42 ----D---- C:\Program Files\AxBx
2009-03-23 18:13:37 ----RSH---- C:\WINDOWS\fxsteller.exe
2009-03-22 19:56:25 ----D---- C:\WINDOWS\Sun
2009-03-22 19:56:14 ----A---- C:\WINDOWS\system32\javaws.exe
2009-03-22 19:56:14 ----A---- C:\WINDOWS\system32\javaw.exe
2009-03-22 19:56:14 ----A---- C:\WINDOWS\system32\java.exe
2009-03-22 19:56:14 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-03-22 19:55:59 ----D---- C:\Program Files\Java
2009-03-22 19:54:47 ----D---- C:\Documents and Settings\Hido\Application Data\Sun
2009-03-17 12:36:55 ----D---- C:\Documents and Settings\Hido\Application Data\Atari
2009-03-17 12:36:07 ----D---- C:\Program Files\Fichiers communs\PocketSoft
2009-03-17 12:36:07 ----A---- C:\WINDOWS\patchw32.dll
2009-03-17 12:34:07 ----D---- C:\Program Files\Atari
2009-03-16 20:29:01 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2009-03-16 20:26:27 ----N---- C:\WINDOWS\system32\capicom.dll
2009-03-16 20:26:09 ----D---- C:\Documents and Settings\Hido\Application Data\FotoWire
2009-03-16 20:26:08 ----D---- C:\Program Files\Fichiers communs\FotoWire
2009-03-16 20:24:59 ----RA---- C:\WINDOWS\system32\InstMed.exe
2009-03-16 20:24:49 ----A---- C:\WINDOWS\system32\LVUI2RC.dll
2009-03-16 20:24:49 ----A---- C:\WINDOWS\system32\LVUI2.dll
2009-03-16 20:24:49 ----A---- C:\WINDOWS\system32\lvcoinst.ini
2009-03-16 20:24:49 ----A---- C:\WINDOWS\system32\lvcoinst.dll
2009-03-16 20:24:49 ----A---- C:\WINDOWS\system32\LVCodec2.dll
2009-03-16 20:24:37 ----D---- C:\Program Files\Fichiers communs\Logitech
2009-03-16 20:24:32 ----A---- C:\WINDOWS\_delis32.ini
2009-03-16 20:24:20 ----R---- C:\WINDOWS\bwUnin-6.1.4.68-8876480L.exe
2009-03-16 20:24:14 ----D---- C:\Program Files\Logitech
2009-03-11 20:20:57 ----D---- C:\Program Files\SFR
2009-03-05 23:06:18 ----D---- C:\Program Files\Adobe
2009-03-05 23:04:28 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-03-05 23:04:27 ----D---- C:\Program Files\NOS
======List of files/folders modified in the last 1 months======
2009-03-23 19:39:05 ----D---- C:\WINDOWS\Prefetch
2009-03-23 19:39:00 ----RD---- C:\Program Files
2009-03-23 19:37:08 ----D---- C:\WINDOWS\Temp
2009-03-23 19:34:09 ----D---- C:\WINDOWS
2009-03-23 19:27:22 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-03-23 19:20:05 ----A---- C:\WINDOWS\NeroDigital.ini
2009-03-22 19:56:25 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-03-22 19:56:24 ----D---- C:\WINDOWS\system32\CatRoot2
2009-03-22 19:56:23 ----SHD---- C:\WINDOWS\Installer
2009-03-22 19:56:14 ----D---- C:\WINDOWS\system32
2009-03-22 18:48:07 ----D---- C:\Program Files\eMule
2009-03-17 14:09:42 ----D---- C:\WINDOWS\Help
2009-03-17 12:36:07 ----D---- C:\Program Files\Fichiers communs
2009-03-17 12:34:08 ----HD---- C:\Program Files\InstallShield Installation Information
2009-03-16 20:29:06 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-03-16 20:29:05 ----D---- C:\WINDOWS\system32\drivers
2009-03-16 20:29:02 ----D---- C:\WINDOWS\twain_32
2009-03-16 20:28:59 ----HD---- C:\WINDOWS\inf
2009-03-05 23:13:10 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-03-05 23:06:35 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-02-25 13:59:56 ----D---- C:\WINDOWS\system32\Macromed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2007-12-17 12400]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 40576]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-02-12 279712]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-02-12 25888]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-05-20 4800000]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\System32\DRIVERS\l1e51x86.sys [2008-06-25 36864]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\DRIVERS\LVUSBSta.sys [2004-05-27 19968]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-28 12288]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2007-04-12 6738656]
R3 PID_0920;Logitech QuickCam Express(PID_0920); C:\WINDOWS\system32\DRIVERS\LV532AV.SYS [2004-05-21 163328]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-04-20 479200]
R3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\WINDOWS\system32\DRIVERS\xusb21.sys [2007-02-27 61984]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 PciCon;PciCon; \??\E:\PciCon.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-22 152984]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-09-20 853288]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\System32\nvsvc32.exe [2007-04-12 163908]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-12-10 137200]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe [2008-01-04 382248]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]
-----------------EOF-----------------
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
rapport incomplet mais cela ira...
branche tes disques externes (clé usb ...) car les infections sont dedans
Pour fusionner:
http://img.photobucket.com/albums/v666/sUBs/CFScript.gif
_______________
telecharge combofix:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Sauvegarde le sur ton bureau et pas ailleurs !
_________________
Ferme tous tes navigateurs (donc copie ou imprime les instructions avant)
Crée un nouveau document texte : clic droit de souris sur le bureau > Nouveau > Document Texte, et copie dedans les lignes suivantes :
File::
C:\sdse.exe
C:\sds.exe
C:\WINDOWS\fxsteller.exe
C:\WINDOWS\RavMonE.exe
J:\RavMonE.exe e
G:\RavMonE.exe
H:\RavMonE.exe
Registry::
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RavAV"=
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{19d89686-de6f-11dd-bbb8-002215f27cc6}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2500a744-0f1e-11de-bc22-002215f27cc6}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e97e32ac-cf5f-11dd-bb99-002215f27cc6}]
Enregistre ce fichier sous le nom CFscript
Fait un glisser/déposer de ce fichier CFscrïpt sur le fichier ComboFix.exe
Clique sur le fichier CFScript, maintient le doigt enfoncé et glisse la souris pour que l'icône du CFScript vienne recouvrir l'icône de Combofix. Relache la souris. Combofix va démarrer.
Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.
Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt
_________________
scan rapide avec
MalwareByte's Anti-Malware après mise a jour, en mode normal et vire ce qui est trouvé et colle le rapport
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
____________________
Télécharge RavAntivirus d'Evosla :
http://ww25.evosla.com/compteur.php?soft=rav_antivirus
# Si tu as une clé USB, disque dur externe, etc, branche-les sans les ouvrir avant de lancer ce FIX
# Fais un clic droit sur le fichier .ZIP > Extraire sur > le Bureau
# Doucle-clique sur >> RAV.exe << afin de lancer l'outil.
# Une fois RAV ANTIVIRUS lancé, laisse-le réagir , il scanne automatiquement tout les lecteurs (disques fixes et amovibles)
# Si infection > un log s'établira, sinon le soft affichera (très rapide) ==>Votre Ordinateur est sain .
# Retire tes disques amovibles et redémarrez votre ordinateur.
# Poste le rapport, si infection!
2/ Télécharge sur le bureau Flash Disinfector (de SUBS) à cette adresse : http://www.techsupportforum.com/sectools/sUBs/Flash_Disinfector.exe
Double-clique sur l’icône.
Les icônes vont disparaître. C’est normal.
Si un rapport est généré en cas d'infection, sauvegarde-le sur le bureau, et poste le ensuite
Redémarre ensuite le PC.
_________________
remets un rapport RSIT complet cette fois (les deux rapports)
branche tes disques externes (clé usb ...) car les infections sont dedans
Pour fusionner:
http://img.photobucket.com/albums/v666/sUBs/CFScript.gif
_______________
telecharge combofix:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Sauvegarde le sur ton bureau et pas ailleurs !
_________________
Ferme tous tes navigateurs (donc copie ou imprime les instructions avant)
Crée un nouveau document texte : clic droit de souris sur le bureau > Nouveau > Document Texte, et copie dedans les lignes suivantes :
File::
C:\sdse.exe
C:\sds.exe
C:\WINDOWS\fxsteller.exe
C:\WINDOWS\RavMonE.exe
J:\RavMonE.exe e
G:\RavMonE.exe
H:\RavMonE.exe
Registry::
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RavAV"=
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{19d89686-de6f-11dd-bbb8-002215f27cc6}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2500a744-0f1e-11de-bc22-002215f27cc6}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e97e32ac-cf5f-11dd-bb99-002215f27cc6}]
Enregistre ce fichier sous le nom CFscript
Fait un glisser/déposer de ce fichier CFscrïpt sur le fichier ComboFix.exe
Clique sur le fichier CFScript, maintient le doigt enfoncé et glisse la souris pour que l'icône du CFScript vienne recouvrir l'icône de Combofix. Relache la souris. Combofix va démarrer.
Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.
Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt
_________________
scan rapide avec
MalwareByte's Anti-Malware après mise a jour, en mode normal et vire ce qui est trouvé et colle le rapport
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
____________________
Télécharge RavAntivirus d'Evosla :
http://ww25.evosla.com/compteur.php?soft=rav_antivirus
# Si tu as une clé USB, disque dur externe, etc, branche-les sans les ouvrir avant de lancer ce FIX
# Fais un clic droit sur le fichier .ZIP > Extraire sur > le Bureau
# Doucle-clique sur >> RAV.exe << afin de lancer l'outil.
# Une fois RAV ANTIVIRUS lancé, laisse-le réagir , il scanne automatiquement tout les lecteurs (disques fixes et amovibles)
# Si infection > un log s'établira, sinon le soft affichera (très rapide) ==>Votre Ordinateur est sain .
# Retire tes disques amovibles et redémarrez votre ordinateur.
# Poste le rapport, si infection!
2/ Télécharge sur le bureau Flash Disinfector (de SUBS) à cette adresse : http://www.techsupportforum.com/sectools/sUBs/Flash_Disinfector.exe
Double-clique sur l’icône.
Les icônes vont disparaître. C’est normal.
Si un rapport est généré en cas d'infection, sauvegarde-le sur le bureau, et poste le ensuite
Redémarre ensuite le PC.
_________________
remets un rapport RSIT complet cette fois (les deux rapports)
