Google infecté
Résolu/Fermé
yohanaldo
Messages postés
52
Date d'inscription
lundi 19 avril 2010
Statut
Membre
Dernière intervention
22 septembre 2017
-
19 avril 2010 à 01:46
coachkpn1 - 10 août 2010 à 10:38
coachkpn1 - 10 août 2010 à 10:38
A voir également:
- Google infecté
- Google maps satellite - Guide
- Dns google - Guide
- Google earth - Télécharger - 3D
- Google - Guide
- Créer un compte google - Guide
46 réponses
dédétraqué
Messages postés
4384
Date d'inscription
vendredi 5 septembre 2008
Statut
Contributeur sécurité
Dernière intervention
4 février 2013
286
19 avril 2010 à 01:54
19 avril 2010 à 01:54
Salut yohanaldo, bienvenu sur CCM
On va vérifier cela, télécharge RSIT (de random/random) sur le bureau ici :
http://images.malwareremoval.com/random/RSIT.exe
- Clique droit sur RSIT.exe qui est sur le bureau et choisir exécuter en tant qu'administrateur
- Clique sur Continue dans la fenêtre
- RSIT téléchargera HijackThis si il n'est pas présent où détecté, alors il faudra accepter la licence
- Poste le contenue des deux rapports, log.txt et info.txt(réduit dans la barre des tâches) à la fin de l'analyse
Les rapports sont dans le dossier ici C:\rsit
@++ :)
On va vérifier cela, télécharge RSIT (de random/random) sur le bureau ici :
http://images.malwareremoval.com/random/RSIT.exe
- Clique droit sur RSIT.exe qui est sur le bureau et choisir exécuter en tant qu'administrateur
- Clique sur Continue dans la fenêtre
- RSIT téléchargera HijackThis si il n'est pas présent où détecté, alors il faudra accepter la licence
- Poste le contenue des deux rapports, log.txt et info.txt(réduit dans la barre des tâches) à la fin de l'analyse
Les rapports sont dans le dossier ici C:\rsit
@++ :)
yohanaldo
Messages postés
52
Date d'inscription
lundi 19 avril 2010
Statut
Membre
Dernière intervention
22 septembre 2017
3
19 avril 2010 à 21:00
19 avril 2010 à 21:00
le rapport info.txt :
info.txt logfile of random's system information tool 1.06 2010-04-19 20:25:21
======Uninstall list======
-->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
32 Bit HP CIO Components Installer-->MsiExec.exe /I{2614F54E-A828-49FA-93BA-45A3F756BFAA}
Ad-Aware Email Scanner for Outlook-->MsiExec.exe /I{338F08AB-C262-42C7-B000-34DE1A475273}
Ad-Aware-->"C:\ProgramData\{52AC600B-5800-407E-99FF-83CD0669760B}\Ad-AwareInstaller.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->C:\ProgramData\{52AC600B-5800-407E-99FF-83CD0669760B}\Ad-AwareInstaller.exe
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->MsiExec.exe /X{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}
Adobe Photoshop Elements 6.0-->msiexec /I {F54AC413-D2C6-4A24-B324-370C223C6250}
Adobe Photoshop Elements 6-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *AdobePE6*
Adobe Reader 8-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *AdobeReader*
Adobe Reader 9.3.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A93000000001}
Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
ADSL Neuf-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *NEUF_FR*
Apple Mobile Device Support-->MsiExec.exe /I{162B71B8-8464-4680-A086-601D555B331D}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
ATI Display Driver V8.510.0.0000-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *VGA*
ATK Hotkey UTILITY V1.00.0037-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *ATKHotkey*
ATK Hotkey-->C:\Program Files\InstallShield Installation Information\{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}\setup.exe -runfromtemp -l0x040c -removeonly
Auslogics Disk Defrag-->"C:\Program Files\Auslogics\Auslogics Disk Defrag\unins000.exe"
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
BetClic Poker-->C:\PROGRA~1\BETCLI~1\UNWISE.EXE C:\PROGRA~1\BETCLI~1\INSTALL.LOG
BitTorrent-->C:\Program Files\BitTorrent\uninst.exe
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Browser Address Error Redirector-->regsvr32 /u /s "C:\Program Files\Google\Google_BAE\BAE.dll"
CamStudio 2.0 Fr-->"C:\Program Files\CamStudio\unins000.exe"
Cartoonist 1.3-->"C:\Program Files\Cartoonist\unins000.exe"
Catalyst Control Center - Branding-->MsiExec.exe /I{E3A5DDF7-17BD-43F1-9EBA-BB136EEB17DC}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
DeskScapes-->C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\UNWISE.EXE C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\INSTALL.LOG
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DreamMaker-->C:\PROGRA~1\Stardock\OBJECT~1\DREAMM~1\UNWISE.EXE C:\PROGRA~1\Stardock\OBJECT~1\DREAMM~1\INSTALL.LOG
eMule-->"C:\Program Files\eMule\Uninstall.exe"
EVEREST Corporate Edition v5.30-->"C:\Program Files\Lavalys\EVEREST Corporate Edition\unins000.exe"
Freeplayer-->C:\Program Files\Freeplayer\Uninstall.exe
Gestionnaire de Connexion SFR 2009.09-->"C:\Program Files\SFR\Gestionnaire de Connexion SFR\unins000.exe"
Google BAE-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *GoogleBAE*
Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Earth-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *GOOGLE_EARTH*
Google Earth-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}\setup.exe" -l0x40c -removeonly
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google Web Accelerator-->MsiExec.exe /X{6A1975EB-27E6-491D-94BC-6355FA25F40F}
GoogleDesktop-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *GoogleDesktop*
GoogleToolbar-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *GoogleToolbar*
HDReg France-->MsiExec.exe /I{0ED40D2A-7131-4FE7-941E-5C329336F712}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Customer Participation Program 9.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Imaging Device Functions 9.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP OCR Software 9.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
HP Photosmart All-In-One Software 9.0-->C:\Program Files\HP\Digital Imaging\{B46AC30C-22D2-4610-B041-1DA7BB29EB57}\setup\hpzscr01.exe -datfile hposcr21.dat
HP Photosmart Essential 3.5-->C:\Program Files\HP\Digital Imaging\PhotosmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Smart Web Printing-->MsiExec.exe /X{415CDA53-9100-476F-A7B2-476691E117C7}
HP Solution Center 9.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{818ABC3C-635C-4651-8183-D0E9640B7DD1}
HPSSupply-->MsiExec.exe /X{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}
ImgBurn-->"C:\Program Files\ImgBurn\uninstall.exe"
Indeo® Software-->C:\Windows\IsUninst.exe -f"C:\Program Files\Ligos\Indeo\Uninst.isu" -c"C:\Program Files\Ligos\Indeo\Indeo System Files\indounin.dll"
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Intel A/V Codecs V2.0-->C:\Windows\IsUninst.exe -fC:\Windows\system32\CDUninst.isu
Intel Wireless WiFi Link Adapters Ver12.0.0.82-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *WLAN*
Intel(R) Matrix Storage Manager V8.2.0.1001-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *IMSM*
Intel® Matrix Storage Manager-->C:\Windows\system32\imsmudlg.exe -uninstall
ITECIR Vista Driver V5.0.4.6-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *CIR*
ITECIR-->C:\Program Files\InstallShield Installation Information\{40580068-9B10-40B5-9548-536CE88AB23C}\setup.exe -runfromtemp -l0x040c -removeonly
Java(TM) 6 Update 15-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
KaraFun 1.18-->"C:\Program Files\KaraFun\unins000.exe"
K-Lite Codec Pack 4.4.5 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
LFP MANAGER 08-->C:\Program Files\EA SPORTS\LFP MANAGER 08\eauninstall.exe
LimeWire 5.4.6-->"C:\Program Files\LimeWire\uninstall.exe"
ManyCam 2.4 (remove only)-->"C:\Program Files\ManyCam 2.4\uninstall.exe"
MAX_FR_Atube Toolbar-->C:\PROGRA~1\MAX_FR~1\UNWISE.EXE /U C:\PROGRA~1\MAX_FR~1\INSTALL.LOG
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2010 (Beta)-->MsiExec.exe /X{20140000-0016-0409-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2010 (Beta)-->MsiExec.exe /X{20140000-00BA-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Mondo 2010 (Beta)-->MsiExec.exe /X{20140000-000F-0000-0000-0000000FF1CE}
Microsoft Office Mondo 2010-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall MONDO /dll OSETUP.DLL
Microsoft Office MondoOnly MUI (English) 2010 (Beta)-->MsiExec.exe /X{20140000-0102-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2010 (Beta)-->MsiExec.exe /X{20140000-001A-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2010 (Beta)-->MsiExec.exe /X{20140000-0018-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Beta)-->MsiExec.exe /X{20140000-0115-0409-0000-0000000FF1CE}
Microsoft Office SharePoint Designer MUI (English) 2010 (Beta)-->MsiExec.exe /X{20140000-0017-0409-0000-0000000FF1CE}
Microsoft Office Visio MUI (English) 2010 (Beta)-->MsiExec.exe /X{20140000-0054-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Works 9 SE-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *works9se*
Microsoft Works-->MsiExec.exe /I{0214A441-A4AB-43A8-8DEF-2F73C5364673}
Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}
Mise à jour Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {51EFB347-1F3D-4BAC-8B79-F056B904FE21}
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3}
Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223}
Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nero 8 Essentials-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Nero8*
Nero 8 Essentials-->MsiExec.exe /X{980B9958-1239-4FC5-8C88-AC5650321036}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Neuf - Kit de connexion-->C:\Program Files\Neuf\Kit\uninstall.exe
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Packard Bell ImageWriter-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *ImageWriter*
Packard Bell LCD Test-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *LCDTest*
Packard Bell Updator-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Updator*
Packardbell EcoButton UTILITY V1.00.01-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *EcoButton*
Packardbell_EcoBtn-->C:\Program Files\InstallShield Installation Information\{7DBCD0B0-F5E1-4072-9B68-EBF32B322756}\setup.exe -runfromtemp -l0x0009 -removeonly
Photo! Web Album 1.2-->"C:\Program Files\Photo!\Photo! Web Album\unins000.exe"
Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"
Picasa2-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Picasa_2*
Poker 770-->"C:\Poker\Poker 770\_SetupCasino_5725_EN.exe" /uninstall
Realtek 8169 8168 8101E 8102E Ethernet Driver-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -l0x040c -removeonly
Realtek High Definition Audio Driver V6.0.1.5643-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *AUDIO*
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m -nrg2709
Realtek PCI-E Gigabit Ethernet Driver V6.206.0502.2008-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *LAN*
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.01-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *RICOH*
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.01-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{59F6A514-9813-47A3-948C-8A155460CC2A}\setup.exe" -l0x40c anything
SAMSUNG Mobile Modem Driver Set-->C:\Windows\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
Samsung Mobile phone USB driver Software-->C:\Windows\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\Windows\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\Windows\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Samsung PC Studio 3-->"C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -runfromtemp -l0x040c -removeonly
SeaTools for Windows-->MsiExec.exe /I{98613C99-1399-416C-A07C-1EE1C585D872}
Security Update for Windows Media Encoder (KB954156)-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} MSIPATCHREMOVE={E836F1B7-43FB-46B0-A0D9-E4D2A5951659} /qb
SetUp My PC-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *SETUPMYPC_FR*
Skype 3.6.2.248-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *SKYPE*
Skype(TM) 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
SpeedBit Video Accelerator-->"C:\Program Files\SpeedBit Video Accelerator\VARemove.exe" temp
Spelling Dictionaries Support For Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003}
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
StyleXP (remove only)-->"C:\Program Files\TGTSoft\StyleXP\StyleXP-uninstall.exe"
Synaptics Pointing Device driver Ver11.0.4.0-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *TOUCHPAD*
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Torrent101-->C:\Program Files\Torrent101\uninst.exe
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Outlook 2007 Junk Email Filter (kb979895)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {D45674C6-9127-4C84-8826-93FBC552DF53}
USB 2.0 1.3M UVC WebCam Camera driver V61.005.029.190-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *CAMERA*
USB 2.0 1.3M UVC WebCam-->C:\Windows\Uninstsxga.bat
Utilitaires Sierra-->C:\Program Files\Sierra On-Line\sutil32.exe uninstall
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\Windows\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Media Encoder 9 Series-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Encoder 9 Series-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
X10 Hardware(TM)-->C:\Windows\UNWISE.EXE C:\PROGRA~1\X10HAR~1\Install.log
======Security center information======
AV: BitDefender Antivirus
FW: BitDefender Firewall
AS: BitDefender Antispyware
AS: Windows Defender
======System event log======
info.txt logfile of random's system information tool 1.06 2010-04-19 20:25:21
======Uninstall list======
-->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
32 Bit HP CIO Components Installer-->MsiExec.exe /I{2614F54E-A828-49FA-93BA-45A3F756BFAA}
Ad-Aware Email Scanner for Outlook-->MsiExec.exe /I{338F08AB-C262-42C7-B000-34DE1A475273}
Ad-Aware-->"C:\ProgramData\{52AC600B-5800-407E-99FF-83CD0669760B}\Ad-AwareInstaller.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->C:\ProgramData\{52AC600B-5800-407E-99FF-83CD0669760B}\Ad-AwareInstaller.exe
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->MsiExec.exe /X{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}
Adobe Photoshop Elements 6.0-->msiexec /I {F54AC413-D2C6-4A24-B324-370C223C6250}
Adobe Photoshop Elements 6-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *AdobePE6*
Adobe Reader 8-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *AdobeReader*
Adobe Reader 9.3.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A93000000001}
Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
ADSL Neuf-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *NEUF_FR*
Apple Mobile Device Support-->MsiExec.exe /I{162B71B8-8464-4680-A086-601D555B331D}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
ATI Display Driver V8.510.0.0000-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *VGA*
ATK Hotkey UTILITY V1.00.0037-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *ATKHotkey*
ATK Hotkey-->C:\Program Files\InstallShield Installation Information\{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}\setup.exe -runfromtemp -l0x040c -removeonly
Auslogics Disk Defrag-->"C:\Program Files\Auslogics\Auslogics Disk Defrag\unins000.exe"
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
BetClic Poker-->C:\PROGRA~1\BETCLI~1\UNWISE.EXE C:\PROGRA~1\BETCLI~1\INSTALL.LOG
BitTorrent-->C:\Program Files\BitTorrent\uninst.exe
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Browser Address Error Redirector-->regsvr32 /u /s "C:\Program Files\Google\Google_BAE\BAE.dll"
CamStudio 2.0 Fr-->"C:\Program Files\CamStudio\unins000.exe"
Cartoonist 1.3-->"C:\Program Files\Cartoonist\unins000.exe"
Catalyst Control Center - Branding-->MsiExec.exe /I{E3A5DDF7-17BD-43F1-9EBA-BB136EEB17DC}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
DeskScapes-->C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\UNWISE.EXE C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\INSTALL.LOG
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DreamMaker-->C:\PROGRA~1\Stardock\OBJECT~1\DREAMM~1\UNWISE.EXE C:\PROGRA~1\Stardock\OBJECT~1\DREAMM~1\INSTALL.LOG
eMule-->"C:\Program Files\eMule\Uninstall.exe"
EVEREST Corporate Edition v5.30-->"C:\Program Files\Lavalys\EVEREST Corporate Edition\unins000.exe"
Freeplayer-->C:\Program Files\Freeplayer\Uninstall.exe
Gestionnaire de Connexion SFR 2009.09-->"C:\Program Files\SFR\Gestionnaire de Connexion SFR\unins000.exe"
Google BAE-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *GoogleBAE*
Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Earth-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *GOOGLE_EARTH*
Google Earth-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}\setup.exe" -l0x40c -removeonly
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google Web Accelerator-->MsiExec.exe /X{6A1975EB-27E6-491D-94BC-6355FA25F40F}
GoogleDesktop-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *GoogleDesktop*
GoogleToolbar-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *GoogleToolbar*
HDReg France-->MsiExec.exe /I{0ED40D2A-7131-4FE7-941E-5C329336F712}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Customer Participation Program 9.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Imaging Device Functions 9.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP OCR Software 9.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
HP Photosmart All-In-One Software 9.0-->C:\Program Files\HP\Digital Imaging\{B46AC30C-22D2-4610-B041-1DA7BB29EB57}\setup\hpzscr01.exe -datfile hposcr21.dat
HP Photosmart Essential 3.5-->C:\Program Files\HP\Digital Imaging\PhotosmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Smart Web Printing-->MsiExec.exe /X{415CDA53-9100-476F-A7B2-476691E117C7}
HP Solution Center 9.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{818ABC3C-635C-4651-8183-D0E9640B7DD1}
HPSSupply-->MsiExec.exe /X{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}
ImgBurn-->"C:\Program Files\ImgBurn\uninstall.exe"
Indeo® Software-->C:\Windows\IsUninst.exe -f"C:\Program Files\Ligos\Indeo\Uninst.isu" -c"C:\Program Files\Ligos\Indeo\Indeo System Files\indounin.dll"
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Intel A/V Codecs V2.0-->C:\Windows\IsUninst.exe -fC:\Windows\system32\CDUninst.isu
Intel Wireless WiFi Link Adapters Ver12.0.0.82-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *WLAN*
Intel(R) Matrix Storage Manager V8.2.0.1001-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *IMSM*
Intel® Matrix Storage Manager-->C:\Windows\system32\imsmudlg.exe -uninstall
ITECIR Vista Driver V5.0.4.6-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *CIR*
ITECIR-->C:\Program Files\InstallShield Installation Information\{40580068-9B10-40B5-9548-536CE88AB23C}\setup.exe -runfromtemp -l0x040c -removeonly
Java(TM) 6 Update 15-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
KaraFun 1.18-->"C:\Program Files\KaraFun\unins000.exe"
K-Lite Codec Pack 4.4.5 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
LFP MANAGER 08-->C:\Program Files\EA SPORTS\LFP MANAGER 08\eauninstall.exe
LimeWire 5.4.6-->"C:\Program Files\LimeWire\uninstall.exe"
ManyCam 2.4 (remove only)-->"C:\Program Files\ManyCam 2.4\uninstall.exe"
MAX_FR_Atube Toolbar-->C:\PROGRA~1\MAX_FR~1\UNWISE.EXE /U C:\PROGRA~1\MAX_FR~1\INSTALL.LOG
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2010 (Beta)-->MsiExec.exe /X{20140000-0016-0409-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2010 (Beta)-->MsiExec.exe /X{20140000-00BA-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Mondo 2010 (Beta)-->MsiExec.exe /X{20140000-000F-0000-0000-0000000FF1CE}
Microsoft Office Mondo 2010-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall MONDO /dll OSETUP.DLL
Microsoft Office MondoOnly MUI (English) 2010 (Beta)-->MsiExec.exe /X{20140000-0102-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2010 (Beta)-->MsiExec.exe /X{20140000-001A-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2010 (Beta)-->MsiExec.exe /X{20140000-0018-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Beta)-->MsiExec.exe /X{20140000-0115-0409-0000-0000000FF1CE}
Microsoft Office SharePoint Designer MUI (English) 2010 (Beta)-->MsiExec.exe /X{20140000-0017-0409-0000-0000000FF1CE}
Microsoft Office Visio MUI (English) 2010 (Beta)-->MsiExec.exe /X{20140000-0054-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Works 9 SE-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *works9se*
Microsoft Works-->MsiExec.exe /I{0214A441-A4AB-43A8-8DEF-2F73C5364673}
Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}
Mise à jour Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {51EFB347-1F3D-4BAC-8B79-F056B904FE21}
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3}
Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223}
Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nero 8 Essentials-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Nero8*
Nero 8 Essentials-->MsiExec.exe /X{980B9958-1239-4FC5-8C88-AC5650321036}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Neuf - Kit de connexion-->C:\Program Files\Neuf\Kit\uninstall.exe
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Packard Bell ImageWriter-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *ImageWriter*
Packard Bell LCD Test-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *LCDTest*
Packard Bell Updator-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Updator*
Packardbell EcoButton UTILITY V1.00.01-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *EcoButton*
Packardbell_EcoBtn-->C:\Program Files\InstallShield Installation Information\{7DBCD0B0-F5E1-4072-9B68-EBF32B322756}\setup.exe -runfromtemp -l0x0009 -removeonly
Photo! Web Album 1.2-->"C:\Program Files\Photo!\Photo! Web Album\unins000.exe"
Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"
Picasa2-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Picasa_2*
Poker 770-->"C:\Poker\Poker 770\_SetupCasino_5725_EN.exe" /uninstall
Realtek 8169 8168 8101E 8102E Ethernet Driver-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -l0x040c -removeonly
Realtek High Definition Audio Driver V6.0.1.5643-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *AUDIO*
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m -nrg2709
Realtek PCI-E Gigabit Ethernet Driver V6.206.0502.2008-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *LAN*
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.01-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *RICOH*
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.01-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{59F6A514-9813-47A3-948C-8A155460CC2A}\setup.exe" -l0x40c anything
SAMSUNG Mobile Modem Driver Set-->C:\Windows\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
Samsung Mobile phone USB driver Software-->C:\Windows\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\Windows\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\Windows\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Samsung PC Studio 3-->"C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -runfromtemp -l0x040c -removeonly
SeaTools for Windows-->MsiExec.exe /I{98613C99-1399-416C-A07C-1EE1C585D872}
Security Update for Windows Media Encoder (KB954156)-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} MSIPATCHREMOVE={E836F1B7-43FB-46B0-A0D9-E4D2A5951659} /qb
SetUp My PC-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *SETUPMYPC_FR*
Skype 3.6.2.248-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *SKYPE*
Skype(TM) 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
SpeedBit Video Accelerator-->"C:\Program Files\SpeedBit Video Accelerator\VARemove.exe" temp
Spelling Dictionaries Support For Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003}
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
StyleXP (remove only)-->"C:\Program Files\TGTSoft\StyleXP\StyleXP-uninstall.exe"
Synaptics Pointing Device driver Ver11.0.4.0-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *TOUCHPAD*
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Torrent101-->C:\Program Files\Torrent101\uninst.exe
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Outlook 2007 Junk Email Filter (kb979895)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {D45674C6-9127-4C84-8826-93FBC552DF53}
USB 2.0 1.3M UVC WebCam Camera driver V61.005.029.190-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *CAMERA*
USB 2.0 1.3M UVC WebCam-->C:\Windows\Uninstsxga.bat
Utilitaires Sierra-->C:\Program Files\Sierra On-Line\sutil32.exe uninstall
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\Windows\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Media Encoder 9 Series-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Encoder 9 Series-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
X10 Hardware(TM)-->C:\Windows\UNWISE.EXE C:\PROGRA~1\X10HAR~1\Install.log
======Security center information======
AV: BitDefender Antivirus
FW: BitDefender Firewall
AS: BitDefender Antispyware
AS: Windows Defender
======System event log======
yohanaldo
Messages postés
52
Date d'inscription
lundi 19 avril 2010
Statut
Membre
Dernière intervention
22 septembre 2017
3
19 avril 2010 à 21:01
19 avril 2010 à 21:01
Computer Name: PC-de-yohan
Event Code: 4376
Message: Servicing a requis un redémarrage pour terminer la définition du package KB968816(Security Update) à l'état Installation demandée(Install Requested)
Record Number: 71050
Source Name: Microsoft-Windows-Servicing
Time Written: 20090910010503.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
Computer Name: PC-de-yohan
Event Code: 4376
Message: Servicing a requis un redémarrage pour terminer la définition du package KB968816(Security Update) à l'état Installation demandée(Install Requested)
Record Number: 71047
Source Name: Microsoft-Windows-Servicing
Time Written: 20090910010503.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
Computer Name: PC-de-yohan
Event Code: 4374
Message: Windows Servicing a déterminé que ce package KB968816(Security Update) n'est pas applicable à ce système.
Record Number: 71007
Source Name: Microsoft-Windows-Servicing
Time Written: 20090910010458.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
Computer Name: PC-de-yohan
Event Code: 4374
Message: Windows Servicing a déterminé que ce package KB905866(Update) n'est pas applicable à ce système.
Record Number: 70911
Source Name: Microsoft-Windows-Servicing
Time Written: 20090910010225.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
Computer Name: PC-de-yohan
Event Code: 7000
Message: Le service Profos n'a pas pu démarrer en raison de l'erreur :
Cette demande n'est pas prise en charge.
Record Number: 70822
Source Name: Service Control Manager
Time Written: 20090910000005.000000-000
Event Type: Erreur
User:
=====Application event log=====
Computer Name: PC-de-yohan
Event Code: 1008
Message: Le service Windows Search tente de supprimer l'ancien catalogue.
Record Number: 937
Source Name: Microsoft-Windows-Search
Time Written: 20090106173800.000000-000
Event Type: Avertissement
User:
Computer Name: PC-de-yohan
Event Code: 1530
Message: Windows a détecté que votre fichier de Registre est toujours utilisé par d'autres applications ou services. Le fichier va être déchargé. Les applications ou services qui ont accès à votre Registre risquent de ne pas fonctionner correctement après cela.
DÉTAIL -
16 user registry handles leaked from \Registry\User\S-1-5-21-2881880658-3555428079-2209020445-1000:
Process 644 (\Device\HarddiskVolume2\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-2881880658-3555428079-2209020445-1000
Process 1824 (\Device\HarddiskVolume2\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2881880658-3555428079-2209020445-1000
Process 1824 (\Device\HarddiskVolume2\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2881880658-3555428079-2209020445-1000
Process 1824 (\Device\HarddiskVolume2\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2881880658-3555428079-2209020445-1000
Process 1824 (\Device\HarddiskVolume2\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2881880658-3555428079-2209020445-1000
Process 1824 (\Device\HarddiskVolume2\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2881880658-3555428079-2209020445-1000\Software\Microsoft\SystemCertificates\trust
Process 1824 (\Device\HarddiskVolume2\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2881880658-3555428079-2209020445-1000\Software\Microsoft\SystemCertificates\My
Process 1824 (\Device\HarddiskVolume2\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2881880658-3555428079-2209020445-1000\Software\Microsoft\SystemCertificates\CA
Process 1824 (\Device\HarddiskVolume2\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2881880658-3555428079-2209020445-1000\Software\Policies\Microsoft\SystemCertificates
Process 1824 (\Device\HarddiskVolume2\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2881880658-3555428079-2209020445-1000\Software\Policies\Microsoft\SystemCertificates
Process 1824 (\Device\HarddiskVolume2\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2881880658-3555428079-2209020445-1000\Software\Policies\Microsoft\SystemCertificates
Process 1824 (\Device\HarddiskVolume2\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2881880658-3555428079-2209020445-1000\Software\Policies\Microsoft\SystemCertificates
Process 1824 (\Device\HarddiskVolume2\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2881880658-3555428079-2209020445-1000\Software\Microsoft\SystemCertificates\Root
Process 1824 (\Device\HarddiskVolume2\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2881880658-3555428079-2209020445-1000\Software\Microsoft\SystemCertificates\Disallowed
Process 1824 (\Device\HarddiskVolume2\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2881880658-3555428079-2209020445-1000\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 1824 (\Device\HarddiskVolume2\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2881880658-3555428079-2209020445-1000\Software\Microsoft\SystemCertificates\TrustedPeople
Record Number: 917
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20090106173500.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
Computer Name: PC-de-yohan
Event Code: 8194
Message: Erreur du service de cliché instantané des volumes : erreur lors de l'interrogation de l'interface IVssWriterCallback. hr = 0x80070005. Cette erreur est souvent due à des paramètres de sécurité incorrects dans le processus du rédacteur ou du demandeur.
Opération :
Données du rédacteur en cours de collecte
Contexte :
ID de classe du rédacteur: {e8132975-6f93-4464-a53e-1050253ae220}
Nom du rédacteur: System Writer
ID d'instance du rédacteur: {953ddc91-0777-4ed6-a326-27bbf5623234}
Record Number: 907
Source Name: VSS
Time Written: 20090106173015.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-yohan
Event Code: 10
Message: Le filtre d'événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n'a pas pu être réactivé dans l'espace de noms « //./root/CIMV2 » à cause de l'erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé.
Record Number: 820
Source Name: Microsoft-Windows-WMI
Time Written: 20090106152144.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-yohan
Event Code: 1008
Message: Le service Windows Search tente de supprimer l'ancien catalogue.
Record Number: 816
Source Name: Microsoft-Windows-Search
Time Written: 20090106152141.000000-000
Event Type: Avertissement
User:
=====Security event log=====
Computer Name: PC-de-yohan
Event Code: 4634
Message: Fermeture de session d'un compte.
Sujet :
ID de sécurité : S-1-5-21-2881880658-3555428079-2209020445-1000
Nom du compte : yohan
Domaine du compte : PC-de-yohan
ID du compte : 0x12cfc8e9
Type d'ouverture de session : 7
Cet événement est généré lorsqu'une session ouverte est supprimée. Il peut être associé à un événement d'ouverture de session en utilisant la valeur ID d'ouverture de session. Les ID d'ouverture de session ne sont uniques qu'entre les redémarrages sur un même ordinateur.
Record Number: 24312
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090917155616.297800-000
Event Type: Succès de l'audit
User:
Computer Name: PC-de-yohan
Event Code: 5032
Message: Le Pare-feu Windows n'a pas pu notifier l'utilisateur qu'il a empêché une application d'accepter des connexions entrantes sur le réseau.
Code d'erreur : 2
Record Number: 24311
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090917155612.460800-000
Event Type: Échec de l'audit
User:
Computer Name: PC-de-yohan
Event Code: 5032
Message: Le Pare-feu Windows n'a pas pu notifier l'utilisateur qu'il a empêché une application d'accepter des connexions entrantes sur le réseau.
Code d'erreur : 2
Record Number: 24310
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090917155612.460800-000
Event Type: Échec de l'audit
User:
Computer Name: PC-de-yohan
Event Code: 5032
Message: Le Pare-feu Windows n'a pas pu notifier l'utilisateur qu'il a empêché une application d'accepter des connexions entrantes sur le réseau.
Code d'erreur : 2
Record Number: 24309
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090917155612.460800-000
Event Type: Échec de l'audit
User:
Computer Name: PC-de-yohan
Event Code: 4672
Message: Privilèges spéciaux attribués à la nouvelle ouverture de session.
Sujet :
ID de sécurité : S-1-5-18
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
ID d'ouverture de session : 0x3e7
Privilèges : SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 24308
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090917133532.764200-000
Event Type: Succès de l'audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"DFSTRACINGON"=FALSE
"FP_NO_HOST_CHECK"=NO
"NUMBER_OF_PROCESSORS"=2
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Samsung\Samsung PC Studio 3\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 6, GenuineIntel
"PROCESSOR_LEVEL"=6
"PROCESSOR_REVISION"=1706
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
-----------------EOF-----------------
J'ai parcelé la reponse parce que je n'arrive pas à tout envoyer d'un coup
En attendant de tes nouvelles, je te remercie encore pour ton aide
Event Code: 4376
Message: Servicing a requis un redémarrage pour terminer la définition du package KB968816(Security Update) à l'état Installation demandée(Install Requested)
Record Number: 71050
Source Name: Microsoft-Windows-Servicing
Time Written: 20090910010503.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
Computer Name: PC-de-yohan
Event Code: 4376
Message: Servicing a requis un redémarrage pour terminer la définition du package KB968816(Security Update) à l'état Installation demandée(Install Requested)
Record Number: 71047
Source Name: Microsoft-Windows-Servicing
Time Written: 20090910010503.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
Computer Name: PC-de-yohan
Event Code: 4374
Message: Windows Servicing a déterminé que ce package KB968816(Security Update) n'est pas applicable à ce système.
Record Number: 71007
Source Name: Microsoft-Windows-Servicing
Time Written: 20090910010458.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
Computer Name: PC-de-yohan
Event Code: 4374
Message: Windows Servicing a déterminé que ce package KB905866(Update) n'est pas applicable à ce système.
Record Number: 70911
Source Name: Microsoft-Windows-Servicing
Time Written: 20090910010225.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
Computer Name: PC-de-yohan
Event Code: 7000
Message: Le service Profos n'a pas pu démarrer en raison de l'erreur :
Cette demande n'est pas prise en charge.
Record Number: 70822
Source Name: Service Control Manager
Time Written: 20090910000005.000000-000
Event Type: Erreur
User:
=====Application event log=====
Computer Name: PC-de-yohan
Event Code: 1008
Message: Le service Windows Search tente de supprimer l'ancien catalogue.
Record Number: 937
Source Name: Microsoft-Windows-Search
Time Written: 20090106173800.000000-000
Event Type: Avertissement
User:
Computer Name: PC-de-yohan
Event Code: 1530
Message: Windows a détecté que votre fichier de Registre est toujours utilisé par d'autres applications ou services. Le fichier va être déchargé. Les applications ou services qui ont accès à votre Registre risquent de ne pas fonctionner correctement après cela.
DÉTAIL -
16 user registry handles leaked from \Registry\User\S-1-5-21-2881880658-3555428079-2209020445-1000:
Process 644 (\Device\HarddiskVolume2\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-2881880658-3555428079-2209020445-1000
Process 1824 (\Device\HarddiskVolume2\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2881880658-3555428079-2209020445-1000
Process 1824 (\Device\HarddiskVolume2\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2881880658-3555428079-2209020445-1000
Process 1824 (\Device\HarddiskVolume2\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2881880658-3555428079-2209020445-1000
Process 1824 (\Device\HarddiskVolume2\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2881880658-3555428079-2209020445-1000
Process 1824 (\Device\HarddiskVolume2\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2881880658-3555428079-2209020445-1000\Software\Microsoft\SystemCertificates\trust
Process 1824 (\Device\HarddiskVolume2\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2881880658-3555428079-2209020445-1000\Software\Microsoft\SystemCertificates\My
Process 1824 (\Device\HarddiskVolume2\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2881880658-3555428079-2209020445-1000\Software\Microsoft\SystemCertificates\CA
Process 1824 (\Device\HarddiskVolume2\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2881880658-3555428079-2209020445-1000\Software\Policies\Microsoft\SystemCertificates
Process 1824 (\Device\HarddiskVolume2\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2881880658-3555428079-2209020445-1000\Software\Policies\Microsoft\SystemCertificates
Process 1824 (\Device\HarddiskVolume2\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2881880658-3555428079-2209020445-1000\Software\Policies\Microsoft\SystemCertificates
Process 1824 (\Device\HarddiskVolume2\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2881880658-3555428079-2209020445-1000\Software\Policies\Microsoft\SystemCertificates
Process 1824 (\Device\HarddiskVolume2\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2881880658-3555428079-2209020445-1000\Software\Microsoft\SystemCertificates\Root
Process 1824 (\Device\HarddiskVolume2\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2881880658-3555428079-2209020445-1000\Software\Microsoft\SystemCertificates\Disallowed
Process 1824 (\Device\HarddiskVolume2\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2881880658-3555428079-2209020445-1000\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 1824 (\Device\HarddiskVolume2\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2881880658-3555428079-2209020445-1000\Software\Microsoft\SystemCertificates\TrustedPeople
Record Number: 917
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20090106173500.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
Computer Name: PC-de-yohan
Event Code: 8194
Message: Erreur du service de cliché instantané des volumes : erreur lors de l'interrogation de l'interface IVssWriterCallback. hr = 0x80070005. Cette erreur est souvent due à des paramètres de sécurité incorrects dans le processus du rédacteur ou du demandeur.
Opération :
Données du rédacteur en cours de collecte
Contexte :
ID de classe du rédacteur: {e8132975-6f93-4464-a53e-1050253ae220}
Nom du rédacteur: System Writer
ID d'instance du rédacteur: {953ddc91-0777-4ed6-a326-27bbf5623234}
Record Number: 907
Source Name: VSS
Time Written: 20090106173015.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-yohan
Event Code: 10
Message: Le filtre d'événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n'a pas pu être réactivé dans l'espace de noms « //./root/CIMV2 » à cause de l'erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé.
Record Number: 820
Source Name: Microsoft-Windows-WMI
Time Written: 20090106152144.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-yohan
Event Code: 1008
Message: Le service Windows Search tente de supprimer l'ancien catalogue.
Record Number: 816
Source Name: Microsoft-Windows-Search
Time Written: 20090106152141.000000-000
Event Type: Avertissement
User:
=====Security event log=====
Computer Name: PC-de-yohan
Event Code: 4634
Message: Fermeture de session d'un compte.
Sujet :
ID de sécurité : S-1-5-21-2881880658-3555428079-2209020445-1000
Nom du compte : yohan
Domaine du compte : PC-de-yohan
ID du compte : 0x12cfc8e9
Type d'ouverture de session : 7
Cet événement est généré lorsqu'une session ouverte est supprimée. Il peut être associé à un événement d'ouverture de session en utilisant la valeur ID d'ouverture de session. Les ID d'ouverture de session ne sont uniques qu'entre les redémarrages sur un même ordinateur.
Record Number: 24312
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090917155616.297800-000
Event Type: Succès de l'audit
User:
Computer Name: PC-de-yohan
Event Code: 5032
Message: Le Pare-feu Windows n'a pas pu notifier l'utilisateur qu'il a empêché une application d'accepter des connexions entrantes sur le réseau.
Code d'erreur : 2
Record Number: 24311
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090917155612.460800-000
Event Type: Échec de l'audit
User:
Computer Name: PC-de-yohan
Event Code: 5032
Message: Le Pare-feu Windows n'a pas pu notifier l'utilisateur qu'il a empêché une application d'accepter des connexions entrantes sur le réseau.
Code d'erreur : 2
Record Number: 24310
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090917155612.460800-000
Event Type: Échec de l'audit
User:
Computer Name: PC-de-yohan
Event Code: 5032
Message: Le Pare-feu Windows n'a pas pu notifier l'utilisateur qu'il a empêché une application d'accepter des connexions entrantes sur le réseau.
Code d'erreur : 2
Record Number: 24309
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090917155612.460800-000
Event Type: Échec de l'audit
User:
Computer Name: PC-de-yohan
Event Code: 4672
Message: Privilèges spéciaux attribués à la nouvelle ouverture de session.
Sujet :
ID de sécurité : S-1-5-18
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
ID d'ouverture de session : 0x3e7
Privilèges : SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 24308
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090917133532.764200-000
Event Type: Succès de l'audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"DFSTRACINGON"=FALSE
"FP_NO_HOST_CHECK"=NO
"NUMBER_OF_PROCESSORS"=2
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Samsung\Samsung PC Studio 3\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 6, GenuineIntel
"PROCESSOR_LEVEL"=6
"PROCESSOR_REVISION"=1706
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
-----------------EOF-----------------
J'ai parcelé la reponse parce que je n'arrive pas à tout envoyer d'un coup
En attendant de tes nouvelles, je te remercie encore pour ton aide
Je pense que vous devriez expliqué votre problème un peu différemment, mais plus juste. Votre windows est infecté, mais sûrement pas google.
yohanaldo
Messages postés
52
Date d'inscription
lundi 19 avril 2010
Statut
Membre
Dernière intervention
22 septembre 2017
3
19 avril 2010 à 21:41
19 avril 2010 à 21:41
bonsoir l'ordi fonctionne tres bien en revanche google me redirige vers d'autres sites non souhaités ce qui ne me le fait pas quand j'utilise un autre moteur de recherche
Seul google a se probleme
voila les faits apres je ne suis pas specialiste en informatique donc j ecoute les conseils
Seul google a se probleme
voila les faits apres je ne suis pas specialiste en informatique donc j ecoute les conseils
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
dédétraqué
Messages postés
4384
Date d'inscription
vendredi 5 septembre 2008
Statut
Contributeur sécurité
Dernière intervention
4 février 2013
286
20 avril 2010 à 00:27
20 avril 2010 à 00:27
Salut yohanaldo
Télécharge et installe UsbFix par El Desaparecido , C_XX & Chimay8
http://pagesperso-orange.fr/NosTools/Chiquitine29/UsbFix.exe
(!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d'avoir été infectées sans les ouvrir.
* Faire un clic droit sur le raccourci UsbFix présent sur ton bureau et choisi "Exécuter en tant qu'administrateur".
* Au menu principal choisis l'option " F " pour français et tape sur [entrée] .
* Au second menu Choisis l'option " 1 " (recherche) et tape sur [entrée]
* Laisse travailler l'outil.
* Ensuite poste le rapport UsbFix.txt qui apparaitra.
Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
Note2 : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
* Tuto : http://pagesperso-orange.fr/NosTools/usbfix.html
@++ :)
Télécharge et installe UsbFix par El Desaparecido , C_XX & Chimay8
http://pagesperso-orange.fr/NosTools/Chiquitine29/UsbFix.exe
(!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d'avoir été infectées sans les ouvrir.
* Faire un clic droit sur le raccourci UsbFix présent sur ton bureau et choisi "Exécuter en tant qu'administrateur".
* Au menu principal choisis l'option " F " pour français et tape sur [entrée] .
* Au second menu Choisis l'option " 1 " (recherche) et tape sur [entrée]
* Laisse travailler l'outil.
* Ensuite poste le rapport UsbFix.txt qui apparaitra.
Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
Note2 : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
* Tuto : http://pagesperso-orange.fr/NosTools/usbfix.html
@++ :)
yohanaldo
Messages postés
52
Date d'inscription
lundi 19 avril 2010
Statut
Membre
Dernière intervention
22 septembre 2017
3
21 avril 2010 à 02:32
21 avril 2010 à 02:32
Re dédétraqué
Voici le rapport de UsbFix :
############################## | UsbFix V6.106 |
User : yohan (Administrateurs) # PC-DE-YOHAN
Update on 19/04/2010 by El Desaparecido , C_XX & Chimay8
Start at: 02:30:22 | 21/04/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com
Intel(R) Core(TM)2 Duo CPU P7350 @ 2.00GHz
Microsoft® Windows Vista(TM) Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 2
Internet Explorer 8.0.6001.18904
Windows Firewall Status : Enabled
AV : BitDefender Antivirus 12.0 [ Enabled | Updated ]
FW : BitDefender Firewall[ Enabled ]12.0
C:\ -> Disque fixe local # 220,88 Go (29,28 Go free) [HDD] # NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque CD-ROM
F:\ -> Disque CD-ROM
################## | Elements infectieux |
C:\Windows\System32\autorun.inf
################## | Registre |
################## | Mountpoints2 |
HKCU\..\..\Explorer\MountPoints2\H
shell\AutoRun\command =H:\SFR.exe
HKCU\..\..\Explorer\MountPoints2\{30110ff9-d9d4-11de-92cd-ac11ea6793e7}
shell\AutoRun\command =E:\AUTORUN.EXE
HKCU\..\..\Explorer\MountPoints2\{44ec625a-8a1d-11de-86bb-890121e050c7}
shell\AutoRun\command =E:\SFR.exe
HKCU\..\..\Explorer\MountPoints2\{a7177b77-52d9-11de-9e94-f228c1dab0e1}
shell\AutoRun\command =E:\AUTOSTARTER.EXE
HKCU\..\..\Explorer\MountPoints2\{bbebe755-7ca5-11de-9b4d-bc1bf3e599f2}
shell\AutoRun\command =E:\SFR.exe
HKCU\..\..\Explorer\MountPoints2\{bbebe77c-7ca5-11de-9b4d-00a0c6000000}
shell\AutoRun\command =E:\SFR.exe
HKCU\..\..\Explorer\MountPoints2\{f1edff29-de54-11dd-817d-c471b15de9e1}
shell\AutoRun\command =F:\AUTOSTARTER.EXE
################## | Vaccin |
(!) Cet ordinateur n'est pas vacciné !
################## | ! Fin du rapport # UsbFix V6.106 ! |
Voici le rapport de UsbFix :
############################## | UsbFix V6.106 |
User : yohan (Administrateurs) # PC-DE-YOHAN
Update on 19/04/2010 by El Desaparecido , C_XX & Chimay8
Start at: 02:30:22 | 21/04/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com
Intel(R) Core(TM)2 Duo CPU P7350 @ 2.00GHz
Microsoft® Windows Vista(TM) Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 2
Internet Explorer 8.0.6001.18904
Windows Firewall Status : Enabled
AV : BitDefender Antivirus 12.0 [ Enabled | Updated ]
FW : BitDefender Firewall[ Enabled ]12.0
C:\ -> Disque fixe local # 220,88 Go (29,28 Go free) [HDD] # NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque CD-ROM
F:\ -> Disque CD-ROM
################## | Elements infectieux |
C:\Windows\System32\autorun.inf
################## | Registre |
################## | Mountpoints2 |
HKCU\..\..\Explorer\MountPoints2\H
shell\AutoRun\command =H:\SFR.exe
HKCU\..\..\Explorer\MountPoints2\{30110ff9-d9d4-11de-92cd-ac11ea6793e7}
shell\AutoRun\command =E:\AUTORUN.EXE
HKCU\..\..\Explorer\MountPoints2\{44ec625a-8a1d-11de-86bb-890121e050c7}
shell\AutoRun\command =E:\SFR.exe
HKCU\..\..\Explorer\MountPoints2\{a7177b77-52d9-11de-9e94-f228c1dab0e1}
shell\AutoRun\command =E:\AUTOSTARTER.EXE
HKCU\..\..\Explorer\MountPoints2\{bbebe755-7ca5-11de-9b4d-bc1bf3e599f2}
shell\AutoRun\command =E:\SFR.exe
HKCU\..\..\Explorer\MountPoints2\{bbebe77c-7ca5-11de-9b4d-00a0c6000000}
shell\AutoRun\command =E:\SFR.exe
HKCU\..\..\Explorer\MountPoints2\{f1edff29-de54-11dd-817d-c471b15de9e1}
shell\AutoRun\command =F:\AUTOSTARTER.EXE
################## | Vaccin |
(!) Cet ordinateur n'est pas vacciné !
################## | ! Fin du rapport # UsbFix V6.106 ! |
yohanaldo
Messages postés
52
Date d'inscription
lundi 19 avril 2010
Statut
Membre
Dernière intervention
22 septembre 2017
3
21 avril 2010 à 02:32
21 avril 2010 à 02:32
Merci encore pour ton implication
dédétraqué
Messages postés
4384
Date d'inscription
vendredi 5 septembre 2008
Statut
Contributeur sécurité
Dernière intervention
4 février 2013
286
21 avril 2010 à 02:43
21 avril 2010 à 02:43
Salut yohanaldo
(!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, caméra, Carte SD, etc...) susceptible d avoir été infectés sans les ouvrir
Pour Vita/7 faire un clique droit sur le raccourci UsbFix présent sur ton bureau et choisi "Exécuter en tant qu'administrateur".
* Au menu principal choisis l'option " F " pour français et tape sur [entrée] .
* Au second menu Choisis l'option " 2 " ( Suppression ) et tape sur [entrée]
* Ton bureau disparaîtra et le pc redémarrera.
* Au redémarrage, UsbFix scannera ton PC, laisse travailler l'outil.
* Ensuite poste le rapport UsbFix.txt qui apparaîtra avec le bureau.
* Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )
( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )
-----
Télécharge et installe MalwareByte's Anti-Malware
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
- Mets le à jour
---
- Redémarre en mode sans échec :
Au redémarrage de ton PC tapote sur la touche F8 ou F5, sur l'écran suivant déplace toi avec les flèches de direction et choisis Mode sans échec. Choisis ta session habituelle et non la session Administrateur
---
- Double clique sur le raccourci de MalwareByte's Anti-Malware qui est sur le bureau.
- Sélectionne Exécuter un examen complet si ce n'est pas déjà fait
- clique sur Rechercher
- Une fois le scan terminé, une fenêtre s'ouvre, clique sur sur OK
- Si MalwareByte's n'a rien détecté, clique sur OK Un rapport va apparaître ferme-le.
- Si MalwareByte's a détecté des infections, clique sur Afficher les résultats ensuite sur Supprimer la sélection
- Enregistre le rapport sur ton Bureau comme cela il sera plus facile à retrouver, poste ensuite ce rapport.
Note : Si MalwareByte's a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur OK
Tutoriel pour MalwareByte's ici :
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
@++ :)
(!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, caméra, Carte SD, etc...) susceptible d avoir été infectés sans les ouvrir
Pour Vita/7 faire un clique droit sur le raccourci UsbFix présent sur ton bureau et choisi "Exécuter en tant qu'administrateur".
* Au menu principal choisis l'option " F " pour français et tape sur [entrée] .
* Au second menu Choisis l'option " 2 " ( Suppression ) et tape sur [entrée]
* Ton bureau disparaîtra et le pc redémarrera.
* Au redémarrage, UsbFix scannera ton PC, laisse travailler l'outil.
* Ensuite poste le rapport UsbFix.txt qui apparaîtra avec le bureau.
* Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )
( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )
-----
Télécharge et installe MalwareByte's Anti-Malware
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
- Mets le à jour
---
- Redémarre en mode sans échec :
Au redémarrage de ton PC tapote sur la touche F8 ou F5, sur l'écran suivant déplace toi avec les flèches de direction et choisis Mode sans échec. Choisis ta session habituelle et non la session Administrateur
---
- Double clique sur le raccourci de MalwareByte's Anti-Malware qui est sur le bureau.
- Sélectionne Exécuter un examen complet si ce n'est pas déjà fait
- clique sur Rechercher
- Une fois le scan terminé, une fenêtre s'ouvre, clique sur sur OK
- Si MalwareByte's n'a rien détecté, clique sur OK Un rapport va apparaître ferme-le.
- Si MalwareByte's a détecté des infections, clique sur Afficher les résultats ensuite sur Supprimer la sélection
- Enregistre le rapport sur ton Bureau comme cela il sera plus facile à retrouver, poste ensuite ce rapport.
Note : Si MalwareByte's a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur OK
Tutoriel pour MalwareByte's ici :
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
@++ :)
yohanaldo
Messages postés
52
Date d'inscription
lundi 19 avril 2010
Statut
Membre
Dernière intervention
22 septembre 2017
3
21 avril 2010 à 14:44
21 avril 2010 à 14:44
Bonjour voici le rapport de UsbFix :
############################## | UsbFix V6.106 |
User : yohan (Administrateurs) # PC-DE-YOHAN
Update on 19/04/2010 by El Desaparecido , C_XX & Chimay8
Start at: 14:16:35 | 21/04/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com
Intel(R) Core(TM)2 Duo CPU P7350 @ 2.00GHz
Microsoft® Windows Vista(TM) Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 2
Internet Explorer 8.0.6001.18904
Windows Firewall Status : Enabled
AV : BitDefender Antivirus 12.0 [ Enabled | Updated ]
FW : BitDefender Firewall[ Enabled ]12.0
C:\ -> Disque fixe local # 220,88 Go (29,22 Go free) [HDD] # NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque CD-ROM
F:\ -> Disque CD-ROM
################## | Elements infectieux |
Supprimé ! C:\Windows\System32\autorun.inf
Supprimé ! C:\$Recycle.Bin\S-1-5-18
Supprimé ! C:\$Recycle.Bin\S-1-5-21-2881880658-3555428079-2209020445-1000
Supprimé ! C:\$Recycle.Bin\S-1-5-21-2881880658-3555428079-2209020445-501
################## | Registre |
################## | Mountpoints2 |
Supprimé ! HKCU\...\Explorer\MountPoints2\H\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{30110ff9-d9d4-11de-92cd-ac11ea6793e7}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{44ec625a-8a1d-11de-86bb-890121e050c7}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{a7177b77-52d9-11de-9e94-f228c1dab0e1}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{bbebe755-7ca5-11de-9b4d-bc1bf3e599f2}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{bbebe77c-7ca5-11de-9b4d-00a0c6000000}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{f1edff29-de54-11dd-817d-c471b15de9e1}\Shell\AutoRun\Command
################## | Listing des fichiers présent |
[21/04/2010 14:16|--a--c---|850] C:\aaw7boot.log
[18/09/2006 23:43|--a--c---|24] C:\autoexec.bat
[11/04/2009 08:36|-rahs----|333257] C:\bootmgr
[28/07/2008 21:52|-ra-sc---|8192] C:\BOOTSECT.BAK
[28/03/2010 17:44|--a--c---|74] C:\CMLoader.log
[18/09/2006 23:43|--a--c---|10] C:\config.sys
[23/04/2008 17:10|--a--c---|2916] C:\files.crc
[?|?|?] C:\hiberfil.sys
[02/05/2007 12:03|--a--c---|267864] C:\hpzids01.dll
[09/01/2009 21:02|-rahsc---|0] C:\IO.SYS
[09/01/2009 21:02|-rahsc---|0] C:\MSDOS.SYS
[?|?|?] C:\pagefile.sys
[28/07/2008 12:34|--a--c---|650] C:\RHDSetup.log
[24/06/2008 23:41|--a--c---|735209472] C:\Serial.noceurs.French.DVDRiP.DivX.FTT.avi
[28/07/2008 12:37|--a------|86] C:\setup.log
[27/08/2009 23:47|--a------|54154] C:\test.log
[14/10/2009 00:30|--a------|909] C:\updatedatfix.log
[21/04/2010 14:20|--a--c---|2678] C:\UsbFix.txt
################## | Vaccination |
# C:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido).
################## | Upload |
Veuillez envoyer le fichier : C:\UsbFix_Upload_Me_PC-de-yohan.zip : https://www.ionos.fr/?affiliate_id=77097
Merci pour votre contribution .
################## | ! Fin du rapport # UsbFix V6.106 ! |
############################## | UsbFix V6.106 |
User : yohan (Administrateurs) # PC-DE-YOHAN
Update on 19/04/2010 by El Desaparecido , C_XX & Chimay8
Start at: 14:16:35 | 21/04/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com
Intel(R) Core(TM)2 Duo CPU P7350 @ 2.00GHz
Microsoft® Windows Vista(TM) Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 2
Internet Explorer 8.0.6001.18904
Windows Firewall Status : Enabled
AV : BitDefender Antivirus 12.0 [ Enabled | Updated ]
FW : BitDefender Firewall[ Enabled ]12.0
C:\ -> Disque fixe local # 220,88 Go (29,22 Go free) [HDD] # NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque CD-ROM
F:\ -> Disque CD-ROM
################## | Elements infectieux |
Supprimé ! C:\Windows\System32\autorun.inf
Supprimé ! C:\$Recycle.Bin\S-1-5-18
Supprimé ! C:\$Recycle.Bin\S-1-5-21-2881880658-3555428079-2209020445-1000
Supprimé ! C:\$Recycle.Bin\S-1-5-21-2881880658-3555428079-2209020445-501
################## | Registre |
################## | Mountpoints2 |
Supprimé ! HKCU\...\Explorer\MountPoints2\H\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{30110ff9-d9d4-11de-92cd-ac11ea6793e7}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{44ec625a-8a1d-11de-86bb-890121e050c7}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{a7177b77-52d9-11de-9e94-f228c1dab0e1}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{bbebe755-7ca5-11de-9b4d-bc1bf3e599f2}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{bbebe77c-7ca5-11de-9b4d-00a0c6000000}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{f1edff29-de54-11dd-817d-c471b15de9e1}\Shell\AutoRun\Command
################## | Listing des fichiers présent |
[21/04/2010 14:16|--a--c---|850] C:\aaw7boot.log
[18/09/2006 23:43|--a--c---|24] C:\autoexec.bat
[11/04/2009 08:36|-rahs----|333257] C:\bootmgr
[28/07/2008 21:52|-ra-sc---|8192] C:\BOOTSECT.BAK
[28/03/2010 17:44|--a--c---|74] C:\CMLoader.log
[18/09/2006 23:43|--a--c---|10] C:\config.sys
[23/04/2008 17:10|--a--c---|2916] C:\files.crc
[?|?|?] C:\hiberfil.sys
[02/05/2007 12:03|--a--c---|267864] C:\hpzids01.dll
[09/01/2009 21:02|-rahsc---|0] C:\IO.SYS
[09/01/2009 21:02|-rahsc---|0] C:\MSDOS.SYS
[?|?|?] C:\pagefile.sys
[28/07/2008 12:34|--a--c---|650] C:\RHDSetup.log
[24/06/2008 23:41|--a--c---|735209472] C:\Serial.noceurs.French.DVDRiP.DivX.FTT.avi
[28/07/2008 12:37|--a------|86] C:\setup.log
[27/08/2009 23:47|--a------|54154] C:\test.log
[14/10/2009 00:30|--a------|909] C:\updatedatfix.log
[21/04/2010 14:20|--a--c---|2678] C:\UsbFix.txt
################## | Vaccination |
# C:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido).
################## | Upload |
Veuillez envoyer le fichier : C:\UsbFix_Upload_Me_PC-de-yohan.zip : https://www.ionos.fr/?affiliate_id=77097
Merci pour votre contribution .
################## | ! Fin du rapport # UsbFix V6.106 ! |
dédétraqué
Messages postés
4384
Date d'inscription
vendredi 5 septembre 2008
Statut
Contributeur sécurité
Dernière intervention
4 février 2013
286
21 avril 2010 à 23:13
21 avril 2010 à 23:13
Salut yohanaldo
Faire l'autre partie, le scan avec MalwareByte's Anti-Malware.
@++ :)
Faire l'autre partie, le scan avec MalwareByte's Anti-Malware.
@++ :)
yohanaldo
Messages postés
52
Date d'inscription
lundi 19 avril 2010
Statut
Membre
Dernière intervention
22 septembre 2017
3
22 avril 2010 à 01:01
22 avril 2010 à 01:01
Bonsoir le scan de MalwareByte me fait beuguer l'ordi à chaque fois (c'est à dire qu'il s'eteint tout seul) donc je fais au mieux pour te le poster vite
dédétraqué
Messages postés
4384
Date d'inscription
vendredi 5 septembre 2008
Statut
Contributeur sécurité
Dernière intervention
4 février 2013
286
22 avril 2010 à 01:03
22 avril 2010 à 01:03
Salut yohanaldo
Fais alors un examen rapide en mode normal.
@++ :)
Fais alors un examen rapide en mode normal.
@++ :)
yohanaldo
Messages postés
52
Date d'inscription
lundi 19 avril 2010
Statut
Membre
Dernière intervention
22 septembre 2017
3
4 mai 2010 à 15:27
4 mai 2010 à 15:27
Bonjour j ai enfin reussi a faire un scan avec malwarebytes sur lequel il a detecté 39 infections. Je les ai supprimé et apparemment google refonctionne
Je suis dsl d'avoir attendu 15 jours mais je te promet que c'est un miracle d'avoir fait le scan en entier sans coupure d'ordi
Si tu peux et si tu souhaite toujours m'aider voici le rapport
cordialement
Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org
Version de la base de données: 4014
Windows 6.0.6002 Service Pack 2 (Safe Mode)
Internet Explorer 8.0.6001.18904
04/05/2010 08:11:39
mbam-log-2010-05-04 (08-11-39).txt
Type d'examen: Examen rapide
Elément(s) analysé(s): 112192
Temps écoulé: 4 minute(s), 49 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 9
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 3
Fichier(s) infecté(s): 25
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\captcha (Worm.KoobFace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ipokoraid (Worm.Koobface) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\torrent101 (Trojan.Swizzor) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dmoko (Worm.KoobFace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_DMOKO (Worm.KoobFace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\webserver (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\32 Vegas Casino (Adware.21Nova) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\32 Vegas Casino (Adware.21Nova) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Torrent101 (Trojan.Swizzor) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\rpcssc (Worm.KoobFace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\captcha (Worm.KoobFace) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Program Files\Torrent101 (Trojan.Swizzor) -> Quarantined and deleted successfully.
C:\Program Files\Torrent101\Skins (Trojan.Swizzor) -> Quarantined and deleted successfully.
C:\Users\yohan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torrent101 (Trojan.Swizzor) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Windows\System32\captcha.dll (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Windows\System32\certoko.dll (Worm.Koobface) -> Quarantined and deleted successfully.
C:\Windows\System32\drivers\ndisoko.sys (Worm.Koobface) -> Quarantined and deleted successfully.
C:\Windows\bill106.exe (PWS.Ldpinch) -> Quarantined and deleted successfully.
C:\Program Files\Torrent101\icon-uninstall.ico (Trojan.Swizzor) -> Quarantined and deleted successfully.
C:\Program Files\Torrent101\session.store (Trojan.Swizzor) -> Quarantined and deleted successfully.
C:\Program Files\Torrent101\settings.ini (Trojan.Swizzor) -> Quarantined and deleted successfully.
C:\Program Files\Torrent101\settings.stp (Trojan.Swizzor) -> Quarantined and deleted successfully.
C:\Program Files\Torrent101\SkinCrafterDll.dll (Trojan.Swizzor) -> Quarantined and deleted successfully.
C:\Program Files\Torrent101\state.dht (Trojan.Swizzor) -> Quarantined and deleted successfully.
C:\Program Files\Torrent101\Torrent101.url (Trojan.Swizzor) -> Quarantined and deleted successfully.
C:\Program Files\Torrent101\uninst.exe (Trojan.Swizzor) -> Quarantined and deleted successfully.
C:\Program Files\Torrent101\Skins\Zorg.skf (Trojan.Swizzor) -> Quarantined and deleted successfully.
C:\Users\yohan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torrent101\HomePage.lnk (Trojan.Swizzor) -> Quarantined and deleted successfully.
C:\Users\yohan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torrent101\Uninstall.lnk (Trojan.Swizzor) -> Quarantined and deleted successfully.
C:\Windows\bk23567.dat (KoobFace.Trace) -> Quarantined and deleted successfully.
C:\Windows\fdgg34353edfgdfdf (KoobFace.Trace) -> Quarantined and deleted successfully.
C:\Program Files\webserver\webserver.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Windows\kdiue732.txt (Malware.Trace) -> Quarantined and deleted successfully.
C:\Users\yohan\Local Settings\Application Data\010112010146100109.xxe (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Users\yohan\Local Settings\Application Data\010112010146114111.xxe (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Users\yohan\Local Settings\Application Data\010112010146115119.xxe (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Users\yohan\Local Settings\Application Data\0101120101465198.xxe (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Users\yohan\Local Settings\Application Data\rdr_1271010025.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Users\yohan\Local Settings\Application Data\rdr_1271010364.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
Je suis dsl d'avoir attendu 15 jours mais je te promet que c'est un miracle d'avoir fait le scan en entier sans coupure d'ordi
Si tu peux et si tu souhaite toujours m'aider voici le rapport
cordialement
Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org
Version de la base de données: 4014
Windows 6.0.6002 Service Pack 2 (Safe Mode)
Internet Explorer 8.0.6001.18904
04/05/2010 08:11:39
mbam-log-2010-05-04 (08-11-39).txt
Type d'examen: Examen rapide
Elément(s) analysé(s): 112192
Temps écoulé: 4 minute(s), 49 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 9
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 3
Fichier(s) infecté(s): 25
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\captcha (Worm.KoobFace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ipokoraid (Worm.Koobface) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\torrent101 (Trojan.Swizzor) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dmoko (Worm.KoobFace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_DMOKO (Worm.KoobFace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\webserver (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\32 Vegas Casino (Adware.21Nova) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\32 Vegas Casino (Adware.21Nova) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Torrent101 (Trojan.Swizzor) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\rpcssc (Worm.KoobFace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\captcha (Worm.KoobFace) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Program Files\Torrent101 (Trojan.Swizzor) -> Quarantined and deleted successfully.
C:\Program Files\Torrent101\Skins (Trojan.Swizzor) -> Quarantined and deleted successfully.
C:\Users\yohan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torrent101 (Trojan.Swizzor) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Windows\System32\captcha.dll (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Windows\System32\certoko.dll (Worm.Koobface) -> Quarantined and deleted successfully.
C:\Windows\System32\drivers\ndisoko.sys (Worm.Koobface) -> Quarantined and deleted successfully.
C:\Windows\bill106.exe (PWS.Ldpinch) -> Quarantined and deleted successfully.
C:\Program Files\Torrent101\icon-uninstall.ico (Trojan.Swizzor) -> Quarantined and deleted successfully.
C:\Program Files\Torrent101\session.store (Trojan.Swizzor) -> Quarantined and deleted successfully.
C:\Program Files\Torrent101\settings.ini (Trojan.Swizzor) -> Quarantined and deleted successfully.
C:\Program Files\Torrent101\settings.stp (Trojan.Swizzor) -> Quarantined and deleted successfully.
C:\Program Files\Torrent101\SkinCrafterDll.dll (Trojan.Swizzor) -> Quarantined and deleted successfully.
C:\Program Files\Torrent101\state.dht (Trojan.Swizzor) -> Quarantined and deleted successfully.
C:\Program Files\Torrent101\Torrent101.url (Trojan.Swizzor) -> Quarantined and deleted successfully.
C:\Program Files\Torrent101\uninst.exe (Trojan.Swizzor) -> Quarantined and deleted successfully.
C:\Program Files\Torrent101\Skins\Zorg.skf (Trojan.Swizzor) -> Quarantined and deleted successfully.
C:\Users\yohan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torrent101\HomePage.lnk (Trojan.Swizzor) -> Quarantined and deleted successfully.
C:\Users\yohan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torrent101\Uninstall.lnk (Trojan.Swizzor) -> Quarantined and deleted successfully.
C:\Windows\bk23567.dat (KoobFace.Trace) -> Quarantined and deleted successfully.
C:\Windows\fdgg34353edfgdfdf (KoobFace.Trace) -> Quarantined and deleted successfully.
C:\Program Files\webserver\webserver.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Windows\kdiue732.txt (Malware.Trace) -> Quarantined and deleted successfully.
C:\Users\yohan\Local Settings\Application Data\010112010146100109.xxe (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Users\yohan\Local Settings\Application Data\010112010146114111.xxe (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Users\yohan\Local Settings\Application Data\010112010146115119.xxe (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Users\yohan\Local Settings\Application Data\0101120101465198.xxe (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Users\yohan\Local Settings\Application Data\rdr_1271010025.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Users\yohan\Local Settings\Application Data\rdr_1271010364.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
dédétraqué
Messages postés
4384
Date d'inscription
vendredi 5 septembre 2008
Statut
Contributeur sécurité
Dernière intervention
4 février 2013
286
4 mai 2010 à 15:32
4 mai 2010 à 15:32
Salut yohanaldo
Refais un scan avec RSIT et poste le contenu du rapport log.txt à la fin de l'analyse
Le rapport est dans le dossier ici C:\rsit
@++ :)
Refais un scan avec RSIT et poste le contenu du rapport log.txt à la fin de l'analyse
Le rapport est dans le dossier ici C:\rsit
@++ :)
yohanaldo
Messages postés
52
Date d'inscription
lundi 19 avril 2010
Statut
Membre
Dernière intervention
22 septembre 2017
3
5 mai 2010 à 18:43
5 mai 2010 à 18:43
Salut à toi, voici le rapport log.txt :
Logfile of random's system information tool 1.06 (written by random/random)
Run by yohan at 2010-05-05 18:35:29
Microsoft® Windows Vista(TM) Édition Familiale Premium Service Pack 2
System drive C: has 25 GB (11%) free of 226 GB
Total RAM: 3070 MB (39% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:35:57, on 05/05/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18904)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\ATK Hotkey\HControlUser.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Luxand\Blink!\LuxandBlinkTray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\ManyCam 2.4\ManyCam.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\Web Accelerator\googlewebaccclient.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\yohan\Desktop\RSIT.exe
C:\Program Files\trend micro\yohan.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.sfr.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:9100/proxy.pac
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [HControlUser] "C:\Program Files\ATK Hotkey\HcontrolUser.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [Luxand Blink!] C:\Program Files\Luxand\Blink!\LuxandBlinkTray.exe /s
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [ManyCam] "C:\Program Files\ManyCam 2.4\ManyCam.exe"
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Run Google Web Accelerator.lnk = C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O8 - Extra context menu item: Se&nd to OneNote - res:///105
O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: (no name) - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: (no name) - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Groom - {66F83792-DAE1-4823-8F20-ADA94B33A4FF} - C:\Program Files\Toox\Groom\Groom.exe (HKCU)
O13 - Gopher Prefix:
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O22 - SharedTaskScheduler: Deskscapes - {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\deskscapes.dll
O22 - SharedTaskScheduler: StardockDreamController - {EC654325-1273-C2A9-2B7C-45D29BCE68FF} - C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\DreamControl.dll
O22 - SharedTaskScheduler: Stardock Vista ControlPanel Extension - {EC654325-1273-C2A9-2B7C-45D29BCE68FD} - (no file)
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: Service SFR Gestionnaire Connexion (ServiceSFRABCD) - SFR & Celliance - C:\Program Files\SFR\Gestionnaire de Connexion SFR\SFRABCDService.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
Logfile of random's system information tool 1.06 (written by random/random)
Run by yohan at 2010-05-05 18:35:29
Microsoft® Windows Vista(TM) Édition Familiale Premium Service Pack 2
System drive C: has 25 GB (11%) free of 226 GB
Total RAM: 3070 MB (39% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:35:57, on 05/05/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18904)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\ATK Hotkey\HControlUser.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Luxand\Blink!\LuxandBlinkTray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\ManyCam 2.4\ManyCam.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\Web Accelerator\googlewebaccclient.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\yohan\Desktop\RSIT.exe
C:\Program Files\trend micro\yohan.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.sfr.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:9100/proxy.pac
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [HControlUser] "C:\Program Files\ATK Hotkey\HcontrolUser.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [Luxand Blink!] C:\Program Files\Luxand\Blink!\LuxandBlinkTray.exe /s
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [ManyCam] "C:\Program Files\ManyCam 2.4\ManyCam.exe"
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Run Google Web Accelerator.lnk = C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O8 - Extra context menu item: Se&nd to OneNote - res:///105
O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: (no name) - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: (no name) - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Groom - {66F83792-DAE1-4823-8F20-ADA94B33A4FF} - C:\Program Files\Toox\Groom\Groom.exe (HKCU)
O13 - Gopher Prefix:
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O22 - SharedTaskScheduler: Deskscapes - {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\deskscapes.dll
O22 - SharedTaskScheduler: StardockDreamController - {EC654325-1273-C2A9-2B7C-45D29BCE68FF} - C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\DreamControl.dll
O22 - SharedTaskScheduler: Stardock Vista ControlPanel Extension - {EC654325-1273-C2A9-2B7C-45D29BCE68FD} - (no file)
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: Service SFR Gestionnaire Connexion (ServiceSFRABCD) - SFR & Celliance - C:\Program Files\SFR\Gestionnaire de Connexion SFR\SFRABCDService.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
yohanaldo
Messages postés
52
Date d'inscription
lundi 19 avril 2010
Statut
Membre
Dernière intervention
22 septembre 2017
3
5 mai 2010 à 18:47
5 mai 2010 à 18:47
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDMIEHlprObj Class - C:\Program Files\Internet Download Manager\IDMIECC.dll [2010-04-26 193968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{69A87B7D-DE56-4136-9655-716BA50C19C7}]
&Google Web Accelerator Helper - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll [2007-07-09 311296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2009-08-21 4139912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2009-08-17 564624]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
CBrowserHelperObject Object - C:\Program Files\Google\Google_BAE\BAE.dll [2006-11-09 98304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - Google Web Accelerator - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll [2007-07-09 311296]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-05-07 178712]
"HControlUser"=C:\Program Files\ATK Hotkey\HcontrolUser.exe [2008-01-11 98304]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-06-13 6183456]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-06 1041704]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-11-24 30192]
"toolbar_eula_launcher"=C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe [2007-02-20 28672]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2009-08-17 85888]
"Luxand Blink!"=C:\Program Files\Luxand\Blink!\LuxandBlinkTray.exe [2010-02-10 6844728]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SmpcSys"=C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe [2008-02-04 1038136]
"BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2010-03-03 323392]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-01-14 1688872]
"ManyCam"=C:\Program Files\ManyCam 2.4\ManyCam.exe [2009-12-19 1824040]
"IDMan"=C:\Program Files\Internet Download Manager\IDMan.exe [2010-04-29 3220912]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Run Google Web Accelerator.lnk - C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Deskscapes - {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\deskscapes.dll [2008-03-29 103848]
StardockDreamController - {EC654325-1273-C2A9-2B7C-45D29BCE68FF} - C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\DreamControl.dll [2008-05-05 591128]
Stardock Vista ControlPanel Extension - {EC654325-1273-C2A9-2B7C-45D29BCE68FD}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2009-08-21 4139912]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=255
"NoDriveTypeAutoRun"=255
"HonorAutoRunSetting"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-05-05 17:01:47 ----D---- C:\Program Files\DAEMON Tools Lite
2010-05-04 14:59:25 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-05-04 14:59:24 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-05-04 14:59:20 ----A---- C:\Windows\system32\vbscript.dll
2010-05-04 14:59:05 ----A---- C:\Windows\system32\iphlpsvc.dll
2010-05-04 14:52:26 ----A---- C:\Windows\system32\wintrust.dll
2010-05-04 14:52:24 ----A---- C:\Windows\system32\cabview.dll
2010-05-03 14:10:08 ----D---- C:\Users\yohan\AppData\Roaming\IDM
2010-05-03 14:10:08 ----D---- C:\Users\yohan\AppData\Roaming\DMCache
2010-05-03 14:09:45 ----D---- C:\Program Files\Internet Download Manager
2010-05-03 14:04:41 ----D---- C:\Users\yohan\AppData\Roaming\Luxand
2010-05-03 14:03:02 ----A---- C:\Windows\system32\LuxandCredentialProvider.dll
2010-05-03 14:03:01 ----A---- C:\Windows\system32\LuxandBlinkLib12.dll
2010-05-03 14:03:00 ----A---- C:\Windows\system32\LuxandBlinkLib11.dll
2010-05-03 14:02:55 ----D---- C:\Program Files\Luxand
2010-05-03 14:02:55 ----A---- C:\Windows\system32\LuxandBlinkLib1.dll
2010-05-03 14:02:55 ----A---- C:\Windows\system32\LuxandBlink.dll
2010-05-03 13:34:37 ----D---- C:\Program Files\Yamicsoft
2010-04-29 16:22:23 ----A---- C:\Windows\system32\idmmbc.dll
2010-04-26 18:55:46 ----D---- C:\ProgramData\Astar Games
2010-04-21 15:08:03 ----A---- C:\Windows\ntbtlog.txt
2010-04-21 14:50:51 ----D---- C:\Users\yohan\AppData\Roaming\Malwarebytes
2010-04-21 14:49:50 ----D---- C:\ProgramData\Malwarebytes
2010-04-21 14:49:50 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-04-21 14:20:54 ----RASHDC---- C:\autorun.inf
2010-04-21 14:16:29 ----AC---- C:\UsbFix.txt
2010-04-21 02:13:11 ----DC---- C:\UsbFix
2010-04-19 20:25:04 ----DC---- C:\rsit
2010-04-19 01:10:51 ----A---- C:\Windows\system32\lsdelete.exe
2010-04-18 15:46:44 ----D---- C:\Program Files\Power IE
2010-04-12 02:39:09 ----HDC---- C:\ProgramData\{52AC600B-5800-407E-99FF-83CD0669760B}
2010-04-12 02:38:32 ----D---- C:\ProgramData\Lavasoft
2010-04-12 02:38:32 ----D---- C:\Program Files\Lavasoft
2010-04-12 02:30:18 ----D---- C:\Program Files\CCleaner
2010-04-12 01:50:41 ----A---- C:\Windows\msnfix.txt
2010-04-11 16:53:24 ----D---- C:\Program Files\AxBx
2010-04-11 02:53:32 ----D---- C:\Program Files\webserver
2010-04-09 19:19:29 ----D---- C:\Program Files\Microsoft Visual Studio
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDMIEHlprObj Class - C:\Program Files\Internet Download Manager\IDMIECC.dll [2010-04-26 193968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{69A87B7D-DE56-4136-9655-716BA50C19C7}]
&Google Web Accelerator Helper - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll [2007-07-09 311296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2009-08-21 4139912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2009-08-17 564624]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
CBrowserHelperObject Object - C:\Program Files\Google\Google_BAE\BAE.dll [2006-11-09 98304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - Google Web Accelerator - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll [2007-07-09 311296]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-05-07 178712]
"HControlUser"=C:\Program Files\ATK Hotkey\HcontrolUser.exe [2008-01-11 98304]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-06-13 6183456]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-06 1041704]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-11-24 30192]
"toolbar_eula_launcher"=C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe [2007-02-20 28672]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2009-08-17 85888]
"Luxand Blink!"=C:\Program Files\Luxand\Blink!\LuxandBlinkTray.exe [2010-02-10 6844728]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SmpcSys"=C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe [2008-02-04 1038136]
"BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2010-03-03 323392]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-01-14 1688872]
"ManyCam"=C:\Program Files\ManyCam 2.4\ManyCam.exe [2009-12-19 1824040]
"IDMan"=C:\Program Files\Internet Download Manager\IDMan.exe [2010-04-29 3220912]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Run Google Web Accelerator.lnk - C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Deskscapes - {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\deskscapes.dll [2008-03-29 103848]
StardockDreamController - {EC654325-1273-C2A9-2B7C-45D29BCE68FF} - C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\DreamControl.dll [2008-05-05 591128]
Stardock Vista ControlPanel Extension - {EC654325-1273-C2A9-2B7C-45D29BCE68FD}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2009-08-21 4139912]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=255
"NoDriveTypeAutoRun"=255
"HonorAutoRunSetting"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-05-05 17:01:47 ----D---- C:\Program Files\DAEMON Tools Lite
2010-05-04 14:59:25 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-05-04 14:59:24 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-05-04 14:59:20 ----A---- C:\Windows\system32\vbscript.dll
2010-05-04 14:59:05 ----A---- C:\Windows\system32\iphlpsvc.dll
2010-05-04 14:52:26 ----A---- C:\Windows\system32\wintrust.dll
2010-05-04 14:52:24 ----A---- C:\Windows\system32\cabview.dll
2010-05-03 14:10:08 ----D---- C:\Users\yohan\AppData\Roaming\IDM
2010-05-03 14:10:08 ----D---- C:\Users\yohan\AppData\Roaming\DMCache
2010-05-03 14:09:45 ----D---- C:\Program Files\Internet Download Manager
2010-05-03 14:04:41 ----D---- C:\Users\yohan\AppData\Roaming\Luxand
2010-05-03 14:03:02 ----A---- C:\Windows\system32\LuxandCredentialProvider.dll
2010-05-03 14:03:01 ----A---- C:\Windows\system32\LuxandBlinkLib12.dll
2010-05-03 14:03:00 ----A---- C:\Windows\system32\LuxandBlinkLib11.dll
2010-05-03 14:02:55 ----D---- C:\Program Files\Luxand
2010-05-03 14:02:55 ----A---- C:\Windows\system32\LuxandBlinkLib1.dll
2010-05-03 14:02:55 ----A---- C:\Windows\system32\LuxandBlink.dll
2010-05-03 13:34:37 ----D---- C:\Program Files\Yamicsoft
2010-04-29 16:22:23 ----A---- C:\Windows\system32\idmmbc.dll
2010-04-26 18:55:46 ----D---- C:\ProgramData\Astar Games
2010-04-21 15:08:03 ----A---- C:\Windows\ntbtlog.txt
2010-04-21 14:50:51 ----D---- C:\Users\yohan\AppData\Roaming\Malwarebytes
2010-04-21 14:49:50 ----D---- C:\ProgramData\Malwarebytes
2010-04-21 14:49:50 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-04-21 14:20:54 ----RASHDC---- C:\autorun.inf
2010-04-21 14:16:29 ----AC---- C:\UsbFix.txt
2010-04-21 02:13:11 ----DC---- C:\UsbFix
2010-04-19 20:25:04 ----DC---- C:\rsit
2010-04-19 01:10:51 ----A---- C:\Windows\system32\lsdelete.exe
2010-04-18 15:46:44 ----D---- C:\Program Files\Power IE
2010-04-12 02:39:09 ----HDC---- C:\ProgramData\{52AC600B-5800-407E-99FF-83CD0669760B}
2010-04-12 02:38:32 ----D---- C:\ProgramData\Lavasoft
2010-04-12 02:38:32 ----D---- C:\Program Files\Lavasoft
2010-04-12 02:30:18 ----D---- C:\Program Files\CCleaner
2010-04-12 01:50:41 ----A---- C:\Windows\msnfix.txt
2010-04-11 16:53:24 ----D---- C:\Program Files\AxBx
2010-04-11 02:53:32 ----D---- C:\Program Files\webserver
2010-04-09 19:19:29 ----D---- C:\Program Files\Microsoft Visual Studio
yohanaldo
Messages postés
52
Date d'inscription
lundi 19 avril 2010
Statut
Membre
Dernière intervention
22 septembre 2017
3
5 mai 2010 à 18:50
5 mai 2010 à 18:50
======List of files/folders modified in the last 1 months======
2010-05-05 18:35:57 ----D---- C:\Program Files\Trend Micro
2010-05-05 18:27:51 ----D---- C:\Users\yohan\AppData\Roaming\DNA
2010-05-05 17:22:57 ----D---- C:\Windows\winsxs
2010-05-05 17:08:16 ----D---- C:\Windows
2010-05-05 17:07:38 ----D---- C:\Program Files\DNA
2010-05-05 17:07:16 ----D---- C:\Windows\Temp
2010-05-05 17:07:05 ----D---- C:\Windows\Tasks
2010-05-05 17:01:47 ----RD---- C:\Program Files
2010-05-05 17:00:54 ----D---- C:\Program Files\SpeedBit Video Accelerator
2010-05-05 17:00:52 ----AD---- C:\Windows\System32
2010-05-05 17:00:26 ----D---- C:\Windows\prefetch
2010-05-05 16:56:48 ----D---- C:\Windows\system32\catroot
2010-05-05 16:50:46 ----AD---- C:\Windows\system32\drivers
2010-05-05 16:50:45 ----D---- C:\Program Files\Windows Mail
2010-05-05 16:50:43 ----RSD---- C:\Windows\Fonts
2010-05-04 22:17:26 ----SHD---- C:\Windows\Installer
2010-05-04 22:17:20 ----D---- C:\ProgramData\Microsoft Help
2010-05-04 22:14:33 ----D---- C:\Windows\Debug
2010-05-04 22:13:37 ----RSD---- C:\Windows\assembly
2010-05-04 22:08:42 ----SHD---- C:\System Volume Information
2010-05-04 15:00:23 ----D---- C:\Windows\system32\catroot2
2010-05-04 08:12:54 ----D---- C:\Windows\PolicyDefinitions
2010-05-03 19:57:39 ----D---- C:\Windows\system32\config
2010-05-03 14:36:01 ----D---- C:\Users\yohan\AppData\Roaming\BitTorrent
2010-05-03 14:32:32 ----D---- C:\Program Files\WinRAR
2010-05-03 13:34:44 ----SD---- C:\Users\yohan\AppData\Roaming\Microsoft
2010-05-01 19:15:29 ----D---- C:\Windows\inf
2010-05-01 19:15:29 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-05-01 04:13:43 ----A---- C:\Windows\NeroDigital.ini
2010-04-26 18:55:46 ----HD---- C:\ProgramData
2010-04-25 16:35:56 ----D---- C:\Users\yohan\AppData\Roaming\Samsung
2010-04-25 16:27:57 ----HD---- C:\Program Files\InstallShield Installation Information
2010-04-24 17:48:34 ----RD---- C:\Users
2010-04-21 14:19:53 ----SHD---- C:\$RECYCLE.BIN
2010-04-19 01:49:03 ----D---- C:\Program Files\Google
2010-04-18 15:53:07 ----D---- C:\ProgramData\Google
2010-04-18 15:50:04 ----D---- C:\Windows\Web
2010-04-12 03:27:00 ----D---- C:\Program Files\Common Files\microsoft shared
2010-04-12 03:13:37 ----A---- C:\Windows\win.ini
2010-04-12 02:51:13 ----D---- C:\Windows\system32\Tasks
2010-04-12 02:40:13 ----DC---- C:\Windows\system32\DRVSTORE
2010-04-12 02:32:49 ----D---- C:\Windows\Minidump
2010-04-11 20:21:11 ----D---- C:\Program Files\Steam
2010-04-11 20:20:11 ----D---- C:\Windows\system32\WDI
2010-04-11 20:17:37 ----D---- C:\Windows\system32\Msdtc
2010-04-11 20:17:31 ----D---- C:\Windows\system32\wbem
2010-04-11 20:15:20 ----D---- C:\Windows\system32\spool
2010-04-11 20:15:20 ----D---- C:\Windows\system32\CodeIntegrity
2010-04-11 20:15:08 ----D---- C:\ProgramData\HP Product Assistant
2010-04-11 20:15:08 ----D---- C:\Program Files\Microsoft Works
2010-04-11 20:15:05 ----D---- C:\Windows\registration
2010-04-09 19:19:49 ----D---- C:\Program Files\MSBuild
2010-04-09 19:19:31 ----D---- C:\Program Files\Microsoft Office
2010-04-09 19:15:04 ----D---- C:\Program Files\Microsoft Visual Studio 8
2010-04-09 19:14:55 ----D---- C:\Windows\ShellNew
2010-04-09 18:53:51 ----D---- C:\Program Files\Common Files\InstallShield
2010-04-06 19:52:54 ----A---- C:\Windows\system32\mrt.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-11-25 23120]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2009-09-01 128016]
R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2006-07-24 5632]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-09-15 53328]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2009-05-31 279712]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2009-05-31 25888]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2008-02-15 46592]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-06-10 3839488]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-06-13 2152344]
R3 itecir;ITECIR Infrared Receiver; C:\Windows\system32\DRIVERS\itecir.sys [2007-12-18 54784]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver; C:\Windows\system32\DRIVERS\ManyCam.sys [2008-01-14 21632]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-06-26 3662848]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2008-05-29 146848]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2007-10-01 1769984]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-03-06 198960]
R3 X10Hid;X10 Hid Device; C:\Windows\System32\Drivers\x10hid.sys [2006-11-17 13976]
S3 ayw8zk3z;ayw8zk3z; C:\Windows\system32\drivers\ayw8zk3z.sys []
S3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys []
S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-07-28 23040]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Pilote de port Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2008-07-28 507904]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2008-07-28 30208]
S3 btnetBUs;Bluetooth PAN Bus Service; C:\Windows\System32\Drivers\btnetBus.sys [2008-12-07 30088]
S3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\Windows\System32\Drivers\IvtBtBus.sys []
S3 massfilter;ZTE Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys [2008-10-29 7680]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-07-28 149504]
S3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-05-02 122368]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys [2007-05-02 83592]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\Windows\system32\DRIVERS\ss_mdfl.sys [2007-05-02 15112]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\Windows\system32\DRIVERS\ss_mdm.sys [2007-05-02 109704]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2007-07-03 80552]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792]
S3 StillCam;Pilote d'appareil photo numérique série; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-21 9216]
S3 usbanyka;USB Web Camera; C:\Windows\system32\DRIVERS\UsbAnyka.sys [2007-11-13 17536]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys []
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys [2008-10-15 104960]
S3 ZTEusbnet;ZTE USB-NDIS miniport; C:\Windows\system32\DRIVERS\ZTEusbnet.sys [2008-10-13 110080]
S3 ZTEusbnmea;ZTE NMEA Port; C:\Windows\system32\DRIVERS\ZTEusbnmea.sys [2008-10-29 105344]
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\Windows\system32\DRIVERS\ZTEusbser6k.sys [2008-10-15 104960]
S3 ZTEusbvoice;ZTE VoUSB Port; C:\Windows\system32\DRIVERS\ZTEusbvoice.sys [2008-10-15 104960]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-21 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6; C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [2007-09-11 124832]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-06 132424]
R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-10-02 94208]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-06-10 692224]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-05-07 354840]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-02-05 1229232]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-12-03 869672]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 ServiceSFRABCD;Service SFR Gestionnaire Connexion; C:\Program Files\SFR\Gestionnaire de Connexion SFR\SFRABCDService.exe [2009-09-01 657024]
R2 x10nets;X10 Device Network Service; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [2001-11-12 20480]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-01-14 447784]
S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-31 135664]
S3 aspnet_state;Service d'état ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-07-28 647680]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-11-24 30192]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-16 182768]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2009-08-21 30510960]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2009-08-21 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-08-21 4639136]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2008-12-22 104944]
S4 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
-----------------EOF-----------------
2010-05-05 18:35:57 ----D---- C:\Program Files\Trend Micro
2010-05-05 18:27:51 ----D---- C:\Users\yohan\AppData\Roaming\DNA
2010-05-05 17:22:57 ----D---- C:\Windows\winsxs
2010-05-05 17:08:16 ----D---- C:\Windows
2010-05-05 17:07:38 ----D---- C:\Program Files\DNA
2010-05-05 17:07:16 ----D---- C:\Windows\Temp
2010-05-05 17:07:05 ----D---- C:\Windows\Tasks
2010-05-05 17:01:47 ----RD---- C:\Program Files
2010-05-05 17:00:54 ----D---- C:\Program Files\SpeedBit Video Accelerator
2010-05-05 17:00:52 ----AD---- C:\Windows\System32
2010-05-05 17:00:26 ----D---- C:\Windows\prefetch
2010-05-05 16:56:48 ----D---- C:\Windows\system32\catroot
2010-05-05 16:50:46 ----AD---- C:\Windows\system32\drivers
2010-05-05 16:50:45 ----D---- C:\Program Files\Windows Mail
2010-05-05 16:50:43 ----RSD---- C:\Windows\Fonts
2010-05-04 22:17:26 ----SHD---- C:\Windows\Installer
2010-05-04 22:17:20 ----D---- C:\ProgramData\Microsoft Help
2010-05-04 22:14:33 ----D---- C:\Windows\Debug
2010-05-04 22:13:37 ----RSD---- C:\Windows\assembly
2010-05-04 22:08:42 ----SHD---- C:\System Volume Information
2010-05-04 15:00:23 ----D---- C:\Windows\system32\catroot2
2010-05-04 08:12:54 ----D---- C:\Windows\PolicyDefinitions
2010-05-03 19:57:39 ----D---- C:\Windows\system32\config
2010-05-03 14:36:01 ----D---- C:\Users\yohan\AppData\Roaming\BitTorrent
2010-05-03 14:32:32 ----D---- C:\Program Files\WinRAR
2010-05-03 13:34:44 ----SD---- C:\Users\yohan\AppData\Roaming\Microsoft
2010-05-01 19:15:29 ----D---- C:\Windows\inf
2010-05-01 19:15:29 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-05-01 04:13:43 ----A---- C:\Windows\NeroDigital.ini
2010-04-26 18:55:46 ----HD---- C:\ProgramData
2010-04-25 16:35:56 ----D---- C:\Users\yohan\AppData\Roaming\Samsung
2010-04-25 16:27:57 ----HD---- C:\Program Files\InstallShield Installation Information
2010-04-24 17:48:34 ----RD---- C:\Users
2010-04-21 14:19:53 ----SHD---- C:\$RECYCLE.BIN
2010-04-19 01:49:03 ----D---- C:\Program Files\Google
2010-04-18 15:53:07 ----D---- C:\ProgramData\Google
2010-04-18 15:50:04 ----D---- C:\Windows\Web
2010-04-12 03:27:00 ----D---- C:\Program Files\Common Files\microsoft shared
2010-04-12 03:13:37 ----A---- C:\Windows\win.ini
2010-04-12 02:51:13 ----D---- C:\Windows\system32\Tasks
2010-04-12 02:40:13 ----DC---- C:\Windows\system32\DRVSTORE
2010-04-12 02:32:49 ----D---- C:\Windows\Minidump
2010-04-11 20:21:11 ----D---- C:\Program Files\Steam
2010-04-11 20:20:11 ----D---- C:\Windows\system32\WDI
2010-04-11 20:17:37 ----D---- C:\Windows\system32\Msdtc
2010-04-11 20:17:31 ----D---- C:\Windows\system32\wbem
2010-04-11 20:15:20 ----D---- C:\Windows\system32\spool
2010-04-11 20:15:20 ----D---- C:\Windows\system32\CodeIntegrity
2010-04-11 20:15:08 ----D---- C:\ProgramData\HP Product Assistant
2010-04-11 20:15:08 ----D---- C:\Program Files\Microsoft Works
2010-04-11 20:15:05 ----D---- C:\Windows\registration
2010-04-09 19:19:49 ----D---- C:\Program Files\MSBuild
2010-04-09 19:19:31 ----D---- C:\Program Files\Microsoft Office
2010-04-09 19:15:04 ----D---- C:\Program Files\Microsoft Visual Studio 8
2010-04-09 19:14:55 ----D---- C:\Windows\ShellNew
2010-04-09 18:53:51 ----D---- C:\Program Files\Common Files\InstallShield
2010-04-06 19:52:54 ----A---- C:\Windows\system32\mrt.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-11-25 23120]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2009-09-01 128016]
R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2006-07-24 5632]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-09-15 53328]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2009-05-31 279712]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2009-05-31 25888]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2008-02-15 46592]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-06-10 3839488]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-06-13 2152344]
R3 itecir;ITECIR Infrared Receiver; C:\Windows\system32\DRIVERS\itecir.sys [2007-12-18 54784]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver; C:\Windows\system32\DRIVERS\ManyCam.sys [2008-01-14 21632]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-06-26 3662848]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2008-05-29 146848]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2007-10-01 1769984]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-03-06 198960]
R3 X10Hid;X10 Hid Device; C:\Windows\System32\Drivers\x10hid.sys [2006-11-17 13976]
S3 ayw8zk3z;ayw8zk3z; C:\Windows\system32\drivers\ayw8zk3z.sys []
S3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys []
S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-07-28 23040]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Pilote de port Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2008-07-28 507904]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2008-07-28 30208]
S3 btnetBUs;Bluetooth PAN Bus Service; C:\Windows\System32\Drivers\btnetBus.sys [2008-12-07 30088]
S3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\Windows\System32\Drivers\IvtBtBus.sys []
S3 massfilter;ZTE Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys [2008-10-29 7680]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-07-28 149504]
S3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-05-02 122368]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys [2007-05-02 83592]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\Windows\system32\DRIVERS\ss_mdfl.sys [2007-05-02 15112]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\Windows\system32\DRIVERS\ss_mdm.sys [2007-05-02 109704]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2007-07-03 80552]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792]
S3 StillCam;Pilote d'appareil photo numérique série; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-21 9216]
S3 usbanyka;USB Web Camera; C:\Windows\system32\DRIVERS\UsbAnyka.sys [2007-11-13 17536]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys []
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys [2008-10-15 104960]
S3 ZTEusbnet;ZTE USB-NDIS miniport; C:\Windows\system32\DRIVERS\ZTEusbnet.sys [2008-10-13 110080]
S3 ZTEusbnmea;ZTE NMEA Port; C:\Windows\system32\DRIVERS\ZTEusbnmea.sys [2008-10-29 105344]
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\Windows\system32\DRIVERS\ZTEusbser6k.sys [2008-10-15 104960]
S3 ZTEusbvoice;ZTE VoUSB Port; C:\Windows\system32\DRIVERS\ZTEusbvoice.sys [2008-10-15 104960]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-21 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6; C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [2007-09-11 124832]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-06 132424]
R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-10-02 94208]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-06-10 692224]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-05-07 354840]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-02-05 1229232]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-12-03 869672]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 ServiceSFRABCD;Service SFR Gestionnaire Connexion; C:\Program Files\SFR\Gestionnaire de Connexion SFR\SFRABCDService.exe [2009-09-01 657024]
R2 x10nets;X10 Device Network Service; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [2001-11-12 20480]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-01-14 447784]
S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-31 135664]
S3 aspnet_state;Service d'état ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-07-28 647680]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-11-24 30192]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-16 182768]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2009-08-21 30510960]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2009-08-21 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-08-21 4639136]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2008-12-22 104944]
S4 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
-----------------EOF-----------------
dédétraqué
Messages postés
4384
Date d'inscription
vendredi 5 septembre 2008
Statut
Contributeur sécurité
Dernière intervention
4 février 2013
286
5 mai 2010 à 20:08
5 mai 2010 à 20:08
Salut yohanaldo
Supprime ce dossier en gras :
C:\Program Files\webserver
As-tu encore des redirections Google?
@++ :)
Supprime ce dossier en gras :
C:\Program Files\webserver
As-tu encore des redirections Google?
@++ :)
yohanaldo
Messages postés
52
Date d'inscription
lundi 19 avril 2010
Statut
Membre
Dernière intervention
22 septembre 2017
3
6 mai 2010 à 15:39
6 mai 2010 à 15:39
Re dédétraqué, je n'ai plus de redirection Google et j'ai retrouvé une vitesse de navigation excellente
Je te remercie encore beaucoup
Je te remercie encore beaucoup
dédétraqué
Messages postés
4384
Date d'inscription
vendredi 5 septembre 2008
Statut
Contributeur sécurité
Dernière intervention
4 février 2013
286
6 mai 2010 à 16:04
6 mai 2010 à 16:04
Salut yohanaldo
OK super alors, on va vérifier si rien de caché :
Faire un scan avec Nod32 en ligne (il faut utiliser Internet Explorer) ici :
https://www.eset.com/int/home/online-scanner/
(coche toutes les cases à chaque fois, sauf les deux dernières a la fin du scan, sinon le rapport est supprimer)
A la fin, colle le rapport : C:\Program Files\EsetOnlineScanner\log.txt
@++ :)
OK super alors, on va vérifier si rien de caché :
Faire un scan avec Nod32 en ligne (il faut utiliser Internet Explorer) ici :
https://www.eset.com/int/home/online-scanner/
(coche toutes les cases à chaque fois, sauf les deux dernières a la fin du scan, sinon le rapport est supprimer)
A la fin, colle le rapport : C:\Program Files\EsetOnlineScanner\log.txt
@++ :)
yohanaldo
Messages postés
52
Date d'inscription
lundi 19 avril 2010
Statut
Membre
Dernière intervention
22 septembre 2017
3
Modifié par yohanaldo le 8/05/2010 à 20:08
Modifié par yohanaldo le 8/05/2010 à 20:08
Bonjour dédétraqué voici le rapport du scan :
A noter qu'il a detecté 3 fichiers qu'il a mis en quarentaine, cependant je ne peux pas les mettre en ligne sinon CCM n'enregistre pas le message, j'ai essayé plusieurs fois et je me suis rendu compte que le probleme venait des liens des 3 fichiers
Tout le reste du rapport y est
merci ;)
A noter qu'il a detecté 3 fichiers qu'il a mis en quarentaine, cependant je ne peux pas les mettre en ligne sinon CCM n'enregistre pas le message, j'ai essayé plusieurs fois et je me suis rendu compte que le probleme venait des liens des 3 fichiers
Tout le reste du rapport y est
merci ;)
19 avril 2010 à 20:46
Logfile of random's system information tool 1.06 (written by random/random)
Run by yohan at 2010-04-19 20:25:04
Microsoft® Windows Vista(TM) Édition Familiale Premium Service Pack 2
System drive C: has 30 GB (13%) free of 226 GB
Total RAM: 3070 MB (47% free)
HijackThis download failed
======Scheduled tasks folder======
C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\User_Feed_Synchronization-{49B6D35B-DB48-4A59-BDD5-455EE97F972C}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{69A87B7D-DE56-4136-9655-716BA50C19C7}]
&Google Web Accelerator Helper - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll [2007-07-09 311296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2009-08-21 4139912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2009-08-17 564624]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
CBrowserHelperObject Object - C:\Program Files\Google\Google_BAE\BAE.dll [2006-11-09 98304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - Google Web Accelerator - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll [2007-07-09 311296]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-05-07 178712]
"HControlUser"=C:\Program Files\ATK Hotkey\HcontrolUser.exe [2008-01-11 98304]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-06-13 6183456]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-06 1041704]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-11-24 30192]
"toolbar_eula_launcher"=C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe [2007-02-20 28672]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2009-08-17 85888]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SmpcSys"=C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe [2008-02-04 1038136]
"BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2010-03-03 323392]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-01-14 1688872]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"ManyCam"=C:\Program Files\ManyCam 2.4\ManyCam.exe [2009-12-19 1824040]
"SpeedBitVideoAccelerator"=C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe [2009-05-18 2823784]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Run Google Web Accelerator.lnk - C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Deskscapes - {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\deskscapes.dll [2008-03-29 103848]
StardockDreamController - {EC654325-1273-C2A9-2B7C-45D29BCE68FF} - C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\DreamControl.dll [2008-05-05 591128]
Stardock Vista ControlPanel Extension - {EC654325-1273-C2A9-2B7C-45D29BCE68FD} - C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\DesktopControlPanel.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2009-08-21 4139912]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H]
shell\AutoRun\command - H:\SFR.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{30110ff9-d9d4-11de-92cd-ac11ea6793e7}]
shell\AutoRun\command - E:\AUTORUN.EXE
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{44ec625a-8a1d-11de-86bb-890121e050c7}]
shell\AutoRun\command - E:\SFR.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a7177b77-52d9-11de-9e94-f228c1dab0e1}]
shell\AutoRun\command - E:\AUTOSTARTER.EXE
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bbebe755-7ca5-11de-9b4d-bc1bf3e599f2}]
shell\AutoRun\command - E:\SFR.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bbebe77c-7ca5-11de-9b4d-00a0c6000000}]
shell\AutoRun\command - E:\SFR.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f1edff29-de54-11dd-817d-c471b15de9e1}]
shell\AutoRun\command - F:\AUTOSTARTER.EXE
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-04-19 20:25:04 ----DC---- C:\rsit
2010-04-19 01:58:24 ----SHDC---- C:\Config.Msi
2010-04-19 01:10:51 ----A---- C:\Windows\system32\lsdelete.exe
2010-04-18 15:46:44 ----D---- C:\Program Files\Power IE
2010-04-12 02:39:09 ----HDC---- C:\ProgramData\{52AC600B-5800-407E-99FF-83CD0669760B}
2010-04-12 02:38:32 ----D---- C:\ProgramData\Lavasoft
2010-04-12 02:38:32 ----D---- C:\Program Files\Lavasoft
2010-04-12 02:30:18 ----D---- C:\Program Files\CCleaner
2010-04-12 01:50:41 ----A---- C:\Windows\msnfix.txt
2010-04-11 16:53:24 ----D---- C:\Program Files\AxBx
2010-04-11 02:53:32 ----D---- C:\Program Files\webserver
2010-04-11 02:52:41 ----A---- C:\Windows\system32\captcha.dll
2010-04-11 02:47:14 ----H---- C:\Windows\bill106.exe
2010-04-09 19:19:29 ----D---- C:\Program Files\Microsoft Visual Studio
2010-04-03 03:00:21 ----A---- C:\Windows\system32\browserchoice.exe
2010-03-31 04:30:10 ----A---- C:\Windows\system32\mshtml.dll
2010-03-31 04:30:09 ----A---- C:\Windows\system32\ieframe.dll
2010-03-31 04:30:08 ----A---- C:\Windows\system32\wininet.dll
2010-03-31 04:30:08 ----A---- C:\Windows\system32\urlmon.dll
2010-03-31 04:30:08 ----A---- C:\Windows\system32\iertutil.dll
2010-03-31 04:30:07 ----A---- C:\Windows\system32\occache.dll
2010-03-31 04:30:07 ----A---- C:\Windows\system32\mstime.dll
2010-03-31 04:30:07 ----A---- C:\Windows\system32\msfeeds.dll
2010-03-31 04:30:07 ----A---- C:\Windows\system32\ieui.dll
2010-03-31 04:30:07 ----A---- C:\Windows\system32\iedkcs32.dll
2010-03-31 04:30:06 ----A---- C:\Windows\system32\msfeedssync.exe
2010-03-31 04:30:06 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-03-31 04:30:06 ----A---- C:\Windows\system32\jsproxy.dll
2010-03-31 04:30:06 ----A---- C:\Windows\system32\ieUnatt.exe
2010-03-31 04:30:06 ----A---- C:\Windows\system32\iesysprep.dll
2010-03-31 04:30:06 ----A---- C:\Windows\system32\iesetup.dll
2010-03-31 04:30:06 ----A---- C:\Windows\system32\iernonce.dll
2010-03-31 04:30:06 ----A---- C:\Windows\system32\iepeers.dll
2010-03-31 04:30:06 ----A---- C:\Windows\system32\ie4uinit.exe
2010-03-30 23:46:31 ----D---- C:\Users\yohan\AppData\Roaming\Magic Academy
2010-03-28 20:03:48 ----D---- C:\Program Files\Lavalys
======List of files/folders modified in the last 1 months======
2010-04-19 20:25:18 ----D---- C:\Program Files\Trend Micro
2010-04-19 20:25:12 ----D---- C:\Windows\prefetch
2010-04-19 20:19:39 ----D---- C:\Users\yohan\AppData\Roaming\DNA
2010-04-19 20:09:47 ----D---- C:\Windows\Temp
2010-04-19 09:48:10 ----SHD---- C:\System Volume Information
2010-04-19 04:02:26 ----A---- C:\Windows\NeroDigital.ini
2010-04-19 03:55:30 ----D---- C:\Windows\Tasks
2010-04-19 02:00:24 ----SHD---- C:\Windows\Installer
2010-04-19 01:59:38 ----AD---- C:\Windows\System32
2010-04-19 01:59:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-04-19 01:59:37 ----D---- C:\Windows\inf
2010-04-19 01:52:13 ----D---- C:\Windows
2010-04-19 01:51:36 ----D---- C:\Program Files\DNA
2010-04-19 01:49:03 ----D---- C:\Program Files\Google
2010-04-18 15:53:07 ----D---- C:\ProgramData\Google
2010-04-18 15:51:36 ----SD---- C:\Users\yohan\AppData\Roaming\Microsoft
2010-04-18 15:50:04 ----D---- C:\Windows\Web
2010-04-18 15:46:44 ----RD---- C:\Program Files
2010-04-18 01:51:34 ----D---- C:\Users\yohan\AppData\Roaming\BitTorrent
2010-04-12 03:40:32 ----D---- C:\ProgramData\Microsoft Help
2010-04-12 03:34:06 ----D---- C:\Windows\winsxs
2010-04-12 03:33:50 ----RSD---- C:\Windows\assembly
2010-04-12 03:27:00 ----D---- C:\Program Files\Common Files\microsoft shared
2010-04-12 03:13:37 ----A---- C:\Windows\win.ini
2010-04-12 02:51:13 ----D---- C:\Windows\system32\Tasks
2010-04-12 02:40:13 ----DC---- C:\Windows\system32\DRVSTORE
2010-04-12 02:40:13 ----D---- C:\Windows\system32\catroot
2010-04-12 02:40:13 ----AD---- C:\Windows\system32\drivers
2010-04-12 02:39:09 ----HD---- C:\ProgramData
2010-04-12 02:32:49 ----D---- C:\Windows\Minidump
2010-04-12 02:32:49 ----D---- C:\Windows\Debug
2010-04-11 20:21:11 ----D---- C:\Program Files\Steam
2010-04-11 20:20:11 ----D---- C:\Windows\system32\WDI
2010-04-11 20:17:37 ----D---- C:\Windows\system32\Msdtc
2010-04-11 20:17:31 ----D---- C:\Windows\system32\wbem
2010-04-11 20:15:49 ----D---- C:\Windows\system32\config
2010-04-11 20:15:20 ----D---- C:\Windows\system32\spool
2010-04-11 20:15:20 ----D---- C:\Windows\system32\CodeIntegrity
2010-04-11 20:15:20 ----D---- C:\Windows\system32\catroot2
2010-04-11 20:15:08 ----D---- C:\ProgramData\HP Product Assistant
2010-04-11 20:15:08 ----D---- C:\Program Files\Microsoft Works
2010-04-11 20:15:05 ----D---- C:\Windows\registration
2010-04-09 19:19:49 ----D---- C:\Program Files\MSBuild
2010-04-09 19:19:31 ----D---- C:\Program Files\Microsoft Office
2010-04-09 19:15:04 ----D---- C:\Program Files\Microsoft Visual Studio 8
2010-04-09 19:14:55 ----D---- C:\Windows\ShellNew
2010-04-09 18:53:51 ----D---- C:\Program Files\Common Files\InstallShield
2010-04-09 18:53:46 ----HD---- C:\Program Files\InstallShield Installation Information
2010-04-02 03:16:11 ----D---- C:\Windows\system32\migration
2010-04-02 03:16:11 ----D---- C:\Program Files\Internet Explorer
2010-03-23 02:25:22 ----D---- C:\Program Files\BetClic Poker
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-11-25 23120]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 dmoko;Agnitum 4.0 Explorer Pages Driver InfoTech Workstation; \??\C:\Windows\system32\drivers\ndisoko.sys [2009-04-11 32768]
R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2009-09-01 128016]
R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2009-01-19 5632]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-09-15 53328]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2009-05-31 279712]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2009-05-31 25888]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2008-02-15 46592]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-06-10 3839488]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-06-13 2152344]
R3 itecir;ITECIR Infrared Receiver; C:\Windows\system32\DRIVERS\itecir.sys [2007-12-18 54784]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver; C:\Windows\system32\DRIVERS\ManyCam.sys [2008-01-14 21632]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-06-26 3662848]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2008-05-29 146848]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2007-10-01 1769984]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-03-06 198960]
R3 X10Hid;X10 Hid Device; C:\Windows\System32\Drivers\x10hid.sys [2006-11-17 13976]
S3 alp61tex;alp61tex; C:\Windows\system32\drivers\alp61tex.sys []
S3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys []
S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-07-28 23040]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Pilote de port Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2008-07-28 507904]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2008-07-28 30208]
S3 btnetBUs;Bluetooth PAN Bus Service; C:\Windows\System32\Drivers\btnetBus.sys [2008-12-07 30088]
S3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\Windows\System32\Drivers\IvtBtBus.sys []
S3 massfilter;ZTE Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys [2008-10-29 7680]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-07-28 149504]
S3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-05-02 122368]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys [2007-05-02 83592]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\Windows\system32\DRIVERS\ss_mdfl.sys [2007-05-02 15112]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\Windows\system32\DRIVERS\ss_mdm.sys [2007-05-02 109704]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2007-07-03 80552]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792]
S3 StillCam;Pilote d'appareil photo numérique série; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-21 9216]
S3 usbanyka;USB Web Camera; C:\Windows\system32\DRIVERS\UsbAnyka.sys [2007-11-13 17536]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys []
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys [2008-10-15 104960]
S3 ZTEusbnet;ZTE USB-NDIS miniport; C:\Windows\system32\DRIVERS\ZTEusbnet.sys [2008-10-13 110080]
S3 ZTEusbnmea;ZTE NMEA Port; C:\Windows\system32\DRIVERS\ZTEusbnmea.sys [2008-10-29 105344]
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\Windows\system32\DRIVERS\ZTEusbser6k.sys [2008-10-15 104960]
S3 ZTEusbvoice;ZTE VoUSB Port; C:\Windows\system32\DRIVERS\ZTEusbvoice.sys [2008-10-15 104960]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-21 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6; C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [2007-09-11 124832]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-06 132424]
R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-10-02 94208]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-06-10 692224]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 captcha;captcha; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-05-07 354840]
R2 ipokoraid;Control Software Computer Property; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-02-05 1229232]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-12-03 869672]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]
R2 ServiceSFRABCD;Service SFR Gestionnaire Connexion; C:\Program Files\SFR\Gestionnaire de Connexion SFR\SFRABCDService.exe [2009-09-01 657024]
R2 VideoAcceleratorService;VideoAcceleratorService; C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe [2009-05-18 288368]
R2 webserver;webserver; C:\Program Files\webserver\webserver.exe [2010-04-11 13824]
R2 x10nets;X10 Device Network Service; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [2001-11-12 20480]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-01-14 447784]
S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-31 135664]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 aspnet_state;Service d'état ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-07-28 647680]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-11-24 30192]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-16 182768]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2009-08-21 30510960]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2009-08-21 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-08-21 4639136]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2008-12-22 104944]
S4 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
-----------------EOF-----------------