Demande aux pros

mack.bolan Messages postés 1732 Statut Membre -  
mack.bolan Messages postés 1732 Statut Membre -
Bonjour, je voudrais que quelqu'un jette un œil sur mon rapport hijack .
apres avoir lu certains message , j'ai charger ce programme et je voudrais un avis sur mon pc
merci a tous ceux qui pourrons m'aider
Logfile of random's system information tool 1.06 (written by random/random)
Run by mack at 2010-01-26 22:58:24
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
System drive C: has 233 GB (78%) free of 297 GB
Total RAM: 3582 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:58:49, on 26/01/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Multimedia Keyboard & Mouse Driver\V5\StartAutorun.exe
C:\Program Files\Multimedia Keyboard & Mouse Driver\V5\KMConfig.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Multimedia Keyboard & Mouse Driver\V5\KMProcess.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Shareaza\Shareaza.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\explorer.exe
C:\Users\mack\Downloads\RSIT.exe
C:\Program Files\trend micro\mack.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=compaq-desktop.msn.com&ocid=HPDHP&pc=CPDTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=compaq-desktop.msn.com&ocid=HPDHP&pc=CPDTDF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - C:\Program Files\Shareaza\RazaWebHook32.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [KMConfig] "C:\Program Files\Multimedia Keyboard & Mouse Driver\V5\StartAutorun.exe" KMConfig.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: &Envoyer à OneNote - res:///105
O8 - Extra context menu item: Download with &Shareaza - res://C:\Program Files\Shareaza\RazaWebHook32.dll/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/securite/certdgi1.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (Ma-Config control) - http://fichiers.touslesdrivers.com/maconfig/MaConfig_4_0_1_3.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Multimedia Keyboard & Mouse Driver\V5\KMWDSrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 8430 bytes
Configuration: Windows Vista
Firefox 3.5.7

2 réponses

  1. mack.bolan Messages postés 1732 Statut Membre 256
     
    autre dossier : info.txt logfile of random's system information tool 1.06 2010-01-26 22:58:53

    ======Uninstall list======

    -->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
    Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Flash Player 9 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
    Adobe Reader 9.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A93000000001}
    Apple Software Update-->MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
    Assistant de connexion Windows Live ID-->MsiExec.exe /X{10A44844-4465-456E-8C97-80BDD4F68845}
    Avanquest update-->"C:\Program Files\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\Setup.exe" -runfromtemp -l0x0009 -removeonly
    Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
    AxCrypt (Désinstaller uniquement)-->"C:\Program Files\Axon Data\AxCrypt\AxCryptU.exe"
    Canon MP Navigator EX 1.2-->"C:\Program Files\Canon\MP Navigator EX 1.2\Maint.exe" /UninstallRemove C:\Program Files\Canon\MP Navigator EX 1.2\uninst.ini
    Canon MP190 series MP Drivers-->"C:\Windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP190_series\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP190_series /L0x000c
    Canon Utilities Easy-PhotoPrint EX-->C:\Program Files\Canon\Easy-PhotoPrint EX\uninst.exe Uninst.ini uinstrsc.dll
    Canon Utilities My Printer-->C:\Program Files\Canon\MyPrinter\uninst.exe uninst.ini uinstrsc.dll
    Canon Utilities Solution Menu-->C:\Program Files\Canon\SolutionMenu\uninst.exe uninst.ini
    CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
    Enregistrement utilisateur de Canon MP190 series-->C:\Program Files\Canon\IJEREG\MP190 series\UNINST.EXE
    Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
    Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
    HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
    HP Advisor-->MsiExec.exe /X{73A43E42-3658-4DD9-8551-FACDA3632538}
    HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB5E289E-76BF-4251-9F3F-9B763F681AE0}\setup.exe" -l0x9 -removeonly
    HP Customer Feedback-->MsiExec.exe /I{9DBA770F-BF73-4D39-B1DF-6035D95268FC}
    HP Easy Setup - Frontend-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40F7AED3-0C7D-4582-99F6-484A515C73F2}\setup.exe" -l0x9 -removeonly
    HP On-Screen Cap/Num/Scroll Lock Indicator-->C:\Windows\system32\OsdRemove.exe
    HP Photosmart Essential 2.0-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
    HP Update-->MsiExec.exe /X{818ABC3C-635C-4651-8183-D0E9640B7DD1}
    Inkjet Printer/Scanner Extended Survey Program-->C:\Program Files\Canon\IJPLM\SETUP.EXE -R
    Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
    Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
    K-Lite Codec Pack 5.1.0 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
    Ma-Config.com-->MsiExec.exe /X{18754BA4-4F0C-4E6E-888B-9496AFA05F43}
    Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
    Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
    Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
    Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
    Microsoft Office Access MUI (French) 2010 (Beta)-->MsiExec.exe /X{20140000-0015-040C-0000-0000000FF1CE}
    Microsoft Office Excel MUI (French) 2010 (Beta)-->MsiExec.exe /X{20140000-0016-040C-0000-0000000FF1CE}
    Microsoft Office Live Add-in 1.4-->MsiExec.exe /I{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}
    Microsoft Office OneNote MUI (French) 2010 (Beta)-->MsiExec.exe /X{20140000-00A1-040C-0000-0000000FF1CE}
    Microsoft Office Outlook MUI (French) 2010 (Beta)-->MsiExec.exe /X{20140000-001A-040C-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (French) 2010 (Beta)-->MsiExec.exe /X{20140000-0018-040C-0000-0000000FF1CE}
    Microsoft Office Professionnel 2010-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall SINGLEIMAGE /dll OSETUP.DLL
    Microsoft Office Proof (Arabic) 2010 (Beta)-->MsiExec.exe /X{20140000-001F-0401-0000-0000000FF1CE}
    Microsoft Office Proof (Dutch) 2010 (Beta)-->MsiExec.exe /X{20140000-001F-0413-0000-0000000FF1CE}
    Microsoft Office Proof (English) 2010 (Beta)-->MsiExec.exe /X{20140000-001F-0409-0000-0000000FF1CE}
    Microsoft Office Proof (French) 2010 (Beta)-->MsiExec.exe /X{20140000-001F-040C-0000-0000000FF1CE}
    Microsoft Office Proof (German) 2010 (Beta)-->MsiExec.exe /X{20140000-001F-0407-0000-0000000FF1CE}
    Microsoft Office Proof (Spanish) 2010 (Beta)-->MsiExec.exe /X{20140000-001F-0C0A-0000-0000000FF1CE}
    Microsoft Office Proofing (French) 2010 (Beta)-->MsiExec.exe /X{20140000-002C-040C-0000-0000000FF1CE}
    Microsoft Office Publisher MUI (French) 2010 (Beta)-->MsiExec.exe /X{20140000-0019-040C-0000-0000000FF1CE}
    Microsoft Office Shared MUI (French) 2010 (Beta)-->MsiExec.exe /X{20140000-006E-040C-0000-0000000FF1CE}
    Microsoft Office Single Image 2010 (Beta)-->MsiExec.exe /X{20140000-003D-0000-0000-0000000FF1CE}
    Microsoft Office Word MUI (French) 2010 (Beta)-->MsiExec.exe /X{20140000-001B-040C-0000-0000000FF1CE}
    Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
    Microsoft Works-->MsiExec.exe /I{6B1CB38D-E2E4-4A30-933D-EFDEBA76AD9C}
    Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
    Mozilla Firefox (3.5.7)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
    Multi Virus Cleaner 2009-->"C:\Program Files\AxBx\Multi Virus Cleaner 2009\unins000.exe"
    Multimedia Keyboard & Mouse Driver-->C:\Program Files\InstallShield Installation Information\{055A9D81-5E0A-4088-94B3-BAC849EC3C20}\setup.exe -runfromtemp -l0x040c
    muvee autoProducer 6.0-->C:\Program Files\InstallShield Installation Information\{6AF49698-949A-4C89-9B31-041D2CCB5FBD}\setup.exe -runfromtemp -l0x040c -removeonly
    NVIDIA Display Control Panel-->C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe DisplayControlPanel
    NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
    Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
    Outils de diagnostic du matériel-->C:\Program Files\PC-Doctor 5 for Windows\uninst.exe
    Python 2.4.3-->MsiExec.exe /I{75E71ADD-042C-4F30-BFAC-A9EC42351313}
    QuickTime-->MsiExec.exe /I{5B09BD67-4C99-46A1-8161-B7208CE18121}
    RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
    Roxio Activation Module-->MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
    Roxio Creator Audio-->MsiExec.exe /X{83FFCFC7-88C6-41c6-8752-958A45325C82}
    Roxio Creator Basic v9-->MsiExec.exe /X{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
    Roxio Creator Copy-->MsiExec.exe /X{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
    Roxio Creator Data-->MsiExec.exe /X{0D397393-9B50-4c52-84D5-77E344289F87}
    Roxio Creator EasyArchive-->MsiExec.exe /X{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}
    Roxio Creator Tools-->MsiExec.exe /X{0394CDC8-FABD-4ed8-B104-03393876DFDF}
    Roxio Express Labeler 3-->MsiExec.exe /X{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
    Roxio MyDVD Basic v9-->MsiExec.exe /X{938B1CD7-7C60-491E-AA90-1F1888168240}
    Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for Microsoft Office 2010 File Validation - Beta (KB976133)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{20140000-003D-0000-0000-0000000FF1CE}" "{701D1499-1FE5-4E8E-9E09-562423116373}" "1036" "0"
    Security Update for Microsoft Office 2010 File Validation - Beta (KB976133)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{20140000-003D-0000-0000-0000000FF1CE}" "{76CB26F9-C8AD-403B-8461-168B18C2FE31}" "1036" "0"
    Security Update for Microsoft Office 2010 File Validation - Beta (KB976133)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{20140000-003D-0000-0000-0000000FF1CE}" "{7CDAA76C-5DB2-431F-A921-14A106BD8FA3}" "1036" "0"
    Shareaza 2.5.1.0-->"C:\Program Files\Shareaza\Uninstall\unins000.exe"
    Sony Ericsson Media Manager 1.1-->MsiExec.exe /X{4A27B6AA-D139-4B69-97E0-B65B225E0673}
    Sony Ericsson PC Suite 4.010.00-->C:\Program Files\InstallShield Installation Information\{2FFE93F0-BB72-4E52-8761-354D1AAA9387}\ISAdmin.exe -runfromtemp -l0x0009 -removeonly
    Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}
    Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
    System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
    Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
    Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}
    Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
    WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe

    ======Security center information======

    AS: Spybot - Search and Destroy
    AS: Windows Defender

    ======System event log======

    Computer Name: PC-de-mack
    Event Code: 4386
    Message: Windows Servicing a requis un redémarrage pour terminer la modification de la mise à jour 949247-2505_neutral_PACKAGE du package KB949247(Update) à l’état Installation demandée(Install Requested)
    Record Number: 18651
    Source Name: Microsoft-Windows-Servicing
    Time Written: 20091227183430.000000-000
    Event Type: Avertissement
    User: PC-de-mack\mack

    Computer Name: PC-de-mack
    Event Code: 4386
    Message: Windows Servicing a requis un redémarrage pour terminer la modification de la mise à jour 949247-2502_neutral_PACKAGE du package KB949247(Update) à l’état Installation demandée(Install Requested)
    Record Number: 18650
    Source Name: Microsoft-Windows-Servicing
    Time Written: 20091227183430.000000-000
    Event Type: Avertissement
    User: PC-de-mack\mack

    Computer Name: PC-de-mack
    Event Code: 4376
    Message: Servicing a requis un redémarrage pour terminer la définition du package KB949247(Update) à l’état Installation demandée(Install Requested)
    Record Number: 18649
    Source Name: Microsoft-Windows-Servicing
    Time Written: 20091227183430.000000-000
    Event Type: Avertissement
    User: PC-de-mack\mack

    Computer Name: PC-de-mack
    Event Code: 4386
    Message: Windows Servicing a requis un redémarrage pour terminer la modification de la mise à jour 949247-2508_neutral_PACKAGE du package KB949247(Update) à l’état Installation demandée(Install Requested)
    Record Number: 18648
    Source Name: Microsoft-Windows-Servicing
    Time Written: 20091227183430.000000-000
    Event Type: Avertissement
    User: PC-de-mack\mack

    Computer Name: PC-de-mack
    Event Code: 4386
    Message: Windows Servicing a requis un redémarrage pour terminer la modification de la mise à jour 949247-2507_neutral_PACKAGE du package KB949247(Update) à l’état Installation demandée(Install Requested)
    Record Number: 18647
    Source Name: Microsoft-Windows-Servicing
    Time Written: 20091227183430.000000-000
    Event Type: Avertissement
    User: PC-de-mack\mack

    =====Application event log=====

    Computer Name: PC-de-mack
    Event Code: 101
    Message:
    Record Number: 490
    Source Name: Automatic LiveUpdate Scheduler
    Time Written: 20091227162609.000000-000
    Event Type: Erreur
    User: PC-de-mack\mack

    Computer Name: PC-de-mack
    Event Code: 5007
    Message: Impossible d’analyser le fichier cible de la plateforme de signalement de problèmes Windows (fichier DLL contenant la liste des problèmes de l’ordinateur et nécessitant la collecte de données supplémentaires à des fins de diagnostic). Le code d’erreur était : 8014FFF9.
    Record Number: 437
    Source Name: WerSvc
    Time Written: 20091227161350.000000-000
    Event Type: Erreur
    User:

    Computer Name: PC-de-mack
    Event Code: 1530
    Message: Windows a détecté que votre fichier de Registre est toujours utilisé par d'autres applications ou services. Le fichier va être déchargé. Les applications ou services qui ont accès à votre Registre risquent de ne pas fonctionner correctement après cela.

    DÉTAIL -
    1 user registry handles leaked from \Registry\User\S-1-5-21-3112142842-924342484-4140159455-1000:
    Process 552 (\Device\HarddiskVolume1\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-3112142842-924342484-4140159455-1000

    Record Number: 408
    Source Name: Microsoft-Windows-User Profiles Service
    Time Written: 20091227160917.000000-000
    Event Type: Avertissement
    User: AUTORITE NT\SYSTEM

    Computer Name: PC-de-mack
    Event Code: 5007
    Message: Impossible d’analyser le fichier cible de la plateforme de signalement de problèmes Windows (fichier DLL contenant la liste des problèmes de l’ordinateur et nécessitant la collecte de données supplémentaires à des fins de diagnostic). Le code d’erreur était : 8014FFF9.
    Record Number: 364
    Source Name: WerSvc
    Time Written: 20091227154421.000000-000
    Event Type: Erreur
    User:

    Computer Name: PC-de-mack
    Event Code: 1008
    Message: Le service Windows Search tente de supprimer l’ancien catalogue.

    Record Number: 361
    Source Name: Microsoft-Windows-Search
    Time Written: 20091227154332.000000-000
    Event Type: Avertissement
    User:

    =====Security event log=====

    Computer Name: PC-de-mack
    Event Code: 4647
    Message: Fermeture de session initiée par l’utilisateur :

    Sujet :
    ID de sécurité : S-1-5-21-3112142842-924342484-4140159455-500
    Nom du compte : Administrator
    Domaine du compte : LH-DBWDNYIDEP4O
    ID d’ouverture de session : 0x45485

    Cet événement est généré lorsqu’une fermeture de session est initiée, mais que le nombre de références du jeton n’étant pas zéro, la session ouverte ne peut pas être supprimée. Aucune autre activité initiée par l’utilisateur ne peut se produire. Cet événement peut être interprété comme un événement de fermeture de session.
    Record Number: 308
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20091227144451.174000-000
    Event Type: Succès de l'audit
    User:

    Computer Name: PC-de-mack
    Event Code: 4634
    Message: Fermeture de session d’un compte.

    Sujet :
    ID de sécurité : S-1-5-7
    Nom du compte : ANONYMOUS LOGON
    Domaine du compte : AUTORITE NT
    ID du compte : 0x25d4a

    Type d’ouverture de session : 3

    Cet événement est généré lorsqu’une session ouverte est supprimée. Il peut être associé à un événement d’ouverture de session en utilisant la valeur ID d’ouverture de session. Les ID d’ouverture de session ne sont uniques qu’entre les redémarrages sur un même ordinateur.
    Record Number: 307
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20091227144448.631200-000
    Event Type: Succès de l'audit
    User:

    Computer Name: LH-DBWDNYIDEP4O
    Event Code: 4616
    Message: L’heure du système a été modifiée.

    Sujet :
    ID de sécurité : S-1-5-19
    Nom du compte : SERVICE LOCAL
    Domaine du compte : AUTORITE NT
    ID d’ouverture de session : 0x3e5

    Informations sur le processus :
    ID du processus : 0x448
    Nom : C:\Windows\System32\svchost.exe

    Heure précédente : 15:44:48 27/12/2009
    Nouvelle heure : 15:44:48 27/12/2009

    Cet événement est généré lorsque l’heure du système est modifiée. Le changement régulier de l’heure du système est une opération normale de la part du service de temps Windows qui s’exécute avec des privilèges système. Mais, d’autres modifications de l’heure du système peuvent indiquer des tentatives de falsification de l’ordinateur.
    Record Number: 306
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20091227144448.288000-000
    Event Type: Succès de l'audit
    User:

    Computer Name: LH-DBWDNYIDEP4O
    Event Code: 1100
    Message: Le service d’enregistrement des événements a été arrêté.
    Record Number: 305
    Source Name: Microsoft-Windows-Eventlog
    Time Written: 20091227144448.288779-000
    Event Type: Succès de l'audit
    User:

    Computer Name: LH-DBWDNYIDEP4O
    Event Code: 1102
    Message: Le journal d’audit a été effacé.
    Objet :
    ID de sécurité : S-1-5-21-3112142842-924342484-4140159455-500
    Nom de compte : Administrator
    Nom de domaine : LH-DBWDNYIDEP4O
    ID de connexion : 0x45485
    Record Number: 304
    Source Name: Microsoft-Windows-Eventlog
    Time Written: 20091227144426.766379-000
    Event Type: Succès de l'audit
    User:

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "Path"=%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\hp\bin\Python;c:\Program Files\Common Files\Roxio Shared\DLLShared\;c:\Program Files\Common Files\Roxio Shared\DLLShared\;c:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\Program Files\QuickTime\QTSystem\
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
    "PROCESSOR_ARCHITECTURE"=x86
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "USERNAME"=SYSTEM
    "windir"=%SystemRoot%
    "PROCESSOR_LEVEL"=15
    "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 107 Stepping 1, AuthenticAMD
    "PROCESSOR_REVISION"=6b01
    "NUMBER_OF_PROCESSORS"=2
    "RoxioCentral"=c:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
    "PLATFORM"=HPD
    "PCBRAND"=Presario
    "OnlineServices"=Services en ligne
    "CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
    "QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip

    -----------------EOF-----------------
    0
  2. mack.bolan Messages postés 1732 Statut Membre 256
     
    toujours aucune reponce apres 3 jours !!!
    0