Connexion nénet souvent rompue
monpseudoh
-
kduc Messages postés 1537 Statut Membre -
kduc Messages postés 1537 Statut Membre -
Bonjour,
voilà, je vous transmet l'analyse de RSIT
si une belle âme veut bien me renseigner...
grand merci
voilà log.txt
Logfile of random's system information tool 1.06 (written by random/random)
Run by franck at 2009-07-14 07:51:10
Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 1
System drive C: has 204 GB (70%) free of 292 GB
Total RAM: 2814 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:51:51, on 14/07/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18248)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Users\franck\AppData\Local\ygmws.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Hercules\WiFi Station pour Livebox\WiFiLB.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Vuze\Azureus.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\franck\Desktop\RSIT(2).exe
C:\Program Files\trend micro\franck.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emachines.com/rdr.aspx?b=ACEW&l=040c&s=1&o=vb32&d=0409&m=el1300
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.ask.com/?o=101764&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emachines.com/rdr.aspx?b=ACEW&l=040c&s=1&o=vb32&d=0409&m=el1300
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.acer-group.com/selection.html?b=ACEW&l=040c&s=1&o=vb32&d=0409&m=el1300
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\IPSBHO.DLL
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\eMachines\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe
O4 - HKCU\..\Run: [ygmws] "c:\users\franck\appdata\local\ygmws.exe" ygmws
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: WiFi Station pour Livebox.lnk = C:\Program Files\Hercules\WiFi Station pour Livebox\WiFiLB.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix:
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\eMachines Games\eMachines Game Console\GameConsoleService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
--
End of file - 7353 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll [2009-03-12 372592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\IPSBHO.DLL [2009-03-12 107896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-01 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll [2009-03-12 372592]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-05-02 13535776]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-05-02 92704]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-05-20 6144000]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-01 148888]
"eRecoveryService"= []
"UpdateP2GoShortCut"=C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-03-14 71216]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-01-08 52256]
"UpdatePSTShortCut"=C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [2008-09-24 210216]
"WarReg_PopUp"=C:\Program Files\eMachines\WR_PopUp\WarReg_PopUp.exe [2008-11-04 57344]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-10-14 49152]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"PeerGuardian"=C:\Program Files\PeerGuardian2\pg2.exe [2005-09-18 1421824]
"ygmws"=c:\users\franck\appdata\local\ygmws.exe [2009-07-13 262144]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
WiFi Station pour Livebox.lnk - C:\Program Files\Hercules\WiFi Station pour Livebox\WiFiLB.exe
C:\Users\franck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OneNote 2007 - Capture d'écran et lancement.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
OpenOffice.org 3.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SymEFA.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b10f6356-2b27-11de-8a2d-806e6f6e6963}]
shell\AutoRun\command - D:\autorun.exe
shell\setup\command - D:\install.exe
======List of files/folders created in the last 1 months======
2009-07-14 07:51:12 ----D---- C:\Program Files\trend micro
2009-07-14 07:51:10 ----D---- C:\rsit
2009-07-13 14:05:10 ----D---- C:\ProgramData\Games-Attack
2009-07-13 13:21:57 ----D---- C:\Users\franck\AppData\Roaming\.freeciv
2009-07-13 13:20:50 ----D---- C:\Program Files\Freeciv-2.1.9-gtk2
2009-07-12 20:08:34 ----D---- C:\ProgramData\WinZip
2009-07-12 13:09:01 ----D---- C:\Downloads
2009-07-12 13:01:40 ----D---- C:\Users\franck\AppData\Roaming\FlashGet
2009-07-12 13:01:32 ----D---- C:\Program Files\FlashGet
2009-07-12 12:53:45 ----D---- C:\ProgramData\WindowsSearch
2009-07-11 16:39:09 ----D---- C:\Users\franck\AppData\Roaming\Talkback
2009-07-11 14:40:50 ----D---- C:\Users\franck\AppData\Roaming\dvdcss
2009-07-11 07:05:13 ----RHD---- C:\Users\franck\AppData\Roaming\SecuROM
2009-07-11 07:04:36 ----D---- C:\Program Files\BoontyGames
2009-07-11 06:59:03 ----D---- C:\Boonty
2009-07-10 23:10:26 ----D---- C:\Program Files\PeerGuardian2
2009-07-10 20:51:03 ----D---- C:\Users\franck\AppData\Roaming\vlc
2009-07-10 18:50:55 ----D---- C:\Users\franck\AppData\Roaming\HP
2009-07-10 18:48:06 ----D---- C:\ProgramData\HP Product Assistant
2009-07-10 18:45:57 ----D---- C:\Program Files\Common Files\HP
2009-07-10 18:45:54 ----D---- C:\Program Files\Hewlett-Packard
2009-07-10 18:39:59 ----D---- C:\ProgramData\Hewlett-Packard
2009-07-10 18:39:40 ----D---- C:\Users\franck\AppData\Roaming\CyberLink
2009-07-10 18:38:25 ----A---- C:\Windows\system32\hpzids01.dll
2009-07-10 18:38:16 ----A---- C:\Windows\system32\hpz3l5mu.dll
2009-07-10 18:36:59 ----A---- C:\Windows\system32\hpwwiax4.dll
2009-07-10 18:36:59 ----A---- C:\Windows\system32\hpwtscl3.dll
2009-07-10 18:36:59 ----A---- C:\Windows\system32\hppldcoi.dll
2009-07-10 18:36:59 ----A---- C:\Windows\system32\hpovst11.dll
2009-07-10 18:36:59 ----A---- C:\Windows\system32\difxapi.dll
2009-07-06 20:37:15 ----D---- C:\Windows\Sun
2009-07-05 18:58:41 ----D---- C:\Users\franck\AppData\Roaming\OpenOffice.org
2009-07-05 14:28:08 ----A---- C:\Windows\ntbtlog.txt
2009-07-05 14:26:58 ----D---- C:\Windows\Minidump
2009-07-05 07:01:13 ----D---- C:\Program Files\MSXML 4.0
2009-07-04 12:41:22 ----D---- C:\Program Files\Common Files\Hewlett-Packard
2009-07-04 12:39:26 ----RA---- C:\Windows\hpzshl01.exe
2009-07-04 12:39:26 ----RA---- C:\Windows\hpzmsi01.exe
2009-07-04 12:39:25 ----D---- C:\Windows\yellowtail
2009-07-04 12:38:17 ----D---- C:\Program Files\HP
2009-07-04 12:38:04 ----HD---- C:\Config.Msi
2009-07-04 12:27:57 ----D---- C:\ProgramData\HP
2009-07-04 08:42:27 ----D---- C:\ProgramData\Azureus
2009-07-04 08:42:25 ----D---- C:\Users\franck\AppData\Roaming\Azureus
2009-07-04 08:42:07 ----D---- C:\Program Files\Vuze
2009-07-04 08:39:23 ----A---- C:\Windows\wininit.ini
2009-07-04 08:39:15 ----D---- C:\Program Files\BitTorrent
2009-07-04 07:55:41 ----D---- C:\Program Files\eMule
2009-07-03 18:10:15 ----D---- C:\Program Files\adslTV
2009-07-03 17:58:45 ----A---- C:\Windows\system32\TXGYUploader.dll
2009-07-03 17:58:45 ----A---- C:\Windows\system32\QMOCameraDll.dll
2009-07-03 17:58:44 ----A---- C:\Windows\system32\QMO.dll
2009-07-03 16:11:09 ----D---- C:\ProgramData\Age of Empires 3
2009-07-03 16:06:17 ----A---- C:\Windows\system32\d3dx9_26.dll
2009-07-03 16:06:15 ----A---- C:\Windows\system32\d3dx9_25.dll
2009-07-03 06:49:35 ----D---- C:\ProgramData\Symantec
2009-07-02 19:15:06 ----D---- C:\ProgramData\InterAction studios
2009-07-02 18:50:19 ----D---- C:\Users\franck\AppData\Roaming\LimeWire
2009-07-02 18:49:58 ----D---- C:\Program Files\LimeWire
2009-07-02 18:43:28 ----D---- C:\ProgramData\eMule
2009-07-02 14:45:59 ----D---- C:\Users\franck\AppData\Roaming\WildTangent
2009-07-02 06:39:13 ----D---- C:\Users\franck\AppData\Roaming\Thunderbird
2009-07-02 06:39:06 ----D---- C:\Program Files\Mozilla Thunderbird
2009-07-02 06:37:01 ----D---- C:\Users\franck\AppData\Roaming\Mozilla
2009-07-02 06:36:54 ----D---- C:\Program Files\Mozilla Firefox
2009-07-01 23:27:47 ----D---- C:\Program Files\JRE
2009-07-01 23:27:42 ----D---- C:\Program Files\OpenOffice.org 3
2009-07-01 23:27:01 ----A---- C:\Windows\system32\javaws.exe
2009-07-01 23:27:01 ----A---- C:\Windows\system32\javaw.exe
2009-07-01 23:27:01 ----A---- C:\Windows\system32\java.exe
2009-07-01 23:27:01 ----A---- C:\Windows\system32\deploytk.dll
2009-07-01 17:47:06 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-07-01 17:47:06 ----A---- C:\Windows\system32\infocardapi.dll
2009-07-01 17:47:05 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-07-01 17:47:05 ----A---- C:\Windows\system32\icardres.dll
2009-07-01 17:47:05 ----A---- C:\Windows\system32\icardagt.exe
2009-07-01 17:47:04 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-07-01 17:47:02 ----A---- C:\Windows\system32\PresentationHost.exe
2009-07-01 17:43:04 ----A---- C:\Windows\system32\dfshim.dll
2009-07-01 17:43:02 ----A---- C:\Windows\system32\mscoree.dll
2009-07-01 17:43:01 ----A---- C:\Windows\system32\netfxperf.dll
2009-07-01 17:42:54 ----A---- C:\Windows\system32\mscorier.dll
2009-07-01 17:42:51 ----A---- C:\Windows\system32\mscories.dll
2009-07-01 17:41:33 ----A---- C:\Windows\system32\xolehlp.dll
2009-07-01 17:41:33 ----A---- C:\Windows\system32\msdtcprx.dll
2009-07-01 17:41:32 ----A---- C:\Windows\system32\winhttp.dll
2009-07-01 17:41:30 ----A---- C:\Windows\system32\lsasrv.dll
2009-07-01 17:41:30 ----A---- C:\Windows\system32\kernel32.dll
2009-07-01 17:41:29 ----A---- C:\Windows\system32\secur32.dll
2009-07-01 17:41:29 ----A---- C:\Windows\system32\apilogen.dll
2009-07-01 17:41:29 ----A---- C:\Windows\system32\amxread.dll
2009-07-01 17:41:28 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-07-01 17:41:27 ----A---- C:\Windows\system32\wersvc.dll
2009-07-01 17:41:27 ----A---- C:\Windows\system32\Faultrep.dll
2009-07-01 17:41:24 ----A---- C:\Windows\system32\rpcss.dll
2009-07-01 17:41:24 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-07-01 17:41:24 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-07-01 17:41:23 ----A---- C:\Windows\system32\sdohlp.dll
2009-07-01 17:41:23 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-07-01 17:41:23 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-07-01 17:41:23 ----A---- C:\Windows\system32\iasrecst.dll
2009-07-01 17:41:23 ----A---- C:\Windows\system32\iashost.exe
2009-07-01 17:41:23 ----A---- C:\Windows\system32\iasdatastore.dll
2009-07-01 17:41:23 ----A---- C:\Windows\system32\iasads.dll
2009-07-01 17:40:48 ----A---- C:\Windows\system32\localspl.dll
2009-07-01 17:40:28 ----A---- C:\Windows\system32\wmp.dll
2009-07-01 17:40:27 ----A---- C:\Windows\system32\spwmp.dll
2009-07-01 17:40:26 ----A---- C:\Windows\system32\wmploc.DLL
2009-07-01 17:40:26 ----A---- C:\Windows\system32\dxmasf.dll
2009-07-01 17:40:13 ----A---- C:\Windows\system32\mshtml.dll
2009-07-01 17:40:10 ----A---- C:\Windows\system32\urlmon.dll
2009-07-01 17:40:10 ----A---- C:\Windows\system32\ieframe.dll
2009-07-01 17:40:09 ----A---- C:\Windows\system32\wininet.dll
2009-07-01 17:40:09 ----A---- C:\Windows\system32\occache.dll
2009-07-01 17:40:09 ----A---- C:\Windows\system32\msfeeds.dll
2009-07-01 17:40:09 ----A---- C:\Windows\system32\iertutil.dll
2009-07-01 17:40:09 ----A---- C:\Windows\system32\iedkcs32.dll
2009-07-01 17:40:09 ----A---- C:\Windows\system32\ieaksie.dll
2009-07-01 17:40:08 ----A---- C:\Windows\system32\mstime.dll
2009-07-01 17:40:08 ----A---- C:\Windows\system32\jsproxy.dll
2009-07-01 17:40:08 ----A---- C:\Windows\system32\ieUnatt.exe
2009-07-01 17:40:08 ----A---- C:\Windows\system32\ieencode.dll
2009-07-01 17:40:05 ----A---- C:\Windows\explorer.exe
2009-07-01 17:40:04 ----A---- C:\Windows\system32\schannel.dll
2009-07-01 17:39:57 ----A---- C:\Windows\system32\rpcrt4.dll
2009-07-01 17:37:18 ----D---- C:\Users\franck\AppData\Roaming\Macromedia
2009-07-01 17:34:19 ----D---- C:\Users\franck\AppData\Roaming\Adobe
2009-07-01 17:34:15 ----D---- C:\Users\franck\AppData\Roaming\Google
2009-07-01 17:33:38 ----A---- C:\Windows\system32\wups2.dll
2009-07-01 17:33:38 ----A---- C:\Windows\system32\wucltux.dll
2009-07-01 17:33:38 ----A---- C:\Windows\system32\wuaueng.dll
2009-07-01 17:33:38 ----A---- C:\Windows\system32\wuauclt.exe
2009-07-01 17:33:22 ----A---- C:\Windows\system32\wups.dll
2009-07-01 17:33:21 ----A---- C:\Windows\system32\wudriver.dll
2009-07-01 17:33:21 ----A---- C:\Windows\system32\wuapi.dll
2009-07-01 17:33:15 ----D---- C:\Program Files\Symantec
2009-07-01 17:33:15 ----D---- C:\Program Files\Common Files\Symantec Shared
2009-07-01 17:33:15 ----A---- C:\Windows\system32\wuwebv.dll
2009-07-01 17:33:15 ----A---- C:\Windows\system32\wuapp.exe
2009-07-01 17:29:16 ----D---- C:\Program Files\Hercules
2009-07-01 17:25:19 ----D---- C:\Users\franck\AppData\Roaming\InstallShield
2009-07-01 17:14:01 ----D---- C:\Users\franck\AppData\Roaming\Identities
2009-07-01 17:12:22 ----HD---- C:\ACERSW
2009-07-01 17:12:05 ----D---- C:\ProgramData\Google
2009-07-01 17:11:17 ----SD---- C:\Users\franck\AppData\Roaming\Microsoft
2009-07-01 17:11:10 ----SHD---- C:\ProgramData\Modèles
2009-07-01 17:11:10 ----SHD---- C:\ProgramData\Menu Démarrer
2009-07-01 17:11:10 ----SHD---- C:\ProgramData\Favoris
2009-07-01 17:11:10 ----SHD---- C:\ProgramData\Bureau
2009-07-01 17:11:10 ----SHD---- C:\Program Files\Fichiers communs
======List of files/folders modified in the last 1 months======
2009-07-14 07:51:12 ----RD---- C:\Program Files
2009-07-14 07:51:12 ----D---- C:\Windows\Temp
2009-07-14 07:28:33 ----D---- C:\Windows\System32
2009-07-14 07:28:33 ----D---- C:\Windows\inf
2009-07-14 07:28:33 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-07-13 14:05:10 ----HD---- C:\ProgramData
2009-07-13 06:53:38 ----SHD---- C:\Windows\Installer
2009-07-13 06:53:31 ----D---- C:\ProgramData\Microsoft Help
2009-07-13 06:52:56 ----RSD---- C:\Windows\assembly
2009-07-13 06:50:29 ----SHD---- C:\System Volume Information
2009-07-13 06:44:56 ----D---- C:\Program Files\Google
2009-07-12 20:41:29 ----D---- C:\Windows
2009-07-11 07:35:45 ----D---- C:\ProgramData\CyberLink
2009-07-11 07:20:03 ----D---- C:\Windows\Microsoft.NET
2009-07-11 07:04:45 ----D---- C:\Windows\Prefetch
2009-07-10 18:51:06 ----SD---- C:\ProgramData\Microsoft
2009-07-10 18:50:42 ----A---- C:\Windows\win.ini
2009-07-10 18:47:42 ----D---- C:\Windows\winsxs
2009-07-10 18:45:59 ----D---- C:\Windows\twain_32
2009-07-10 18:45:57 ----D---- C:\Program Files\Common Files
2009-07-10 18:39:28 ----D---- C:\Windows\system32\drivers
2009-07-10 18:37:35 ----D---- C:\Windows\system32\catroot
2009-07-10 18:23:49 ----D---- C:\Windows\system32\WDI
2009-07-09 21:52:39 ----D---- C:\Windows\system32\catroot2
2009-07-06 20:42:07 ----HD---- C:\Program Files\InstallShield Installation Information
2009-07-05 14:24:55 ----A---- C:\Windows\DUMP41df.tmp
2009-07-05 14:23:31 ----D---- C:\Windows\LiveKernelReports
2009-07-04 22:52:44 ----D---- C:\ProgramData\WildTangent
2009-07-04 22:52:05 ----D---- C:\Program Files\eMachines Games
2009-07-04 07:56:12 ----D---- C:\Windows\system32\Tasks
2009-07-03 15:56:40 ----D---- C:\Program Files\Microsoft Games
2009-07-02 19:26:49 ----D---- C:\Program Files\Common Files\InstallShield
2009-07-02 19:24:45 ----D---- C:\ProgramData\Adobe
2009-07-02 19:24:44 ----D---- C:\Program Files\Common Files\Adobe
2009-07-02 19:10:02 ----RSD---- C:\Windows\Fonts
2009-07-02 18:58:35 ----D---- C:\Windows\Debug
2009-07-02 18:32:53 ----D---- C:\Windows\rescache
2009-07-01 23:30:48 ----D---- C:\Windows\system32\fr-FR
2009-07-01 23:30:46 ----D---- C:\Program Files\Windows Media Player
2009-07-01 23:30:45 ----D---- C:\Windows\system32\wbem
2009-07-01 23:30:45 ----D---- C:\Program Files\Windows Mail
2009-07-01 23:30:43 ----D---- C:\Windows\system32\manifeststore
2009-07-01 23:30:42 ----D---- C:\Windows\AppPatch
2009-07-01 23:30:28 ----D---- C:\Windows\system32\XPSViewer
2009-07-01 23:30:28 ----D---- C:\Windows\system32\en-US
2009-07-01 23:30:04 ----D---- C:\Program Files\Internet Explorer
2009-07-01 23:26:34 ----D---- C:\Program Files\Java
2009-07-01 23:25:40 ----D---- C:\Windows\system32\NDF
2009-07-01 20:00:14 ----D---- C:\Windows\Logs
2009-07-01 17:42:18 ----D---- C:\Windows\SoftwareDistribution
2009-07-01 17:33:44 ----D---- C:\ProgramData\Norton
2009-07-01 17:14:11 ----SHD---- C:\$Recycle.Bin
2009-07-01 17:13:43 ----D---- C:\Windows\system32\OEM
2009-07-01 17:13:42 ----HD---- C:\ACER
2009-07-01 17:12:24 ----D---- C:\Program Files\EMACHINES
2009-07-01 17:11:17 ----RD---- C:\Users
2009-07-01 17:11:10 ----D---- C:\Program Files\Windows NT
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 BHDrvx86;Symantec Heuristics Driver; C:\Windows\System32\Drivers\NIS\1005000.087\BHDrvx86.sys [2009-03-12 258608]
R1 ccHP;Symantec Hash Provider; C:\Windows\System32\Drivers\NIS\1005000.087\ccHPx86.sys [2009-07-02 482352]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2009-07-01 371248]
R1 IDSVix86;IDSVix86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20090709.001\IDSvix86.sys [2009-06-25 292912]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); \??\C:\Windows\system32\drivers\NIS\1005000.087\SRTSPX.SYS [2009-03-12 43696]
R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys [2009-03-12 25136]
R1 SYMTDI;Symantec Network Dispatch Driver; C:\Windows\System32\Drivers\NIS\1005000.087\SYMTDI.SYS [2009-03-12 217392]
R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2008-06-11 15392]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2009-07-01 101936]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-05-20 2143136]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090713.024\NAVENG.SYS [2009-07-13 87888]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090713.024\NAVEX15.SYS [2009-07-13 875728]
R3 netr73;Hercules Wireless USB Dongle Driver for Vista; C:\Windows\system32\DRIVERS\netr73.sys [2007-01-31 256000]
R3 NVENETFD;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2008-03-25 1048480]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-05-02 7460320]
R3 SRTSP;Symantec Real Time Storage Protection; C:\Windows\System32\Drivers\NIS\1005000.087\SRTSP.SYS [2009-03-12 307760]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2009-07-02 124464]
R3 SYMFW;Symantec Network Filter Driver; C:\Windows\System32\Drivers\NIS\1005000.087\SYMFW.SYS [2009-03-12 89776]
R3 SYMNDISV;Symantec Network Filter Driver; C:\Windows\System32\Drivers\NIS\1005000.087\SYMNDISV.SYS [2009-03-12 39984]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2008-03-05 1203808]
S3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 pgfilter;pgfilter; \??\C:\Program Files\PeerGuardian2\pgfilter.sys [2005-09-18 5632]
S3 SYMDNS;SYMDNS; \??\C:\Windows\system32\drivers\NIS\1000000.07D\SYMDNS.SYS []
S3 SYMREDRV;SYMREDRV; \??\C:\Windows\system32\drivers\NIS\1000000.07D\SYMREDRV.SYS []
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ETService;Empowering Technology Service; C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe [2008-06-11 24576]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 Norton Internet Security;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe [2009-03-12 115560]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-05-02 118784]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2007-05-14 272024]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 GameConsoleService;GameConsoleService; C:\Program Files\eMachines Games\eMachines Game Console\GameConsoleService.exe [2009-06-06 250616]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
-----------------EOF-----------------
puis info.txt
info.txt logfile of random's system information tool 1.06 2009-07-14 07:51:53
======Uninstall list======
-->"C:\Program Files\eMachines Games\Bejeweled 2 Deluxe\Uninstall.exe"
-->"C:\Program Files\eMachines Games\Blasterball 2 Holidays\Uninstall.exe"
-->"C:\Program Files\eMachines Games\Blasterball 3\Uninstall.exe"
-->"C:\Program Files\eMachines Games\Cake Mania\Uninstall.exe"
-->"C:\Program Files\eMachines Games\Chicken Invaders 3 - Revenge of the Yolk\Uninstall.exe"
-->"C:\Program Files\eMachines Games\Diner Dash\Uninstall.exe"
-->"C:\Program Files\eMachines Games\eMachines Game Console\Uninstall.exe"
-->"C:\Program Files\eMachines Games\FATE\Uninstall.exe"
-->"C:\Program Files\eMachines Games\Hot Dish\Uninstall.exe"
-->"C:\Program Files\eMachines Games\Penguins!\Uninstall.exe"
-->"C:\Program Files\eMachines Games\Polar Bowler\Uninstall.exe"
-->"C:\Program Files\eMachines Games\Zuma Deluxe\Uninstall.exe"
-->"C:\Program Files\InstallShield Installation Information\{8F1B6239-FEA0-450A-A950-B05276CE177C}\setup.exe" -runfromtemp -l0x040c -removeonly
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001}
adsl TV-->C:\Program Files\adslTV\Uninstal.exe
Age of Empires III - The WarChiefs-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{1C08A24C-B168-407E-A826-68FAF5F20710}
Age of Empires III-->C:\Program Files\InstallShield Installation Information\{70F8B183-99EB-4304-BA35-080E2DFFD2A3}\install.exe -runfromtemp -l0x040c
Agere Systems PCI-SV92EX Soft Modem-->agrsmdel
Assistant de connexion Windows Live-->MsiExec.exe /I{D6E592B3-67DA-4BBB-9783-E1838FB253A2}
CyberLink DVD Suite-->"C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
CyberLink DVD Suite-->"C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
CyberLink LabelPrint-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" -uninstall
CyberLink Power2Go-->"C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
CyberLink Power2Go-->"C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
CyberLink PowerDVD-->"C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
eMachines Games-->"C:\Program Files\eMachines Games\Uninstall.exe"
eMachines Recovery Management-->"C:\Program Files\InstallShield Installation Information\{7F811A54-5A09-4579-90E1-C93498E230D9}\setup.exe" -runfromtemp -l0x040c -removeonly
Favorit-->c:\users\franck\appdata\local\ygmws.bat
Freeciv 2.1.9 (GTK+ client)-->"C:\Program Files\Freeciv-2.1.9-gtk2\uninstall.exe"
Hercules WiFi Station for Livebox-->C:\Program Files\InstallShield Installation Information\{DECE22F4-EEDD-4615-BC56-2F4827FAD64B}\setup.exe -runfromtemp -l0x040c -removeonly
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Customer Participation Program 10.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Document Manager 1.0-->C:\Program Files\HP\Digital Imaging\DocumentManager\hpzscr01.exe -datfile hpqbud18.dat
HP Imaging Device Functions 10.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Officejet J4500 Series-->C:\Program Files\HP\Digital Imaging\{CD0773D5-C18E-495c-B39B-21A96415EDD5}\setup\hpzscr01.exe -datfile hpwscr19.dat -forcereboot
HP Smart Web Printing-->C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat
HP Solution Center 10.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{11B83AD3-7A46-4C2E-A568-9505981D4C6F}
Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Suite Activation Assistant-->MsiExec.exe /X{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works-->MsiExec.exe /I{3B160861-7250-451E-B5EE-8B92BF30A710}
Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}
Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Mozilla Firefox (3.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.22)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Norton Internet Security-->C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\A5E82D02\16.5.0.135\InstStub.exe /X
NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI
OCR Software by I.R.I.S. 10.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
OpenOffice.org 3.1-->MsiExec.exe /I{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}
PeerGuardian 2.0-->"C:\Program Files\PeerGuardian2\unins000.exe"
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office Word 2007 (KB969604)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {CF3D6499-709C-43D0-8908-BC5652656050}
Shop for HP Supplies-->C:\Program Files\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
VLC media player 1.0.0-->C:\Program Files\adslTV\uninstall.exe
Vuze-->C:\Program Files\Vuze\uninstall.exe
======Security center information======
AS: Windows Defender
======System event log======
Computer Name: PC-de-franck
Event Code: 4226
Message: TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées.
Record Number: 36847
Source Name: Tcpip
Time Written: 20090714034534.088340-000
Event Type: Avertissement
User:
Computer Name: PC-de-franck
Event Code: 4001
Message: Le Service d’autoconfiguration WLAN s’est arrêté correctement.
Record Number: 36882
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20090714052312.765600-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
Computer Name: PC-de-franck
Event Code: 15016
Message: Impossible d’initialiser le package de sécurité Kerberos pour l’authentification côté serveur. Le champ de données contient le numéro de l’erreur.
Record Number: 36893
Source Name: Microsoft-Windows-HttpEvent
Time Written: 20090714052404.676355-000
Event Type: Erreur
User:
Computer Name: PC-de-franck
Event Code: 7022
Message: Le service Service HP CUE DeviceDiscovery est en attente de démarrage.
Record Number: 36966
Source Name: Service Control Manager
Time Written: 20090714052540.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-franck
Event Code: 4226
Message: TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées.
Record Number: 36990
Source Name: Tcpip
Time Written: 20090714054546.646355-000
Event Type: Avertissement
User:
=====Application event log=====
Computer Name: PC-de-franck
Event Code: 3013
Message: Impossible de mettre à jour l'entrée <C:\USERS\FRANCK\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK DVD SUITE\POWERDVD\DÉSINSTALLEZ POWERDVD.LNK> dans la configuration de hachage.
Contexte : Application , Catalogue SystemIndex
Détails :
Un périphérique attaché au système ne fonctionne pas correctement. (0x8007001f)
Record Number: 3875
Source Name: Microsoft-Windows-Search
Time Written: 20090713212308.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-franck
Event Code: 3013
Message: Impossible de mettre à jour l'entrée <C:\USERS\FRANCK\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK DVD SUITE\POWERDVD\DÉSINSTALLEZ POWERDVD.LNK> dans la configuration de hachage.
Contexte : Application , Catalogue SystemIndex
Détails :
Un périphérique attaché au système ne fonctionne pas correctement. (0x8007001f)
Record Number: 3876
Source Name: Microsoft-Windows-Search
Time Written: 20090713212308.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-franck
Event Code: 10
Message: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé.
Record Number: 3879
Source Name: Microsoft-Windows-WMI
Time Written: 20090713212316.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-franck
Event Code: 10
Message: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé.
Record Number: 3907
Source Name: Microsoft-Windows-WMI
Time Written: 20090714034304.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-franck
Event Code: 10
Message: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé.
Record Number: 3940
Source Name: Microsoft-Windows-WMI
Time Written: 20090714052540.000000-000
Event Type: Erreur
User:
=====Security event log=====
Computer Name: PC-de-franck
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 5107
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090714055149.695355-000
Event Type: Échec de l'audit
User:
Computer Name: PC-de-franck
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 5108
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090714055149.787355-000
Event Type: Échec de l'audit
User:
Computer Name: PC-de-franck
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 5109
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090714055149.815355-000
Event Type: Échec de l'audit
User:
Computer Name: PC-de-franck
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 5110
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090714055149.847355-000
Event Type: Échec de l'audit
User:
Computer Name: PC-de-franck
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 5111
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090714055149.878355-000
Event Type: Échec de l'audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\HP\Digital Imaging\\bin
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 107 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=6b02
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE
-----------------EOF-----------------
encore merci
voilà, je vous transmet l'analyse de RSIT
si une belle âme veut bien me renseigner...
grand merci
voilà log.txt
Logfile of random's system information tool 1.06 (written by random/random)
Run by franck at 2009-07-14 07:51:10
Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 1
System drive C: has 204 GB (70%) free of 292 GB
Total RAM: 2814 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:51:51, on 14/07/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18248)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Users\franck\AppData\Local\ygmws.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Hercules\WiFi Station pour Livebox\WiFiLB.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Vuze\Azureus.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\franck\Desktop\RSIT(2).exe
C:\Program Files\trend micro\franck.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emachines.com/rdr.aspx?b=ACEW&l=040c&s=1&o=vb32&d=0409&m=el1300
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.ask.com/?o=101764&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emachines.com/rdr.aspx?b=ACEW&l=040c&s=1&o=vb32&d=0409&m=el1300
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.acer-group.com/selection.html?b=ACEW&l=040c&s=1&o=vb32&d=0409&m=el1300
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\IPSBHO.DLL
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\eMachines\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe
O4 - HKCU\..\Run: [ygmws] "c:\users\franck\appdata\local\ygmws.exe" ygmws
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: WiFi Station pour Livebox.lnk = C:\Program Files\Hercules\WiFi Station pour Livebox\WiFiLB.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix:
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\eMachines Games\eMachines Game Console\GameConsoleService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
--
End of file - 7353 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll [2009-03-12 372592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\IPSBHO.DLL [2009-03-12 107896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-01 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll [2009-03-12 372592]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-05-02 13535776]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-05-02 92704]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-05-20 6144000]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-01 148888]
"eRecoveryService"= []
"UpdateP2GoShortCut"=C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-03-14 71216]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-01-08 52256]
"UpdatePSTShortCut"=C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [2008-09-24 210216]
"WarReg_PopUp"=C:\Program Files\eMachines\WR_PopUp\WarReg_PopUp.exe [2008-11-04 57344]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-10-14 49152]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"PeerGuardian"=C:\Program Files\PeerGuardian2\pg2.exe [2005-09-18 1421824]
"ygmws"=c:\users\franck\appdata\local\ygmws.exe [2009-07-13 262144]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
WiFi Station pour Livebox.lnk - C:\Program Files\Hercules\WiFi Station pour Livebox\WiFiLB.exe
C:\Users\franck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OneNote 2007 - Capture d'écran et lancement.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
OpenOffice.org 3.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SymEFA.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b10f6356-2b27-11de-8a2d-806e6f6e6963}]
shell\AutoRun\command - D:\autorun.exe
shell\setup\command - D:\install.exe
======List of files/folders created in the last 1 months======
2009-07-14 07:51:12 ----D---- C:\Program Files\trend micro
2009-07-14 07:51:10 ----D---- C:\rsit
2009-07-13 14:05:10 ----D---- C:\ProgramData\Games-Attack
2009-07-13 13:21:57 ----D---- C:\Users\franck\AppData\Roaming\.freeciv
2009-07-13 13:20:50 ----D---- C:\Program Files\Freeciv-2.1.9-gtk2
2009-07-12 20:08:34 ----D---- C:\ProgramData\WinZip
2009-07-12 13:09:01 ----D---- C:\Downloads
2009-07-12 13:01:40 ----D---- C:\Users\franck\AppData\Roaming\FlashGet
2009-07-12 13:01:32 ----D---- C:\Program Files\FlashGet
2009-07-12 12:53:45 ----D---- C:\ProgramData\WindowsSearch
2009-07-11 16:39:09 ----D---- C:\Users\franck\AppData\Roaming\Talkback
2009-07-11 14:40:50 ----D---- C:\Users\franck\AppData\Roaming\dvdcss
2009-07-11 07:05:13 ----RHD---- C:\Users\franck\AppData\Roaming\SecuROM
2009-07-11 07:04:36 ----D---- C:\Program Files\BoontyGames
2009-07-11 06:59:03 ----D---- C:\Boonty
2009-07-10 23:10:26 ----D---- C:\Program Files\PeerGuardian2
2009-07-10 20:51:03 ----D---- C:\Users\franck\AppData\Roaming\vlc
2009-07-10 18:50:55 ----D---- C:\Users\franck\AppData\Roaming\HP
2009-07-10 18:48:06 ----D---- C:\ProgramData\HP Product Assistant
2009-07-10 18:45:57 ----D---- C:\Program Files\Common Files\HP
2009-07-10 18:45:54 ----D---- C:\Program Files\Hewlett-Packard
2009-07-10 18:39:59 ----D---- C:\ProgramData\Hewlett-Packard
2009-07-10 18:39:40 ----D---- C:\Users\franck\AppData\Roaming\CyberLink
2009-07-10 18:38:25 ----A---- C:\Windows\system32\hpzids01.dll
2009-07-10 18:38:16 ----A---- C:\Windows\system32\hpz3l5mu.dll
2009-07-10 18:36:59 ----A---- C:\Windows\system32\hpwwiax4.dll
2009-07-10 18:36:59 ----A---- C:\Windows\system32\hpwtscl3.dll
2009-07-10 18:36:59 ----A---- C:\Windows\system32\hppldcoi.dll
2009-07-10 18:36:59 ----A---- C:\Windows\system32\hpovst11.dll
2009-07-10 18:36:59 ----A---- C:\Windows\system32\difxapi.dll
2009-07-06 20:37:15 ----D---- C:\Windows\Sun
2009-07-05 18:58:41 ----D---- C:\Users\franck\AppData\Roaming\OpenOffice.org
2009-07-05 14:28:08 ----A---- C:\Windows\ntbtlog.txt
2009-07-05 14:26:58 ----D---- C:\Windows\Minidump
2009-07-05 07:01:13 ----D---- C:\Program Files\MSXML 4.0
2009-07-04 12:41:22 ----D---- C:\Program Files\Common Files\Hewlett-Packard
2009-07-04 12:39:26 ----RA---- C:\Windows\hpzshl01.exe
2009-07-04 12:39:26 ----RA---- C:\Windows\hpzmsi01.exe
2009-07-04 12:39:25 ----D---- C:\Windows\yellowtail
2009-07-04 12:38:17 ----D---- C:\Program Files\HP
2009-07-04 12:38:04 ----HD---- C:\Config.Msi
2009-07-04 12:27:57 ----D---- C:\ProgramData\HP
2009-07-04 08:42:27 ----D---- C:\ProgramData\Azureus
2009-07-04 08:42:25 ----D---- C:\Users\franck\AppData\Roaming\Azureus
2009-07-04 08:42:07 ----D---- C:\Program Files\Vuze
2009-07-04 08:39:23 ----A---- C:\Windows\wininit.ini
2009-07-04 08:39:15 ----D---- C:\Program Files\BitTorrent
2009-07-04 07:55:41 ----D---- C:\Program Files\eMule
2009-07-03 18:10:15 ----D---- C:\Program Files\adslTV
2009-07-03 17:58:45 ----A---- C:\Windows\system32\TXGYUploader.dll
2009-07-03 17:58:45 ----A---- C:\Windows\system32\QMOCameraDll.dll
2009-07-03 17:58:44 ----A---- C:\Windows\system32\QMO.dll
2009-07-03 16:11:09 ----D---- C:\ProgramData\Age of Empires 3
2009-07-03 16:06:17 ----A---- C:\Windows\system32\d3dx9_26.dll
2009-07-03 16:06:15 ----A---- C:\Windows\system32\d3dx9_25.dll
2009-07-03 06:49:35 ----D---- C:\ProgramData\Symantec
2009-07-02 19:15:06 ----D---- C:\ProgramData\InterAction studios
2009-07-02 18:50:19 ----D---- C:\Users\franck\AppData\Roaming\LimeWire
2009-07-02 18:49:58 ----D---- C:\Program Files\LimeWire
2009-07-02 18:43:28 ----D---- C:\ProgramData\eMule
2009-07-02 14:45:59 ----D---- C:\Users\franck\AppData\Roaming\WildTangent
2009-07-02 06:39:13 ----D---- C:\Users\franck\AppData\Roaming\Thunderbird
2009-07-02 06:39:06 ----D---- C:\Program Files\Mozilla Thunderbird
2009-07-02 06:37:01 ----D---- C:\Users\franck\AppData\Roaming\Mozilla
2009-07-02 06:36:54 ----D---- C:\Program Files\Mozilla Firefox
2009-07-01 23:27:47 ----D---- C:\Program Files\JRE
2009-07-01 23:27:42 ----D---- C:\Program Files\OpenOffice.org 3
2009-07-01 23:27:01 ----A---- C:\Windows\system32\javaws.exe
2009-07-01 23:27:01 ----A---- C:\Windows\system32\javaw.exe
2009-07-01 23:27:01 ----A---- C:\Windows\system32\java.exe
2009-07-01 23:27:01 ----A---- C:\Windows\system32\deploytk.dll
2009-07-01 17:47:06 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-07-01 17:47:06 ----A---- C:\Windows\system32\infocardapi.dll
2009-07-01 17:47:05 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-07-01 17:47:05 ----A---- C:\Windows\system32\icardres.dll
2009-07-01 17:47:05 ----A---- C:\Windows\system32\icardagt.exe
2009-07-01 17:47:04 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-07-01 17:47:02 ----A---- C:\Windows\system32\PresentationHost.exe
2009-07-01 17:43:04 ----A---- C:\Windows\system32\dfshim.dll
2009-07-01 17:43:02 ----A---- C:\Windows\system32\mscoree.dll
2009-07-01 17:43:01 ----A---- C:\Windows\system32\netfxperf.dll
2009-07-01 17:42:54 ----A---- C:\Windows\system32\mscorier.dll
2009-07-01 17:42:51 ----A---- C:\Windows\system32\mscories.dll
2009-07-01 17:41:33 ----A---- C:\Windows\system32\xolehlp.dll
2009-07-01 17:41:33 ----A---- C:\Windows\system32\msdtcprx.dll
2009-07-01 17:41:32 ----A---- C:\Windows\system32\winhttp.dll
2009-07-01 17:41:30 ----A---- C:\Windows\system32\lsasrv.dll
2009-07-01 17:41:30 ----A---- C:\Windows\system32\kernel32.dll
2009-07-01 17:41:29 ----A---- C:\Windows\system32\secur32.dll
2009-07-01 17:41:29 ----A---- C:\Windows\system32\apilogen.dll
2009-07-01 17:41:29 ----A---- C:\Windows\system32\amxread.dll
2009-07-01 17:41:28 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-07-01 17:41:27 ----A---- C:\Windows\system32\wersvc.dll
2009-07-01 17:41:27 ----A---- C:\Windows\system32\Faultrep.dll
2009-07-01 17:41:24 ----A---- C:\Windows\system32\rpcss.dll
2009-07-01 17:41:24 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-07-01 17:41:24 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-07-01 17:41:23 ----A---- C:\Windows\system32\sdohlp.dll
2009-07-01 17:41:23 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-07-01 17:41:23 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-07-01 17:41:23 ----A---- C:\Windows\system32\iasrecst.dll
2009-07-01 17:41:23 ----A---- C:\Windows\system32\iashost.exe
2009-07-01 17:41:23 ----A---- C:\Windows\system32\iasdatastore.dll
2009-07-01 17:41:23 ----A---- C:\Windows\system32\iasads.dll
2009-07-01 17:40:48 ----A---- C:\Windows\system32\localspl.dll
2009-07-01 17:40:28 ----A---- C:\Windows\system32\wmp.dll
2009-07-01 17:40:27 ----A---- C:\Windows\system32\spwmp.dll
2009-07-01 17:40:26 ----A---- C:\Windows\system32\wmploc.DLL
2009-07-01 17:40:26 ----A---- C:\Windows\system32\dxmasf.dll
2009-07-01 17:40:13 ----A---- C:\Windows\system32\mshtml.dll
2009-07-01 17:40:10 ----A---- C:\Windows\system32\urlmon.dll
2009-07-01 17:40:10 ----A---- C:\Windows\system32\ieframe.dll
2009-07-01 17:40:09 ----A---- C:\Windows\system32\wininet.dll
2009-07-01 17:40:09 ----A---- C:\Windows\system32\occache.dll
2009-07-01 17:40:09 ----A---- C:\Windows\system32\msfeeds.dll
2009-07-01 17:40:09 ----A---- C:\Windows\system32\iertutil.dll
2009-07-01 17:40:09 ----A---- C:\Windows\system32\iedkcs32.dll
2009-07-01 17:40:09 ----A---- C:\Windows\system32\ieaksie.dll
2009-07-01 17:40:08 ----A---- C:\Windows\system32\mstime.dll
2009-07-01 17:40:08 ----A---- C:\Windows\system32\jsproxy.dll
2009-07-01 17:40:08 ----A---- C:\Windows\system32\ieUnatt.exe
2009-07-01 17:40:08 ----A---- C:\Windows\system32\ieencode.dll
2009-07-01 17:40:05 ----A---- C:\Windows\explorer.exe
2009-07-01 17:40:04 ----A---- C:\Windows\system32\schannel.dll
2009-07-01 17:39:57 ----A---- C:\Windows\system32\rpcrt4.dll
2009-07-01 17:37:18 ----D---- C:\Users\franck\AppData\Roaming\Macromedia
2009-07-01 17:34:19 ----D---- C:\Users\franck\AppData\Roaming\Adobe
2009-07-01 17:34:15 ----D---- C:\Users\franck\AppData\Roaming\Google
2009-07-01 17:33:38 ----A---- C:\Windows\system32\wups2.dll
2009-07-01 17:33:38 ----A---- C:\Windows\system32\wucltux.dll
2009-07-01 17:33:38 ----A---- C:\Windows\system32\wuaueng.dll
2009-07-01 17:33:38 ----A---- C:\Windows\system32\wuauclt.exe
2009-07-01 17:33:22 ----A---- C:\Windows\system32\wups.dll
2009-07-01 17:33:21 ----A---- C:\Windows\system32\wudriver.dll
2009-07-01 17:33:21 ----A---- C:\Windows\system32\wuapi.dll
2009-07-01 17:33:15 ----D---- C:\Program Files\Symantec
2009-07-01 17:33:15 ----D---- C:\Program Files\Common Files\Symantec Shared
2009-07-01 17:33:15 ----A---- C:\Windows\system32\wuwebv.dll
2009-07-01 17:33:15 ----A---- C:\Windows\system32\wuapp.exe
2009-07-01 17:29:16 ----D---- C:\Program Files\Hercules
2009-07-01 17:25:19 ----D---- C:\Users\franck\AppData\Roaming\InstallShield
2009-07-01 17:14:01 ----D---- C:\Users\franck\AppData\Roaming\Identities
2009-07-01 17:12:22 ----HD---- C:\ACERSW
2009-07-01 17:12:05 ----D---- C:\ProgramData\Google
2009-07-01 17:11:17 ----SD---- C:\Users\franck\AppData\Roaming\Microsoft
2009-07-01 17:11:10 ----SHD---- C:\ProgramData\Modèles
2009-07-01 17:11:10 ----SHD---- C:\ProgramData\Menu Démarrer
2009-07-01 17:11:10 ----SHD---- C:\ProgramData\Favoris
2009-07-01 17:11:10 ----SHD---- C:\ProgramData\Bureau
2009-07-01 17:11:10 ----SHD---- C:\Program Files\Fichiers communs
======List of files/folders modified in the last 1 months======
2009-07-14 07:51:12 ----RD---- C:\Program Files
2009-07-14 07:51:12 ----D---- C:\Windows\Temp
2009-07-14 07:28:33 ----D---- C:\Windows\System32
2009-07-14 07:28:33 ----D---- C:\Windows\inf
2009-07-14 07:28:33 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-07-13 14:05:10 ----HD---- C:\ProgramData
2009-07-13 06:53:38 ----SHD---- C:\Windows\Installer
2009-07-13 06:53:31 ----D---- C:\ProgramData\Microsoft Help
2009-07-13 06:52:56 ----RSD---- C:\Windows\assembly
2009-07-13 06:50:29 ----SHD---- C:\System Volume Information
2009-07-13 06:44:56 ----D---- C:\Program Files\Google
2009-07-12 20:41:29 ----D---- C:\Windows
2009-07-11 07:35:45 ----D---- C:\ProgramData\CyberLink
2009-07-11 07:20:03 ----D---- C:\Windows\Microsoft.NET
2009-07-11 07:04:45 ----D---- C:\Windows\Prefetch
2009-07-10 18:51:06 ----SD---- C:\ProgramData\Microsoft
2009-07-10 18:50:42 ----A---- C:\Windows\win.ini
2009-07-10 18:47:42 ----D---- C:\Windows\winsxs
2009-07-10 18:45:59 ----D---- C:\Windows\twain_32
2009-07-10 18:45:57 ----D---- C:\Program Files\Common Files
2009-07-10 18:39:28 ----D---- C:\Windows\system32\drivers
2009-07-10 18:37:35 ----D---- C:\Windows\system32\catroot
2009-07-10 18:23:49 ----D---- C:\Windows\system32\WDI
2009-07-09 21:52:39 ----D---- C:\Windows\system32\catroot2
2009-07-06 20:42:07 ----HD---- C:\Program Files\InstallShield Installation Information
2009-07-05 14:24:55 ----A---- C:\Windows\DUMP41df.tmp
2009-07-05 14:23:31 ----D---- C:\Windows\LiveKernelReports
2009-07-04 22:52:44 ----D---- C:\ProgramData\WildTangent
2009-07-04 22:52:05 ----D---- C:\Program Files\eMachines Games
2009-07-04 07:56:12 ----D---- C:\Windows\system32\Tasks
2009-07-03 15:56:40 ----D---- C:\Program Files\Microsoft Games
2009-07-02 19:26:49 ----D---- C:\Program Files\Common Files\InstallShield
2009-07-02 19:24:45 ----D---- C:\ProgramData\Adobe
2009-07-02 19:24:44 ----D---- C:\Program Files\Common Files\Adobe
2009-07-02 19:10:02 ----RSD---- C:\Windows\Fonts
2009-07-02 18:58:35 ----D---- C:\Windows\Debug
2009-07-02 18:32:53 ----D---- C:\Windows\rescache
2009-07-01 23:30:48 ----D---- C:\Windows\system32\fr-FR
2009-07-01 23:30:46 ----D---- C:\Program Files\Windows Media Player
2009-07-01 23:30:45 ----D---- C:\Windows\system32\wbem
2009-07-01 23:30:45 ----D---- C:\Program Files\Windows Mail
2009-07-01 23:30:43 ----D---- C:\Windows\system32\manifeststore
2009-07-01 23:30:42 ----D---- C:\Windows\AppPatch
2009-07-01 23:30:28 ----D---- C:\Windows\system32\XPSViewer
2009-07-01 23:30:28 ----D---- C:\Windows\system32\en-US
2009-07-01 23:30:04 ----D---- C:\Program Files\Internet Explorer
2009-07-01 23:26:34 ----D---- C:\Program Files\Java
2009-07-01 23:25:40 ----D---- C:\Windows\system32\NDF
2009-07-01 20:00:14 ----D---- C:\Windows\Logs
2009-07-01 17:42:18 ----D---- C:\Windows\SoftwareDistribution
2009-07-01 17:33:44 ----D---- C:\ProgramData\Norton
2009-07-01 17:14:11 ----SHD---- C:\$Recycle.Bin
2009-07-01 17:13:43 ----D---- C:\Windows\system32\OEM
2009-07-01 17:13:42 ----HD---- C:\ACER
2009-07-01 17:12:24 ----D---- C:\Program Files\EMACHINES
2009-07-01 17:11:17 ----RD---- C:\Users
2009-07-01 17:11:10 ----D---- C:\Program Files\Windows NT
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 BHDrvx86;Symantec Heuristics Driver; C:\Windows\System32\Drivers\NIS\1005000.087\BHDrvx86.sys [2009-03-12 258608]
R1 ccHP;Symantec Hash Provider; C:\Windows\System32\Drivers\NIS\1005000.087\ccHPx86.sys [2009-07-02 482352]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2009-07-01 371248]
R1 IDSVix86;IDSVix86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20090709.001\IDSvix86.sys [2009-06-25 292912]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); \??\C:\Windows\system32\drivers\NIS\1005000.087\SRTSPX.SYS [2009-03-12 43696]
R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys [2009-03-12 25136]
R1 SYMTDI;Symantec Network Dispatch Driver; C:\Windows\System32\Drivers\NIS\1005000.087\SYMTDI.SYS [2009-03-12 217392]
R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2008-06-11 15392]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2009-07-01 101936]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-05-20 2143136]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090713.024\NAVENG.SYS [2009-07-13 87888]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090713.024\NAVEX15.SYS [2009-07-13 875728]
R3 netr73;Hercules Wireless USB Dongle Driver for Vista; C:\Windows\system32\DRIVERS\netr73.sys [2007-01-31 256000]
R3 NVENETFD;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2008-03-25 1048480]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-05-02 7460320]
R3 SRTSP;Symantec Real Time Storage Protection; C:\Windows\System32\Drivers\NIS\1005000.087\SRTSP.SYS [2009-03-12 307760]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2009-07-02 124464]
R3 SYMFW;Symantec Network Filter Driver; C:\Windows\System32\Drivers\NIS\1005000.087\SYMFW.SYS [2009-03-12 89776]
R3 SYMNDISV;Symantec Network Filter Driver; C:\Windows\System32\Drivers\NIS\1005000.087\SYMNDISV.SYS [2009-03-12 39984]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2008-03-05 1203808]
S3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 pgfilter;pgfilter; \??\C:\Program Files\PeerGuardian2\pgfilter.sys [2005-09-18 5632]
S3 SYMDNS;SYMDNS; \??\C:\Windows\system32\drivers\NIS\1000000.07D\SYMDNS.SYS []
S3 SYMREDRV;SYMREDRV; \??\C:\Windows\system32\drivers\NIS\1000000.07D\SYMREDRV.SYS []
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ETService;Empowering Technology Service; C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe [2008-06-11 24576]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 Norton Internet Security;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe [2009-03-12 115560]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-05-02 118784]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2007-05-14 272024]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 GameConsoleService;GameConsoleService; C:\Program Files\eMachines Games\eMachines Game Console\GameConsoleService.exe [2009-06-06 250616]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
-----------------EOF-----------------
puis info.txt
info.txt logfile of random's system information tool 1.06 2009-07-14 07:51:53
======Uninstall list======
-->"C:\Program Files\eMachines Games\Bejeweled 2 Deluxe\Uninstall.exe"
-->"C:\Program Files\eMachines Games\Blasterball 2 Holidays\Uninstall.exe"
-->"C:\Program Files\eMachines Games\Blasterball 3\Uninstall.exe"
-->"C:\Program Files\eMachines Games\Cake Mania\Uninstall.exe"
-->"C:\Program Files\eMachines Games\Chicken Invaders 3 - Revenge of the Yolk\Uninstall.exe"
-->"C:\Program Files\eMachines Games\Diner Dash\Uninstall.exe"
-->"C:\Program Files\eMachines Games\eMachines Game Console\Uninstall.exe"
-->"C:\Program Files\eMachines Games\FATE\Uninstall.exe"
-->"C:\Program Files\eMachines Games\Hot Dish\Uninstall.exe"
-->"C:\Program Files\eMachines Games\Penguins!\Uninstall.exe"
-->"C:\Program Files\eMachines Games\Polar Bowler\Uninstall.exe"
-->"C:\Program Files\eMachines Games\Zuma Deluxe\Uninstall.exe"
-->"C:\Program Files\InstallShield Installation Information\{8F1B6239-FEA0-450A-A950-B05276CE177C}\setup.exe" -runfromtemp -l0x040c -removeonly
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001}
adsl TV-->C:\Program Files\adslTV\Uninstal.exe
Age of Empires III - The WarChiefs-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{1C08A24C-B168-407E-A826-68FAF5F20710}
Age of Empires III-->C:\Program Files\InstallShield Installation Information\{70F8B183-99EB-4304-BA35-080E2DFFD2A3}\install.exe -runfromtemp -l0x040c
Agere Systems PCI-SV92EX Soft Modem-->agrsmdel
Assistant de connexion Windows Live-->MsiExec.exe /I{D6E592B3-67DA-4BBB-9783-E1838FB253A2}
CyberLink DVD Suite-->"C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
CyberLink DVD Suite-->"C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
CyberLink LabelPrint-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" -uninstall
CyberLink Power2Go-->"C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
CyberLink Power2Go-->"C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
CyberLink PowerDVD-->"C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
eMachines Games-->"C:\Program Files\eMachines Games\Uninstall.exe"
eMachines Recovery Management-->"C:\Program Files\InstallShield Installation Information\{7F811A54-5A09-4579-90E1-C93498E230D9}\setup.exe" -runfromtemp -l0x040c -removeonly
Favorit-->c:\users\franck\appdata\local\ygmws.bat
Freeciv 2.1.9 (GTK+ client)-->"C:\Program Files\Freeciv-2.1.9-gtk2\uninstall.exe"
Hercules WiFi Station for Livebox-->C:\Program Files\InstallShield Installation Information\{DECE22F4-EEDD-4615-BC56-2F4827FAD64B}\setup.exe -runfromtemp -l0x040c -removeonly
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Customer Participation Program 10.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Document Manager 1.0-->C:\Program Files\HP\Digital Imaging\DocumentManager\hpzscr01.exe -datfile hpqbud18.dat
HP Imaging Device Functions 10.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Officejet J4500 Series-->C:\Program Files\HP\Digital Imaging\{CD0773D5-C18E-495c-B39B-21A96415EDD5}\setup\hpzscr01.exe -datfile hpwscr19.dat -forcereboot
HP Smart Web Printing-->C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat
HP Solution Center 10.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{11B83AD3-7A46-4C2E-A568-9505981D4C6F}
Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Suite Activation Assistant-->MsiExec.exe /X{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works-->MsiExec.exe /I{3B160861-7250-451E-B5EE-8B92BF30A710}
Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}
Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Mozilla Firefox (3.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.22)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Norton Internet Security-->C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\A5E82D02\16.5.0.135\InstStub.exe /X
NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI
OCR Software by I.R.I.S. 10.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
OpenOffice.org 3.1-->MsiExec.exe /I{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}
PeerGuardian 2.0-->"C:\Program Files\PeerGuardian2\unins000.exe"
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office Word 2007 (KB969604)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {CF3D6499-709C-43D0-8908-BC5652656050}
Shop for HP Supplies-->C:\Program Files\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
VLC media player 1.0.0-->C:\Program Files\adslTV\uninstall.exe
Vuze-->C:\Program Files\Vuze\uninstall.exe
======Security center information======
AS: Windows Defender
======System event log======
Computer Name: PC-de-franck
Event Code: 4226
Message: TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées.
Record Number: 36847
Source Name: Tcpip
Time Written: 20090714034534.088340-000
Event Type: Avertissement
User:
Computer Name: PC-de-franck
Event Code: 4001
Message: Le Service d’autoconfiguration WLAN s’est arrêté correctement.
Record Number: 36882
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20090714052312.765600-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
Computer Name: PC-de-franck
Event Code: 15016
Message: Impossible d’initialiser le package de sécurité Kerberos pour l’authentification côté serveur. Le champ de données contient le numéro de l’erreur.
Record Number: 36893
Source Name: Microsoft-Windows-HttpEvent
Time Written: 20090714052404.676355-000
Event Type: Erreur
User:
Computer Name: PC-de-franck
Event Code: 7022
Message: Le service Service HP CUE DeviceDiscovery est en attente de démarrage.
Record Number: 36966
Source Name: Service Control Manager
Time Written: 20090714052540.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-franck
Event Code: 4226
Message: TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées.
Record Number: 36990
Source Name: Tcpip
Time Written: 20090714054546.646355-000
Event Type: Avertissement
User:
=====Application event log=====
Computer Name: PC-de-franck
Event Code: 3013
Message: Impossible de mettre à jour l'entrée <C:\USERS\FRANCK\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK DVD SUITE\POWERDVD\DÉSINSTALLEZ POWERDVD.LNK> dans la configuration de hachage.
Contexte : Application , Catalogue SystemIndex
Détails :
Un périphérique attaché au système ne fonctionne pas correctement. (0x8007001f)
Record Number: 3875
Source Name: Microsoft-Windows-Search
Time Written: 20090713212308.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-franck
Event Code: 3013
Message: Impossible de mettre à jour l'entrée <C:\USERS\FRANCK\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK DVD SUITE\POWERDVD\DÉSINSTALLEZ POWERDVD.LNK> dans la configuration de hachage.
Contexte : Application , Catalogue SystemIndex
Détails :
Un périphérique attaché au système ne fonctionne pas correctement. (0x8007001f)
Record Number: 3876
Source Name: Microsoft-Windows-Search
Time Written: 20090713212308.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-franck
Event Code: 10
Message: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé.
Record Number: 3879
Source Name: Microsoft-Windows-WMI
Time Written: 20090713212316.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-franck
Event Code: 10
Message: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé.
Record Number: 3907
Source Name: Microsoft-Windows-WMI
Time Written: 20090714034304.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-franck
Event Code: 10
Message: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé.
Record Number: 3940
Source Name: Microsoft-Windows-WMI
Time Written: 20090714052540.000000-000
Event Type: Erreur
User:
=====Security event log=====
Computer Name: PC-de-franck
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 5107
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090714055149.695355-000
Event Type: Échec de l'audit
User:
Computer Name: PC-de-franck
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 5108
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090714055149.787355-000
Event Type: Échec de l'audit
User:
Computer Name: PC-de-franck
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 5109
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090714055149.815355-000
Event Type: Échec de l'audit
User:
Computer Name: PC-de-franck
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 5110
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090714055149.847355-000
Event Type: Échec de l'audit
User:
Computer Name: PC-de-franck
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 5111
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090714055149.878355-000
Event Type: Échec de l'audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\HP\Digital Imaging\\bin
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 107 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=6b02
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE
-----------------EOF-----------------
encore merci
Configuration: Windows Vista Firefox 3.5
A voir également:
- Connexion nénet souvent rompue
- Gmail connexion - Guide
- Hotmail connexion - Guide
- Connexion sctr - Forum Discord
- Instagram connexion - Guide
- France connect connexion - Guide
1 réponse
Salut,
Affiche les fichiers et dossiers cachés …
https://www.micro-astuce.com/Forum/afficher-les-fichiers-caches-t1607.html
Ensuite, va dans > Démarrer > Poste de travail > C:\
et supprime le(s) dossier(s)/fichier(s) en gras, ci-dessous, si tu le(s) trouves.
c:\users\franck\appdata\local\ygmws.bat <--
C:\Users\franck\AppData\Roaming\WildTangent <--
C:\ProgramData\Games-Attack <--
Vide la Corbeille.
Remet les fichiers et dossiers cachés comme tu les as trouvés !
-----
Si tu le trouves, désinstalle Favorit, en allant dans …
1/ Démarrer > Panneau de Config. > Programmes et Fonctionnalités
2/ Démarrer > Poste de travail > C:\Program Files\...
----------
Important pour ceux qui possèdent Vista :
Toujours lancer Navilog1, ci-dessous, via clic droit "Exécuter en tant qu'administrateur"
Télécharge Navilog1 (par IL-MAFIOSO) sur ton bureau :
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Puis, double-clique sur Navilog1.exe pour le démarrer
(ou clic droit > Exécuter en tant qu' administrateur)
Laisse-toi guider.
Appuie sur une touche quand on te le demande.
Au menu principal, choisis 1 et valide.
< Ne fais pas le choix 2 >
Patiente le temps du scan.
Il te sera peut-être demandé de redémarrer le PC.
Laisse l'outil le faire ; sinon, redémarre le PC normalement
si demandé.
Patiente jusqu'au message "Scan terminé le......"
Appuie sur une touche comme demandé ; le bloc-notes va s'ouvrir.
Copie-colle l'intégralité dans ta réponse. Referme le bloc-notes.
PS : le rapport est, aussi, sauvegardé à la racine du disque dur C:\cleannavi.txt
-----
Ensuite, ...
Télécharge GenProc : http://www.genproc.com/GenProc.exe ; double-clique sur GenProc.exe
et poste le contenu du rapport qui s'ouvre.
Désactive l' UAC avant de lancer l' outil (uniquement sous Vista) :
http://forum.telecharger.01net.com/forum/high-tech/PRODUITS/Questions-techniques/desactiver-controle-utilisateurs-sujet_198996_1.htm
Affiche les fichiers et dossiers cachés …
https://www.micro-astuce.com/Forum/afficher-les-fichiers-caches-t1607.html
Ensuite, va dans > Démarrer > Poste de travail > C:\
et supprime le(s) dossier(s)/fichier(s) en gras, ci-dessous, si tu le(s) trouves.
c:\users\franck\appdata\local\ygmws.bat <--
C:\Users\franck\AppData\Roaming\WildTangent <--
C:\ProgramData\Games-Attack <--
Vide la Corbeille.
Remet les fichiers et dossiers cachés comme tu les as trouvés !
-----
Si tu le trouves, désinstalle Favorit, en allant dans …
1/ Démarrer > Panneau de Config. > Programmes et Fonctionnalités
2/ Démarrer > Poste de travail > C:\Program Files\...
----------
Important pour ceux qui possèdent Vista :
Toujours lancer Navilog1, ci-dessous, via clic droit "Exécuter en tant qu'administrateur"
Télécharge Navilog1 (par IL-MAFIOSO) sur ton bureau :
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Puis, double-clique sur Navilog1.exe pour le démarrer
(ou clic droit > Exécuter en tant qu' administrateur)
Laisse-toi guider.
Appuie sur une touche quand on te le demande.
Au menu principal, choisis 1 et valide.
< Ne fais pas le choix 2 >
Patiente le temps du scan.
Il te sera peut-être demandé de redémarrer le PC.
Laisse l'outil le faire ; sinon, redémarre le PC normalement
si demandé.
Patiente jusqu'au message "Scan terminé le......"
Appuie sur une touche comme demandé ; le bloc-notes va s'ouvrir.
Copie-colle l'intégralité dans ta réponse. Referme le bloc-notes.
PS : le rapport est, aussi, sauvegardé à la racine du disque dur C:\cleannavi.txt
-----
Ensuite, ...
Télécharge GenProc : http://www.genproc.com/GenProc.exe ; double-clique sur GenProc.exe
et poste le contenu du rapport qui s'ouvre.
Désactive l' UAC avant de lancer l' outil (uniquement sous Vista) :
http://forum.telecharger.01net.com/forum/high-tech/PRODUITS/Questions-techniques/desactiver-controle-utilisateurs-sujet_198996_1.htm
