Rapport RSIT
Fanatik
Messages postés
206
Statut
Membre
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour,
Je vous poste mes deux rapport RSIT , pouvez-vous me dire si mon PC est infecté ou non :
Log.txt =
Logfile of random's system information tool 1.06 (written by random/random)
Run by Collégien at 2009-07-19 12:35:43
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 31 GB (44%) free of 70 GB
Total RAM: 446 MB (11% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:36:00, on 19/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Collégien\Bureau\HiJackThis.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Collégien\Bureau\RSIT.exe
C:\Documents and Settings\Collégien\Bureau\Collégien.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget2 urlcatch - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download All by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
O8 - Extra context menu item: &Download by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: https://www.bing.com/?fdr=lc&toHttps=1&redig=FA6AD360E0BE4C719380F8C470A3D3A8
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: WIKI.DLL
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
--
End of file - 5721 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1F364306-AA45-47B5-9F9D-39A8B94E7EF1}]
FG2CatchUrl - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll [2008-08-19 104016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll [2007-09-25 501136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe [2007-09-25 132496]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DownloadAccelerator]
C:\Program Files\DAP\DAP.EXE [2009-07-02 2811392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\F5D9050]
C:\Program Files\Belkin\F5D9050\Belkinwcui.exe [2006-07-20 1617920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe [2002-03-28 188416]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-05 208952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\apps\PowerDVD\PDVDServ.exe [2007-01-08 68640]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]
c:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2007-01-16 225280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2007-04-10 16126464]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Share-to-Web Namespace Daemon]
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe [2001-07-03 57344]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-04-24 251240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Collégien^Menu Démarrer^Programmes^Démarrage^ENJOY Plus!.lnk]
C:\PROGRA~1\ENJOYP~1\ENJOYP~1.EXE [2009-06-02 1446912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Collégien^Menu Démarrer^Programmes^Démarrage^TransBar.lnk]
C:\WINDOWS\BRICOP~1\VISTAI~1\TransBar\TransBar.exe [2005-06-01 65536]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Collégien^Menu Démarrer^Programmes^Démarrage^UberIcon.lnk]
C:\WINDOWS\BRICOP~1\VISTAI~1\UberIcon\UBERIC~1.EXE [2006-05-21 180224]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Collégien^Menu Démarrer^Programmes^Démarrage^Y'z Shadow.lnk]
C:\WINDOWS\BRICOP~1\VISTAI~1\YzShadow\YzShadow.exe [2006-05-21 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3
"RoxMediaDB9"=3
"Ati HotKey Poller"=2
"stllssvr"=3
"RoxWatch9"=2
"RichVideo"=2
"idsvc"=3
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Documents and Settings\Collégien\Menu Démarrer\Programmes\Démarrage
RocketDock.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="WIKI.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-02-09 110592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoSMBalloonTip"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\APPS\PowerDVD\PowerDVD.exe"="C:\APPS\PowerDVD\PowerDVD.exe:*:Disabled:CyberLink PowerDVD"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Disabled:VLC media player"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\FlashGet Network\FlashGet universal\flashget.exe"="C:\Program Files\FlashGet Network\FlashGet universal\flashget.exe:*:Enabled:flashget"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\adslTV\adsltv.exe"="C:\Program Files\adslTV\adsltv.exe:*:Enabled:adsltv"
"C:\Program Files\eMule\eMule.exe"="C:\Program Files\eMule\eMule.exe:*:Enabled:eMule"
"C:\Program Files\DAP\DAP.exe"="C:\Program Files\DAP\DAP.exe:*:Enabled:Download Accelerator Plus (DAP)"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{805dc946-cf81-11dd-b17c-0019db57d9ae}]
shell\AutoRun\command - wscript.exe install.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f0f99286-6edf-11de-bc84-001cdf558c2c}]
shell\AutoRun\command - E:\InstallTomTomHOME.exe
======List of files/folders created in the last 1 months======
2009-07-19 12:35:43 ----D---- C:\rsit
2009-07-15 22:18:39 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
2009-07-15 22:18:34 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-07-15 22:16:51 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$
2009-07-12 14:34:04 ----D---- C:\Documents and Settings\Collégien\Application Data\TomTom
2009-07-07 16:51:08 ----D---- C:\Program Files\Gravity
2009-07-06 13:12:02 ----D---- C:\Documents and Settings\Collégien\Application Data\Windows Search
2009-07-05 09:49:27 ----HDC---- C:\WINDOWS\$NtUninstallKB963093$
2009-07-04 13:29:48 ----D---- C:\Documents and Settings\Collégien\Application Data\Windows Desktop Search
2009-07-04 13:29:19 ----D---- C:\Program Files\Windows Desktop Search
2009-07-04 13:29:18 ----D---- C:\WINDOWS\system32\GroupPolicy
2009-07-04 13:29:10 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$
2009-07-04 13:29:04 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$
2009-07-04 13:07:24 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2009-07-04 12:44:54 ----D---- C:\a02a9fccb8d383847d
2009-07-04 12:15:31 ----D---- C:\WINDOWS\Minidump
2009-07-04 11:13:09 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-07-02 11:25:39 ----A---- C:\WINDOWS\system32\wbhelp2.dll
2009-07-02 11:25:37 ----D---- C:\Program Files\DAP
2009-07-02 11:19:04 ----D---- C:\Documents and Settings\Collégien\Application Data\EurekaLog
2009-07-01 19:45:34 ----A---- C:\WINDOWS\IsUninst.exe
2009-06-30 18:55:13 ----D---- C:\Documents and Settings\Collégien\Application Data\Malwarebytes
2009-06-30 18:55:05 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-06-29 19:06:17 ----D---- C:\Documents and Settings\Collégien\Application Data\dvdcss
2009-06-27 20:27:26 ----D---- C:\Documents and Settings\Collégien\Application Data\vlc
2009-06-27 20:24:51 ----D---- C:\Program Files\adslTV
2009-06-26 21:14:52 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2009-06-26 21:14:42 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2009-06-25 20:31:25 ----D---- C:\Program Files\Avira
2009-06-25 20:31:25 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2009-06-25 19:13:10 ----D---- C:\WINDOWS\Temp
2009-06-25 18:47:58 ----A---- C:\WINDOWS\BricoPackFoldersDelete.cmd
2009-06-25 18:11:15 ----D---- C:\WINDOWS\Prefetch
2009-06-25 18:02:25 ----D---- C:\WINDOWS\l2schemas
2009-06-25 18:02:24 ----D---- C:\WINDOWS\system32\fr
2009-06-25 18:02:24 ----D---- C:\WINDOWS\system32\bits
2009-06-25 17:59:48 ----D---- C:\WINDOWS\ServicePackFiles
2009-06-25 17:54:19 ----D---- C:\WINDOWS\EHome
2009-06-25 17:46:28 ----D---- C:\WINDOWS\ie8updates
2009-06-25 17:44:27 ----HDC---- C:\WINDOWS\ie8
2009-06-24 17:43:15 ----A---- C:\WINDOWS\system32\hpzlnt05.dll
2009-06-21 14:15:15 ----D---- C:\WINDOWS\Sun
2009-06-21 12:05:05 ----D---- C:\Program Files\Have Any Dream
2009-06-20 19:49:29 ----D---- C:\Documents and Settings\Collégien\Application Data\ENJOY Plus!
2009-06-20 19:04:29 ----SHD---- C:\WINDOWS\Installer
2009-06-20 19:04:29 ----SD---- C:\WINDOWS\Tasks
2009-06-20 19:04:29 ----SD---- C:\WINDOWS\system32\Microsoft
2009-06-20 19:04:29 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-06-20 19:04:29 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-06-20 19:04:29 ----RSD---- C:\WINDOWS\Fonts
2009-06-20 19:04:29 ----RSD---- C:\WINDOWS\assembly
2009-06-20 19:04:29 ----RD---- C:\WINDOWS\Web
2009-06-20 19:04:29 ----RD---- C:\WINDOWS\Offline Web Pages
2009-06-20 19:04:29 ----HD---- C:\WINDOWS\inf
2009-06-20 19:04:29 ----HD---- C:\WINDOWS\ie7
2009-06-20 19:04:29 ----HD---- C:\WINDOWS\I386
2009-06-20 19:04:29 ----HD---- C:\WINDOWS\$hf_mig$
2009-06-20 19:04:29 ----D---- C:\WINDOWS\WinSxS
2009-06-20 19:04:29 ----D---- C:\WINDOWS\WBEM
2009-06-20 19:04:29 ----D---- C:\WINDOWS\twain_32
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\XPSViewer
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\xircom
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\wins
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\wbem
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\usmt
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\URTTemp
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\spool
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\ShellExt
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\Setup
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\RTCOM
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\Restore
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\ras
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\PreInstall
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\oobe
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\NtmsData
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\npp
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\mui
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\MsDtc
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\LogFiles
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\Lang
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\inetsrv
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\IME
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\icsxml
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\ias
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\fr-fr
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\export
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\en-us
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\DRVSTORE
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\drivers
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\DirectX
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\dhcp
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\config
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\Com
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\CatRoot2
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\CatRoot
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\3com_dmi
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\3076
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\2052
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\1054
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\1042
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\1041
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\1037
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\1036
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\1033
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\1031
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\1028
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\1025
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system
2009-06-20 19:04:29 ----D---- C:\WINDOWS\SxsCaPendDel
2009-06-20 19:04:29 ----D---- C:\WINDOWS\srchasst
2009-06-20 19:04:29 ----D---- C:\WINDOWS\SoftwareDistribution
2009-06-20 19:04:29 ----D---- C:\WINDOWS\security
2009-06-20 19:04:29 ----D---- C:\WINDOWS\Resources
2009-06-20 19:04:29 ----D---- C:\WINDOWS\REPAIR
2009-06-20 19:04:29 ----D---- C:\WINDOWS\Registration
2009-06-20 19:04:29 ----D---- C:\WINDOWS\RegisteredPackages
2009-06-20 19:04:29 ----D---- C:\WINDOWS\Provisioning
2009-06-20 19:04:29 ----D---- C:\WINDOWS\PeerNet
2009-06-20 19:04:29 ----D---- C:\WINDOWS\pchealth
2009-06-20 19:04:29 ----D---- C:\WINDOWS\network diagnostic
2009-06-20 19:04:29 ----D---- C:\WINDOWS\mui
2009-06-20 19:04:29 ----D---- C:\WINDOWS\msapps
2009-06-20 19:04:29 ----D---- C:\WINDOWS\msagent
2009-06-20 19:04:29 ----D---- C:\WINDOWS\Microsoft.NET
2009-06-20 19:04:29 ----D---- C:\WINDOWS\Media
2009-06-20 19:04:29 ----D---- C:\WINDOWS\java
2009-06-20 19:04:29 ----D---- C:\WINDOWS\ime
2009-06-20 19:04:29 ----D---- C:\WINDOWS\ie7updates
2009-06-20 19:04:29 ----D---- C:\WINDOWS\Help
2009-06-20 19:04:29 ----D---- C:\WINDOWS\Driver Cache
2009-06-20 19:04:29 ----D---- C:\WINDOWS\Debug
2009-06-20 19:04:29 ----D---- C:\WINDOWS\Cursors
2009-06-20 19:04:29 ----D---- C:\WINDOWS\Connection Wizard
2009-06-20 19:04:29 ----D---- C:\WINDOWS\Config
2009-06-20 19:04:29 ----D---- C:\WINDOWS\AppPatch
2009-06-20 19:04:29 ----D---- C:\WINDOWS\addins
2009-06-20 19:04:27 ----D---- C:\Program Files\7-Zip
2009-06-20 19:04:26 ----RSHD---- C:\cmdcons
2009-06-20 19:04:26 ----D---- C:\APPS
2009-06-20 19:04:26 ----AHD---- C:\DIVTOOLS
2009-06-20 11:54:58 ----A---- C:\WINDOWS\system32\WINSKFR.DLL
2009-06-20 11:54:57 ----A---- C:\WINDOWS\system32\STDFTFR.DLL
2009-06-20 11:54:57 ----A---- C:\WINDOWS\system32\MSSTDFMT.DLL
2009-06-20 11:54:57 ----A---- C:\WINDOWS\system32\MSCMCFR.DLL
2009-06-20 11:54:25 ----A---- C:\WINDOWS\system32\VB6FR.DLL
2009-06-20 11:54:24 ----D---- C:\Program Files\ZNsoft Corporation
2009-06-20 11:36:36 ----A---- C:\WINDOWS\system32\UpdateDriver.exe
2009-06-20 11:36:36 ----A---- C:\WINDOWS\system32\ucuiinfo.ini
2009-06-20 11:36:36 ----A---- C:\WINDOWS\system32\F5D9050.dll
2009-06-20 11:32:14 ----D---- C:\WINDOWS\pss
2009-06-20 11:02:28 ----A---- C:\WINDOWS\BricoPackUninst.cmd
2009-06-20 11:01:03 ----A---- C:\WINDOWS\BricoPackUninst.txt
2009-06-20 11:00:39 ----D---- C:\WINDOWS\BricoPacks
======List of files/folders modified in the last 1 months======
2009-07-19 12:29:52 ----D---- C:\Program Files\Mozilla Firefox
2009-07-19 11:05:13 ----D---- C:\WINDOWS
2009-07-18 22:57:19 ----N---- C:\WINDOWS\SchedLgU.Txt
2009-07-17 21:07:10 ----D---- C:\Documents and Settings\Collégien\Application Data\Macromedia
2009-07-15 22:18:36 ----D---- C:\WINDOWS\system32
2009-07-15 09:39:26 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-07-14 09:30:47 ----RASH---- C:\BOOT.INI
2009-07-14 09:30:47 ----A---- C:\WINDOWS\win.ini
2009-07-14 09:30:47 ----A---- C:\WINDOWS\system.ini
2009-07-14 09:29:37 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-07-13 11:58:20 ----RD---- C:\Program Files
2009-07-12 10:40:32 ----D---- C:\Documents and Settings\Collégien\Application Data\OpenOffice.org2
2009-07-12 09:35:05 ----D---- C:\Program Files\Messenger Plus! Live
2009-07-08 13:49:44 ----A---- C:\Log.txt
2009-07-07 17:10:56 ----A---- C:\WINDOWS\system32\MRT.exe
2009-07-04 17:49:06 ----D---- C:\Downloads
2009-07-04 17:36:38 ----D---- C:\Documents and Settings\Collégien\Application Data\BITS
2009-07-04 13:29:30 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-07-04 13:29:24 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-07-04 10:35:47 ----D---- C:\Program Files\eMule
2009-07-02 11:25:42 ----D---- C:\Documents and Settings\All Users\Application Data\SpeedBit
2009-07-01 19:43:49 ----D---- C:\Program Files\Hewlett-Packard
2009-06-26 13:43:43 ----D---- C:\Documents and Settings\Collégien\Application Data\Roxio
2009-06-25 19:13:18 ----A---- C:\TCleaner.txt
2009-06-25 18:50:53 ----D---- C:\Program Files\Outlook Express
2009-06-25 18:50:53 ----D---- C:\Program Files\Movie Maker
2009-06-25 18:49:52 ----A---- C:\WINDOWS\system32\uxtheme.dll
2009-06-25 18:06:57 ----D---- C:\Program Files\Messenger
2009-06-25 17:59:35 ----D---- C:\Program Files\NetMeeting
2009-06-25 17:59:31 ----D---- C:\Program Files\Windows NT
2009-06-25 17:59:31 ----D---- C:\Program Files\Windows Media Player
2009-06-25 17:59:27 ----D---- C:\Program Files\Fichiers communs\System
2009-06-25 17:48:12 ----D---- C:\Program Files\Internet Explorer
2009-06-25 17:23:21 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-06-25 17:23:01 ----D---- C:\Program Files\Adobe
2009-06-24 17:43:35 ----D---- C:\Program Files\hp deskjet 3820 series
2009-06-20 19:20:26 ----SHD---- C:\System Volume Information
2009-06-20 19:20:26 ----D---- C:\Program Files\XnView
2009-06-20 19:20:23 ----D---- C:\Program Files\Windows Media Connect 2
2009-06-20 19:20:18 ----D---- C:\Program Files\Services en ligne
2009-06-20 19:20:09 ----D---- C:\Program Files\Real Alternative
2009-06-20 19:20:07 ----D---- C:\Program Files\QuickTime Alternative
2009-06-20 19:20:05 ----D---- C:\Program Files\PhotoFiltre
2009-06-20 19:20:04 ----D---- C:\Program Files\OpenOffice.org 2.3
2009-06-20 19:19:18 ----D---- C:\Program Files\Online Services
2009-06-20 19:19:14 ----D---- C:\Program Files\Noopod
2009-06-20 19:18:03 ----D---- C:\Program Files\LeConjugueur
2009-06-20 19:17:32 ----HD---- C:\PNP
2009-06-20 19:17:23 ----D---- C:\Program Files\Fichiers communs\SureThing Shared
2009-06-20 19:17:23 ----D---- C:\Program Files\Fichiers communs\Sonic Shared
2009-06-20 19:17:22 ----D---- C:\Program Files\Fichiers communs\Services
2009-06-20 19:06:33 ----SHD---- C:\DRIVERS
2009-06-20 19:06:24 ----D---- C:\Documents and Settings\Collégien\Application Data\XnView
2009-06-20 19:06:24 ----D---- C:\Documents and Settings\Collégien\Application Data\Thunderbird
2009-06-20 19:06:21 ----D---- C:\Documents and Settings\Collégien\Application Data\Media Player Classic
2009-06-20 19:06:18 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-06-20 19:06:12 ----D---- C:\Program Files\Audacity
2009-06-20 19:06:09 ----D---- C:\Program Files\ATI Technologies
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\Macromed
2009-06-20 11:25:35 ----D---- C:\Documents and Settings\All Users\Application Data\Sonic
2009-06-20 11:14:16 ----D---- C:\Documents and Settings\Collégien\Application Data\Mozilla
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43520]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-07-13 28520]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-06-20 20747]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-03-24 55640]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-02-09 1966592]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-04-10 4397568]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 RT73;Belkin Wireless G Plus MIMO USB Network Adapter Driver; C:\WINDOWS\system32\DRIVERS\rt73.sys [2005-11-24 245248]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2007-02-07 90880]
R3 StreamSurge;StreamSurge Driver (miniport); C:\WINDOWS\system32\DRIVERS\ss.sys [2005-06-18 19968]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
S3 GTNDIS5;GTNDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\Belkin\F5D9050\GTNDIS5.SYS []
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-07-13 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-13 185089]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; c:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-02-09 446464]
S4 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-04-18 171040]
S4 RoxMediaDB9;RoxMediaDB9; c:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-01-16 880640]
S4 RoxWatch9;Roxio Hard Drive Watcher 9; c:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2007-01-16 159744]
S4 stllssvr;stllssvr; c:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe [2007-02-06 73728]
S4 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
-----------------EOF-----------------
Info.txt =
info.txt logfile of random's system information tool 1.06 2009-07-19 12:36:03
======Uninstall list======
-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF}
-->MsiExec.exe /I{0D330013-4A99-46D6-83C6-2C959C68DBFF}
-->MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87}
-->MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
-->MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82}
-->MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
7-Zip 4.42-->"C:\Program Files\7-Zip\Uninstall.exe"
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
adsl TV-->C:\Program Files\adslTV\Uninstal.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\Setup.exe" -l0x40c
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
Belkin Wireless G Plus MIMO USB Network Adapter-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\Belkin\F5D9050\Setup.exe" -l0x9
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Download Accelerator Plus (DAP)-->C:\PROGRA~1\DAP\DAPREMOVE.EXE
HijackThis 2.0.2-->"C:\Documents and Settings\Collégien\Bureau\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.0 (KB932471)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {ECD292A0-0347-4244-8C24-5DBCE990FB40} /package {BAF78226-3200-4DB4-BE33-4D922A799840}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"
hp deskjet 3820 series (Supprimer uniquement)-->C:\Program Files\hp deskjet 3820 series\hpfiui.exe -c -vdivid=HPF -vpnum=95 -vinstport=USB001 -vproduct=3820 -huninstall
HP Precisionscan Pro 3.1-->MsiExec.exe /I{6B36DEBF-27D0-4B1E-858D-D397091C6C7D}
HP Share-to-Web-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{748F4870-8350-11D3-B0BF-080009FB4A19}\setup.exe" --MAIN -l1036
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
J2SE Runtime Environment 5.0 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150040}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
LeConjugueur-->"C:\Program Files\LeConjugueur\uninstall.exe"
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
MathGraph32 Lycée et Collège Version 2.1 démo-->MsiExec.exe /X{3B7A4269-82A3-41A8-9578-E4053FA102E5}
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 French Language Pack-->MsiExec.exe /X{E3C080B0-23F5-49AF-89F8-8E8DBC89E659}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB969897)-->"C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB971930)-->"C:\WINDOWS\ie8updates\KB971930-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0-->c:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\setup.exe
Mozilla Firefox (3.0.11)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6 Service Pack 2 (KB954459)-->MsiExec.exe /I{97AA1F3C-DD64-4AA6-AEC5-F8F9F4CC21C5}
Noopod (Uninstall)-->"C:\Program Files\Noopod\Uninstall.exe"
OpenOffice.org 2.3-->MsiExec.exe /I{B087B0C3-F595-485A-B86B-73326BA8693A}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Pack Vista Inspirat 2 1.0-->C:\WINDOWS\BricoPacks\Vista Inspirat 2\Remove.exe
Package de pilotes Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /d /u C:\WINDOWS\system32\DRVSTORE\amdk8_1F9DE4E49C97F59EE9F75C34E0E91E568FC9EEB2\amdk8.inf
PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"
PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
QuickTime Alternative 2.1.1-->"C:\Program Files\QuickTime Alternative\unins000.exe"
Real Alternative 1.60-->"C:\Program Files\Real Alternative\unins000.exe"
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly
Roxio Activation Module-->MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
Roxio Creator 9 LE-->MsiExec.exe /I{B7FB0C86-41A4-4402-9A33-912C462042A0}
Security Update for Windows Search 4 - KB963093-->"C:\WINDOWS\$NtUninstallKB963093$\spuninst\spuninst.exe"
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
VLC media player 0.9.9-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Presentation Foundation Language Pack (FRA)-->MsiExec.exe /X{6901DD22-527A-41EF-9059-E81FEDE9E494}
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Search 4.0-->"C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe"
Windows Workflow Foundation FR Language Pack-->MsiExec.exe /I{B84C141C-9A13-44BE-9A69-301D7B11D836}
XnView 1.91.6-->"C:\Program Files\XnView\unins000.exe"
ZNsoft Free 2007-->"C:\Program Files\ZNsoft Corporation\ZNsoft Free\unins000.exe"
ZNsoft NetBooster-->"C:\Program Files\ZNsoft Corporation\ZNsoftNetBoost\unins000.exe"
ZNsoft Optimizer Xp-->"C:\Program Files\ZNsoft Corporation\ZNsoft Optimizer Xp\unins000.exe"
======Hosts File======
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
======Security center information======
AV: AntiVir Desktop
======System event log======
Computer Name: ORDI-COLLÉGIENS
Event Code: 7036
Message: Le service Service COM de gravage de CD IMAPI est entré dans l'état : arrêté.
Record Number: 3428
Source Name: Service Control Manager
Time Written: 20071212140046.000000+060
Event Type: Informations
User:
Computer Name: ORDI-COLLÉGIENS
Event Code: 7036
Message: Le service RoxMediaDB9 est entré dans l'état : en cours d'exécution.
Record Number: 3427
Source Name: Service Control Manager
Time Written: 20071212140040.000000+060
Event Type: Informations
User:
Computer Name: ORDI-COLLÉGIENS
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service RoxMediaDB9.
Record Number: 3426
Source Name: Service Control Manager
Time Written: 20071212140040.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM
Computer Name: ORDI-COLLÉGIENS
Event Code: 7036
Message: Le service Service COM de gravage de CD IMAPI est entré dans l'état : en cours d'exécution.
Record Number: 3425
Source Name: Service Control Manager
Time Written: 20071212140040.000000+060
Event Type: Informations
User:
Computer Name: ORDI-COLLÉGIENS
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Service COM de gravage de CD IMAPI.
Record Number: 3424
Source Name: Service Control Manager
Time Written: 20071212140040.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM
=====Application event log=====
Computer Name: 109285110005
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.
Record Number: 402
Source Name: SecurityCenter
Time Written: 20090620110904.000000+120
Event Type: Informations
User:
Computer Name: 109285110005
Event Code: 0
Message:
Record Number: 401
Source Name: RoxSniffer9
Time Written: 20090620110838.000000+120
Event Type: Informations
User:
Computer Name: 109285110005
Event Code: 0
Message:
Record Number: 400
Source Name: RichVideo
Time Written: 20090620110820.000000+120
Event Type: Informations
User:
Computer Name: 109285110005
Event Code: 4097
Message: L'application, C:\PROGRA~1\MOZILL~1\FIREFOX.EXE, a généré une erreur d'application
L'erreur s'est produite le 06/20/2009 à 10:51:53.849
L'exception générée était c0000005 à l'adresse 6039FC4D (xpcom_core!nsACString_internal__Assign)
Record Number: 399
Source Name: DrWatson
Time Written: 20090620105153.000000+120
Event Type: Informations
User:
Computer Name: 109285110005
Event Code: 1000
Message: Application défaillante firefox.exe, version 1.8.20071.12718, module défaillant xpcom_core.dll, version 1.8.20071.12718, adresse de défaillance 0x0003fc4d.
Record Number: 398
Source Name: Application Error
Time Written: 20090620105149.000000+120
Event Type: erreur
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\Fichiers communs\Roxio Shared\DLLShared\;c:\Program Files\Fichiers communs\Roxio Shared\DLLShared\;c:\Program Files\Fichiers communs\Roxio Shared\9.0\DLLShared\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 67 Stepping 3, AuthenticAMD
"PROCESSOR_REVISION"=4303
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"RoxioCentral"=c:\Program Files\Fichiers communs\Roxio Shared\9.0\Roxio Central33\
-----------------EOF-----------------
Merci d'avance , cordialement , moi
Je vous poste mes deux rapport RSIT , pouvez-vous me dire si mon PC est infecté ou non :
Log.txt =
Logfile of random's system information tool 1.06 (written by random/random)
Run by Collégien at 2009-07-19 12:35:43
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 31 GB (44%) free of 70 GB
Total RAM: 446 MB (11% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:36:00, on 19/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Collégien\Bureau\HiJackThis.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Collégien\Bureau\RSIT.exe
C:\Documents and Settings\Collégien\Bureau\Collégien.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget2 urlcatch - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download All by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
O8 - Extra context menu item: &Download by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: https://www.bing.com/?fdr=lc&toHttps=1&redig=FA6AD360E0BE4C719380F8C470A3D3A8
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: WIKI.DLL
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
--
End of file - 5721 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1F364306-AA45-47B5-9F9D-39A8B94E7EF1}]
FG2CatchUrl - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll [2008-08-19 104016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll [2007-09-25 501136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe [2007-09-25 132496]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DownloadAccelerator]
C:\Program Files\DAP\DAP.EXE [2009-07-02 2811392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\F5D9050]
C:\Program Files\Belkin\F5D9050\Belkinwcui.exe [2006-07-20 1617920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe [2002-03-28 188416]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-05 208952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\apps\PowerDVD\PDVDServ.exe [2007-01-08 68640]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]
c:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2007-01-16 225280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2007-04-10 16126464]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Share-to-Web Namespace Daemon]
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe [2001-07-03 57344]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-04-24 251240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Collégien^Menu Démarrer^Programmes^Démarrage^ENJOY Plus!.lnk]
C:\PROGRA~1\ENJOYP~1\ENJOYP~1.EXE [2009-06-02 1446912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Collégien^Menu Démarrer^Programmes^Démarrage^TransBar.lnk]
C:\WINDOWS\BRICOP~1\VISTAI~1\TransBar\TransBar.exe [2005-06-01 65536]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Collégien^Menu Démarrer^Programmes^Démarrage^UberIcon.lnk]
C:\WINDOWS\BRICOP~1\VISTAI~1\UberIcon\UBERIC~1.EXE [2006-05-21 180224]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Collégien^Menu Démarrer^Programmes^Démarrage^Y'z Shadow.lnk]
C:\WINDOWS\BRICOP~1\VISTAI~1\YzShadow\YzShadow.exe [2006-05-21 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3
"RoxMediaDB9"=3
"Ati HotKey Poller"=2
"stllssvr"=3
"RoxWatch9"=2
"RichVideo"=2
"idsvc"=3
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Documents and Settings\Collégien\Menu Démarrer\Programmes\Démarrage
RocketDock.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="WIKI.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-02-09 110592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoSMBalloonTip"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\APPS\PowerDVD\PowerDVD.exe"="C:\APPS\PowerDVD\PowerDVD.exe:*:Disabled:CyberLink PowerDVD"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Disabled:VLC media player"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\FlashGet Network\FlashGet universal\flashget.exe"="C:\Program Files\FlashGet Network\FlashGet universal\flashget.exe:*:Enabled:flashget"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\adslTV\adsltv.exe"="C:\Program Files\adslTV\adsltv.exe:*:Enabled:adsltv"
"C:\Program Files\eMule\eMule.exe"="C:\Program Files\eMule\eMule.exe:*:Enabled:eMule"
"C:\Program Files\DAP\DAP.exe"="C:\Program Files\DAP\DAP.exe:*:Enabled:Download Accelerator Plus (DAP)"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{805dc946-cf81-11dd-b17c-0019db57d9ae}]
shell\AutoRun\command - wscript.exe install.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f0f99286-6edf-11de-bc84-001cdf558c2c}]
shell\AutoRun\command - E:\InstallTomTomHOME.exe
======List of files/folders created in the last 1 months======
2009-07-19 12:35:43 ----D---- C:\rsit
2009-07-15 22:18:39 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
2009-07-15 22:18:34 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-07-15 22:16:51 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$
2009-07-12 14:34:04 ----D---- C:\Documents and Settings\Collégien\Application Data\TomTom
2009-07-07 16:51:08 ----D---- C:\Program Files\Gravity
2009-07-06 13:12:02 ----D---- C:\Documents and Settings\Collégien\Application Data\Windows Search
2009-07-05 09:49:27 ----HDC---- C:\WINDOWS\$NtUninstallKB963093$
2009-07-04 13:29:48 ----D---- C:\Documents and Settings\Collégien\Application Data\Windows Desktop Search
2009-07-04 13:29:19 ----D---- C:\Program Files\Windows Desktop Search
2009-07-04 13:29:18 ----D---- C:\WINDOWS\system32\GroupPolicy
2009-07-04 13:29:10 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$
2009-07-04 13:29:04 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$
2009-07-04 13:07:24 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2009-07-04 12:44:54 ----D---- C:\a02a9fccb8d383847d
2009-07-04 12:15:31 ----D---- C:\WINDOWS\Minidump
2009-07-04 11:13:09 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-07-02 11:25:39 ----A---- C:\WINDOWS\system32\wbhelp2.dll
2009-07-02 11:25:37 ----D---- C:\Program Files\DAP
2009-07-02 11:19:04 ----D---- C:\Documents and Settings\Collégien\Application Data\EurekaLog
2009-07-01 19:45:34 ----A---- C:\WINDOWS\IsUninst.exe
2009-06-30 18:55:13 ----D---- C:\Documents and Settings\Collégien\Application Data\Malwarebytes
2009-06-30 18:55:05 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-06-29 19:06:17 ----D---- C:\Documents and Settings\Collégien\Application Data\dvdcss
2009-06-27 20:27:26 ----D---- C:\Documents and Settings\Collégien\Application Data\vlc
2009-06-27 20:24:51 ----D---- C:\Program Files\adslTV
2009-06-26 21:14:52 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2009-06-26 21:14:42 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2009-06-25 20:31:25 ----D---- C:\Program Files\Avira
2009-06-25 20:31:25 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2009-06-25 19:13:10 ----D---- C:\WINDOWS\Temp
2009-06-25 18:47:58 ----A---- C:\WINDOWS\BricoPackFoldersDelete.cmd
2009-06-25 18:11:15 ----D---- C:\WINDOWS\Prefetch
2009-06-25 18:02:25 ----D---- C:\WINDOWS\l2schemas
2009-06-25 18:02:24 ----D---- C:\WINDOWS\system32\fr
2009-06-25 18:02:24 ----D---- C:\WINDOWS\system32\bits
2009-06-25 17:59:48 ----D---- C:\WINDOWS\ServicePackFiles
2009-06-25 17:54:19 ----D---- C:\WINDOWS\EHome
2009-06-25 17:46:28 ----D---- C:\WINDOWS\ie8updates
2009-06-25 17:44:27 ----HDC---- C:\WINDOWS\ie8
2009-06-24 17:43:15 ----A---- C:\WINDOWS\system32\hpzlnt05.dll
2009-06-21 14:15:15 ----D---- C:\WINDOWS\Sun
2009-06-21 12:05:05 ----D---- C:\Program Files\Have Any Dream
2009-06-20 19:49:29 ----D---- C:\Documents and Settings\Collégien\Application Data\ENJOY Plus!
2009-06-20 19:04:29 ----SHD---- C:\WINDOWS\Installer
2009-06-20 19:04:29 ----SD---- C:\WINDOWS\Tasks
2009-06-20 19:04:29 ----SD---- C:\WINDOWS\system32\Microsoft
2009-06-20 19:04:29 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-06-20 19:04:29 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-06-20 19:04:29 ----RSD---- C:\WINDOWS\Fonts
2009-06-20 19:04:29 ----RSD---- C:\WINDOWS\assembly
2009-06-20 19:04:29 ----RD---- C:\WINDOWS\Web
2009-06-20 19:04:29 ----RD---- C:\WINDOWS\Offline Web Pages
2009-06-20 19:04:29 ----HD---- C:\WINDOWS\inf
2009-06-20 19:04:29 ----HD---- C:\WINDOWS\ie7
2009-06-20 19:04:29 ----HD---- C:\WINDOWS\I386
2009-06-20 19:04:29 ----HD---- C:\WINDOWS\$hf_mig$
2009-06-20 19:04:29 ----D---- C:\WINDOWS\WinSxS
2009-06-20 19:04:29 ----D---- C:\WINDOWS\WBEM
2009-06-20 19:04:29 ----D---- C:\WINDOWS\twain_32
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\XPSViewer
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\xircom
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\wins
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\wbem
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\usmt
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\URTTemp
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\spool
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\ShellExt
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\Setup
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\RTCOM
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\Restore
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\ras
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\PreInstall
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\oobe
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\NtmsData
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\npp
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\mui
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\MsDtc
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\LogFiles
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\Lang
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\inetsrv
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\IME
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\icsxml
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\ias
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\fr-fr
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\export
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\en-us
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\DRVSTORE
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\drivers
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\DirectX
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\dhcp
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\config
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\Com
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\CatRoot2
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\CatRoot
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\3com_dmi
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\3076
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\2052
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\1054
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\1042
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\1041
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\1037
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\1036
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\1033
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\1031
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\1028
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\1025
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system
2009-06-20 19:04:29 ----D---- C:\WINDOWS\SxsCaPendDel
2009-06-20 19:04:29 ----D---- C:\WINDOWS\srchasst
2009-06-20 19:04:29 ----D---- C:\WINDOWS\SoftwareDistribution
2009-06-20 19:04:29 ----D---- C:\WINDOWS\security
2009-06-20 19:04:29 ----D---- C:\WINDOWS\Resources
2009-06-20 19:04:29 ----D---- C:\WINDOWS\REPAIR
2009-06-20 19:04:29 ----D---- C:\WINDOWS\Registration
2009-06-20 19:04:29 ----D---- C:\WINDOWS\RegisteredPackages
2009-06-20 19:04:29 ----D---- C:\WINDOWS\Provisioning
2009-06-20 19:04:29 ----D---- C:\WINDOWS\PeerNet
2009-06-20 19:04:29 ----D---- C:\WINDOWS\pchealth
2009-06-20 19:04:29 ----D---- C:\WINDOWS\network diagnostic
2009-06-20 19:04:29 ----D---- C:\WINDOWS\mui
2009-06-20 19:04:29 ----D---- C:\WINDOWS\msapps
2009-06-20 19:04:29 ----D---- C:\WINDOWS\msagent
2009-06-20 19:04:29 ----D---- C:\WINDOWS\Microsoft.NET
2009-06-20 19:04:29 ----D---- C:\WINDOWS\Media
2009-06-20 19:04:29 ----D---- C:\WINDOWS\java
2009-06-20 19:04:29 ----D---- C:\WINDOWS\ime
2009-06-20 19:04:29 ----D---- C:\WINDOWS\ie7updates
2009-06-20 19:04:29 ----D---- C:\WINDOWS\Help
2009-06-20 19:04:29 ----D---- C:\WINDOWS\Driver Cache
2009-06-20 19:04:29 ----D---- C:\WINDOWS\Debug
2009-06-20 19:04:29 ----D---- C:\WINDOWS\Cursors
2009-06-20 19:04:29 ----D---- C:\WINDOWS\Connection Wizard
2009-06-20 19:04:29 ----D---- C:\WINDOWS\Config
2009-06-20 19:04:29 ----D---- C:\WINDOWS\AppPatch
2009-06-20 19:04:29 ----D---- C:\WINDOWS\addins
2009-06-20 19:04:27 ----D---- C:\Program Files\7-Zip
2009-06-20 19:04:26 ----RSHD---- C:\cmdcons
2009-06-20 19:04:26 ----D---- C:\APPS
2009-06-20 19:04:26 ----AHD---- C:\DIVTOOLS
2009-06-20 11:54:58 ----A---- C:\WINDOWS\system32\WINSKFR.DLL
2009-06-20 11:54:57 ----A---- C:\WINDOWS\system32\STDFTFR.DLL
2009-06-20 11:54:57 ----A---- C:\WINDOWS\system32\MSSTDFMT.DLL
2009-06-20 11:54:57 ----A---- C:\WINDOWS\system32\MSCMCFR.DLL
2009-06-20 11:54:25 ----A---- C:\WINDOWS\system32\VB6FR.DLL
2009-06-20 11:54:24 ----D---- C:\Program Files\ZNsoft Corporation
2009-06-20 11:36:36 ----A---- C:\WINDOWS\system32\UpdateDriver.exe
2009-06-20 11:36:36 ----A---- C:\WINDOWS\system32\ucuiinfo.ini
2009-06-20 11:36:36 ----A---- C:\WINDOWS\system32\F5D9050.dll
2009-06-20 11:32:14 ----D---- C:\WINDOWS\pss
2009-06-20 11:02:28 ----A---- C:\WINDOWS\BricoPackUninst.cmd
2009-06-20 11:01:03 ----A---- C:\WINDOWS\BricoPackUninst.txt
2009-06-20 11:00:39 ----D---- C:\WINDOWS\BricoPacks
======List of files/folders modified in the last 1 months======
2009-07-19 12:29:52 ----D---- C:\Program Files\Mozilla Firefox
2009-07-19 11:05:13 ----D---- C:\WINDOWS
2009-07-18 22:57:19 ----N---- C:\WINDOWS\SchedLgU.Txt
2009-07-17 21:07:10 ----D---- C:\Documents and Settings\Collégien\Application Data\Macromedia
2009-07-15 22:18:36 ----D---- C:\WINDOWS\system32
2009-07-15 09:39:26 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-07-14 09:30:47 ----RASH---- C:\BOOT.INI
2009-07-14 09:30:47 ----A---- C:\WINDOWS\win.ini
2009-07-14 09:30:47 ----A---- C:\WINDOWS\system.ini
2009-07-14 09:29:37 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-07-13 11:58:20 ----RD---- C:\Program Files
2009-07-12 10:40:32 ----D---- C:\Documents and Settings\Collégien\Application Data\OpenOffice.org2
2009-07-12 09:35:05 ----D---- C:\Program Files\Messenger Plus! Live
2009-07-08 13:49:44 ----A---- C:\Log.txt
2009-07-07 17:10:56 ----A---- C:\WINDOWS\system32\MRT.exe
2009-07-04 17:49:06 ----D---- C:\Downloads
2009-07-04 17:36:38 ----D---- C:\Documents and Settings\Collégien\Application Data\BITS
2009-07-04 13:29:30 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-07-04 13:29:24 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-07-04 10:35:47 ----D---- C:\Program Files\eMule
2009-07-02 11:25:42 ----D---- C:\Documents and Settings\All Users\Application Data\SpeedBit
2009-07-01 19:43:49 ----D---- C:\Program Files\Hewlett-Packard
2009-06-26 13:43:43 ----D---- C:\Documents and Settings\Collégien\Application Data\Roxio
2009-06-25 19:13:18 ----A---- C:\TCleaner.txt
2009-06-25 18:50:53 ----D---- C:\Program Files\Outlook Express
2009-06-25 18:50:53 ----D---- C:\Program Files\Movie Maker
2009-06-25 18:49:52 ----A---- C:\WINDOWS\system32\uxtheme.dll
2009-06-25 18:06:57 ----D---- C:\Program Files\Messenger
2009-06-25 17:59:35 ----D---- C:\Program Files\NetMeeting
2009-06-25 17:59:31 ----D---- C:\Program Files\Windows NT
2009-06-25 17:59:31 ----D---- C:\Program Files\Windows Media Player
2009-06-25 17:59:27 ----D---- C:\Program Files\Fichiers communs\System
2009-06-25 17:48:12 ----D---- C:\Program Files\Internet Explorer
2009-06-25 17:23:21 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-06-25 17:23:01 ----D---- C:\Program Files\Adobe
2009-06-24 17:43:35 ----D---- C:\Program Files\hp deskjet 3820 series
2009-06-20 19:20:26 ----SHD---- C:\System Volume Information
2009-06-20 19:20:26 ----D---- C:\Program Files\XnView
2009-06-20 19:20:23 ----D---- C:\Program Files\Windows Media Connect 2
2009-06-20 19:20:18 ----D---- C:\Program Files\Services en ligne
2009-06-20 19:20:09 ----D---- C:\Program Files\Real Alternative
2009-06-20 19:20:07 ----D---- C:\Program Files\QuickTime Alternative
2009-06-20 19:20:05 ----D---- C:\Program Files\PhotoFiltre
2009-06-20 19:20:04 ----D---- C:\Program Files\OpenOffice.org 2.3
2009-06-20 19:19:18 ----D---- C:\Program Files\Online Services
2009-06-20 19:19:14 ----D---- C:\Program Files\Noopod
2009-06-20 19:18:03 ----D---- C:\Program Files\LeConjugueur
2009-06-20 19:17:32 ----HD---- C:\PNP
2009-06-20 19:17:23 ----D---- C:\Program Files\Fichiers communs\SureThing Shared
2009-06-20 19:17:23 ----D---- C:\Program Files\Fichiers communs\Sonic Shared
2009-06-20 19:17:22 ----D---- C:\Program Files\Fichiers communs\Services
2009-06-20 19:06:33 ----SHD---- C:\DRIVERS
2009-06-20 19:06:24 ----D---- C:\Documents and Settings\Collégien\Application Data\XnView
2009-06-20 19:06:24 ----D---- C:\Documents and Settings\Collégien\Application Data\Thunderbird
2009-06-20 19:06:21 ----D---- C:\Documents and Settings\Collégien\Application Data\Media Player Classic
2009-06-20 19:06:18 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-06-20 19:06:12 ----D---- C:\Program Files\Audacity
2009-06-20 19:06:09 ----D---- C:\Program Files\ATI Technologies
2009-06-20 19:04:29 ----D---- C:\WINDOWS\system32\Macromed
2009-06-20 11:25:35 ----D---- C:\Documents and Settings\All Users\Application Data\Sonic
2009-06-20 11:14:16 ----D---- C:\Documents and Settings\Collégien\Application Data\Mozilla
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43520]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-07-13 28520]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-06-20 20747]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-03-24 55640]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-02-09 1966592]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-04-10 4397568]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 RT73;Belkin Wireless G Plus MIMO USB Network Adapter Driver; C:\WINDOWS\system32\DRIVERS\rt73.sys [2005-11-24 245248]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2007-02-07 90880]
R3 StreamSurge;StreamSurge Driver (miniport); C:\WINDOWS\system32\DRIVERS\ss.sys [2005-06-18 19968]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
S3 GTNDIS5;GTNDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\Belkin\F5D9050\GTNDIS5.SYS []
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-07-13 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-13 185089]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; c:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-02-09 446464]
S4 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-04-18 171040]
S4 RoxMediaDB9;RoxMediaDB9; c:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-01-16 880640]
S4 RoxWatch9;Roxio Hard Drive Watcher 9; c:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2007-01-16 159744]
S4 stllssvr;stllssvr; c:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe [2007-02-06 73728]
S4 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
-----------------EOF-----------------
Info.txt =
info.txt logfile of random's system information tool 1.06 2009-07-19 12:36:03
======Uninstall list======
-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF}
-->MsiExec.exe /I{0D330013-4A99-46D6-83C6-2C959C68DBFF}
-->MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87}
-->MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
-->MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82}
-->MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
7-Zip 4.42-->"C:\Program Files\7-Zip\Uninstall.exe"
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
adsl TV-->C:\Program Files\adslTV\Uninstal.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\Setup.exe" -l0x40c
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
Belkin Wireless G Plus MIMO USB Network Adapter-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\Belkin\F5D9050\Setup.exe" -l0x9
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Download Accelerator Plus (DAP)-->C:\PROGRA~1\DAP\DAPREMOVE.EXE
HijackThis 2.0.2-->"C:\Documents and Settings\Collégien\Bureau\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.0 (KB932471)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {ECD292A0-0347-4244-8C24-5DBCE990FB40} /package {BAF78226-3200-4DB4-BE33-4D922A799840}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"
hp deskjet 3820 series (Supprimer uniquement)-->C:\Program Files\hp deskjet 3820 series\hpfiui.exe -c -vdivid=HPF -vpnum=95 -vinstport=USB001 -vproduct=3820 -huninstall
HP Precisionscan Pro 3.1-->MsiExec.exe /I{6B36DEBF-27D0-4B1E-858D-D397091C6C7D}
HP Share-to-Web-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{748F4870-8350-11D3-B0BF-080009FB4A19}\setup.exe" --MAIN -l1036
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
J2SE Runtime Environment 5.0 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150040}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
LeConjugueur-->"C:\Program Files\LeConjugueur\uninstall.exe"
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
MathGraph32 Lycée et Collège Version 2.1 démo-->MsiExec.exe /X{3B7A4269-82A3-41A8-9578-E4053FA102E5}
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 French Language Pack-->MsiExec.exe /X{E3C080B0-23F5-49AF-89F8-8E8DBC89E659}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB969897)-->"C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB971930)-->"C:\WINDOWS\ie8updates\KB971930-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0-->c:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\setup.exe
Mozilla Firefox (3.0.11)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6 Service Pack 2 (KB954459)-->MsiExec.exe /I{97AA1F3C-DD64-4AA6-AEC5-F8F9F4CC21C5}
Noopod (Uninstall)-->"C:\Program Files\Noopod\Uninstall.exe"
OpenOffice.org 2.3-->MsiExec.exe /I{B087B0C3-F595-485A-B86B-73326BA8693A}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Pack Vista Inspirat 2 1.0-->C:\WINDOWS\BricoPacks\Vista Inspirat 2\Remove.exe
Package de pilotes Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /d /u C:\WINDOWS\system32\DRVSTORE\amdk8_1F9DE4E49C97F59EE9F75C34E0E91E568FC9EEB2\amdk8.inf
PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"
PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
QuickTime Alternative 2.1.1-->"C:\Program Files\QuickTime Alternative\unins000.exe"
Real Alternative 1.60-->"C:\Program Files\Real Alternative\unins000.exe"
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly
Roxio Activation Module-->MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
Roxio Creator 9 LE-->MsiExec.exe /I{B7FB0C86-41A4-4402-9A33-912C462042A0}
Security Update for Windows Search 4 - KB963093-->"C:\WINDOWS\$NtUninstallKB963093$\spuninst\spuninst.exe"
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
VLC media player 0.9.9-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Presentation Foundation Language Pack (FRA)-->MsiExec.exe /X{6901DD22-527A-41EF-9059-E81FEDE9E494}
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Search 4.0-->"C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe"
Windows Workflow Foundation FR Language Pack-->MsiExec.exe /I{B84C141C-9A13-44BE-9A69-301D7B11D836}
XnView 1.91.6-->"C:\Program Files\XnView\unins000.exe"
ZNsoft Free 2007-->"C:\Program Files\ZNsoft Corporation\ZNsoft Free\unins000.exe"
ZNsoft NetBooster-->"C:\Program Files\ZNsoft Corporation\ZNsoftNetBoost\unins000.exe"
ZNsoft Optimizer Xp-->"C:\Program Files\ZNsoft Corporation\ZNsoft Optimizer Xp\unins000.exe"
======Hosts File======
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
======Security center information======
AV: AntiVir Desktop
======System event log======
Computer Name: ORDI-COLLÉGIENS
Event Code: 7036
Message: Le service Service COM de gravage de CD IMAPI est entré dans l'état : arrêté.
Record Number: 3428
Source Name: Service Control Manager
Time Written: 20071212140046.000000+060
Event Type: Informations
User:
Computer Name: ORDI-COLLÉGIENS
Event Code: 7036
Message: Le service RoxMediaDB9 est entré dans l'état : en cours d'exécution.
Record Number: 3427
Source Name: Service Control Manager
Time Written: 20071212140040.000000+060
Event Type: Informations
User:
Computer Name: ORDI-COLLÉGIENS
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service RoxMediaDB9.
Record Number: 3426
Source Name: Service Control Manager
Time Written: 20071212140040.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM
Computer Name: ORDI-COLLÉGIENS
Event Code: 7036
Message: Le service Service COM de gravage de CD IMAPI est entré dans l'état : en cours d'exécution.
Record Number: 3425
Source Name: Service Control Manager
Time Written: 20071212140040.000000+060
Event Type: Informations
User:
Computer Name: ORDI-COLLÉGIENS
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Service COM de gravage de CD IMAPI.
Record Number: 3424
Source Name: Service Control Manager
Time Written: 20071212140040.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM
=====Application event log=====
Computer Name: 109285110005
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.
Record Number: 402
Source Name: SecurityCenter
Time Written: 20090620110904.000000+120
Event Type: Informations
User:
Computer Name: 109285110005
Event Code: 0
Message:
Record Number: 401
Source Name: RoxSniffer9
Time Written: 20090620110838.000000+120
Event Type: Informations
User:
Computer Name: 109285110005
Event Code: 0
Message:
Record Number: 400
Source Name: RichVideo
Time Written: 20090620110820.000000+120
Event Type: Informations
User:
Computer Name: 109285110005
Event Code: 4097
Message: L'application, C:\PROGRA~1\MOZILL~1\FIREFOX.EXE, a généré une erreur d'application
L'erreur s'est produite le 06/20/2009 à 10:51:53.849
L'exception générée était c0000005 à l'adresse 6039FC4D (xpcom_core!nsACString_internal__Assign)
Record Number: 399
Source Name: DrWatson
Time Written: 20090620105153.000000+120
Event Type: Informations
User:
Computer Name: 109285110005
Event Code: 1000
Message: Application défaillante firefox.exe, version 1.8.20071.12718, module défaillant xpcom_core.dll, version 1.8.20071.12718, adresse de défaillance 0x0003fc4d.
Record Number: 398
Source Name: Application Error
Time Written: 20090620105149.000000+120
Event Type: erreur
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\Fichiers communs\Roxio Shared\DLLShared\;c:\Program Files\Fichiers communs\Roxio Shared\DLLShared\;c:\Program Files\Fichiers communs\Roxio Shared\9.0\DLLShared\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 67 Stepping 3, AuthenticAMD
"PROCESSOR_REVISION"=4303
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"RoxioCentral"=c:\Program Files\Fichiers communs\Roxio Shared\9.0\Roxio Central33\
-----------------EOF-----------------
Merci d'avance , cordialement , moi
Configuration: Windows XP Firefox 3.0.11
A voir également:
- Rapport RSIT
- Rsit - Télécharger - Antivirus & Antimalwares
- Rapport de stage - Guide
- Rapport de crash windows - Guide
- Impression rapport de stage ✓ - Forum Word
- Modifier rapport d'échelle pdf xchange viewer ✓ - Forum PDF
2 réponses
Hello ;
Peux tu faire ceci :
télécharge genproc
double-clique sur GenProc.exe et poste le contenu du rapport qui s'ouvre .
Peux tu faire ceci :
télécharge genproc
double-clique sur GenProc.exe et poste le contenu du rapport qui s'ouvre .
bonjour à vous deux :
c'est peut être plus simple de configurer antivir et passer un scan pour voir s'il découvre quelque chose
si JFKPRESIDENT est d'accord.
Configuration de Antivir :
clic droit sur son icône dans la barre des taches et sélectionner Configurer Antivir.
* Dans l'onglet Protection Locale, choisis Contrôler.
* Active la recherche de rootkits via le + de Recherche de Rootkits, puis dans Sélection manuelle, coche tout (tes partitions de disque dur).
* Clique sur la loupe du milieu pour lancer le scan en tant qu'Administrateur
cocher la case : Mode Expert.
=> Cliquer sur Scanner dans le volet de gauche :
> Dans "Fichiers" sélectionner Tous les fichiers.
> Dans procédure de recherche, cocher Autoriser l'arrêt, et dans "priorité scanner" sélectionner Elevé.
> Dans "Autres réglages" cocher toutes les cases.
NE SURTOUT PAS OUBLIER LA RECHERCHE DES ROOTKIT QUI EST TRES IMPORTANTE !
=> Cliquer sur "Recherche" dans le volet de gauche et appliquer les mêmes paramètres que précédemment.
=> Dérouler "Recherche" en cliquant sur le +. Cliquer sur "Heuristique" :
> Cocher "Heuristique de MacroVirus" et "Heuristique fichier Win32" avec degré d'indentification ELEVE !
=> Dans le volet de gauche, dérouler "Guard" puis dérouler "Recherche" :
> Cocher "Heuristique de MacroVirus" et "Heuristique fichier Win32" avec degré d'identification ELEVE !
lance un sacn complet de ton pc et poste son rapport
c'est peut être plus simple de configurer antivir et passer un scan pour voir s'il découvre quelque chose
si JFKPRESIDENT est d'accord.
Configuration de Antivir :
clic droit sur son icône dans la barre des taches et sélectionner Configurer Antivir.
* Dans l'onglet Protection Locale, choisis Contrôler.
* Active la recherche de rootkits via le + de Recherche de Rootkits, puis dans Sélection manuelle, coche tout (tes partitions de disque dur).
* Clique sur la loupe du milieu pour lancer le scan en tant qu'Administrateur
cocher la case : Mode Expert.
=> Cliquer sur Scanner dans le volet de gauche :
> Dans "Fichiers" sélectionner Tous les fichiers.
> Dans procédure de recherche, cocher Autoriser l'arrêt, et dans "priorité scanner" sélectionner Elevé.
> Dans "Autres réglages" cocher toutes les cases.
NE SURTOUT PAS OUBLIER LA RECHERCHE DES ROOTKIT QUI EST TRES IMPORTANTE !
=> Cliquer sur "Recherche" dans le volet de gauche et appliquer les mêmes paramètres que précédemment.
=> Dérouler "Recherche" en cliquant sur le +. Cliquer sur "Heuristique" :
> Cocher "Heuristique de MacroVirus" et "Heuristique fichier Win32" avec degré d'indentification ELEVE !
=> Dans le volet de gauche, dérouler "Guard" puis dérouler "Recherche" :
> Cocher "Heuristique de MacroVirus" et "Heuristique fichier Win32" avec degré d'identification ELEVE !
lance un sacn complet de ton pc et poste son rapport
