Problème de virus
Fermé
mjcmdr
-
20 déc. 2009 à 21:37
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 - 22 déc. 2009 à 09:54
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 - 22 déc. 2009 à 09:54
A voir également:
- Problème de virus
- Youtu.be virus - Accueil - Guide virus
- Svchost.exe virus - Guide
- Virus mcafee - Accueil - Piratage
- Faux message virus ordinateur - Accueil - Arnaque
- Faux message virus iphone ✓ - Forum Virus
4 réponses
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
20 déc. 2009 à 22:14
20 déc. 2009 à 22:14
Télécharge OTM
http://www.geekstogo.com/forum/files/file/402-otm-oldtimers-move-it/ (de Old_Timer) sur ton Bureau.
double-clique sur OTM.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTM :Paste instruction for items to be moved.
:processes
explorer.exe
:files
C:\Users\manon\appdata\local\Temp\IXP000.TMP\htryer.exe
C:\Users\manon\appdata\local\Temp\IXP000.TMP\htryer.exe
:commands
[purity]
[emptytemp]
[start explorer]
clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTM\MovedFiles.
il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.
__________________
puis
Télécharge ici :
http://images.malwareremoval.com/random/RSIT.exe
random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.
Double-clique sur RSIT.exe afin de lancer RSIT.
Clique Continue à l'écran Disclaimer.
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.
Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
NB : Les rapports sont sauvegardés dans le dossier C:\rsit
http://www.geekstogo.com/forum/files/file/402-otm-oldtimers-move-it/ (de Old_Timer) sur ton Bureau.
double-clique sur OTM.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTM :Paste instruction for items to be moved.
:processes
explorer.exe
:files
C:\Users\manon\appdata\local\Temp\IXP000.TMP\htryer.exe
C:\Users\manon\appdata\local\Temp\IXP000.TMP\htryer.exe
:commands
[purity]
[emptytemp]
[start explorer]
clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTM\MovedFiles.
il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.
__________________
puis
Télécharge ici :
http://images.malwareremoval.com/random/RSIT.exe
random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.
Double-clique sur RSIT.exe afin de lancer RSIT.
Clique Continue à l'écran Disclaimer.
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.
Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
NB : Les rapports sont sauvegardés dans le dossier C:\rsit
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
21 déc. 2009 à 16:24
21 déc. 2009 à 16:24
tu lance rsit qui va te donner 2 rapports . Tu fais un copier coller de ses rapports et tu les colle dans tes prochains message dans ce post
salut, si j'ai bien compris je dois te transmettre les 2 rapports, j'espère avoir bien compris, donc je te les copie
info.txt logfile of random's system information tool 1.06 2009-12-22 15:40:08
======Uninstall list======
-->"C:\Program Files\WildGames\Diner Dash 2 Restaurant Rescue\Uninstall.exe"
-->"C:\Program Files\WildGames\FATE\Uninstall.exe"
-->"C:\Program Files\WildGames\Game Console - WildGames\Uninstall.exe"
-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
2007 Microsoft Office system-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROHYBRIDR /dll OSETUP.DLL
32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->MsiExec.exe /X{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}
Adobe Reader 9.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A92000000001}
Advertising Center-->MsiExec.exe /X{b2ec4a38-b545-4a00-8214-13fe0e915e6d}
Assistant de connexion Windows Live ID-->MsiExec.exe /X{10A44844-4465-456E-8C97-80BDD4F68845}
Big City Adventures San Fransisco-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0FE6577A-E3DC-47E0-9320-B77FEEBD5D2A}\setup.exe" -l0x40c -removeonly
Big Fish Games Client-->C:\Program Files\bfgclient\Uninstall.exe
BitDefender Antivirus 2010-->MsiExec.exe /X{ECAEAA35-952F-42A7-B19E-01EDE80309D5}
Broadcom Gigabit Integrated Controller-->MsiExec.exe /X{FC57FC53-104C-415C-98D7-B05E659461A9}
Carbonite Online Backup Setup-->"C:\Program Files\Carbonite\CarbonitePreinstaller.exe" /preinstalled /pausefor=600 /uninstall
Catalyst Control Center - Branding-->MsiExec.exe /I{45160C56-61F6-468D-A5B0-9FAE2C3E68D6}
Code de la Route-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{9A9ED286-6A6F-441D-AF19-C872C5FD0EA2}
Diaporama Créateur Photo HD-->MsiExec.exe /X{C1FD1685-D578-4F60-8AAF-AA02C9BB8690}
Dolby Control Center-->MsiExec.exe /I{DE66EFAD-B9CC-4FD4-9157-6C18E5100161}
EasyCapture-->C:\Program Files\Lenovo\EasyCapture\Uninstall.exe
Energy Management-->C:\Program Files\InstallShield Installation Information\{AE1E24C2-E720-42D5-B8E1-48F71A97B4DB}\setup.exe -runfromtemp -l0x040c -removeonly
Fichiers de prise en charge de l'installation de Microsoft SQL Server (Français)-->MsiExec.exe /X{3380F354-C5F7-4E71-8F51-EEE6C3F06C62}
GDR 4053 for SQL Server Database Services 2005 ENU (KB970892)-->C:\Windows\SQL9_KB970892_ENU\Hotfix.exe /Uninstall
Gestionnaire de Connexion SFR 2009.09-->"C:\Program Files\SFR\Gestionnaire de Connexion SFR\unins000.exe"
Gestionnaire de contacts professionnels pour Outlook 2007 SP2-->"C:\Program Files\Microsoft Small Business\Business Contact Manager\SetupBootstrap\Setup.exe" /remove {69ca8988-1c6c-4285-b8af-db780a6e42af}
Gestionnaire de contacts professionnels pour Outlook 2007 SP2-->MsiExec.exe /X{69CA8988-1C6C-4285-B8AF-DB780A6E42AF}
HaloLighting-->C:\Program Files\InstallShield Installation Information\{85D5BE6D-293F-4BBF-ACDA-40956A8207D6}\setup.exe -runfromtemp -l0x040c -removeonly
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Customer Participation Program 10.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Imaging Device Functions 10.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart C4400 All-In-One Driver Software 10.0 Rel .3-->C:\Program Files\HP\Digital Imaging\{FF1F4E8E-A833-4c4b-A14A-45D5B841B5D8}\setup\hpzscr01.exe -datfile hposcr29.dat -onestop
HP Photosmart Essential 2.5-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Smart Web Printing-->C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat
HP Solution Center 10.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{11B83AD3-7A46-4C2E-A568-9505981D4C6F}
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Intel® Matrix Storage Manager-->C:\Program Files\Intel\Intel Matrix Storage Manager\Uninstall\imsmudlg.exe -uninstall
Java(TM) 6 Update 16-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF}
LauncherMA-->MsiExec.exe /X{C06EFB22-B5DB-46C5-9215-BCB5C19C0858}
Lenovo EasyCamera-->C:\Program Files\InstallShield Installation Information\{4BB1DCED-84D3-47F9-B718-5947E904593E}\setup.exe -runfromtemp -l0x040c -removeonly
Lenovo OneKey Recovery-->"C:\Program Files\InstallShield Installation Information\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}\setup.exe" /z-uninstall
Lenovo ReadyComm 4.0 -->MsiExec.exe /X{76C66170-C538-4E77-B54D-48E136B5B533}
Lenovo System Repair - Windows Update Monitor-->C:\Program Files\InstallShield Installation Information\{717E0AD5-91EB-459F-AB8B-1B5219BAF7CE}\setup.exe -runfromtemp -l0x040c -removeonly
LimeWire 5.3.6-->"C:\Program Files\LimeWire\uninstall.exe"
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office 2000 Small Business-->MsiExec.exe /I{0003040C-78E1-11D2-B60F-006097C998E7}
Microsoft Office 2003 Web Components-->MsiExec.exe /I{90A4040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office 2007 Primary Interop Assemblies-->MsiExec.exe /X{50120000-1105-0000-0000-0000000FF1CE}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.4-->MsiExec.exe /I{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional Hybrid 2007-->MsiExec.exe /X{91120000-0031-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Small Business Connectivity Components-->MsiExec.exe /X{A939D341-5A04-4E0A-BB55-3E65B386432D}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)-->MsiExec.exe /I{480DBB60-F0B6-45F2-B26F-1A2E11197791}
Microsoft SQL Server 2005-->"c:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe" /Remove
Microsoft SQL Server Native Client-->MsiExec.exe /I{1F24E48F-7692-4E89-8784-68DD4D2712A0}
Microsoft SQL Server VSS Writer-->MsiExec.exe /I{A30179B7-997A-4D47-AA43-57AE59A9C78B}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}
Mise à jour Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {51EFB347-1F3D-4BAC-8B79-F056B904FE21}
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3}
Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Motorola SM56 Data Fax Modem-->rundll32.exe sm56co85.dll,SM56UnInstaller
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nero 9 Essentials-->C:\Program Files\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="XM02-508X-MHAT-19WU-9Z3Z-0CH0-3U6E-85W5-MMHH-6647-1Z5L-7M8C-0U45-758P-0000"
Nero ControlCenter-->MsiExec.exe /X{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}
Nero Installer-->MsiExec.exe /X{e8a80433-302b-4ff1-815d-fcc8eac482ff}
Nero Online Upgrade-->MsiExec.exe /X{dba84796-8503-4ff0-af57-1747dd9a166d}
Nero StartSmart OEM-->MsiExec.exe /X{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}
Nero StartSmart-->MsiExec.exe /X{7748ac8c-18e3-43bb-959b-088faea16fb2}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
OCR Software by I.R.I.S. 10.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Picasa 3-->"C:\Users\manon\Desktop\Picasa3\Uninstall.exe"
Power2Go-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\setup.exe" -uninstall
QuickTime-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{C21D5524-A970-42FA-AC8A-59B8C7CDCA31} /l1036
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m -nrg2709
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.01-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{59F6A514-9813-47A3-948C-8A155460CC2A}\setup.exe" -l0x40c anything
Second Display Control-->C:\Program Files\InstallShield Installation Information\{A4E856D8-6150-4E89-8F97-8F45E799ED72}\setup.exe -runfromtemp -l0x0009 -removeonly
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB973704)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F}
Security Update for Microsoft Office Excel 2007 (KB973593)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE}
Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office Publisher 2007 (KB969693)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Shop for HP Supplies-->C:\Program Files\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat
Sunset studio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B56EFD8B-F0A2-4B94-83FB-9741F86EDFFA}\setup.exe" -l0x40c -removeonly
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7}
Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40C635331}
Update for Outlook 2007 Junk Email Filter (kb976884)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {FB60F280-C70F-4174-BADB-471412AA42F0}
VeriFace III-->C:\Program Files\Lenovo\VeriFaceIII\Uninstall.exe
WildGames-->"C:\Program Files\WildGames\Uninstall.exe"
Winbond CIR Device Drivers-->MsiExec.exe /I{2207226D-993D-4026-AD4F-1944FF954FA8}
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
======Security center information======
AS: Windows Defender
======System event log======
Computer Name: PC-de-manon
Event Code: 1001
Message: L’initialisation de l’application a échoué. Dernière erreur : 0x80070032
Record Number: 27162
Source Name: Microsoft-Windows-LanguagePackSetup
Time Written: 20090905114918.398498-000
Event Type: Erreur
User: AUTORITE NT\SYSTEM
Computer Name: PC-de-manon
Event Code: 15016
Message: Impossible d’initialiser le package de sécurité Kerberos pour l’authentification côté serveur. Le champ de données contient le numéro de l’erreur.
Record Number: 27075
Source Name: Microsoft-Windows-HttpEvent
Time Written: 20090905114845.945698-000
Event Type: Erreur
User:
Computer Name: PC-de-manon
Event Code: 4
Message: Broadcom NetLink (TM) Fast Ethernet: The network link is down. Check to make sure the network cable is properly connected.
Record Number: 27071
Source Name: b57nd60x
Time Written: 20090905114832.453698-000
Event Type: Avertissement
User:
Computer Name: PC-de-manon
Event Code: 4001
Message: Le Service d’autoconfiguration WLAN s’est arrêté correctement.
Record Number: 27059
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20090905085811.949200-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
Computer Name: PC-de-manon
Event Code: 1001
Message: L’initialisation de l’application a échoué. Dernière erreur : 0x80070032
Record Number: 27022
Source Name: Microsoft-Windows-LanguagePackSetup
Time Written: 20090905075617.485896-000
Event Type: Erreur
User: AUTORITE NT\SYSTEM
=====Application event log=====
Computer Name: PC-de-manon
Event Code: 10
Message: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé.
Record Number: 1513
Source Name: Microsoft-Windows-WMI
Time Written: 20090809060104.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-manon
Event Code: 1530
Message: Windows a détecté que votre fichier de Registre est toujours utilisé par d'autres applications ou services. Le fichier va être déchargé. Les applications ou services qui ont accès à votre Registre risquent de ne pas fonctionner correctement après cela.
DÉTAIL -
16 user registry handles leaked from \Registry\User\S-1-5-21-2273517201-3172522784-3396773752-1004:
Process 632 (\Device\HarddiskVolume1\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-2273517201-3172522784-3396773752-1004
Process 1660 (\Device\HarddiskVolume1\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2273517201-3172522784-3396773752-1004
Process 1660 (\Device\HarddiskVolume1\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2273517201-3172522784-3396773752-1004
Process 1660 (\Device\HarddiskVolume1\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2273517201-3172522784-3396773752-1004
Process 1660 (\Device\HarddiskVolume1\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2273517201-3172522784-3396773752-1004
Process 1660 (\Device\HarddiskVolume1\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2273517201-3172522784-3396773752-1004\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 1660 (\Device\HarddiskVolume1\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2273517201-3172522784-3396773752-1004\Software\Microsoft\SystemCertificates\My
Process 1660 (\Device\HarddiskVolume1\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2273517201-3172522784-3396773752-1004\Software\Microsoft\SystemCertificates\TrustedPeople
Process 1660 (\Device\HarddiskVolume1\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2273517201-3172522784-3396773752-1004\Software\Microsoft\SystemCertificates\CA
Process 1660 (\Device\HarddiskVolume1\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2273517201-3172522784-3396773752-1004\Software\Microsoft\SystemCertificates\Disallowed
Process 1660 (\Device\HarddiskVolume1\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2273517201-3172522784-3396773752-1004\Software\Microsoft\SystemCertificates\Root
Process 1660 (\Device\HarddiskVolume1\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2273517201-3172522784-3396773752-1004\Software\Policies\Microsoft\SystemCertificates
Process 1660 (\Device\HarddiskVolume1\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2273517201-3172522784-3396773752-1004\Software\Policies\Microsoft\SystemCertificates
Process 1660 (\Device\HarddiskVolume1\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2273517201-3172522784-3396773752-1004\Software\Policies\Microsoft\SystemCertificates
Process 1660 (\Device\HarddiskVolume1\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2273517201-3172522784-3396773752-1004\Software\Policies\Microsoft\SystemCertificates
Process 1660 (\Device\HarddiskVolume1\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2273517201-3172522784-3396773752-1004\Software\Microsoft\SystemCertificates\trust
Record Number: 1493
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20090808223005.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
Computer Name: PC-de-manon
Event Code: 4621
Message: Le système d'événements de COM+ n'a pas pu supprimer l'objet EventSystem.EventSubscription {CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}. HRESULT : 80070005.
Record Number: 1490
Source Name: Microsoft-Windows-EventSystem
Time Written: 20090808223002.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-manon
Event Code: 10
Message: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé.
Record Number: 1413
Source Name: Microsoft-Windows-WMI
Time Written: 20090808011909.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-manon
Event Code: 1008
Message: Le service Windows Search tente de supprimer l’ancien catalogue.
Record Number: 1409
Source Name: Microsoft-Windows-Search
Time Written: 20090808011900.000000-000
Event Type: Avertissement
User:
=====Security event log=====
Computer Name: PC-de-manon
Event Code: 4907
Message: Les paramètres d’audit sur l’objet ont changé.
Sujet :
ID de sécurité : S-1-5-21-2273517201-3172522784-3396773752-1004
Nom du compte : manon
Domaine du compte : PC-de-manon
ID d’ouverture de session : 0xd2bfd
Objet :
Serveur de l’objet : Security
Type d’objet : File
Nom de l’objet : \Device\Wsvd\Z\Windows\System32\fr-FR\lmhsvc.dll.mui
ID du handle : 0x404
Informations sur le processus :
ID du processus : 0x1120
Nom du processus : C:\Program Files\Lenovo\OneKey App\OneKey Recovery\OneKey Recovery.exe
Paramètres d’audit :
Descripteur de sécurité d’origine :
Nouveau descripteur de sécurité : S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 9009
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090808202414.684000-000
Event Type: Succès de l'audit
User:
Computer Name: PC-de-manon
Event Code: 4907
Message: Les paramètres d’audit sur l’objet ont changé.
Sujet :
ID de sécurité : S-1-5-21-2273517201-3172522784-3396773752-1004
Nom du compte : manon
Domaine du compte : PC-de-manon
ID d’ouverture de session : 0xd2bfd
Objet :
Serveur de l’objet : Security
Type d’objet : File
Nom de l’objet : \Device\Wsvd\Z\Windows\System32\fr-FR\lltdres.dll.mui
ID du handle : 0x3d4
Informations sur le processus :
ID du processus : 0x1120
Nom du processus : C:\Program Files\Lenovo\OneKey App\OneKey Recovery\OneKey Recovery.exe
Paramètres d’audit :
Descripteur de sécurité d’origine :
Nouveau descripteur de sécurité : S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 9008
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090808202414.668400-000
Event Type: Succès de l'audit
User:
Computer Name: PC-de-manon
Event Code: 4907
Message: Les paramètres d’audit sur l’objet ont changé.
Sujet :
ID de sécurité : S-1-5-21-2273517201-3172522784-3396773752-1004
Nom du compte : manon
Domaine du compte : PC-de-manon
ID d’ouverture de session : 0xd2bfd
Objet :
Serveur de l’objet : Security
Type d’objet : File
Nom de l’objet : \Device\Wsvd\Z\Windows\System32\fr-FR\lipeula.rtf
ID du handle : 0x404
Informations sur le processus :
ID du processus : 0x1120
Nom du processus : C:\Program Files\Lenovo\OneKey App\OneKey Recovery\OneKey Recovery.exe
Paramètres d’audit :
Descripteur de sécurité d’origine :
Nouveau descripteur de sécurité : S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 9007
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090808202414.652800-000
Event Type: Succès de l'audit
User:
Computer Name: PC-de-manon
Event Code: 4907
Message: Les paramètres d’audit sur l’objet ont changé.
Sujet :
ID de sécurité : S-1-5-21-2273517201-3172522784-3396773752-1004
Nom du compte : manon
Domaine du compte : PC-de-manon
ID d’ouverture de session : 0xd2bfd
Objet :
Serveur de l’objet : Security
Type d’objet : File
Nom de l’objet : \Device\Wsvd\Z\Windows\System32\fr-FR\licmgr10.dll.mui
ID du handle : 0x3d4
Informations sur le processus :
ID du processus : 0x1120
Nom du processus : C:\Program Files\Lenovo\OneKey App\OneKey Recovery\OneKey Recovery.exe
Paramètres d’audit :
Descripteur de sécurité d’origine :
Nouveau descripteur de sécurité : S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 9006
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090808202414.652800-000
Event Type: Succès de l'audit
User:
Computer Name: PC-de-manon
Event Code: 4907
Message: Les paramètres d’audit sur l’objet ont changé.
Sujet :
ID de sécurité : S-1-5-21-2273517201-3172522784-3396773752-1004
Nom du compte : manon
Domaine du compte : PC-de-manon
ID d’ouverture de session : 0xd2bfd
Objet :
Serveur de l’objet : Security
Type d’objet : File
Nom de l’objet : \Device\Wsvd\Z\Windows\System32\fr-FR\license_addendum_1.txt
ID du handle : 0x404
Informations sur le processus :
ID du processus : 0x1120
Nom du processus : C:\Program Files\Lenovo\OneKey App\OneKey Recovery\OneKey Recovery.exe
Paramètres d’audit :
Descripteur de sécurité d’origine :
Nouveau descripteur de sécurité : S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 9005
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090808202414.621600-000
Event Type: Succès de l'audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\Microsoft SQL Server\90\Tools\binn\;C:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 10, GenuineIntel
"PROCESSOR_REVISION"=170a
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE
"configsetroot"=%SystemRoot%\ConfigSetRoot
"LenovoTestLogFile"=preload.log
"LenovoTestPath"=C:\test\WINTEST\
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip
-----------------EOF-----------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by manon at 2009-12-22 15:39:29
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
System drive C: has 202 GB (78%) free of 259 GB
Total RAM: 3068 MB (58% free)
HijackThis download failed
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-10 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{381FFDE8-2394-4f90-B10D-FC6124A40F8C} - BitDefender Toolbar - C:\Program Files\BitDefender\BitDefender 2010\IEToolbar.dll [2009-11-23 128832]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"Unattend0000000001{70EB91E7-FAAB-44A4-BA19-C0A45B228BC0}"=C:\Windows\test.bat []
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-07-20 182808]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-06-24 6298144]
"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2008-06-11 1454080]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-05-08 1111336]
"HaloLighting"=C:\Program Files\Lenovo\HaloLighting\HaloLighting.exe [2008-03-31 1425408]
"WisAvCtrl"=C:\Program Files\Second Display Control\WisAvCtrl.exe [2008-06-16 401408]
"WisOSD"=C:\Program Files\Second Display Control\WisOSD.exe [2008-04-22 2838528]
"CarboniteSetupLite"=C:\Program Files\Carbonite\CarbonitePreinstaller.exe [2008-06-19 284096]
"UpdateP2GShortCut"=C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
"VeriFaceManager"=C:\Program Files\Lenovo\VeriFaceIII\PManage.exe [2009-07-03 2916352]
"Readycomm"=C:\Program Files\Lenovo\ReadyComm\ReadyComm.exe [2007-06-03 425984]
"EnergyUtility"=C:\Program Files\Lenovo\Energy Management\utility.exe [2008-06-18 5285792]
"Energy Management"=C:\Program Files\Lenovo\Energy Management\Energy Management.exe [2008-06-24 8857488]
"NWEReboot"= []
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-08-16 282624]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-10-14 49152]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2007-08-22 80896]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-10 149280]
"BitDefender Antiphishing Helper"=C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe [2009-11-23 71152]
"BDAgent"=C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe [2009-11-23 1118144]
"Skytel"=C:\Windows\Skytel.exe [2007-11-20 1826816]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"WindowsWelcomeCenter"=oobefldr.dll,ShowWelcomeCenter []
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE
C:\Users\manon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Lanceur.lnk - C:\Program Files\Micro Application\LauncherMA.exe
LimeWire On Startup.lnk - C:\Program Files\LimeWire\LimeWire.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
shell\AutoRun\command - F:\SFR.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2232a4f0-a8e9-11de-aec5-0022fafc1eba}]
shell\AutoRun\command - F:\SFR.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{91d900b6-b0c6-11de-a0bb-0022fafc1eba}]
shell\AutoRun\command - F:\SFR.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a5457494-9262-11de-a018-00a0c6000000}]
shell\AutoRun\command - F:\SFR.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d10f679f-9261-11de-a186-0022fafc1eba}]
shell\AutoRun\command - F:\SFR.exe
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2009-12-22 15:39:29 ----D---- C:\rsit
2009-12-22 15:39:29 ----D---- C:\Program Files\trend micro
2009-12-22 15:11:36 ----D---- C:\_OTM
2009-12-13 18:52:29 ----D---- C:\Program Files\Adobe
2009-12-13 17:30:22 ----D---- C:\Program Files\Windows Portable Devices
2009-12-13 17:24:29 ----A---- C:\Windows\system32\UIAnimation.dll
2009-12-13 17:24:28 ----A---- C:\Windows\system32\UIRibbonRes.dll
2009-12-13 17:24:28 ----A---- C:\Windows\system32\UIRibbon.dll
2009-12-13 17:23:57 ----A---- C:\Windows\system32\WMPhoto.dll
2009-12-13 17:23:55 ----A---- C:\Windows\system32\cdd.dll
2009-12-13 17:23:54 ----A---- C:\Windows\system32\XpsRasterService.dll
2009-12-13 17:23:54 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2009-12-13 17:23:54 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-12-13 17:23:54 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-12-13 17:23:54 ----A---- C:\Windows\system32\d3d10warp.dll
2009-12-13 17:23:54 ----A---- C:\Windows\system32\d2d1.dll
2009-12-13 17:23:53 ----A---- C:\Windows\system32\xpsservices.dll
2009-12-13 17:23:53 ----A---- C:\Windows\system32\XpsPrint.dll
2009-12-13 17:23:53 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-12-13 17:23:53 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-12-13 17:23:53 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-12-13 17:23:53 ----A---- C:\Windows\system32\OpcServices.dll
2009-12-13 17:23:53 ----A---- C:\Windows\system32\FntCache.dll
2009-12-13 17:23:53 ----A---- C:\Windows\system32\dxdiagn.dll
2009-12-13 17:23:53 ----A---- C:\Windows\system32\dxdiag.exe
2009-12-13 17:23:53 ----A---- C:\Windows\system32\DWrite.dll
2009-12-13 17:23:53 ----A---- C:\Windows\system32\d3d10level9.dll
2009-12-13 17:23:53 ----A---- C:\Windows\system32\d3d10core.dll
2009-12-13 17:23:53 ----A---- C:\Windows\system32\d3d10_1core.dll
2009-12-13 17:23:52 ----A---- C:\Windows\system32\dxgi.dll
2009-12-13 17:23:52 ----A---- C:\Windows\system32\d3d11.dll
2009-12-13 17:23:52 ----A---- C:\Windows\system32\d3d10_1.dll
2009-12-13 17:23:52 ----A---- C:\Windows\system32\d3d10.dll
2009-12-13 17:23:25 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2009-12-13 17:23:25 ----A---- C:\Windows\system32\wpdbusenum.dll
2009-12-13 17:23:25 ----A---- C:\Windows\system32\BthMtpContextHandler.dll
2009-12-13 17:23:21 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll
2009-12-13 17:23:18 ----A---- C:\Windows\system32\WpdMtpUS.dll
2009-12-13 17:23:18 ----A---- C:\Windows\system32\WpdConns.dll
2009-12-13 17:23:17 ----A---- C:\Windows\system32\WPDSp.dll
2009-12-13 17:23:17 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2009-12-13 17:23:17 ----A---- C:\Windows\system32\wpdshext.dll
2009-12-13 17:23:17 ----A---- C:\Windows\system32\WpdMtp.dll
2009-12-13 17:23:17 ----A---- C:\Windows\system32\wpd_ci.dll
2009-12-13 17:23:17 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2009-12-13 17:23:17 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-12-13 17:23:17 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-12-13 17:23:17 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-12-13 17:22:11 ----A---- C:\Windows\system32\oleaccrc.dll
2009-12-13 17:22:10 ----A---- C:\Windows\system32\UIAutomationCore.dll
2009-12-13 17:22:10 ----A---- C:\Windows\system32\oleacc.dll
2009-12-13 17:20:24 ----D---- C:\Program Files\Microsoft Silverlight
2009-12-13 17:12:31 ----A---- C:\Windows\system32\wmp.dll
2009-12-13 17:12:28 ----A---- C:\Windows\system32\unregmp2.exe
2009-12-13 17:12:27 ----A---- C:\Windows\system32\wmploc.DLL
2009-12-13 17:08:03 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-12-13 17:08:02 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2009-12-13 15:33:54 ----D---- C:\Windows\system32\eu-ES
2009-12-13 15:33:54 ----D---- C:\Windows\system32\ca-ES
2009-12-13 15:33:53 ----D---- C:\Windows\system32\vi-VN
2009-12-13 10:16:46 ----A---- C:\Windows\system32\nshhttp.dll
2009-12-13 10:16:41 ----A---- C:\Windows\system32\httpapi.dll
2009-12-11 14:58:30 ----A---- C:\Windows\system32\winhttp.dll
2009-12-11 14:47:57 ----A---- C:\Windows\system32\mshtml.dll
2009-12-11 14:47:56 ----A---- C:\Windows\system32\ieframe.dll
2009-12-11 14:47:55 ----A---- C:\Windows\system32\wininet.dll
2009-12-11 14:47:55 ----A---- C:\Windows\system32\urlmon.dll
2009-12-11 14:47:55 ----A---- C:\Windows\system32\iertutil.dll
2009-12-11 14:47:54 ----A---- C:\Windows\system32\occache.dll
2009-12-11 14:47:54 ----A---- C:\Windows\system32\msfeeds.dll
2009-12-11 14:47:54 ----A---- C:\Windows\system32\ieui.dll
2009-12-11 14:47:54 ----A---- C:\Windows\system32\iedkcs32.dll
2009-12-11 14:47:53 ----A---- C:\Windows\system32\ieUnatt.exe
2009-12-11 14:47:53 ----A---- C:\Windows\system32\iepeers.dll
2009-12-11 14:47:52 ----A---- C:\Windows\system32\msfeedssync.exe
2009-12-11 14:47:52 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-12-11 14:47:52 ----A---- C:\Windows\system32\jsproxy.dll
2009-12-11 14:47:52 ----A---- C:\Windows\system32\iesysprep.dll
2009-12-11 14:47:52 ----A---- C:\Windows\system32\iesetup.dll
2009-12-11 14:47:52 ----A---- C:\Windows\system32\iernonce.dll
2009-12-11 14:47:52 ----A---- C:\Windows\system32\ie4uinit.exe
2009-12-11 14:24:06 ----A---- C:\Windows\system32\rastls.dll
2009-11-30 14:00:59 ----D---- C:\Windows\system32\EventProviders
2009-11-27 09:57:24 ----A---- C:\bdlog.txt
2009-11-27 09:12:09 ----A---- C:\Windows\system32\tzres.dll
2009-11-26 19:04:05 ----A---- C:\Windows\system32\msxml6.dll
2009-11-26 19:04:04 ----A---- C:\Windows\system32\msxml3.dll
======List of files/folders modified in the last 1 months======
2009-12-22 15:39:30 ----D---- C:\Windows\Prefetch
2009-12-22 15:39:29 ----RD---- C:\Program Files
2009-12-22 15:39:12 ----D---- C:\Windows\Temp
2009-12-22 15:20:36 ----D---- C:\Windows\System32
2009-12-22 15:20:36 ----D---- C:\Windows\inf
2009-12-22 15:20:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-12-22 15:16:12 ----D---- C:\Users\manon\AppData\Roaming\LimeWire
2009-12-22 15:14:44 ----A---- C:\sysiclog.txt
2009-12-19 19:52:19 ----SHD---- C:\System Volume Information
2009-12-16 12:53:53 ----SHD---- C:\Windows\Installer
2009-12-16 12:53:53 ----HD---- C:\Config.Msi
2009-12-16 12:53:49 ----D---- C:\ProgramData\Microsoft Help
2009-12-15 13:27:25 ----D---- C:\Windows
2009-12-15 11:25:49 ----D---- C:\Windows\system32\drivers
2009-12-14 22:38:54 ----D---- C:\Windows\system32\catroot2
2009-12-13 21:30:21 ----D---- C:\Windows\Minidump
2009-12-13 21:25:43 ----D---- C:\Windows\Microsoft.NET
2009-12-13 21:25:08 ----RSD---- C:\Windows\assembly
2009-12-13 19:03:51 ----HD---- C:\ProgramData
2009-12-13 19:01:13 ----A---- C:\Windows\system32\ICAutoUpdate.log.bak
2009-12-13 18:57:28 ----D---- C:\ProgramData\Adobe
2009-12-13 18:53:32 ----D---- C:\Program Files\Common Files\Adobe
2009-12-13 18:14:31 ----D---- C:\Windows\winsxs
2009-12-13 18:14:23 ----D---- C:\Windows\system32\catroot
2009-12-13 17:52:07 ----D---- C:\Windows\rescache
2009-12-13 17:35:33 ----D---- C:\Windows\system32\Tasks
2009-12-13 17:35:30 ----SD---- C:\Windows\Downloaded Program Files
2009-12-13 17:30:23 ----D---- C:\Windows\system32\fr-FR
2009-12-13 17:30:23 ----D---- C:\Program Files\Windows Mail
2009-12-13 17:30:22 ----D---- C:\Windows\system32\wbem
2009-12-13 17:30:21 ----D---- C:\Windows\system32\uk-UA
2009-12-13 17:30:21 ----D---- C:\Windows\system32\pt-PT
2009-12-13 17:30:21 ----D---- C:\Windows\system32\pt-BR
2009-12-13 17:30:21 ----D---- C:\Windows\system32\pl-PL
2009-12-13 17:30:21 ----D---- C:\Windows\system32\ko-KR
2009-12-13 17:30:21 ----D---- C:\Windows\system32\it-IT
2009-12-13 17:30:21 ----D---- C:\Windows\system32\hu-HU
2009-12-13 17:30:21 ----D---- C:\Windows\system32\he-IL
2009-12-13 17:30:21 ----D---- C:\Windows\system32\bg-BG
2009-12-13 17:30:20 ----D---- C:\Windows\system32\zh-TW
2009-12-13 17:30:20 ----D---- C:\Windows\system32\zh-HK
2009-12-13 17:30:20 ----D---- C:\Windows\system32\zh-CN
2009-12-13 17:30:20 ----D---- C:\Windows\system32\tr-TR
2009-12-13 17:30:20 ----D---- C:\Windows\system32\th-TH
2009-12-13 17:30:20 ----D---- C:\Windows\system32\sv-SE
2009-12-13 17:30:20 ----D---- C:\Windows\system32\sr-Latn-CS
2009-12-13 17:30:20 ----D---- C:\Windows\system32\sl-SI
2009-12-13 17:30:20 ----D---- C:\Windows\system32\sk-SK
2009-12-13 17:30:20 ----D---- C:\Windows\system32\ru-RU
2009-12-13 17:30:20 ----D---- C:\Windows\system32\ro-RO
2009-12-13 17:30:20 ----D---- C:\Windows\system32\nl-NL
2009-12-13 17:30:20 ----D---- C:\Windows\system32\nb-NO
2009-12-13 17:30:20 ----D---- C:\Windows\system32\lv-LV
2009-12-13 17:30:20 ----D---- C:\Windows\system32\lt-LT
2009-12-13 17:30:20 ----D---- C:\Windows\system32\ja-JP
2009-12-13 17:30:20 ----D---- C:\Windows\system32\hr-HR
2009-12-13 17:30:20 ----D---- C:\Windows\system32\fi-FI
2009-12-13 17:30:20 ----D---- C:\Windows\system32\et-EE
2009-12-13 17:30:20 ----D---- C:\Windows\system32\es-ES
2009-12-13 17:30:20 ----D---- C:\Windows\system32\en-US
2009-12-13 17:30:20 ----D---- C:\Windows\system32\el-GR
2009-12-13 17:30:20 ----D---- C:\Windows\system32\de-DE
2009-12-13 17:30:20 ----D---- C:\Windows\system32\da-DK
2009-12-13 17:30:20 ----D---- C:\Windows\system32\cs-CZ
2009-12-13 17:30:20 ----D---- C:\Windows\system32\ar-SA
2009-12-13 17:30:20 ----D---- C:\Program Files\Windows Media Player
2009-12-13 17:30:20 ----D---- C:\Program Files\Internet Explorer
2009-12-13 17:30:19 ----D---- C:\Windows\ehome
2009-12-13 17:30:19 ----D---- C:\Windows\AppPatch
2009-12-13 17:20:12 ----D---- C:\Program Files\Common Files\microsoft shared
2009-12-13 17:19:26 ----D---- C:\Program Files\Microsoft
2009-12-13 15:43:29 ----SHD---- C:\Boot
2009-12-13 15:34:45 ----D---- C:\Program Files\Windows Calendar
2009-12-13 15:34:45 ----D---- C:\Program Files\Movie Maker
2009-12-13 15:34:44 ----D---- C:\Program Files\Windows Sidebar
2009-12-13 15:34:44 ----D---- C:\Program Files\Windows Journal
2009-12-13 15:34:44 ----D---- C:\Program Files\Windows Collaboration
2009-12-13 15:34:43 ----D---- C:\Program Files\Windows Photo Gallery
2009-12-13 15:34:43 ----D---- C:\Program Files\Common Files\System
2009-12-13 15:34:39 ----D---- C:\Windows\servicing
2009-12-13 15:34:39 ----D---- C:\Program Files\Windows Defender
2009-12-13 15:34:25 ----D---- C:\Windows\system32\XPSViewer
2009-12-13 15:34:25 ----D---- C:\Windows\IME
2009-12-13 15:34:24 ----D---- C:\Windows\system32\oobe
2009-12-13 15:34:24 ----D---- C:\Windows\system32\migration
2009-12-13 15:34:24 ----D---- C:\Windows\system32\fr
2009-12-13 15:34:22 ----D---- C:\Windows\system32\AdvancedInstallers
2009-12-13 15:34:18 ----D---- C:\Windows\system32\setup
2009-12-13 15:34:17 ----D---- C:\Windows\system32\SLUI
2009-12-13 15:34:16 ----D---- C:\Windows\system32\manifeststore
2009-12-13 15:34:12 ----D---- C:\Windows\system32\migwiz
2009-12-13 15:34:00 ----RSD---- C:\Windows\Fonts
2009-12-13 15:33:53 ----D---- C:\Windows\system32\Boot
2009-12-13 15:32:28 ----D---- C:\Windows\system32\RTCOM
2009-12-13 15:11:12 ----D---- C:\Users\manon\AppData\Roaming\SFR
2009-12-13 10:20:49 ----A---- C:\sysiclog.txt.bak
2009-12-01 21:06:19 ----A---- C:\Windows\system32\mrt.exe
2009-11-23 21:19:03 ----D---- C:\Windows\ModemLogs
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 bdftdif;bdftdif; \??\C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys [2009-11-23 119048]
R1 funfrm;funfrm; C:\Windows\system32\drivers\funfrm.sys [2009-07-03 49472]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2008-02-15 46592]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]
R2 tvtumon;tvtumon; C:\Windows\system32\DRIVERS\tvtumon.sys [2008-08-28 48192]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\Windows\system32\DRIVERS\AcpiVpc.sys [2008-01-02 18448]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-06-24 3844608]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2007-11-29 181760]
R3 BDFM;BDFM; C:\Windows\system32\DRIVERS\bdfm.sys [2009-11-23 152456]
R3 Cam5607;Lenovo EasyCamera; C:\Windows\System32\Drivers\BisonC07.sys [2008-05-07 865064]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 hidshim;Service for HID-KMDF Shim layer; C:\Windows\system32\DRIVERS\hidshim.sys [2008-06-03 5632]
R3 ICOLOR;Lenovo icolor Controller Driver; C:\Windows\system32\DRIVERS\setool.sys [2007-11-23 8704]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-06-24 2149208]
R3 NETw5v32;Pilote de carte Intel(R) Wireless WiFi Link pour Windows Vista 32 bits ; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-04-27 3658752]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2008-06-11 1097856]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-05-08 199472]
R3 wdmirror;wdmirror; C:\Windows\system32\DRIVERS\WDMirror.sys [2008-06-13 8832]
R3 winbondhidcir;Winbond HID CIR Receiver; C:\Windows\system32\DRIVERS\winbondhidcir.sys [2008-06-03 23040]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
R3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys [2008-10-15 104960]
R3 ZTEusbnet;ZTE USB-NDIS miniport; C:\Windows\system32\DRIVERS\ZTEusbnet.sys [2008-10-13 110080]
R3 ZTEusbnmea;ZTE NMEA Port; C:\Windows\system32\DRIVERS\ZTEusbnmea.sys [2008-10-29 105344]
R3 ZTEusbser6k;ZTE Diagnostic Port; C:\Windows\system32\DRIVERS\ZTEusbser6k.sys [2008-10-15 104960]
R3 ZTEusbvoice;ZTE VoUSB Port; C:\Windows\system32\DRIVERS\ZTEusbvoice.sys [2008-10-15 104960]
S3 BDSelfPr;BDSelfPr; \??\C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys [2009-11-23 54912]
S3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 massfilter;ZTE Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys [2008-10-29 7680]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 Profos;Profos; \??\C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys [2009-11-08 14720]
S3 Trufos;Trufos; \??\C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys [2009-05-07 39808]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2007-05-23 128104]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WSVD;WSVD; \??\C:\Windows\system32\drivers\WSVD.sys [2008-01-10 81192]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-06-24 692224]
R2 BcmSqlStartupSvc;Service de démarrage SQL Server pour le Gestionnaire de contacts professionnels; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-16 30312]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-07-20 354840]
R2 IGRS;IGRS; C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe [2008-02-14 32768]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 ReadyComm.DirectRouter;ReadyComm.DirectRouter; C:\Windows\System32\IgrsSvcs.exe [2008-01-21 21504]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 ServiceSFRABCD;Service SFR Gestionnaire Connexion; C:\Program Files\SFR\Gestionnaire de Connexion SFR\SFRABCDService.exe [2009-09-01 657024]
R2 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-24 239968]
R2 SQLWriter;Enregistreur VSS SQL Server; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904]
R2 System_Repair_UpdateMonitor;System Repair Windows Update Monitor; C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe [2008-09-27 430080]
R2 VSSERV;BitDefender Virus Shield; C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe [2009-11-23 1622320]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R3 IncSvc;ReadyComm Network Monitor and Configuration; C:\Windows\System32\IgrsSvcs.exe [2008-01-21 21504]
R3 WisLMSvc;WisLMSvc; C:\Program Files\Second Display Control\WisLMSvc.exe [2008-01-15 118784]
S2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe /service []
S3 Arrakis3;BitDefender Serveur Arrakis; C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe [2009-11-23 183880]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 GameConsoleService;GameConsoleService; C:\Program Files\WildGames\Game Console - WildGames\GameConsoleService.exe [2008-01-29 165416]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2009-05-27 29262680]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PS_MDP;ReadyComm Presentation Space Helper Service; C:\Windows\System32\IgrsSvcs.exe [2008-01-21 21504]
S3 scan;BitDefender Threat Scanner; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-24 45408]
-----------------EOF-----------------
je te remercie
info.txt logfile of random's system information tool 1.06 2009-12-22 15:40:08
======Uninstall list======
-->"C:\Program Files\WildGames\Diner Dash 2 Restaurant Rescue\Uninstall.exe"
-->"C:\Program Files\WildGames\FATE\Uninstall.exe"
-->"C:\Program Files\WildGames\Game Console - WildGames\Uninstall.exe"
-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
2007 Microsoft Office system-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROHYBRIDR /dll OSETUP.DLL
32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->MsiExec.exe /X{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}
Adobe Reader 9.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A92000000001}
Advertising Center-->MsiExec.exe /X{b2ec4a38-b545-4a00-8214-13fe0e915e6d}
Assistant de connexion Windows Live ID-->MsiExec.exe /X{10A44844-4465-456E-8C97-80BDD4F68845}
Big City Adventures San Fransisco-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0FE6577A-E3DC-47E0-9320-B77FEEBD5D2A}\setup.exe" -l0x40c -removeonly
Big Fish Games Client-->C:\Program Files\bfgclient\Uninstall.exe
BitDefender Antivirus 2010-->MsiExec.exe /X{ECAEAA35-952F-42A7-B19E-01EDE80309D5}
Broadcom Gigabit Integrated Controller-->MsiExec.exe /X{FC57FC53-104C-415C-98D7-B05E659461A9}
Carbonite Online Backup Setup-->"C:\Program Files\Carbonite\CarbonitePreinstaller.exe" /preinstalled /pausefor=600 /uninstall
Catalyst Control Center - Branding-->MsiExec.exe /I{45160C56-61F6-468D-A5B0-9FAE2C3E68D6}
Code de la Route-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{9A9ED286-6A6F-441D-AF19-C872C5FD0EA2}
Diaporama Créateur Photo HD-->MsiExec.exe /X{C1FD1685-D578-4F60-8AAF-AA02C9BB8690}
Dolby Control Center-->MsiExec.exe /I{DE66EFAD-B9CC-4FD4-9157-6C18E5100161}
EasyCapture-->C:\Program Files\Lenovo\EasyCapture\Uninstall.exe
Energy Management-->C:\Program Files\InstallShield Installation Information\{AE1E24C2-E720-42D5-B8E1-48F71A97B4DB}\setup.exe -runfromtemp -l0x040c -removeonly
Fichiers de prise en charge de l'installation de Microsoft SQL Server (Français)-->MsiExec.exe /X{3380F354-C5F7-4E71-8F51-EEE6C3F06C62}
GDR 4053 for SQL Server Database Services 2005 ENU (KB970892)-->C:\Windows\SQL9_KB970892_ENU\Hotfix.exe /Uninstall
Gestionnaire de Connexion SFR 2009.09-->"C:\Program Files\SFR\Gestionnaire de Connexion SFR\unins000.exe"
Gestionnaire de contacts professionnels pour Outlook 2007 SP2-->"C:\Program Files\Microsoft Small Business\Business Contact Manager\SetupBootstrap\Setup.exe" /remove {69ca8988-1c6c-4285-b8af-db780a6e42af}
Gestionnaire de contacts professionnels pour Outlook 2007 SP2-->MsiExec.exe /X{69CA8988-1C6C-4285-B8AF-DB780A6E42AF}
HaloLighting-->C:\Program Files\InstallShield Installation Information\{85D5BE6D-293F-4BBF-ACDA-40956A8207D6}\setup.exe -runfromtemp -l0x040c -removeonly
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Customer Participation Program 10.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Imaging Device Functions 10.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart C4400 All-In-One Driver Software 10.0 Rel .3-->C:\Program Files\HP\Digital Imaging\{FF1F4E8E-A833-4c4b-A14A-45D5B841B5D8}\setup\hpzscr01.exe -datfile hposcr29.dat -onestop
HP Photosmart Essential 2.5-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Smart Web Printing-->C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat
HP Solution Center 10.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{11B83AD3-7A46-4C2E-A568-9505981D4C6F}
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Intel® Matrix Storage Manager-->C:\Program Files\Intel\Intel Matrix Storage Manager\Uninstall\imsmudlg.exe -uninstall
Java(TM) 6 Update 16-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF}
LauncherMA-->MsiExec.exe /X{C06EFB22-B5DB-46C5-9215-BCB5C19C0858}
Lenovo EasyCamera-->C:\Program Files\InstallShield Installation Information\{4BB1DCED-84D3-47F9-B718-5947E904593E}\setup.exe -runfromtemp -l0x040c -removeonly
Lenovo OneKey Recovery-->"C:\Program Files\InstallShield Installation Information\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}\setup.exe" /z-uninstall
Lenovo ReadyComm 4.0 -->MsiExec.exe /X{76C66170-C538-4E77-B54D-48E136B5B533}
Lenovo System Repair - Windows Update Monitor-->C:\Program Files\InstallShield Installation Information\{717E0AD5-91EB-459F-AB8B-1B5219BAF7CE}\setup.exe -runfromtemp -l0x040c -removeonly
LimeWire 5.3.6-->"C:\Program Files\LimeWire\uninstall.exe"
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office 2000 Small Business-->MsiExec.exe /I{0003040C-78E1-11D2-B60F-006097C998E7}
Microsoft Office 2003 Web Components-->MsiExec.exe /I{90A4040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office 2007 Primary Interop Assemblies-->MsiExec.exe /X{50120000-1105-0000-0000-0000000FF1CE}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.4-->MsiExec.exe /I{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional Hybrid 2007-->MsiExec.exe /X{91120000-0031-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Small Business Connectivity Components-->MsiExec.exe /X{A939D341-5A04-4E0A-BB55-3E65B386432D}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)-->MsiExec.exe /I{480DBB60-F0B6-45F2-B26F-1A2E11197791}
Microsoft SQL Server 2005-->"c:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe" /Remove
Microsoft SQL Server Native Client-->MsiExec.exe /I{1F24E48F-7692-4E89-8784-68DD4D2712A0}
Microsoft SQL Server VSS Writer-->MsiExec.exe /I{A30179B7-997A-4D47-AA43-57AE59A9C78B}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}
Mise à jour Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {51EFB347-1F3D-4BAC-8B79-F056B904FE21}
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3}
Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Motorola SM56 Data Fax Modem-->rundll32.exe sm56co85.dll,SM56UnInstaller
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nero 9 Essentials-->C:\Program Files\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="XM02-508X-MHAT-19WU-9Z3Z-0CH0-3U6E-85W5-MMHH-6647-1Z5L-7M8C-0U45-758P-0000"
Nero ControlCenter-->MsiExec.exe /X{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}
Nero Installer-->MsiExec.exe /X{e8a80433-302b-4ff1-815d-fcc8eac482ff}
Nero Online Upgrade-->MsiExec.exe /X{dba84796-8503-4ff0-af57-1747dd9a166d}
Nero StartSmart OEM-->MsiExec.exe /X{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}
Nero StartSmart-->MsiExec.exe /X{7748ac8c-18e3-43bb-959b-088faea16fb2}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
OCR Software by I.R.I.S. 10.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Picasa 3-->"C:\Users\manon\Desktop\Picasa3\Uninstall.exe"
Power2Go-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\setup.exe" -uninstall
QuickTime-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{C21D5524-A970-42FA-AC8A-59B8C7CDCA31} /l1036
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m -nrg2709
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.01-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{59F6A514-9813-47A3-948C-8A155460CC2A}\setup.exe" -l0x40c anything
Second Display Control-->C:\Program Files\InstallShield Installation Information\{A4E856D8-6150-4E89-8F97-8F45E799ED72}\setup.exe -runfromtemp -l0x0009 -removeonly
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB973704)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F}
Security Update for Microsoft Office Excel 2007 (KB973593)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE}
Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office Publisher 2007 (KB969693)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Shop for HP Supplies-->C:\Program Files\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat
Sunset studio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B56EFD8B-F0A2-4B94-83FB-9741F86EDFFA}\setup.exe" -l0x40c -removeonly
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7}
Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40C635331}
Update for Outlook 2007 Junk Email Filter (kb976884)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {FB60F280-C70F-4174-BADB-471412AA42F0}
VeriFace III-->C:\Program Files\Lenovo\VeriFaceIII\Uninstall.exe
WildGames-->"C:\Program Files\WildGames\Uninstall.exe"
Winbond CIR Device Drivers-->MsiExec.exe /I{2207226D-993D-4026-AD4F-1944FF954FA8}
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
======Security center information======
AS: Windows Defender
======System event log======
Computer Name: PC-de-manon
Event Code: 1001
Message: L’initialisation de l’application a échoué. Dernière erreur : 0x80070032
Record Number: 27162
Source Name: Microsoft-Windows-LanguagePackSetup
Time Written: 20090905114918.398498-000
Event Type: Erreur
User: AUTORITE NT\SYSTEM
Computer Name: PC-de-manon
Event Code: 15016
Message: Impossible d’initialiser le package de sécurité Kerberos pour l’authentification côté serveur. Le champ de données contient le numéro de l’erreur.
Record Number: 27075
Source Name: Microsoft-Windows-HttpEvent
Time Written: 20090905114845.945698-000
Event Type: Erreur
User:
Computer Name: PC-de-manon
Event Code: 4
Message: Broadcom NetLink (TM) Fast Ethernet: The network link is down. Check to make sure the network cable is properly connected.
Record Number: 27071
Source Name: b57nd60x
Time Written: 20090905114832.453698-000
Event Type: Avertissement
User:
Computer Name: PC-de-manon
Event Code: 4001
Message: Le Service d’autoconfiguration WLAN s’est arrêté correctement.
Record Number: 27059
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20090905085811.949200-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
Computer Name: PC-de-manon
Event Code: 1001
Message: L’initialisation de l’application a échoué. Dernière erreur : 0x80070032
Record Number: 27022
Source Name: Microsoft-Windows-LanguagePackSetup
Time Written: 20090905075617.485896-000
Event Type: Erreur
User: AUTORITE NT\SYSTEM
=====Application event log=====
Computer Name: PC-de-manon
Event Code: 10
Message: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé.
Record Number: 1513
Source Name: Microsoft-Windows-WMI
Time Written: 20090809060104.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-manon
Event Code: 1530
Message: Windows a détecté que votre fichier de Registre est toujours utilisé par d'autres applications ou services. Le fichier va être déchargé. Les applications ou services qui ont accès à votre Registre risquent de ne pas fonctionner correctement après cela.
DÉTAIL -
16 user registry handles leaked from \Registry\User\S-1-5-21-2273517201-3172522784-3396773752-1004:
Process 632 (\Device\HarddiskVolume1\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-2273517201-3172522784-3396773752-1004
Process 1660 (\Device\HarddiskVolume1\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2273517201-3172522784-3396773752-1004
Process 1660 (\Device\HarddiskVolume1\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2273517201-3172522784-3396773752-1004
Process 1660 (\Device\HarddiskVolume1\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2273517201-3172522784-3396773752-1004
Process 1660 (\Device\HarddiskVolume1\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2273517201-3172522784-3396773752-1004
Process 1660 (\Device\HarddiskVolume1\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2273517201-3172522784-3396773752-1004\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 1660 (\Device\HarddiskVolume1\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2273517201-3172522784-3396773752-1004\Software\Microsoft\SystemCertificates\My
Process 1660 (\Device\HarddiskVolume1\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2273517201-3172522784-3396773752-1004\Software\Microsoft\SystemCertificates\TrustedPeople
Process 1660 (\Device\HarddiskVolume1\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2273517201-3172522784-3396773752-1004\Software\Microsoft\SystemCertificates\CA
Process 1660 (\Device\HarddiskVolume1\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2273517201-3172522784-3396773752-1004\Software\Microsoft\SystemCertificates\Disallowed
Process 1660 (\Device\HarddiskVolume1\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2273517201-3172522784-3396773752-1004\Software\Microsoft\SystemCertificates\Root
Process 1660 (\Device\HarddiskVolume1\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2273517201-3172522784-3396773752-1004\Software\Policies\Microsoft\SystemCertificates
Process 1660 (\Device\HarddiskVolume1\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2273517201-3172522784-3396773752-1004\Software\Policies\Microsoft\SystemCertificates
Process 1660 (\Device\HarddiskVolume1\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2273517201-3172522784-3396773752-1004\Software\Policies\Microsoft\SystemCertificates
Process 1660 (\Device\HarddiskVolume1\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2273517201-3172522784-3396773752-1004\Software\Policies\Microsoft\SystemCertificates
Process 1660 (\Device\HarddiskVolume1\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2273517201-3172522784-3396773752-1004\Software\Microsoft\SystemCertificates\trust
Record Number: 1493
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20090808223005.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
Computer Name: PC-de-manon
Event Code: 4621
Message: Le système d'événements de COM+ n'a pas pu supprimer l'objet EventSystem.EventSubscription {CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}. HRESULT : 80070005.
Record Number: 1490
Source Name: Microsoft-Windows-EventSystem
Time Written: 20090808223002.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-manon
Event Code: 10
Message: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé.
Record Number: 1413
Source Name: Microsoft-Windows-WMI
Time Written: 20090808011909.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-manon
Event Code: 1008
Message: Le service Windows Search tente de supprimer l’ancien catalogue.
Record Number: 1409
Source Name: Microsoft-Windows-Search
Time Written: 20090808011900.000000-000
Event Type: Avertissement
User:
=====Security event log=====
Computer Name: PC-de-manon
Event Code: 4907
Message: Les paramètres d’audit sur l’objet ont changé.
Sujet :
ID de sécurité : S-1-5-21-2273517201-3172522784-3396773752-1004
Nom du compte : manon
Domaine du compte : PC-de-manon
ID d’ouverture de session : 0xd2bfd
Objet :
Serveur de l’objet : Security
Type d’objet : File
Nom de l’objet : \Device\Wsvd\Z\Windows\System32\fr-FR\lmhsvc.dll.mui
ID du handle : 0x404
Informations sur le processus :
ID du processus : 0x1120
Nom du processus : C:\Program Files\Lenovo\OneKey App\OneKey Recovery\OneKey Recovery.exe
Paramètres d’audit :
Descripteur de sécurité d’origine :
Nouveau descripteur de sécurité : S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 9009
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090808202414.684000-000
Event Type: Succès de l'audit
User:
Computer Name: PC-de-manon
Event Code: 4907
Message: Les paramètres d’audit sur l’objet ont changé.
Sujet :
ID de sécurité : S-1-5-21-2273517201-3172522784-3396773752-1004
Nom du compte : manon
Domaine du compte : PC-de-manon
ID d’ouverture de session : 0xd2bfd
Objet :
Serveur de l’objet : Security
Type d’objet : File
Nom de l’objet : \Device\Wsvd\Z\Windows\System32\fr-FR\lltdres.dll.mui
ID du handle : 0x3d4
Informations sur le processus :
ID du processus : 0x1120
Nom du processus : C:\Program Files\Lenovo\OneKey App\OneKey Recovery\OneKey Recovery.exe
Paramètres d’audit :
Descripteur de sécurité d’origine :
Nouveau descripteur de sécurité : S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 9008
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090808202414.668400-000
Event Type: Succès de l'audit
User:
Computer Name: PC-de-manon
Event Code: 4907
Message: Les paramètres d’audit sur l’objet ont changé.
Sujet :
ID de sécurité : S-1-5-21-2273517201-3172522784-3396773752-1004
Nom du compte : manon
Domaine du compte : PC-de-manon
ID d’ouverture de session : 0xd2bfd
Objet :
Serveur de l’objet : Security
Type d’objet : File
Nom de l’objet : \Device\Wsvd\Z\Windows\System32\fr-FR\lipeula.rtf
ID du handle : 0x404
Informations sur le processus :
ID du processus : 0x1120
Nom du processus : C:\Program Files\Lenovo\OneKey App\OneKey Recovery\OneKey Recovery.exe
Paramètres d’audit :
Descripteur de sécurité d’origine :
Nouveau descripteur de sécurité : S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 9007
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090808202414.652800-000
Event Type: Succès de l'audit
User:
Computer Name: PC-de-manon
Event Code: 4907
Message: Les paramètres d’audit sur l’objet ont changé.
Sujet :
ID de sécurité : S-1-5-21-2273517201-3172522784-3396773752-1004
Nom du compte : manon
Domaine du compte : PC-de-manon
ID d’ouverture de session : 0xd2bfd
Objet :
Serveur de l’objet : Security
Type d’objet : File
Nom de l’objet : \Device\Wsvd\Z\Windows\System32\fr-FR\licmgr10.dll.mui
ID du handle : 0x3d4
Informations sur le processus :
ID du processus : 0x1120
Nom du processus : C:\Program Files\Lenovo\OneKey App\OneKey Recovery\OneKey Recovery.exe
Paramètres d’audit :
Descripteur de sécurité d’origine :
Nouveau descripteur de sécurité : S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 9006
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090808202414.652800-000
Event Type: Succès de l'audit
User:
Computer Name: PC-de-manon
Event Code: 4907
Message: Les paramètres d’audit sur l’objet ont changé.
Sujet :
ID de sécurité : S-1-5-21-2273517201-3172522784-3396773752-1004
Nom du compte : manon
Domaine du compte : PC-de-manon
ID d’ouverture de session : 0xd2bfd
Objet :
Serveur de l’objet : Security
Type d’objet : File
Nom de l’objet : \Device\Wsvd\Z\Windows\System32\fr-FR\license_addendum_1.txt
ID du handle : 0x404
Informations sur le processus :
ID du processus : 0x1120
Nom du processus : C:\Program Files\Lenovo\OneKey App\OneKey Recovery\OneKey Recovery.exe
Paramètres d’audit :
Descripteur de sécurité d’origine :
Nouveau descripteur de sécurité : S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 9005
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090808202414.621600-000
Event Type: Succès de l'audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\Microsoft SQL Server\90\Tools\binn\;C:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 10, GenuineIntel
"PROCESSOR_REVISION"=170a
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE
"configsetroot"=%SystemRoot%\ConfigSetRoot
"LenovoTestLogFile"=preload.log
"LenovoTestPath"=C:\test\WINTEST\
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip
-----------------EOF-----------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by manon at 2009-12-22 15:39:29
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
System drive C: has 202 GB (78%) free of 259 GB
Total RAM: 3068 MB (58% free)
HijackThis download failed
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-10 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{381FFDE8-2394-4f90-B10D-FC6124A40F8C} - BitDefender Toolbar - C:\Program Files\BitDefender\BitDefender 2010\IEToolbar.dll [2009-11-23 128832]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"Unattend0000000001{70EB91E7-FAAB-44A4-BA19-C0A45B228BC0}"=C:\Windows\test.bat []
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-07-20 182808]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-06-24 6298144]
"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2008-06-11 1454080]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-05-08 1111336]
"HaloLighting"=C:\Program Files\Lenovo\HaloLighting\HaloLighting.exe [2008-03-31 1425408]
"WisAvCtrl"=C:\Program Files\Second Display Control\WisAvCtrl.exe [2008-06-16 401408]
"WisOSD"=C:\Program Files\Second Display Control\WisOSD.exe [2008-04-22 2838528]
"CarboniteSetupLite"=C:\Program Files\Carbonite\CarbonitePreinstaller.exe [2008-06-19 284096]
"UpdateP2GShortCut"=C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
"VeriFaceManager"=C:\Program Files\Lenovo\VeriFaceIII\PManage.exe [2009-07-03 2916352]
"Readycomm"=C:\Program Files\Lenovo\ReadyComm\ReadyComm.exe [2007-06-03 425984]
"EnergyUtility"=C:\Program Files\Lenovo\Energy Management\utility.exe [2008-06-18 5285792]
"Energy Management"=C:\Program Files\Lenovo\Energy Management\Energy Management.exe [2008-06-24 8857488]
"NWEReboot"= []
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-08-16 282624]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-10-14 49152]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2007-08-22 80896]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-10 149280]
"BitDefender Antiphishing Helper"=C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe [2009-11-23 71152]
"BDAgent"=C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe [2009-11-23 1118144]
"Skytel"=C:\Windows\Skytel.exe [2007-11-20 1826816]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"WindowsWelcomeCenter"=oobefldr.dll,ShowWelcomeCenter []
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE
C:\Users\manon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Lanceur.lnk - C:\Program Files\Micro Application\LauncherMA.exe
LimeWire On Startup.lnk - C:\Program Files\LimeWire\LimeWire.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
shell\AutoRun\command - F:\SFR.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2232a4f0-a8e9-11de-aec5-0022fafc1eba}]
shell\AutoRun\command - F:\SFR.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{91d900b6-b0c6-11de-a0bb-0022fafc1eba}]
shell\AutoRun\command - F:\SFR.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a5457494-9262-11de-a018-00a0c6000000}]
shell\AutoRun\command - F:\SFR.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d10f679f-9261-11de-a186-0022fafc1eba}]
shell\AutoRun\command - F:\SFR.exe
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2009-12-22 15:39:29 ----D---- C:\rsit
2009-12-22 15:39:29 ----D---- C:\Program Files\trend micro
2009-12-22 15:11:36 ----D---- C:\_OTM
2009-12-13 18:52:29 ----D---- C:\Program Files\Adobe
2009-12-13 17:30:22 ----D---- C:\Program Files\Windows Portable Devices
2009-12-13 17:24:29 ----A---- C:\Windows\system32\UIAnimation.dll
2009-12-13 17:24:28 ----A---- C:\Windows\system32\UIRibbonRes.dll
2009-12-13 17:24:28 ----A---- C:\Windows\system32\UIRibbon.dll
2009-12-13 17:23:57 ----A---- C:\Windows\system32\WMPhoto.dll
2009-12-13 17:23:55 ----A---- C:\Windows\system32\cdd.dll
2009-12-13 17:23:54 ----A---- C:\Windows\system32\XpsRasterService.dll
2009-12-13 17:23:54 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2009-12-13 17:23:54 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-12-13 17:23:54 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-12-13 17:23:54 ----A---- C:\Windows\system32\d3d10warp.dll
2009-12-13 17:23:54 ----A---- C:\Windows\system32\d2d1.dll
2009-12-13 17:23:53 ----A---- C:\Windows\system32\xpsservices.dll
2009-12-13 17:23:53 ----A---- C:\Windows\system32\XpsPrint.dll
2009-12-13 17:23:53 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-12-13 17:23:53 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-12-13 17:23:53 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-12-13 17:23:53 ----A---- C:\Windows\system32\OpcServices.dll
2009-12-13 17:23:53 ----A---- C:\Windows\system32\FntCache.dll
2009-12-13 17:23:53 ----A---- C:\Windows\system32\dxdiagn.dll
2009-12-13 17:23:53 ----A---- C:\Windows\system32\dxdiag.exe
2009-12-13 17:23:53 ----A---- C:\Windows\system32\DWrite.dll
2009-12-13 17:23:53 ----A---- C:\Windows\system32\d3d10level9.dll
2009-12-13 17:23:53 ----A---- C:\Windows\system32\d3d10core.dll
2009-12-13 17:23:53 ----A---- C:\Windows\system32\d3d10_1core.dll
2009-12-13 17:23:52 ----A---- C:\Windows\system32\dxgi.dll
2009-12-13 17:23:52 ----A---- C:\Windows\system32\d3d11.dll
2009-12-13 17:23:52 ----A---- C:\Windows\system32\d3d10_1.dll
2009-12-13 17:23:52 ----A---- C:\Windows\system32\d3d10.dll
2009-12-13 17:23:25 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2009-12-13 17:23:25 ----A---- C:\Windows\system32\wpdbusenum.dll
2009-12-13 17:23:25 ----A---- C:\Windows\system32\BthMtpContextHandler.dll
2009-12-13 17:23:21 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll
2009-12-13 17:23:18 ----A---- C:\Windows\system32\WpdMtpUS.dll
2009-12-13 17:23:18 ----A---- C:\Windows\system32\WpdConns.dll
2009-12-13 17:23:17 ----A---- C:\Windows\system32\WPDSp.dll
2009-12-13 17:23:17 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2009-12-13 17:23:17 ----A---- C:\Windows\system32\wpdshext.dll
2009-12-13 17:23:17 ----A---- C:\Windows\system32\WpdMtp.dll
2009-12-13 17:23:17 ----A---- C:\Windows\system32\wpd_ci.dll
2009-12-13 17:23:17 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2009-12-13 17:23:17 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-12-13 17:23:17 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-12-13 17:23:17 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-12-13 17:22:11 ----A---- C:\Windows\system32\oleaccrc.dll
2009-12-13 17:22:10 ----A---- C:\Windows\system32\UIAutomationCore.dll
2009-12-13 17:22:10 ----A---- C:\Windows\system32\oleacc.dll
2009-12-13 17:20:24 ----D---- C:\Program Files\Microsoft Silverlight
2009-12-13 17:12:31 ----A---- C:\Windows\system32\wmp.dll
2009-12-13 17:12:28 ----A---- C:\Windows\system32\unregmp2.exe
2009-12-13 17:12:27 ----A---- C:\Windows\system32\wmploc.DLL
2009-12-13 17:08:03 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-12-13 17:08:02 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2009-12-13 15:33:54 ----D---- C:\Windows\system32\eu-ES
2009-12-13 15:33:54 ----D---- C:\Windows\system32\ca-ES
2009-12-13 15:33:53 ----D---- C:\Windows\system32\vi-VN
2009-12-13 10:16:46 ----A---- C:\Windows\system32\nshhttp.dll
2009-12-13 10:16:41 ----A---- C:\Windows\system32\httpapi.dll
2009-12-11 14:58:30 ----A---- C:\Windows\system32\winhttp.dll
2009-12-11 14:47:57 ----A---- C:\Windows\system32\mshtml.dll
2009-12-11 14:47:56 ----A---- C:\Windows\system32\ieframe.dll
2009-12-11 14:47:55 ----A---- C:\Windows\system32\wininet.dll
2009-12-11 14:47:55 ----A---- C:\Windows\system32\urlmon.dll
2009-12-11 14:47:55 ----A---- C:\Windows\system32\iertutil.dll
2009-12-11 14:47:54 ----A---- C:\Windows\system32\occache.dll
2009-12-11 14:47:54 ----A---- C:\Windows\system32\msfeeds.dll
2009-12-11 14:47:54 ----A---- C:\Windows\system32\ieui.dll
2009-12-11 14:47:54 ----A---- C:\Windows\system32\iedkcs32.dll
2009-12-11 14:47:53 ----A---- C:\Windows\system32\ieUnatt.exe
2009-12-11 14:47:53 ----A---- C:\Windows\system32\iepeers.dll
2009-12-11 14:47:52 ----A---- C:\Windows\system32\msfeedssync.exe
2009-12-11 14:47:52 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-12-11 14:47:52 ----A---- C:\Windows\system32\jsproxy.dll
2009-12-11 14:47:52 ----A---- C:\Windows\system32\iesysprep.dll
2009-12-11 14:47:52 ----A---- C:\Windows\system32\iesetup.dll
2009-12-11 14:47:52 ----A---- C:\Windows\system32\iernonce.dll
2009-12-11 14:47:52 ----A---- C:\Windows\system32\ie4uinit.exe
2009-12-11 14:24:06 ----A---- C:\Windows\system32\rastls.dll
2009-11-30 14:00:59 ----D---- C:\Windows\system32\EventProviders
2009-11-27 09:57:24 ----A---- C:\bdlog.txt
2009-11-27 09:12:09 ----A---- C:\Windows\system32\tzres.dll
2009-11-26 19:04:05 ----A---- C:\Windows\system32\msxml6.dll
2009-11-26 19:04:04 ----A---- C:\Windows\system32\msxml3.dll
======List of files/folders modified in the last 1 months======
2009-12-22 15:39:30 ----D---- C:\Windows\Prefetch
2009-12-22 15:39:29 ----RD---- C:\Program Files
2009-12-22 15:39:12 ----D---- C:\Windows\Temp
2009-12-22 15:20:36 ----D---- C:\Windows\System32
2009-12-22 15:20:36 ----D---- C:\Windows\inf
2009-12-22 15:20:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-12-22 15:16:12 ----D---- C:\Users\manon\AppData\Roaming\LimeWire
2009-12-22 15:14:44 ----A---- C:\sysiclog.txt
2009-12-19 19:52:19 ----SHD---- C:\System Volume Information
2009-12-16 12:53:53 ----SHD---- C:\Windows\Installer
2009-12-16 12:53:53 ----HD---- C:\Config.Msi
2009-12-16 12:53:49 ----D---- C:\ProgramData\Microsoft Help
2009-12-15 13:27:25 ----D---- C:\Windows
2009-12-15 11:25:49 ----D---- C:\Windows\system32\drivers
2009-12-14 22:38:54 ----D---- C:\Windows\system32\catroot2
2009-12-13 21:30:21 ----D---- C:\Windows\Minidump
2009-12-13 21:25:43 ----D---- C:\Windows\Microsoft.NET
2009-12-13 21:25:08 ----RSD---- C:\Windows\assembly
2009-12-13 19:03:51 ----HD---- C:\ProgramData
2009-12-13 19:01:13 ----A---- C:\Windows\system32\ICAutoUpdate.log.bak
2009-12-13 18:57:28 ----D---- C:\ProgramData\Adobe
2009-12-13 18:53:32 ----D---- C:\Program Files\Common Files\Adobe
2009-12-13 18:14:31 ----D---- C:\Windows\winsxs
2009-12-13 18:14:23 ----D---- C:\Windows\system32\catroot
2009-12-13 17:52:07 ----D---- C:\Windows\rescache
2009-12-13 17:35:33 ----D---- C:\Windows\system32\Tasks
2009-12-13 17:35:30 ----SD---- C:\Windows\Downloaded Program Files
2009-12-13 17:30:23 ----D---- C:\Windows\system32\fr-FR
2009-12-13 17:30:23 ----D---- C:\Program Files\Windows Mail
2009-12-13 17:30:22 ----D---- C:\Windows\system32\wbem
2009-12-13 17:30:21 ----D---- C:\Windows\system32\uk-UA
2009-12-13 17:30:21 ----D---- C:\Windows\system32\pt-PT
2009-12-13 17:30:21 ----D---- C:\Windows\system32\pt-BR
2009-12-13 17:30:21 ----D---- C:\Windows\system32\pl-PL
2009-12-13 17:30:21 ----D---- C:\Windows\system32\ko-KR
2009-12-13 17:30:21 ----D---- C:\Windows\system32\it-IT
2009-12-13 17:30:21 ----D---- C:\Windows\system32\hu-HU
2009-12-13 17:30:21 ----D---- C:\Windows\system32\he-IL
2009-12-13 17:30:21 ----D---- C:\Windows\system32\bg-BG
2009-12-13 17:30:20 ----D---- C:\Windows\system32\zh-TW
2009-12-13 17:30:20 ----D---- C:\Windows\system32\zh-HK
2009-12-13 17:30:20 ----D---- C:\Windows\system32\zh-CN
2009-12-13 17:30:20 ----D---- C:\Windows\system32\tr-TR
2009-12-13 17:30:20 ----D---- C:\Windows\system32\th-TH
2009-12-13 17:30:20 ----D---- C:\Windows\system32\sv-SE
2009-12-13 17:30:20 ----D---- C:\Windows\system32\sr-Latn-CS
2009-12-13 17:30:20 ----D---- C:\Windows\system32\sl-SI
2009-12-13 17:30:20 ----D---- C:\Windows\system32\sk-SK
2009-12-13 17:30:20 ----D---- C:\Windows\system32\ru-RU
2009-12-13 17:30:20 ----D---- C:\Windows\system32\ro-RO
2009-12-13 17:30:20 ----D---- C:\Windows\system32\nl-NL
2009-12-13 17:30:20 ----D---- C:\Windows\system32\nb-NO
2009-12-13 17:30:20 ----D---- C:\Windows\system32\lv-LV
2009-12-13 17:30:20 ----D---- C:\Windows\system32\lt-LT
2009-12-13 17:30:20 ----D---- C:\Windows\system32\ja-JP
2009-12-13 17:30:20 ----D---- C:\Windows\system32\hr-HR
2009-12-13 17:30:20 ----D---- C:\Windows\system32\fi-FI
2009-12-13 17:30:20 ----D---- C:\Windows\system32\et-EE
2009-12-13 17:30:20 ----D---- C:\Windows\system32\es-ES
2009-12-13 17:30:20 ----D---- C:\Windows\system32\en-US
2009-12-13 17:30:20 ----D---- C:\Windows\system32\el-GR
2009-12-13 17:30:20 ----D---- C:\Windows\system32\de-DE
2009-12-13 17:30:20 ----D---- C:\Windows\system32\da-DK
2009-12-13 17:30:20 ----D---- C:\Windows\system32\cs-CZ
2009-12-13 17:30:20 ----D---- C:\Windows\system32\ar-SA
2009-12-13 17:30:20 ----D---- C:\Program Files\Windows Media Player
2009-12-13 17:30:20 ----D---- C:\Program Files\Internet Explorer
2009-12-13 17:30:19 ----D---- C:\Windows\ehome
2009-12-13 17:30:19 ----D---- C:\Windows\AppPatch
2009-12-13 17:20:12 ----D---- C:\Program Files\Common Files\microsoft shared
2009-12-13 17:19:26 ----D---- C:\Program Files\Microsoft
2009-12-13 15:43:29 ----SHD---- C:\Boot
2009-12-13 15:34:45 ----D---- C:\Program Files\Windows Calendar
2009-12-13 15:34:45 ----D---- C:\Program Files\Movie Maker
2009-12-13 15:34:44 ----D---- C:\Program Files\Windows Sidebar
2009-12-13 15:34:44 ----D---- C:\Program Files\Windows Journal
2009-12-13 15:34:44 ----D---- C:\Program Files\Windows Collaboration
2009-12-13 15:34:43 ----D---- C:\Program Files\Windows Photo Gallery
2009-12-13 15:34:43 ----D---- C:\Program Files\Common Files\System
2009-12-13 15:34:39 ----D---- C:\Windows\servicing
2009-12-13 15:34:39 ----D---- C:\Program Files\Windows Defender
2009-12-13 15:34:25 ----D---- C:\Windows\system32\XPSViewer
2009-12-13 15:34:25 ----D---- C:\Windows\IME
2009-12-13 15:34:24 ----D---- C:\Windows\system32\oobe
2009-12-13 15:34:24 ----D---- C:\Windows\system32\migration
2009-12-13 15:34:24 ----D---- C:\Windows\system32\fr
2009-12-13 15:34:22 ----D---- C:\Windows\system32\AdvancedInstallers
2009-12-13 15:34:18 ----D---- C:\Windows\system32\setup
2009-12-13 15:34:17 ----D---- C:\Windows\system32\SLUI
2009-12-13 15:34:16 ----D---- C:\Windows\system32\manifeststore
2009-12-13 15:34:12 ----D---- C:\Windows\system32\migwiz
2009-12-13 15:34:00 ----RSD---- C:\Windows\Fonts
2009-12-13 15:33:53 ----D---- C:\Windows\system32\Boot
2009-12-13 15:32:28 ----D---- C:\Windows\system32\RTCOM
2009-12-13 15:11:12 ----D---- C:\Users\manon\AppData\Roaming\SFR
2009-12-13 10:20:49 ----A---- C:\sysiclog.txt.bak
2009-12-01 21:06:19 ----A---- C:\Windows\system32\mrt.exe
2009-11-23 21:19:03 ----D---- C:\Windows\ModemLogs
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 bdftdif;bdftdif; \??\C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys [2009-11-23 119048]
R1 funfrm;funfrm; C:\Windows\system32\drivers\funfrm.sys [2009-07-03 49472]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2008-02-15 46592]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]
R2 tvtumon;tvtumon; C:\Windows\system32\DRIVERS\tvtumon.sys [2008-08-28 48192]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\Windows\system32\DRIVERS\AcpiVpc.sys [2008-01-02 18448]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-06-24 3844608]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2007-11-29 181760]
R3 BDFM;BDFM; C:\Windows\system32\DRIVERS\bdfm.sys [2009-11-23 152456]
R3 Cam5607;Lenovo EasyCamera; C:\Windows\System32\Drivers\BisonC07.sys [2008-05-07 865064]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 hidshim;Service for HID-KMDF Shim layer; C:\Windows\system32\DRIVERS\hidshim.sys [2008-06-03 5632]
R3 ICOLOR;Lenovo icolor Controller Driver; C:\Windows\system32\DRIVERS\setool.sys [2007-11-23 8704]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-06-24 2149208]
R3 NETw5v32;Pilote de carte Intel(R) Wireless WiFi Link pour Windows Vista 32 bits ; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-04-27 3658752]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2008-06-11 1097856]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-05-08 199472]
R3 wdmirror;wdmirror; C:\Windows\system32\DRIVERS\WDMirror.sys [2008-06-13 8832]
R3 winbondhidcir;Winbond HID CIR Receiver; C:\Windows\system32\DRIVERS\winbondhidcir.sys [2008-06-03 23040]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
R3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys [2008-10-15 104960]
R3 ZTEusbnet;ZTE USB-NDIS miniport; C:\Windows\system32\DRIVERS\ZTEusbnet.sys [2008-10-13 110080]
R3 ZTEusbnmea;ZTE NMEA Port; C:\Windows\system32\DRIVERS\ZTEusbnmea.sys [2008-10-29 105344]
R3 ZTEusbser6k;ZTE Diagnostic Port; C:\Windows\system32\DRIVERS\ZTEusbser6k.sys [2008-10-15 104960]
R3 ZTEusbvoice;ZTE VoUSB Port; C:\Windows\system32\DRIVERS\ZTEusbvoice.sys [2008-10-15 104960]
S3 BDSelfPr;BDSelfPr; \??\C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys [2009-11-23 54912]
S3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 massfilter;ZTE Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys [2008-10-29 7680]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 Profos;Profos; \??\C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys [2009-11-08 14720]
S3 Trufos;Trufos; \??\C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys [2009-05-07 39808]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2007-05-23 128104]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WSVD;WSVD; \??\C:\Windows\system32\drivers\WSVD.sys [2008-01-10 81192]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-06-24 692224]
R2 BcmSqlStartupSvc;Service de démarrage SQL Server pour le Gestionnaire de contacts professionnels; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-16 30312]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-07-20 354840]
R2 IGRS;IGRS; C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe [2008-02-14 32768]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 ReadyComm.DirectRouter;ReadyComm.DirectRouter; C:\Windows\System32\IgrsSvcs.exe [2008-01-21 21504]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 ServiceSFRABCD;Service SFR Gestionnaire Connexion; C:\Program Files\SFR\Gestionnaire de Connexion SFR\SFRABCDService.exe [2009-09-01 657024]
R2 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-24 239968]
R2 SQLWriter;Enregistreur VSS SQL Server; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904]
R2 System_Repair_UpdateMonitor;System Repair Windows Update Monitor; C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe [2008-09-27 430080]
R2 VSSERV;BitDefender Virus Shield; C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe [2009-11-23 1622320]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R3 IncSvc;ReadyComm Network Monitor and Configuration; C:\Windows\System32\IgrsSvcs.exe [2008-01-21 21504]
R3 WisLMSvc;WisLMSvc; C:\Program Files\Second Display Control\WisLMSvc.exe [2008-01-15 118784]
S2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe /service []
S3 Arrakis3;BitDefender Serveur Arrakis; C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe [2009-11-23 183880]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 GameConsoleService;GameConsoleService; C:\Program Files\WildGames\Game Console - WildGames\GameConsoleService.exe [2008-01-29 165416]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2009-05-27 29262680]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PS_MDP;ReadyComm Presentation Space Helper Service; C:\Windows\System32\IgrsSvcs.exe [2008-01-21 21504]
S3 scan;BitDefender Threat Scanner; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-24 45408]
-----------------EOF-----------------
je te remercie
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
22 déc. 2009 à 09:54
22 déc. 2009 à 09:54
le rapport OTM?
______________
scan avec malwarebyte , fais un scan minutieux et colle le rapport obtenu et vire ce qui est trouvé:
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
______________________
puis colle un rapport bitdefender
______________
scan avec malwarebyte , fais un scan minutieux et colle le rapport obtenu et vire ce qui est trouvé:
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
______________________
puis colle un rapport bitdefender
21 déc. 2009 à 15:52
suite a ton messagej'ai telecharger ce que tu m'a recommander mais a la fin de ton message tu me dit qu'il faut poster les documents log.txt et info.txt mais etant novice en informatique pourrait tu me dire plus précisement ce que je dois faire.
merci d'avance