Je crois avoir un virus
theboss44
-
olivier114 Messages postés 1674 Statut Membre -
olivier114 Messages postés 1674 Statut Membre -
Bonjour,
info.txt logfile of random's system information tool 1.06 2009-10-19 19:11:21
======Uninstall list======
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ACDSee Gestionnaire de photos 2009-->MsiExec.exe /I{300578F9-9EFF-4B93-9AB1-C0E5707EF463}
Adobe Acrobat 5.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Reader 9.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A92000000001}
Advertising Center-->MsiExec.exe /X{b2ec4a38-b545-4a00-8214-13fe0e915e6d}
Allok MPEG4 Converter 6.2.0603-->"C:\Program Files\Allok MPEG4 Converter\unins000.exe"
Apple Application Support-->MsiExec.exe /I{0C34B801-6AEC-4667-B053-03A67E2D0415}
Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ArcSoft VideoImpression 2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{244E21B9-164C-4EC1-AED8-9BD64161E66D}\setup.exe" -l0x40c
Ask Toolbar-->"C:\Program Files\AskBarDis\unins000.exe"
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Barre d'outils Outlook de Windows Live (Windows Live Toolbar)-->MsiExec.exe /X{4002F73D-EBB3-4EA1-A2FF-DBCB4529759E}
Bloqueur de fenêtres pop-up (Windows Live Toolbar)-->MsiExec.exe /X{51F366F4-C2E4-429A-866A-59C885ED42FD}
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
CA Yahoo! Anti-Spy (remove only)-->"C:\Program Files\CA Yahoo! Anti-Spy\uninstall.exe"
Camera RAW Plug-In for EPSON Creativity Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8DAC1AE4-33D1-4A78-8A42-00E09EDECC3E}\SETUP.EXE" -l0x40c UNINST
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
C-Media WDM Audio Driver-->C:\WINDOWS\system32\cmirmdrv.exe
ConvertHelper 2.2-->"C:\Program Files\ConvertHelper\unins000.exe"
Correctif du dictionnaire français pour Office 2000-->MsiExec.exe /I{DCF67823-AFC3-11D3-BD80-0010A4E5C232}
Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
CX4300_5500_DX4400 Manuel-->C:\Program Files\EPSON\TPMANUAL\CX4300_5500_DX4400\FRA\USE_G\DOCUNINS.EXE
Détecteur de flux Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{175B7C4A-CAF8-437A-B597-73E0D2D970FE}
EPSON Attach To Email-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{20C45B32-5AB6-46A4-94EF-58950CAF05E5} /l1033 ADDREMOVEDLG
EPSON Copy Utility 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\SETUP.EXE" -l0x40c -UnInstall
EPSON Easy Photo Print-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B66E665A-DF96-4C38-9422-C7F74BC1B4E5}\SETUP.EXE" -l0x40c UNINST
EPSON File Manager-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2EB81825-E9EE-44F4-8F51-1240C3898DC6}\Setup.exe" -l0x40c UNINST
EPSON Logiciel imprimante-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
EPSON Scan Assistant-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}\Setup.exe" -l0x40c -u
EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r
EPSON Web-To-Page-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}\SETUP.EXE" -l0x40c -anything
Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{D518AD32-C710-4616-BA0D-D4B1FA5F82E8}
FileHippo.com Update Checker-->"C:\Program Files\FileHippo.com\uninstall.exe"
Free Mp3 Wma Converter V 1.81-->"C:\Program Files\Free Audio Pack\unins000.exe"
French interface language for ABBYY FineReader 8.0 Professional Edition-->MsiExec.exe /X{C9469E12-1A0F-4D62-9C2D-E1B652A5D31E}
GamingHarbor Toolbar-->C:\Documents and Settings\All Users.WINDOWS\Application Data\{7F4A1B90-59B3-4968-96A3-F7C1BE30DEBE}\Setup.exe
Glary Utilities 2.16.0.758-->"C:\Program Files\Glary Utilities\unins000.exe"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
iTunes-->MsiExec.exe /I{DA34FE93-5DC5-48E0-ACC8-A5389E05BB51}
Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013F0}
Java(TM) 6 Update 15-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216015F0}
Java(TM) 6 Update 16-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
K-Lite Codec Pack 4.4.5 (Standard)-->"C:\Program Files\K-Lite Codec Pack\unins002.exe"
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Media Access Startup-->"C:\Program Files\Media Access Startup\2.0.0.1050\unins000.exe"
Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{3585ED1C-74C5-43B0-A232-831B96A12A2B}
Micro Application - PrintPratic-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67380BB7-F6C4-458A-9F94-5012814A20B7}\Setup.exe" -l0x40c
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office 2000 Professional-->MsiExec.exe /I{0001040C-78E1-11D2-B60F-006097C998E7}
Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Mise à jour de sécurité pour Lecteur Windows Media (KB954155)-->"C:\windows\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB974455)-->"C:\windows\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958869)-->"C:\windows\$NtUninstallKB958869$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969059)-->"C:\windows\$NtUninstallKB969059$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971486)-->"C:\windows\$NtUninstallKB971486$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973525)-->"C:\windows\$NtUninstallKB973525$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974112)-->"C:\windows\$NtUninstallKB974112$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974571)-->"C:\windows\$NtUninstallKB974571$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975025)-->"C:\windows\$NtUninstallKB975025$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975467)-->"C:\windows\$NtUninstallKB975467$\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB972636)-->"C:\WINDOWS\ie8updates\KB972636-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Mozilla Firefox (3.5.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Firefox (3.5b4)-->C:\Program Files\Mozilla Firefox 3.5 Beta 4\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Navigation par onglets (Windows Live Toolbar)-->MsiExec.exe /X{E74559C2-BB47-45AD-83DD-0D66B67E7811}
Nero 9 Essentials-->C:\Program Files\Fichiers communs\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="XM02-508X-MHAT-19WU-9Z3Z-0CH0-3U6E-85W5-MMHH-6647-1Z5L-7M8C-0U45-758P-0000"
Nero ControlCenter-->MsiExec.exe /X{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}
Nero Installer-->MsiExec.exe /X{e8a80433-302b-4ff1-815d-fcc8eac482ff}
Nero OEM-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Nero Online Upgrade-->MsiExec.exe /X{dba84796-8503-4ff0-af57-1747dd9a166d}
Nero StartSmart OEM-->MsiExec.exe /X{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}
Nero StartSmart-->MsiExec.exe /X{7748ac8c-18e3-43bb-959b-088faea16fb2}
Nero Suite-->C:\Program Files\Fichiers communs\Nero\Uninstall\Setup.exe /uninstall ExtraUninstallID=""
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA Drivers-->C:\windows\system32\nvuninst.exe UninstallGUI
NVIDIA nView Desktop Manager-->C:\Program Files\NVIDIA Corporation\nView\nViewSetup.exe -uninstall
OneCare Advisor (Windows Live Toolbar)-->MsiExec.exe /X{F242B06B-517F-4D62-B654-16B11564A912}
OpenOffice.org 3.1-->MsiExec.exe /I{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}
Pack Vista Inspirat 2 1.0-->C:\WINDOWS\BricoPacks\Vista Inspirat 2\Remove.exe
Paint.NET v3.5-->MsiExec.exe /X{D3E7A2A5-A059-4A44-949B-21FBD371A8B8}
PC TWIN SHOCK-->C:\Program Files\InstallShield Installation Information\{FEC7CD2E-2BB5-40C3-9592-078F64677E6C}\setup.exe -runfromtemp -l0x0009 -removeonly
PDFCreator-->C:\Program Files\PDFCreator\unins000.exe
QuickTime-->MsiExec.exe /I{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}
RocketDock 1.3.5-->"C:\Program Files\RocketDock\unins000.exe"
SAMSUNG CDMA Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
SAMSUNG Mobile Composite Device Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\6\SSBCUninstall.exe
Samsung Mobile phone USB driver Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Search Settings 1.2.1-->MsiExec.exe /X{0B1AAC97-8563-41D9-AE47-58E6A222F0E1}
Seekapp 1.0 build 155-->C:\Program Files\SeekappSrch\uninstall.exe
SeekService 1.0 build 125-->C:\Program Files\SeekService\uninstall.exe
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Sukoku 1.0 build 117-->C:\Program Files\Sukoku\uninstall.exe
System Search Dispatcher-->"C:\Program Files\System Search Dispatcher\1.4.3.1040\unins000.exe"
The KMPlayer (remove only)-->"C:\Program Files\The KMPlayer\uninstall.exe"
Trust Photo Tools-->MsiExec.exe /I{84975365-177A-42EB-A265-9C9B6DB1FEA1}
Trust WB-1400T Webcam-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{30837A37-8F9F-4817-8B52-C501B67DC3BE} /l1036
Uniblue DriverScanner 2009-->"C:\Documents and Settings\All Users.WINDOWS\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\DriverScanner_Setup.exe" REMOVE=TRUE MODIFY=FALSE
Uniblue DriverScanner 2009-->C:\Documents and Settings\All Users.WINDOWS\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\DriverScanner_Setup.exe
Uninstall Dual Mode Camera-->"C:\Program Files\JL2005D\unins000.exe"
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
VIA Gestionnaire de périphériques de plate-forme-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\Intel 32\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Live Upload Tool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinPcap 3.1 beta3-->"C:\Program Files\WinPcap\Uninstall.exe" "C:\Program Files\WinPcap\install.log"
WinZip 14.0-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B9}
======Security center information======
AV: avast! antivirus 4.8.1356 [VPS 091018-0]
======System event log======
Computer Name: MONCH
Event Code: 7036
Message: Le service Lavasoft Ad-Aware Service est entré dans l'état : arrêté.
Record Number: 5902
Source Name: Service Control Manager
Time Written: 20090915192819.000000+120
Event Type: Informations
User:
Computer Name: MONCH
Event Code: 7035
Message: Un contrôle Arrêter a correctement été envoyé au service Lavasoft Ad-Aware Service.
Record Number: 5901
Source Name: Service Control Manager
Time Written: 20090915192819.000000+120
Event Type: Informations
User: MONCH\daniel monchaux
Computer Name: MONCH
Event Code: 7036
Message: Le service Explorateur d'ordinateur est entré dans l'état : arrêté.
Record Number: 5900
Source Name: Service Control Manager
Time Written: 20090915182420.000000+120
Event Type: Informations
User:
Computer Name: MONCH
Event Code: 7024
Message: Le service Routage et accès distant s'est arrêté avec l'erreur service particulière 340 (0x154).
Record Number: 5899
Source Name: Service Control Manager
Time Written: 20090915182419.000000+120
Event Type: erreur
User:
Computer Name: MONCH
Event Code: 7036
Message: Le service Routage et accès distant est entré dans l'état : arrêté.
Record Number: 5898
Source Name: Service Control Manager
Time Written: 20090915182419.000000+120
Event Type: Informations
User:
=====Application event log=====
Computer Name: MONCH
Event Code: 1
Message:
Record Number: 5
Source Name: Bonjour Service
Time Written: 20090613201548.000000+120
Event Type: Informations
User:
Computer Name: MONCH
Event Code: 11728
Message: Product: Microsoft Office Word Viewer 2003 -- Configuration completed successfully.
Record Number: 4
Source Name: MsiInstaller
Time Written: 20090612232704.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM
Computer Name: MONCH
Event Code: 1022
Message: Produit : Microsoft Office Word Viewer 2003 - La mise à jour 'Security Update for Word Viewer 2003 (KB969614): WORDVIEW' a été installée.
Record Number: 3
Source Name: MsiInstaller
Time Written: 20090612232704.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM
Computer Name: MONCH
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.
Record Number: 2
Source Name: SecurityCenter
Time Written: 20090612231718.000000+120
Event Type: Informations
User:
Computer Name: MONCH
Event Code: 1
Message:
Record Number: 1
Source Name: Bonjour Service
Time Written: 20090612231648.000000+120
Event Type: Informations
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Samsung\Samsung PC Studio 3;C:\Program Files\QuickTime\QTSystem;C:\PROGRA~1\DISKEE~1\DISKEE~1\;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 8 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=0801
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
-----------------EOF-----------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by daniel monchaux at 2009-10-19 19:08:59
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 11 GB (15%) free of 76 GB
Total RAM: 1023 MB (50% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:11:15, on 19/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal
Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\nvsvc32.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\windows\system32\RUNDLL32.EXE
C:\windows\system32\ctfmon.exe
C:\Program Files\FileHippo.com\UpdateChecker.exe
C:\windows\system32\rundll32.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Documents and Settings\All Users.WINDOWS\Application Data\SeekappSrch\seekapp155.exe
C:\windows\system32\svchost.exe
C:\Program Files\SeekappSrch\seekappsrch.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\daniel monchaux\Mes documents\Téléchargements\RSIT.exe
C:\Program Files\trend micro\daniel monchaux.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
R3 - URLSearchHook: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Media Access Startup - {25B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Media Access Startup\2.0.0.1050\HPIEAddOn.dll
O2 - BHO: NP Helper Class - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Internet Saving Optimizer\3.8.1.4690\NPIEAddOn.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: System Search Dispatcher - {CDBFB47B-58A8-4111-BF95-06178DCE326D} - C:\Program Files\System Search Dispatcher\1.4.3.1040\ssd.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll
O3 - Toolbar: (no name) - {66886C4D-B307-4ECA-A228-52CA9B9851A4} - (no file)
O3 - Toolbar: GamingHarbor Toolbar - {5617ECA9-488D-4BA2-8562-9710B9AB78D2} - C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\stb0.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\WINDOWS\TEMP\E_SD3.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [FileHippo.com] "C:\Program Files\FileHippo.com\UpdateChecker.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?25b8f9fff0d84108982ffb8f93c9640b
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?25b8f9fff0d84108982ffb8f93c9640b
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: SeekappSrch Service - Unknown owner - C:\Documents and Settings\All Users.WINDOWS\Application Data\SeekappSrch\seekapp155.exe
--
End of file - 8857 bytes
======Scheduled tasks folder======
C:\windows\tasks\Ad-Aware Update (Weekly).job
C:\windows\tasks\AppleSoftwareUpdate.job
C:\windows\tasks\GlaryInitialize.job
C:\windows\tasks\Maintenance en 1 clic.job
C:\windows\tasks\SmartDefrag.job
C:\windows\tasks\User_Feed_Synchronization-{8AA4E7A9-F2CE-4BB0-BF75-2275A07148CD}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1c491116-c175-45e1-a570-6fb14fea8b7b}]
PHPNukeFR Toolbar - C:\Program Files\PHPNukeFR\tbPHPN.dll [2009-07-02 2215960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-07-17 279944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25B8D58C-B0CB-46b0-BA64-05B3804E4E86}]
Media Access Startup - C:\Program Files\Media Access Startup\2.0.0.1050\HPIEAddOn.dll [2009-09-08 221184]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35B8D58C-B0CB-46b0-BA64-05B3804E4E86}]
NP Helper Class - C:\Program Files\Internet Saving Optimizer\3.8.1.4690\NPIEAddOn.dll [2009-09-09 196608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CDBFB47B-58A8-4111-BF95-06178DCE326D}]
System Search Dispatcher - C:\Program Files\System Search Dispatcher\1.4.3.1040\ssd.dll [2009-09-10 294912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-08-13 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-08-13 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]
{1c491116-c175-45e1-a570-6fb14fea8b7b} - PHPNukeFR Toolbar - C:\Program Files\PHPNukeFR\tbPHPN.dll [2009-07-02 2215960]
{66886C4D-B307-4ECA-A228-52CA9B9851A4}
{5617ECA9-488D-4BA2-8562-9710B9AB78D2} - GamingHarbor Toolbar - C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\stb0.dll [2009-09-03 1130496]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-07-17 279944]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-09-15 81000]
"Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd []
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-09-21 305440]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2009-09-23 1657448]
"NvCplDaemon"=C:\windows\system32\NvCpl.dll [2009-09-27 13918208]
"NvMediaCenter"=C:\windows\system32\NvMcTray.dll [2009-09-27 86016]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EPSON Stylus DX4400 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE [2007-03-01 180736]
"ctfmon.exe"=C:\windows\system32\ctfmon.exe [2008-04-14 15360]
"FileHippo.com"=C:\Program Files\FileHippo.com\UpdateChecker.exe [2009-09-28 155648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\windows\system32\WgaLogon.dll [2009-03-10 265088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoResolveSearch"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"c:\program files\relevantknowledge\rlvknlg.exe"="c:\program files\relevantknowledge\rlvknlg.exe:*:Enabled:rlvknlg.exe"
"C:\Program Files\SecondLife\SLVoice.exe"="C:\Program Files\SecondLife\SLVoice.exe:*:Disabled:SLVoice"
"C:\LiberKey\Apps\Emule\App\Emule\emule.exe"="C:\LiberKey\Apps\Emule\App\Emule\emule.exe:*:Disabled:eMule"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Disabled:LimeWire"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Micro Application\Internet Anonyme 2\CGhost.exe"="C:\Program Files\Micro Application\Internet Anonyme 2\CGhost.exe:*:Enabled:CGhost"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
======File associations======
.reg - edit -
.reg - open -
======List of files/folders created in the last 1 months======
2009-10-19 19:09:01 ----D---- C:\Program Files\trend micro
2009-10-19 19:08:59 ----DC---- C:\rsit
2009-10-15 20:16:28 ----D---- C:\Program Files\JRE
2009-10-15 13:16:45 ----HDC---- C:\windows\$NtUninstallKB958869$
2009-10-15 13:10:13 ----HDC---- C:\windows\$NtUninstallKB969059$
2009-10-15 13:09:04 ----HDC---- C:\windows\$NtUninstallKB954155_WM9$
2009-10-15 13:08:56 ----HDC---- C:\windows\$NtUninstallKB974112$
2009-10-15 13:08:07 ----HDC---- C:\windows\$NtUninstallKB975025$
2009-10-15 13:07:06 ----HDC---- C:\windows\$NtUninstallKB974571$
2009-10-15 13:03:49 ----HDC---- C:\windows\$NtUninstallKB971486$
2009-10-15 13:02:51 ----HDC---- C:\windows\$NtUninstallKB973525$
2009-10-15 13:02:21 ----HDC---- C:\windows\$NtUninstallKB975467$
2009-10-13 18:15:55 ----DC---- C:\Documents and Settings\daniel monchaux\Application Data\SimonTools
2009-10-05 21:17:41 ----D---- C:\Program Files\FileHippo.com
2009-10-04 21:08:09 ----A---- C:\windows\system32\GEARAspi.dll
2009-10-04 21:06:17 ----DC---- C:\Documents and Settings\All Users.WINDOWS\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-10-04 18:08:24 ----DC---- C:\Documents and Settings\daniel monchaux\Application Data\Help
2009-10-04 12:51:32 ----DC---- C:\Documents and Settings\daniel monchaux\Application Data\Foxit
2009-10-02 21:54:52 ----A---- C:\windows\system32\i420vfw.dll
2009-10-02 21:54:52 ----A---- C:\windows\system32\AVSredirect.dll
2009-10-02 17:06:35 ----D---- C:\Program Files\eMule
2009-09-27 18:20:28 ----A---- C:\windows\cPVAS.INI
2009-09-27 18:20:27 ----AC---- C:\pvas.txt
2009-09-27 18:20:26 ----AC---- C:\mpeg.txt
2009-09-27 18:20:04 ----A---- C:\windows\system32\nvcplui.exe
2009-09-27 18:20:00 ----A---- C:\windows\system32\nvwddi.dll
2009-09-27 18:19:52 ----A---- C:\windows\system32\nvwss.dll
2009-09-27 18:19:50 ----A---- C:\windows\system32\nvvitvs.dll
2009-09-27 18:19:48 ----A---- C:\windows\system32\nvmobls.dll
2009-09-27 18:19:48 ----A---- C:\windows\system32\nvmccss.dll
2009-09-27 18:19:48 ----A---- C:\windows\system32\nvgames.dll
2009-09-27 18:19:46 ----A---- C:\windows\system32\nvsvc32.exe
2009-09-27 18:19:46 ----A---- C:\windows\system32\nvmctray.dll
2009-09-27 18:19:46 ----A---- C:\windows\system32\nvdisps.dll
2009-09-27 18:19:46 ----A---- C:\windows\system32\nvcpl.dll
2009-09-27 18:19:46 ----A---- C:\windows\system32\nvcolor.exe
2009-09-27 18:19:40 ----A---- C:\windows\system32\nvmccs.dll
2009-09-27 18:17:10 ----D---- C:\Program Files\Ripp-it_AM
2009-09-25 18:09:59 ----DC---- C:\Documents and Settings\daniel monchaux\Application Data\gtk-2.0
2009-09-25 18:07:34 ----DC---- C:\Documents and Settings\daniel monchaux\Application Data\Inkscape
2009-09-23 21:27:14 ----D---- C:\Program Files\Any Audio Converter
2009-09-23 20:57:14 ----DC---- C:\Documents and Settings\daniel monchaux\Application Data\AVS4YOU
2009-09-23 20:53:54 ----A---- C:\windows\system32\GdiPlus.dll
2009-09-23 20:20:25 ----D---- C:\Program Files\AviSynth 2.5
2009-09-23 20:20:05 ----A---- C:\windows\system32\coodest.dll
2009-09-22 21:07:33 ----D---- C:\Program Files\VirtualDub
2009-09-20 18:05:40 ----N---- C:\windows\system32\pxsfs.dll
2009-09-20 18:05:40 ----N---- C:\windows\system32\pxinsa64.exe
2009-09-20 18:05:40 ----N---- C:\windows\system32\pxhpinst.exe
2009-09-20 18:05:40 ----N---- C:\windows\system32\pxcpya64.exe
2009-09-20 18:05:40 ----N---- C:\windows\system32\pxafs.dll
2009-09-20 18:05:39 ----N---- C:\windows\system32\vxblock.dll
2009-09-20 18:05:39 ----N---- C:\windows\system32\pxwave.dll
2009-09-20 18:05:39 ----N---- C:\windows\system32\pxmas.dll
2009-09-20 18:05:39 ----N---- C:\windows\system32\pxdrv.dll
2009-09-20 18:05:39 ----N---- C:\windows\system32\px.dll
2009-09-20 18:05:32 ----DC---- C:\Documents and Settings\daniel monchaux\Application Data\Winamp
2009-09-20 16:04:41 ----AC---- C:\PureRa.txt
2009-09-20 14:27:51 ----DC---- C:\Documents and Settings\All Users.WINDOWS\Application Data\SeekappSrch
2009-09-20 14:27:50 ----D---- C:\Program Files\SeekappSrch
2009-09-20 14:19:42 ----D---- C:\Program Files\C-Media
2009-09-20 14:17:22 ----D---- C:\Program Files\RocketDock
2009-09-20 14:16:54 ----D---- C:\Program Files\System Search Dispatcher
2009-09-20 14:16:52 ----D---- C:\Program Files\Media Access Startup
2009-09-20 14:16:50 ----D---- C:\Program Files\Internet Saving Optimizer
2009-09-20 14:16:50 ----D---- C:\Program Files\DoubleD
2009-09-20 14:16:43 ----D---- C:\Program Files\GameSpy Arcade
2009-09-20 14:16:43 ----D---- C:\Program Files\AxBx
2009-09-20 14:16:40 ----HDC---- C:\Documents and Settings\All Users.WINDOWS\Application Data\{7F4A1B90-59B3-4968-96A3-F7C1BE30DEBE}
2009-09-20 11:51:57 ----D---- C:\Program Files\a-squared Free
======List of files/folders modified in the last 1 months======
2009-10-19 19:09:02 ----D---- C:\windows\Prefetch
2009-10-19 19:09:01 ----D---- C:\Program Files
2009-10-19 19:02:08 ----D---- C:\windows\system32\drivers
2009-10-19 17:34:43 ----D---- C:\Program Files\Mozilla Firefox
2009-10-19 17:33:33 ----D---- C:\WINDOWS
2009-10-19 17:33:32 ----D---- C:\windows\Temp
2009-10-19 12:22:28 ----N---- C:\windows\SchedLgU.Txt
2009-10-18 20:33:07 ----D---- C:\windows\system32\CatRoot2
2009-10-18 15:03:20 ----HD---- C:\windows\inf
2009-10-16 18:44:04 ----SHD---- C:\windows\Installer
2009-10-16 18:11:04 ----DC---- C:\temp
2009-10-15 21:36:24 ----D---- C:\windows\Debug
2009-10-15 20:20:37 ----RSD---- C:\windows\assembly
2009-10-15 20:16:56 ----RSD---- C:\windows\Fonts
2009-10-15 20:16:19 ----D---- C:\Program Files\OpenOffice.org 3
2009-10-15 19:27:16 ----D---- C:\windows\WinSxS
2009-10-15 19:26:24 ----D---- C:\Program Files\MSECache
2009-10-15 18:42:17 ----D---- C:\Program Files\Lavasoft
2009-10-15 18:42:10 ----DC---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft
2009-10-15 18:42:06 ----DC---- C:\windows\system32\DRVSTORE
2009-10-15 18:41:56 ----D---- C:\windows\system32
2009-10-15 18:13:26 ----SD---- C:\windows\Tasks
2009-10-15 13:34:26 ----D---- C:\windows\Microsoft.NET
2009-10-15 13:26:49 ----A---- C:\windows\system32\PerfStringBackup.INI
2009-10-15 13:18:25 ----RSHDC---- C:\windows\system32\dllcache
2009-10-15 13:18:20 ----D---- C:\Program Files\Internet Explorer
2009-10-15 13:17:49 ----D---- C:\windows\ie8updates
2009-10-15 13:17:14 ----HD---- C:\windows\$hf_mig$
2009-10-15 12:21:17 ----DC---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Adobe
2009-10-15 12:20:39 ----D---- C:\windows\SxsCaPendDel
2009-10-14 20:41:08 ----D---- C:\Program Files\Paint.NET
2009-10-14 20:35:27 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-10-11 20:59:36 ----D---- C:\Program Files\Micro Application
2009-10-09 23:46:19 ----SD---- C:\Program Files\Windows Media Player
2009-10-09 23:46:19 ----D---- C:\Program Files\TrueLaunchBar
2009-10-09 23:46:15 ----SHDC---- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2009-10-09 23:46:15 ----HD---- C:\Program Files\InstallShield Installation Information
2009-10-09 23:46:15 ----D---- C:\Program Files\IncrediMail
2009-10-09 23:46:15 ----D---- C:\Program Files\Google
2009-10-09 23:46:15 ----D---- C:\Program Files\Fichiers communs
2009-10-09 23:46:15 ----D---- C:\Program Files\AVS4YOU
2009-10-09 23:46:06 ----DC---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Real
2009-10-09 23:46:06 ----DC---- C:\Documents and Settings\All Users.WINDOWS\Application Data\EPSON
2009-10-08 20:28:14 ----DC---- C:\Documents and Settings\All Users.WINDOWS\Application Data\WinZip
2009-10-06 20:40:17 ----D---- C:\windows\Help
2009-10-06 20:38:59 ----D---- C:\windows\nview
2009-10-06 20:37:24 ----D---- C:\windows\system32\ReinstallBackups
2009-10-06 18:55:47 ----D---- C:\windows\pss
2009-10-05 21:45:30 ----D---- C:\Program Files\WinZip
2009-10-05 21:34:08 ----D---- C:\Program Files\Windows Live SkyDrive
2009-10-04 21:40:45 ----DC---- C:\Documents and Settings\daniel monchaux\Application Data\Apple Computer
2009-10-04 21:15:41 ----SDC---- C:\Documents and Settings\daniel monchaux\Application Data\Microsoft
2009-10-04 21:08:06 ----D---- C:\Program Files\iTunes
2009-10-04 21:06:51 ----D---- C:\Program Files\iPod
2009-10-04 21:04:41 ----D---- C:\Program Files\Bonjour
2009-10-04 21:04:23 ----D---- C:\Program Files\QuickTime
2009-10-04 21:02:57 ----DC---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer
2009-10-04 12:53:26 ----D---- C:\Program Files\Microsoft Silverlight
2009-10-02 20:01:57 ----A---- C:\windows\system32\MRT.exe
2009-09-29 17:50:46 ----D---- C:\Program Files\Glary Utilities
2009-09-27 21:04:59 ----D---- C:\Program Files\AskBarDis
2009-09-27 19:11:02 ----A---- C:\windows\NeroDigital.ini
2009-09-27 18:50:48 ----DC---- C:\Documents and Settings\daniel monchaux\Application Data\Real
2009-09-27 16:12:22 ----A---- C:\windows\system32\nvudisp.exe
2009-09-27 16:12:22 ----A---- C:\windows\system32\nvoglnt.dll
2009-09-27 16:12:22 ----A---- C:\windows\system32\nvcuvid.dll
2009-09-27 16:12:22 ----A---- C:\windows\system32\nvcuvenc.dll
2009-09-27 16:12:22 ----A---- C:\windows\system32\nvcuda.dll
2009-09-27 16:12:22 ----A---- C:\windows\system32\nvcodins.dll
2009-09-27 16:12:22 ----A---- C:\windows\system32\nvcod.dll
2009-09-27 16:12:22 ----A---- C:\windows\system32\nvapi.dll
2009-09-27 16:12:22 ----A---- C:\windows\system32\nv4_disp.dll
2009-09-25 17:09:40 ----DC---- C:\Documents and Settings\daniel monchaux\Application Data\Adobe
2009-09-24 09:24:18 ----A---- C:\windows\system32\NVUNINST.EXE
2009-09-23 21:41:37 ----D---- C:\Program Files\Common Files
2009-09-23 20:20:35 ----D---- C:\Program Files\K-Lite Codec Pack
2009-09-20 18:06:31 ----D---- C:\Program Files\Winamp
2009-09-20 17:51:48 ----DC---- C:\Documents and Settings\daniel monchaux\Application Data\Python-Eggs
2009-09-20 16:21:39 ----D---- C:\windows\system32\inetsrv
2009-09-20 16:17:48 ----D---- C:\Program Files\5.1MZ DSC
2009-09-20 15:00:26 ----A---- C:\windows\win.ini
2009-09-20 15:00:26 ----A---- C:\windows\system.ini
2009-09-20 14:33:31 ----D---- C:\windows\system32\CatRoot
2009-09-20 14:22:20 ----D---- C:\windows\system32\config
2009-09-20 14:21:30 ----D---- C:\windows\system32\wbem
2009-09-20 14:21:24 ----D---- C:\windows\Registration
2009-09-20 14:20:52 ----D---- C:\Program Files\ABBYY FineReader 8.0 Professional Edition
2009-09-20 14:20:30 ----HD---- C:\windows\msdownld.tmp
2009-09-20 14:20:22 ----D---- C:\windows\system
2009-09-20 14:20:17 ----D---- C:\Program Files\C-Media 3D Audio
2009-09-20 14:09:02 ----D---- C:\Program Files\Mozilla Firefox 3.5 Beta 4
2009-09-20 11:53:18 ----D---- C:\windows\system32\DirectX
2009-09-20 10:54:08 ----D---- C:\windows\Logs
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\windows\system32\drivers\Aavmker4.sys [2009-09-15 27408]
R1 AmdK7;Pilote de processeur AMD K7; C:\windows\system32\DRIVERS\amdk7.sys [2008-04-14 41856]
R1 aswSP;avast! Self Protection; C:\windows\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2009-09-15 52368]
R1 kbdhid;Pilote HID de clavier; C:\windows\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 StarOpen;StarOpen; C:\windows\system32\drivers\StarOpen.sys [2009-05-20 5632]
R2 aswFsBlk;aswFsBlk; C:\windows\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMon2;avast! Standard Shield Support; C:\windows\system32\drivers\aswMon2.sys [2009-09-15 94160]
R3 Afc;PPdus ASPI Shell; C:\windows\system32\drivers\Afc.sys [2005-02-23 11776]
R3 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr.sys [2009-09-15 23152]
R3 cmuda;C-Media WDM Audio Interface; C:\windows\system32\drivers\cmuda.sys [2005-12-15 1368000]
R3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\windows\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 hidusb;Pilote de classe HID Microsoft; C:\windows\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Pilote HID de souris; C:\windows\system32\DRIVERS\mouhid.sys [2004-08-05 12288]
R3 nv;nv; C:\windows\system32\DRIVERS\nv4_mini.sys [2009-09-27 7655872]
R3 PAC207;Trust WB-1400T Webcam; C:\windows\system32\DRIVERS\PFC027.SYS [2007-05-14 508288]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\windows\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\windows\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\windows\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\windows\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 BlueletAudio;Bluetooth Audio Service; C:\windows\system32\DRIVERS\blueletaudio.sys []
S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\windows\system32\DRIVERS\BlueletSCOAudio.sys []
S3 BT;Bluetooth PAN Network Adapter; C:\windows\system32\DRIVERS\btnetdrv.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\windows\System32\Drivers\btcusb.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\windows\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 cpuz129;cpuz129; \??\C:\LiberKey\Apps\Pcwizard\App\PCWizard\pcwiz32.sys []
S3 DsAudioDevice_207;DsAudioDevice_207; C:\windows\system32\drivers\DsAudioDevice_207.sys [2009-01-08 16640]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 JL2005C;Dual Mode Camera; C:\windows\System32\Drivers\jl2005c.sys [2007-02-09 68954]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\windows\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\windows\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\windows\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nm;Pilote du Moniteur réseau; C:\windows\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 NPF;NetGroup Packet Filter Driver; C:\windows\system32\drivers\npf.sys [2004-05-14 32896]
S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
S3 RHDISK;RHDISK; \??\M:\dossier rohos minirive\Rohos\RHDISK.SYS []
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\windows\System32\Drivers\RootMdm.sys [2004-08-05 5888]
S3 SLIP;Détrameur décalage BDA; C:\windows\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\windows\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\windows\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\windows\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\windows\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 VComm;Virtual Serial port driver; C:\windows\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\windows\System32\Drivers\VcommMgr.sys []
S3 WSTCODEC;Codec Teletext standard; C:\windows\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\windows\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\windows\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\windows\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-09-15 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-09-15 138680]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-08-13 153376]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
R2 NVSvc;NVIDIA Display Driver Service; C:\windows\system32\nvsvc32.exe [2009-09-27 172100]
R2 ProtexisLicensing;ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [2007-06-05 177704]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 SeekappSrch Service;SeekappSrch Service; C:\Documents and Settings\All Users.WINDOWS\Application Data\SeekappSrch\seekapp155.exe [2009-09-22 54760]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-09-15 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-09-15 352920]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-09-21 545568]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2004-05-14 86016]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\windows\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.06 2009-10-19 19:11:21
======Uninstall list======
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ACDSee Gestionnaire de photos 2009-->MsiExec.exe /I{300578F9-9EFF-4B93-9AB1-C0E5707EF463}
Adobe Acrobat 5.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Reader 9.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A92000000001}
Advertising Center-->MsiExec.exe /X{b2ec4a38-b545-4a00-8214-13fe0e915e6d}
Allok MPEG4 Converter 6.2.0603-->"C:\Program Files\Allok MPEG4 Converter\unins000.exe"
Apple Application Support-->MsiExec.exe /I{0C34B801-6AEC-4667-B053-03A67E2D0415}
Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ArcSoft VideoImpression 2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{244E21B9-164C-4EC1-AED8-9BD64161E66D}\setup.exe" -l0x40c
Ask Toolbar-->"C:\Program Files\AskBarDis\unins000.exe"
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Barre d'outils Outlook de Windows Live (Windows Live Toolbar)-->MsiExec.exe /X{4002F73D-EBB3-4EA1-A2FF-DBCB4529759E}
Bloqueur de fenêtres pop-up (Windows Live Toolbar)-->MsiExec.exe /X{51F366F4-C2E4-429A-866A-59C885ED42FD}
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
CA Yahoo! Anti-Spy (remove only)-->"C:\Program Files\CA Yahoo! Anti-Spy\uninstall.exe"
Camera RAW Plug-In for EPSON Creativity Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8DAC1AE4-33D1-4A78-8A42-00E09EDECC3E}\SETUP.EXE" -l0x40c UNINST
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
C-Media WDM Audio Driver-->C:\WINDOWS\system32\cmirmdrv.exe
ConvertHelper 2.2-->"C:\Program Files\ConvertHelper\unins000.exe"
Correctif du dictionnaire français pour Office 2000-->MsiExec.exe /I{DCF67823-AFC3-11D3-BD80-0010A4E5C232}
Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
CX4300_5500_DX4400 Manuel-->C:\Program Files\EPSON\TPMANUAL\CX4300_5500_DX4400\FRA\USE_G\DOCUNINS.EXE
Détecteur de flux Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{175B7C4A-CAF8-437A-B597-73E0D2D970FE}
EPSON Attach To Email-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{20C45B32-5AB6-46A4-94EF-58950CAF05E5} /l1033 ADDREMOVEDLG
EPSON Copy Utility 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\SETUP.EXE" -l0x40c -UnInstall
EPSON Easy Photo Print-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B66E665A-DF96-4C38-9422-C7F74BC1B4E5}\SETUP.EXE" -l0x40c UNINST
EPSON File Manager-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2EB81825-E9EE-44F4-8F51-1240C3898DC6}\Setup.exe" -l0x40c UNINST
EPSON Logiciel imprimante-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
EPSON Scan Assistant-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}\Setup.exe" -l0x40c -u
EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r
EPSON Web-To-Page-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}\SETUP.EXE" -l0x40c -anything
Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{D518AD32-C710-4616-BA0D-D4B1FA5F82E8}
FileHippo.com Update Checker-->"C:\Program Files\FileHippo.com\uninstall.exe"
Free Mp3 Wma Converter V 1.81-->"C:\Program Files\Free Audio Pack\unins000.exe"
French interface language for ABBYY FineReader 8.0 Professional Edition-->MsiExec.exe /X{C9469E12-1A0F-4D62-9C2D-E1B652A5D31E}
GamingHarbor Toolbar-->C:\Documents and Settings\All Users.WINDOWS\Application Data\{7F4A1B90-59B3-4968-96A3-F7C1BE30DEBE}\Setup.exe
Glary Utilities 2.16.0.758-->"C:\Program Files\Glary Utilities\unins000.exe"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
iTunes-->MsiExec.exe /I{DA34FE93-5DC5-48E0-ACC8-A5389E05BB51}
Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013F0}
Java(TM) 6 Update 15-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216015F0}
Java(TM) 6 Update 16-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
K-Lite Codec Pack 4.4.5 (Standard)-->"C:\Program Files\K-Lite Codec Pack\unins002.exe"
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Media Access Startup-->"C:\Program Files\Media Access Startup\2.0.0.1050\unins000.exe"
Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{3585ED1C-74C5-43B0-A232-831B96A12A2B}
Micro Application - PrintPratic-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67380BB7-F6C4-458A-9F94-5012814A20B7}\Setup.exe" -l0x40c
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office 2000 Professional-->MsiExec.exe /I{0001040C-78E1-11D2-B60F-006097C998E7}
Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Mise à jour de sécurité pour Lecteur Windows Media (KB954155)-->"C:\windows\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB974455)-->"C:\windows\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958869)-->"C:\windows\$NtUninstallKB958869$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969059)-->"C:\windows\$NtUninstallKB969059$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971486)-->"C:\windows\$NtUninstallKB971486$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973525)-->"C:\windows\$NtUninstallKB973525$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974112)-->"C:\windows\$NtUninstallKB974112$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974571)-->"C:\windows\$NtUninstallKB974571$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975025)-->"C:\windows\$NtUninstallKB975025$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975467)-->"C:\windows\$NtUninstallKB975467$\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB972636)-->"C:\WINDOWS\ie8updates\KB972636-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Mozilla Firefox (3.5.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Firefox (3.5b4)-->C:\Program Files\Mozilla Firefox 3.5 Beta 4\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Navigation par onglets (Windows Live Toolbar)-->MsiExec.exe /X{E74559C2-BB47-45AD-83DD-0D66B67E7811}
Nero 9 Essentials-->C:\Program Files\Fichiers communs\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="XM02-508X-MHAT-19WU-9Z3Z-0CH0-3U6E-85W5-MMHH-6647-1Z5L-7M8C-0U45-758P-0000"
Nero ControlCenter-->MsiExec.exe /X{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}
Nero Installer-->MsiExec.exe /X{e8a80433-302b-4ff1-815d-fcc8eac482ff}
Nero OEM-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Nero Online Upgrade-->MsiExec.exe /X{dba84796-8503-4ff0-af57-1747dd9a166d}
Nero StartSmart OEM-->MsiExec.exe /X{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}
Nero StartSmart-->MsiExec.exe /X{7748ac8c-18e3-43bb-959b-088faea16fb2}
Nero Suite-->C:\Program Files\Fichiers communs\Nero\Uninstall\Setup.exe /uninstall ExtraUninstallID=""
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA Drivers-->C:\windows\system32\nvuninst.exe UninstallGUI
NVIDIA nView Desktop Manager-->C:\Program Files\NVIDIA Corporation\nView\nViewSetup.exe -uninstall
OneCare Advisor (Windows Live Toolbar)-->MsiExec.exe /X{F242B06B-517F-4D62-B654-16B11564A912}
OpenOffice.org 3.1-->MsiExec.exe /I{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}
Pack Vista Inspirat 2 1.0-->C:\WINDOWS\BricoPacks\Vista Inspirat 2\Remove.exe
Paint.NET v3.5-->MsiExec.exe /X{D3E7A2A5-A059-4A44-949B-21FBD371A8B8}
PC TWIN SHOCK-->C:\Program Files\InstallShield Installation Information\{FEC7CD2E-2BB5-40C3-9592-078F64677E6C}\setup.exe -runfromtemp -l0x0009 -removeonly
PDFCreator-->C:\Program Files\PDFCreator\unins000.exe
QuickTime-->MsiExec.exe /I{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}
RocketDock 1.3.5-->"C:\Program Files\RocketDock\unins000.exe"
SAMSUNG CDMA Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
SAMSUNG Mobile Composite Device Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\6\SSBCUninstall.exe
Samsung Mobile phone USB driver Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Search Settings 1.2.1-->MsiExec.exe /X{0B1AAC97-8563-41D9-AE47-58E6A222F0E1}
Seekapp 1.0 build 155-->C:\Program Files\SeekappSrch\uninstall.exe
SeekService 1.0 build 125-->C:\Program Files\SeekService\uninstall.exe
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Sukoku 1.0 build 117-->C:\Program Files\Sukoku\uninstall.exe
System Search Dispatcher-->"C:\Program Files\System Search Dispatcher\1.4.3.1040\unins000.exe"
The KMPlayer (remove only)-->"C:\Program Files\The KMPlayer\uninstall.exe"
Trust Photo Tools-->MsiExec.exe /I{84975365-177A-42EB-A265-9C9B6DB1FEA1}
Trust WB-1400T Webcam-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{30837A37-8F9F-4817-8B52-C501B67DC3BE} /l1036
Uniblue DriverScanner 2009-->"C:\Documents and Settings\All Users.WINDOWS\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\DriverScanner_Setup.exe" REMOVE=TRUE MODIFY=FALSE
Uniblue DriverScanner 2009-->C:\Documents and Settings\All Users.WINDOWS\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\DriverScanner_Setup.exe
Uninstall Dual Mode Camera-->"C:\Program Files\JL2005D\unins000.exe"
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
VIA Gestionnaire de périphériques de plate-forme-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\Intel 32\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Live Upload Tool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinPcap 3.1 beta3-->"C:\Program Files\WinPcap\Uninstall.exe" "C:\Program Files\WinPcap\install.log"
WinZip 14.0-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B9}
======Security center information======
AV: avast! antivirus 4.8.1356 [VPS 091018-0]
======System event log======
Computer Name: MONCH
Event Code: 7036
Message: Le service Lavasoft Ad-Aware Service est entré dans l'état : arrêté.
Record Number: 5902
Source Name: Service Control Manager
Time Written: 20090915192819.000000+120
Event Type: Informations
User:
Computer Name: MONCH
Event Code: 7035
Message: Un contrôle Arrêter a correctement été envoyé au service Lavasoft Ad-Aware Service.
Record Number: 5901
Source Name: Service Control Manager
Time Written: 20090915192819.000000+120
Event Type: Informations
User: MONCH\daniel monchaux
Computer Name: MONCH
Event Code: 7036
Message: Le service Explorateur d'ordinateur est entré dans l'état : arrêté.
Record Number: 5900
Source Name: Service Control Manager
Time Written: 20090915182420.000000+120
Event Type: Informations
User:
Computer Name: MONCH
Event Code: 7024
Message: Le service Routage et accès distant s'est arrêté avec l'erreur service particulière 340 (0x154).
Record Number: 5899
Source Name: Service Control Manager
Time Written: 20090915182419.000000+120
Event Type: erreur
User:
Computer Name: MONCH
Event Code: 7036
Message: Le service Routage et accès distant est entré dans l'état : arrêté.
Record Number: 5898
Source Name: Service Control Manager
Time Written: 20090915182419.000000+120
Event Type: Informations
User:
=====Application event log=====
Computer Name: MONCH
Event Code: 1
Message:
Record Number: 5
Source Name: Bonjour Service
Time Written: 20090613201548.000000+120
Event Type: Informations
User:
Computer Name: MONCH
Event Code: 11728
Message: Product: Microsoft Office Word Viewer 2003 -- Configuration completed successfully.
Record Number: 4
Source Name: MsiInstaller
Time Written: 20090612232704.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM
Computer Name: MONCH
Event Code: 1022
Message: Produit : Microsoft Office Word Viewer 2003 - La mise à jour 'Security Update for Word Viewer 2003 (KB969614): WORDVIEW' a été installée.
Record Number: 3
Source Name: MsiInstaller
Time Written: 20090612232704.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM
Computer Name: MONCH
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.
Record Number: 2
Source Name: SecurityCenter
Time Written: 20090612231718.000000+120
Event Type: Informations
User:
Computer Name: MONCH
Event Code: 1
Message:
Record Number: 1
Source Name: Bonjour Service
Time Written: 20090612231648.000000+120
Event Type: Informations
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Samsung\Samsung PC Studio 3;C:\Program Files\QuickTime\QTSystem;C:\PROGRA~1\DISKEE~1\DISKEE~1\;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 8 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=0801
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
-----------------EOF-----------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by daniel monchaux at 2009-10-19 19:08:59
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 11 GB (15%) free of 76 GB
Total RAM: 1023 MB (50% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:11:15, on 19/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal
Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\nvsvc32.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\windows\system32\RUNDLL32.EXE
C:\windows\system32\ctfmon.exe
C:\Program Files\FileHippo.com\UpdateChecker.exe
C:\windows\system32\rundll32.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Documents and Settings\All Users.WINDOWS\Application Data\SeekappSrch\seekapp155.exe
C:\windows\system32\svchost.exe
C:\Program Files\SeekappSrch\seekappsrch.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\daniel monchaux\Mes documents\Téléchargements\RSIT.exe
C:\Program Files\trend micro\daniel monchaux.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
R3 - URLSearchHook: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Media Access Startup - {25B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Media Access Startup\2.0.0.1050\HPIEAddOn.dll
O2 - BHO: NP Helper Class - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Internet Saving Optimizer\3.8.1.4690\NPIEAddOn.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: System Search Dispatcher - {CDBFB47B-58A8-4111-BF95-06178DCE326D} - C:\Program Files\System Search Dispatcher\1.4.3.1040\ssd.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll
O3 - Toolbar: (no name) - {66886C4D-B307-4ECA-A228-52CA9B9851A4} - (no file)
O3 - Toolbar: GamingHarbor Toolbar - {5617ECA9-488D-4BA2-8562-9710B9AB78D2} - C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\stb0.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\WINDOWS\TEMP\E_SD3.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [FileHippo.com] "C:\Program Files\FileHippo.com\UpdateChecker.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?25b8f9fff0d84108982ffb8f93c9640b
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?25b8f9fff0d84108982ffb8f93c9640b
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: SeekappSrch Service - Unknown owner - C:\Documents and Settings\All Users.WINDOWS\Application Data\SeekappSrch\seekapp155.exe
--
End of file - 8857 bytes
======Scheduled tasks folder======
C:\windows\tasks\Ad-Aware Update (Weekly).job
C:\windows\tasks\AppleSoftwareUpdate.job
C:\windows\tasks\GlaryInitialize.job
C:\windows\tasks\Maintenance en 1 clic.job
C:\windows\tasks\SmartDefrag.job
C:\windows\tasks\User_Feed_Synchronization-{8AA4E7A9-F2CE-4BB0-BF75-2275A07148CD}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1c491116-c175-45e1-a570-6fb14fea8b7b}]
PHPNukeFR Toolbar - C:\Program Files\PHPNukeFR\tbPHPN.dll [2009-07-02 2215960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-07-17 279944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25B8D58C-B0CB-46b0-BA64-05B3804E4E86}]
Media Access Startup - C:\Program Files\Media Access Startup\2.0.0.1050\HPIEAddOn.dll [2009-09-08 221184]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35B8D58C-B0CB-46b0-BA64-05B3804E4E86}]
NP Helper Class - C:\Program Files\Internet Saving Optimizer\3.8.1.4690\NPIEAddOn.dll [2009-09-09 196608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CDBFB47B-58A8-4111-BF95-06178DCE326D}]
System Search Dispatcher - C:\Program Files\System Search Dispatcher\1.4.3.1040\ssd.dll [2009-09-10 294912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-08-13 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-08-13 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]
{1c491116-c175-45e1-a570-6fb14fea8b7b} - PHPNukeFR Toolbar - C:\Program Files\PHPNukeFR\tbPHPN.dll [2009-07-02 2215960]
{66886C4D-B307-4ECA-A228-52CA9B9851A4}
{5617ECA9-488D-4BA2-8562-9710B9AB78D2} - GamingHarbor Toolbar - C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\stb0.dll [2009-09-03 1130496]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-07-17 279944]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-09-15 81000]
"Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd []
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-09-21 305440]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2009-09-23 1657448]
"NvCplDaemon"=C:\windows\system32\NvCpl.dll [2009-09-27 13918208]
"NvMediaCenter"=C:\windows\system32\NvMcTray.dll [2009-09-27 86016]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EPSON Stylus DX4400 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE [2007-03-01 180736]
"ctfmon.exe"=C:\windows\system32\ctfmon.exe [2008-04-14 15360]
"FileHippo.com"=C:\Program Files\FileHippo.com\UpdateChecker.exe [2009-09-28 155648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\windows\system32\WgaLogon.dll [2009-03-10 265088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoResolveSearch"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"c:\program files\relevantknowledge\rlvknlg.exe"="c:\program files\relevantknowledge\rlvknlg.exe:*:Enabled:rlvknlg.exe"
"C:\Program Files\SecondLife\SLVoice.exe"="C:\Program Files\SecondLife\SLVoice.exe:*:Disabled:SLVoice"
"C:\LiberKey\Apps\Emule\App\Emule\emule.exe"="C:\LiberKey\Apps\Emule\App\Emule\emule.exe:*:Disabled:eMule"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Disabled:LimeWire"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Micro Application\Internet Anonyme 2\CGhost.exe"="C:\Program Files\Micro Application\Internet Anonyme 2\CGhost.exe:*:Enabled:CGhost"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
======File associations======
.reg - edit -
.reg - open -
======List of files/folders created in the last 1 months======
2009-10-19 19:09:01 ----D---- C:\Program Files\trend micro
2009-10-19 19:08:59 ----DC---- C:\rsit
2009-10-15 20:16:28 ----D---- C:\Program Files\JRE
2009-10-15 13:16:45 ----HDC---- C:\windows\$NtUninstallKB958869$
2009-10-15 13:10:13 ----HDC---- C:\windows\$NtUninstallKB969059$
2009-10-15 13:09:04 ----HDC---- C:\windows\$NtUninstallKB954155_WM9$
2009-10-15 13:08:56 ----HDC---- C:\windows\$NtUninstallKB974112$
2009-10-15 13:08:07 ----HDC---- C:\windows\$NtUninstallKB975025$
2009-10-15 13:07:06 ----HDC---- C:\windows\$NtUninstallKB974571$
2009-10-15 13:03:49 ----HDC---- C:\windows\$NtUninstallKB971486$
2009-10-15 13:02:51 ----HDC---- C:\windows\$NtUninstallKB973525$
2009-10-15 13:02:21 ----HDC---- C:\windows\$NtUninstallKB975467$
2009-10-13 18:15:55 ----DC---- C:\Documents and Settings\daniel monchaux\Application Data\SimonTools
2009-10-05 21:17:41 ----D---- C:\Program Files\FileHippo.com
2009-10-04 21:08:09 ----A---- C:\windows\system32\GEARAspi.dll
2009-10-04 21:06:17 ----DC---- C:\Documents and Settings\All Users.WINDOWS\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-10-04 18:08:24 ----DC---- C:\Documents and Settings\daniel monchaux\Application Data\Help
2009-10-04 12:51:32 ----DC---- C:\Documents and Settings\daniel monchaux\Application Data\Foxit
2009-10-02 21:54:52 ----A---- C:\windows\system32\i420vfw.dll
2009-10-02 21:54:52 ----A---- C:\windows\system32\AVSredirect.dll
2009-10-02 17:06:35 ----D---- C:\Program Files\eMule
2009-09-27 18:20:28 ----A---- C:\windows\cPVAS.INI
2009-09-27 18:20:27 ----AC---- C:\pvas.txt
2009-09-27 18:20:26 ----AC---- C:\mpeg.txt
2009-09-27 18:20:04 ----A---- C:\windows\system32\nvcplui.exe
2009-09-27 18:20:00 ----A---- C:\windows\system32\nvwddi.dll
2009-09-27 18:19:52 ----A---- C:\windows\system32\nvwss.dll
2009-09-27 18:19:50 ----A---- C:\windows\system32\nvvitvs.dll
2009-09-27 18:19:48 ----A---- C:\windows\system32\nvmobls.dll
2009-09-27 18:19:48 ----A---- C:\windows\system32\nvmccss.dll
2009-09-27 18:19:48 ----A---- C:\windows\system32\nvgames.dll
2009-09-27 18:19:46 ----A---- C:\windows\system32\nvsvc32.exe
2009-09-27 18:19:46 ----A---- C:\windows\system32\nvmctray.dll
2009-09-27 18:19:46 ----A---- C:\windows\system32\nvdisps.dll
2009-09-27 18:19:46 ----A---- C:\windows\system32\nvcpl.dll
2009-09-27 18:19:46 ----A---- C:\windows\system32\nvcolor.exe
2009-09-27 18:19:40 ----A---- C:\windows\system32\nvmccs.dll
2009-09-27 18:17:10 ----D---- C:\Program Files\Ripp-it_AM
2009-09-25 18:09:59 ----DC---- C:\Documents and Settings\daniel monchaux\Application Data\gtk-2.0
2009-09-25 18:07:34 ----DC---- C:\Documents and Settings\daniel monchaux\Application Data\Inkscape
2009-09-23 21:27:14 ----D---- C:\Program Files\Any Audio Converter
2009-09-23 20:57:14 ----DC---- C:\Documents and Settings\daniel monchaux\Application Data\AVS4YOU
2009-09-23 20:53:54 ----A---- C:\windows\system32\GdiPlus.dll
2009-09-23 20:20:25 ----D---- C:\Program Files\AviSynth 2.5
2009-09-23 20:20:05 ----A---- C:\windows\system32\coodest.dll
2009-09-22 21:07:33 ----D---- C:\Program Files\VirtualDub
2009-09-20 18:05:40 ----N---- C:\windows\system32\pxsfs.dll
2009-09-20 18:05:40 ----N---- C:\windows\system32\pxinsa64.exe
2009-09-20 18:05:40 ----N---- C:\windows\system32\pxhpinst.exe
2009-09-20 18:05:40 ----N---- C:\windows\system32\pxcpya64.exe
2009-09-20 18:05:40 ----N---- C:\windows\system32\pxafs.dll
2009-09-20 18:05:39 ----N---- C:\windows\system32\vxblock.dll
2009-09-20 18:05:39 ----N---- C:\windows\system32\pxwave.dll
2009-09-20 18:05:39 ----N---- C:\windows\system32\pxmas.dll
2009-09-20 18:05:39 ----N---- C:\windows\system32\pxdrv.dll
2009-09-20 18:05:39 ----N---- C:\windows\system32\px.dll
2009-09-20 18:05:32 ----DC---- C:\Documents and Settings\daniel monchaux\Application Data\Winamp
2009-09-20 16:04:41 ----AC---- C:\PureRa.txt
2009-09-20 14:27:51 ----DC---- C:\Documents and Settings\All Users.WINDOWS\Application Data\SeekappSrch
2009-09-20 14:27:50 ----D---- C:\Program Files\SeekappSrch
2009-09-20 14:19:42 ----D---- C:\Program Files\C-Media
2009-09-20 14:17:22 ----D---- C:\Program Files\RocketDock
2009-09-20 14:16:54 ----D---- C:\Program Files\System Search Dispatcher
2009-09-20 14:16:52 ----D---- C:\Program Files\Media Access Startup
2009-09-20 14:16:50 ----D---- C:\Program Files\Internet Saving Optimizer
2009-09-20 14:16:50 ----D---- C:\Program Files\DoubleD
2009-09-20 14:16:43 ----D---- C:\Program Files\GameSpy Arcade
2009-09-20 14:16:43 ----D---- C:\Program Files\AxBx
2009-09-20 14:16:40 ----HDC---- C:\Documents and Settings\All Users.WINDOWS\Application Data\{7F4A1B90-59B3-4968-96A3-F7C1BE30DEBE}
2009-09-20 11:51:57 ----D---- C:\Program Files\a-squared Free
======List of files/folders modified in the last 1 months======
2009-10-19 19:09:02 ----D---- C:\windows\Prefetch
2009-10-19 19:09:01 ----D---- C:\Program Files
2009-10-19 19:02:08 ----D---- C:\windows\system32\drivers
2009-10-19 17:34:43 ----D---- C:\Program Files\Mozilla Firefox
2009-10-19 17:33:33 ----D---- C:\WINDOWS
2009-10-19 17:33:32 ----D---- C:\windows\Temp
2009-10-19 12:22:28 ----N---- C:\windows\SchedLgU.Txt
2009-10-18 20:33:07 ----D---- C:\windows\system32\CatRoot2
2009-10-18 15:03:20 ----HD---- C:\windows\inf
2009-10-16 18:44:04 ----SHD---- C:\windows\Installer
2009-10-16 18:11:04 ----DC---- C:\temp
2009-10-15 21:36:24 ----D---- C:\windows\Debug
2009-10-15 20:20:37 ----RSD---- C:\windows\assembly
2009-10-15 20:16:56 ----RSD---- C:\windows\Fonts
2009-10-15 20:16:19 ----D---- C:\Program Files\OpenOffice.org 3
2009-10-15 19:27:16 ----D---- C:\windows\WinSxS
2009-10-15 19:26:24 ----D---- C:\Program Files\MSECache
2009-10-15 18:42:17 ----D---- C:\Program Files\Lavasoft
2009-10-15 18:42:10 ----DC---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft
2009-10-15 18:42:06 ----DC---- C:\windows\system32\DRVSTORE
2009-10-15 18:41:56 ----D---- C:\windows\system32
2009-10-15 18:13:26 ----SD---- C:\windows\Tasks
2009-10-15 13:34:26 ----D---- C:\windows\Microsoft.NET
2009-10-15 13:26:49 ----A---- C:\windows\system32\PerfStringBackup.INI
2009-10-15 13:18:25 ----RSHDC---- C:\windows\system32\dllcache
2009-10-15 13:18:20 ----D---- C:\Program Files\Internet Explorer
2009-10-15 13:17:49 ----D---- C:\windows\ie8updates
2009-10-15 13:17:14 ----HD---- C:\windows\$hf_mig$
2009-10-15 12:21:17 ----DC---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Adobe
2009-10-15 12:20:39 ----D---- C:\windows\SxsCaPendDel
2009-10-14 20:41:08 ----D---- C:\Program Files\Paint.NET
2009-10-14 20:35:27 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-10-11 20:59:36 ----D---- C:\Program Files\Micro Application
2009-10-09 23:46:19 ----SD---- C:\Program Files\Windows Media Player
2009-10-09 23:46:19 ----D---- C:\Program Files\TrueLaunchBar
2009-10-09 23:46:15 ----SHDC---- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2009-10-09 23:46:15 ----HD---- C:\Program Files\InstallShield Installation Information
2009-10-09 23:46:15 ----D---- C:\Program Files\IncrediMail
2009-10-09 23:46:15 ----D---- C:\Program Files\Google
2009-10-09 23:46:15 ----D---- C:\Program Files\Fichiers communs
2009-10-09 23:46:15 ----D---- C:\Program Files\AVS4YOU
2009-10-09 23:46:06 ----DC---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Real
2009-10-09 23:46:06 ----DC---- C:\Documents and Settings\All Users.WINDOWS\Application Data\EPSON
2009-10-08 20:28:14 ----DC---- C:\Documents and Settings\All Users.WINDOWS\Application Data\WinZip
2009-10-06 20:40:17 ----D---- C:\windows\Help
2009-10-06 20:38:59 ----D---- C:\windows\nview
2009-10-06 20:37:24 ----D---- C:\windows\system32\ReinstallBackups
2009-10-06 18:55:47 ----D---- C:\windows\pss
2009-10-05 21:45:30 ----D---- C:\Program Files\WinZip
2009-10-05 21:34:08 ----D---- C:\Program Files\Windows Live SkyDrive
2009-10-04 21:40:45 ----DC---- C:\Documents and Settings\daniel monchaux\Application Data\Apple Computer
2009-10-04 21:15:41 ----SDC---- C:\Documents and Settings\daniel monchaux\Application Data\Microsoft
2009-10-04 21:08:06 ----D---- C:\Program Files\iTunes
2009-10-04 21:06:51 ----D---- C:\Program Files\iPod
2009-10-04 21:04:41 ----D---- C:\Program Files\Bonjour
2009-10-04 21:04:23 ----D---- C:\Program Files\QuickTime
2009-10-04 21:02:57 ----DC---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer
2009-10-04 12:53:26 ----D---- C:\Program Files\Microsoft Silverlight
2009-10-02 20:01:57 ----A---- C:\windows\system32\MRT.exe
2009-09-29 17:50:46 ----D---- C:\Program Files\Glary Utilities
2009-09-27 21:04:59 ----D---- C:\Program Files\AskBarDis
2009-09-27 19:11:02 ----A---- C:\windows\NeroDigital.ini
2009-09-27 18:50:48 ----DC---- C:\Documents and Settings\daniel monchaux\Application Data\Real
2009-09-27 16:12:22 ----A---- C:\windows\system32\nvudisp.exe
2009-09-27 16:12:22 ----A---- C:\windows\system32\nvoglnt.dll
2009-09-27 16:12:22 ----A---- C:\windows\system32\nvcuvid.dll
2009-09-27 16:12:22 ----A---- C:\windows\system32\nvcuvenc.dll
2009-09-27 16:12:22 ----A---- C:\windows\system32\nvcuda.dll
2009-09-27 16:12:22 ----A---- C:\windows\system32\nvcodins.dll
2009-09-27 16:12:22 ----A---- C:\windows\system32\nvcod.dll
2009-09-27 16:12:22 ----A---- C:\windows\system32\nvapi.dll
2009-09-27 16:12:22 ----A---- C:\windows\system32\nv4_disp.dll
2009-09-25 17:09:40 ----DC---- C:\Documents and Settings\daniel monchaux\Application Data\Adobe
2009-09-24 09:24:18 ----A---- C:\windows\system32\NVUNINST.EXE
2009-09-23 21:41:37 ----D---- C:\Program Files\Common Files
2009-09-23 20:20:35 ----D---- C:\Program Files\K-Lite Codec Pack
2009-09-20 18:06:31 ----D---- C:\Program Files\Winamp
2009-09-20 17:51:48 ----DC---- C:\Documents and Settings\daniel monchaux\Application Data\Python-Eggs
2009-09-20 16:21:39 ----D---- C:\windows\system32\inetsrv
2009-09-20 16:17:48 ----D---- C:\Program Files\5.1MZ DSC
2009-09-20 15:00:26 ----A---- C:\windows\win.ini
2009-09-20 15:00:26 ----A---- C:\windows\system.ini
2009-09-20 14:33:31 ----D---- C:\windows\system32\CatRoot
2009-09-20 14:22:20 ----D---- C:\windows\system32\config
2009-09-20 14:21:30 ----D---- C:\windows\system32\wbem
2009-09-20 14:21:24 ----D---- C:\windows\Registration
2009-09-20 14:20:52 ----D---- C:\Program Files\ABBYY FineReader 8.0 Professional Edition
2009-09-20 14:20:30 ----HD---- C:\windows\msdownld.tmp
2009-09-20 14:20:22 ----D---- C:\windows\system
2009-09-20 14:20:17 ----D---- C:\Program Files\C-Media 3D Audio
2009-09-20 14:09:02 ----D---- C:\Program Files\Mozilla Firefox 3.5 Beta 4
2009-09-20 11:53:18 ----D---- C:\windows\system32\DirectX
2009-09-20 10:54:08 ----D---- C:\windows\Logs
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\windows\system32\drivers\Aavmker4.sys [2009-09-15 27408]
R1 AmdK7;Pilote de processeur AMD K7; C:\windows\system32\DRIVERS\amdk7.sys [2008-04-14 41856]
R1 aswSP;avast! Self Protection; C:\windows\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2009-09-15 52368]
R1 kbdhid;Pilote HID de clavier; C:\windows\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 StarOpen;StarOpen; C:\windows\system32\drivers\StarOpen.sys [2009-05-20 5632]
R2 aswFsBlk;aswFsBlk; C:\windows\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMon2;avast! Standard Shield Support; C:\windows\system32\drivers\aswMon2.sys [2009-09-15 94160]
R3 Afc;PPdus ASPI Shell; C:\windows\system32\drivers\Afc.sys [2005-02-23 11776]
R3 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr.sys [2009-09-15 23152]
R3 cmuda;C-Media WDM Audio Interface; C:\windows\system32\drivers\cmuda.sys [2005-12-15 1368000]
R3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\windows\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 hidusb;Pilote de classe HID Microsoft; C:\windows\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Pilote HID de souris; C:\windows\system32\DRIVERS\mouhid.sys [2004-08-05 12288]
R3 nv;nv; C:\windows\system32\DRIVERS\nv4_mini.sys [2009-09-27 7655872]
R3 PAC207;Trust WB-1400T Webcam; C:\windows\system32\DRIVERS\PFC027.SYS [2007-05-14 508288]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\windows\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\windows\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\windows\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\windows\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 BlueletAudio;Bluetooth Audio Service; C:\windows\system32\DRIVERS\blueletaudio.sys []
S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\windows\system32\DRIVERS\BlueletSCOAudio.sys []
S3 BT;Bluetooth PAN Network Adapter; C:\windows\system32\DRIVERS\btnetdrv.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\windows\System32\Drivers\btcusb.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\windows\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 cpuz129;cpuz129; \??\C:\LiberKey\Apps\Pcwizard\App\PCWizard\pcwiz32.sys []
S3 DsAudioDevice_207;DsAudioDevice_207; C:\windows\system32\drivers\DsAudioDevice_207.sys [2009-01-08 16640]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 JL2005C;Dual Mode Camera; C:\windows\System32\Drivers\jl2005c.sys [2007-02-09 68954]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\windows\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\windows\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\windows\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nm;Pilote du Moniteur réseau; C:\windows\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 NPF;NetGroup Packet Filter Driver; C:\windows\system32\drivers\npf.sys [2004-05-14 32896]
S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
S3 RHDISK;RHDISK; \??\M:\dossier rohos minirive\Rohos\RHDISK.SYS []
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\windows\System32\Drivers\RootMdm.sys [2004-08-05 5888]
S3 SLIP;Détrameur décalage BDA; C:\windows\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\windows\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\windows\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\windows\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\windows\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 VComm;Virtual Serial port driver; C:\windows\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\windows\System32\Drivers\VcommMgr.sys []
S3 WSTCODEC;Codec Teletext standard; C:\windows\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\windows\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\windows\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\windows\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-09-15 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-09-15 138680]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-08-13 153376]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
R2 NVSvc;NVIDIA Display Driver Service; C:\windows\system32\nvsvc32.exe [2009-09-27 172100]
R2 ProtexisLicensing;ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [2007-06-05 177704]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 SeekappSrch Service;SeekappSrch Service; C:\Documents and Settings\All Users.WINDOWS\Application Data\SeekappSrch\seekapp155.exe [2009-09-22 54760]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-09-15 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-09-15 352920]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-09-21 545568]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2004-05-14 86016]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\windows\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Configuration: Windows XP Firefox 3.5.3
A voir également:
- Je crois avoir un virus
- Virus mcafee - Accueil - Piratage
- Comment détruire un virus informatique - Guide
- Comment faire un tableau croisé dynamique - Guide
- Impossible de terminer l'opération car le fichier contient un virus ✓ - Forum Virus
- Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport existant ✓ - Forum Excel
1 réponse
bonjour,
[list][*] Rends-toi à cette adresse afin de télécharger UsbFix (créé par Chiquitine29 & C_XX) :
[*] https://www.androidworld.fr/
[*] Clique sur [b]TÉLÉCHARGER[/b] et enregistre-le sur ton bureau.
[*] [url=http://pagesperso-orange.fr/NosTools/tuto_usbfix2.html][u]tutoriel recherche[/u][/url]
[*] [b]Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d'avoir été infectés sans les ouvrir[/b]
[*] Double clic sur le raccourci UsbFix sur ton bureau, l'installation se fera automatiquement
[*] Choisi l'[b]option 1[/b] (recherche)
[*] Laisse travailler l'outil
[*] Ensuite post le rapport UsbFix.txt qui apparaîtra
[*] Note : le rapport UsbFix.txt est sauvegardé a la racine du disque[/list]
* Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus
[list][*] Rends-toi à cette adresse afin de télécharger UsbFix (créé par Chiquitine29 & C_XX) :
[*] https://www.androidworld.fr/
[*] Clique sur [b]TÉLÉCHARGER[/b] et enregistre-le sur ton bureau.
[*] [url=http://pagesperso-orange.fr/NosTools/tuto_usbfix2.html][u]tutoriel recherche[/u][/url]
[*] [b]Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d'avoir été infectés sans les ouvrir[/b]
[*] Double clic sur le raccourci UsbFix sur ton bureau, l'installation se fera automatiquement
[*] Choisi l'[b]option 1[/b] (recherche)
[*] Laisse travailler l'outil
[*] Ensuite post le rapport UsbFix.txt qui apparaîtra
[*] Note : le rapport UsbFix.txt est sauvegardé a la racine du disque[/list]
* Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus
