A voir également:
- WIN32 : S pycrush-B
- Trojan win32 - Forum Virus
- Win32:malware-gen ✓ - Forum Virus
- Win32/offercore ✓ - Forum Virus
- Puabundler win32 - Forum Virus
- Hacktool win32 - Forum Virus
5 réponses
Utilisateur anonyme
31 août 2007 à 01:06
31 août 2007 à 01:06
Bonjour
Essaye de faire ça
Télécharge ComboScan sur ton Bureau.
---> http://www.techsupportforum.com/sectools/Deckard/dss.exe
Ferme toutes les applications en cours ; antivirus, pare-feu, etc ..
Double-clic sur comboscan.exe A la fenêtre qui s'affiche, clic sur OK.
Soit patient ..
Le rapport Comboscan.txt s'affichera, copie et colle le contenu de ce fichier ici.
Attention, il peut avoir deux, trois rapports mets les tous ici stp
Essaye de faire ça
Télécharge ComboScan sur ton Bureau.
---> http://www.techsupportforum.com/sectools/Deckard/dss.exe
Ferme toutes les applications en cours ; antivirus, pare-feu, etc ..
Double-clic sur comboscan.exe A la fenêtre qui s'affiche, clic sur OK.
Soit patient ..
Le rapport Comboscan.txt s'affichera, copie et colle le contenu de ce fichier ici.
Attention, il peut avoir deux, trois rapports mets les tous ici stp
Darckiller
Messages postés
835
Date d'inscription
mardi 10 juillet 2007
Statut
Membre
Dernière intervention
11 juin 2010
35
31 août 2007 à 11:03
31 août 2007 à 11:03
Salut,
suis ma démarche:
-Tu désactive tout d'abord la restauration de système Windows sur ton PC: Démarrer -> Pannaeau de configuration (en mode catégorie) -> Performance et maintenance -> Système -> Onglet restauration du système -> coche la case Désactivé la restauration du sytème.
-Tu télécharges Avast!, gratuit, sur le site dans l'onglet sécurité, que tu mets à jours et dont tu actives la protection résidente ( protection en temps réel donc) puis fais un scan avec ton antivirus principal (Avast! donc);
-Ensuite télécharge Spybot S&D et/ou Ad-aware (ils sont sur le site dans l'onglet sécurité), mets les à jour, puis fais un scan, et supprime les problèmes qui vont s'affichés.
-Une fois les malwares mis en quarantaine, détruit les purement et simplement (ces fichiers on une tete de mort à coté de leur ligne)
-Ensuite, télécharge et installe CCleaner, un programme gratuit, et pratique, sur le site, qui va faire le ménage après toutes ces manipulations, mets le d'abord à jour (la dernière version beta 2.0.45) puis cherche les erreurs de registres et nettoie les fichiers indésirables ou inutiles avec.
-Ensuite télécharge et installe Spyware blaster, aussi sur le site, un ptit logiciel sympa qui va empecher les script malvaillants et les sites malwares d'attaquer ton disk dur et ton navigateur web.
-Si tu n'as pas de par-feu (fire wall), désative celui de Windows (qui ne protège que dans un sens) et télécharge Zone-Alarm de Zonlabs et installe le, mets le à jour et configure le par défault, il est simple d'utilisation et efficace.
-Pour les saletés de rootkits et les backdoor (portes dérobés), je te conseille de téléchargé F-SECURE Blacklight et PANDA antirootkit, disponible sur le site, gratuits, de les mettre à jour et de faire un scan de ton PC avec chacun d'eux.
-Et n'oublie pas de mettre à jour régulièrement Windows (je sais c'est relous mais nécessaire).
Après dis moi- si tu as toujours des problèmes ou si cela est réglé.
En espérant t'avoir éclairé.
:)
suis ma démarche:
-Tu désactive tout d'abord la restauration de système Windows sur ton PC: Démarrer -> Pannaeau de configuration (en mode catégorie) -> Performance et maintenance -> Système -> Onglet restauration du système -> coche la case Désactivé la restauration du sytème.
-Tu télécharges Avast!, gratuit, sur le site dans l'onglet sécurité, que tu mets à jours et dont tu actives la protection résidente ( protection en temps réel donc) puis fais un scan avec ton antivirus principal (Avast! donc);
-Ensuite télécharge Spybot S&D et/ou Ad-aware (ils sont sur le site dans l'onglet sécurité), mets les à jour, puis fais un scan, et supprime les problèmes qui vont s'affichés.
-Une fois les malwares mis en quarantaine, détruit les purement et simplement (ces fichiers on une tete de mort à coté de leur ligne)
-Ensuite, télécharge et installe CCleaner, un programme gratuit, et pratique, sur le site, qui va faire le ménage après toutes ces manipulations, mets le d'abord à jour (la dernière version beta 2.0.45) puis cherche les erreurs de registres et nettoie les fichiers indésirables ou inutiles avec.
-Ensuite télécharge et installe Spyware blaster, aussi sur le site, un ptit logiciel sympa qui va empecher les script malvaillants et les sites malwares d'attaquer ton disk dur et ton navigateur web.
-Si tu n'as pas de par-feu (fire wall), désative celui de Windows (qui ne protège que dans un sens) et télécharge Zone-Alarm de Zonlabs et installe le, mets le à jour et configure le par défault, il est simple d'utilisation et efficace.
-Pour les saletés de rootkits et les backdoor (portes dérobés), je te conseille de téléchargé F-SECURE Blacklight et PANDA antirootkit, disponible sur le site, gratuits, de les mettre à jour et de faire un scan de ton PC avec chacun d'eux.
-Et n'oublie pas de mettre à jour régulièrement Windows (je sais c'est relous mais nécessaire).
Après dis moi- si tu as toujours des problèmes ou si cela est réglé.
En espérant t'avoir éclairé.
:)
Utilisateur anonyme
31 août 2007 à 11:09
31 août 2007 à 11:09
La prochaine fois reste dans tes plates bandes va ça ira pour moi ..
bonjours et merci a ce qui ont répondu =)
Darckiller, je nai pas put faire ta méthode,car, il m'est impossible douvrir le panneau de configuration, car lorsque jy parvien, le virus le ferme automatiquement
sinon boulepate62 jai fais ta technique, voici le premier "truc" que comboscan ma affiché ^^
Deckard's System Scanner v20070826.66
Run by momo on 2007-08-31 13:39:42
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- Last 5 Restore Point(s) --
8: 2007-08-30 18:12:00 UTC - RP119 - Windows Update
7: 2007-08-30 15:50:46 UTC - RP118 - Windows Update
6: 2007-08-29 16:35:28 UTC - RP117 - Scheduled Checkpoint
5: 2007-08-28 20:40:15 UTC - RP116 - Windows Defender Checkpoint
4: 2007-08-28 18:50:55 UTC - RP114 - Windows Update
-- First Restore Point --
1: 2007-08-26 13:10:47 UTC - RP109 - Windows Update
Backed up registry hives.
Performed disk cleanup.
[color=red]Percentage of Memory in Use: 82% (more than 75%).[/color]
[color=red]Total Physical Memory: 1015 MiB (1024 MiB recommended).[/color]
-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of HijackThis v1.99.1
Scan saved at 2007-08-31 13:47:29
Platform: Windows Vista (6.00.6000)
MSIE: Internet Explorer (7.00.6000.16386)
Running processes:
C:\Windows\System32\taskeng.exe
C:\Windows\System32\dwm.exe
C:\Windows\SMINST\Scheduler.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\PDF Complete\pdfsty.exe
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Windows\System32\igfxsrvc.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\HP Connections\6811507\Program\HP Connections.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Common Files\microsoft shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\System32\Macromed\Flash\FlashUtil9b.exe
C:\Windows\System32\rundll32.exe
C:\Users\momo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9RLCUWR2\dss[1].exe
C:\Windows\System32\conime.exe
C:\Windows\explorer.exe
C:\Windows\System32\dllhost.exe
C:\Program Files\Google\googletoolbar2user.exe
C:\Windows\System32\SearchFilterHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www8.hp.com/fr/fr/home.html
R1 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main,Start Page = https://www8.hp.com/fr/fr/home.html
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\GoogleToolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar2.dll
O4 - HKEY_LOCAL_MACHINE\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKEY_LOCAL_MACHINE\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKEY_LOCAL_MACHINE\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKEY_LOCAL_MACHINE\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKEY_LOCAL_MACHINE\..\Run: [PDF Complete] "C:\Program Files\PDF Complete\pdfsty.exe"
O4 - HKEY_LOCAL_MACHINE\..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKEY_LOCAL_MACHINE\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKEY_LOCAL_MACHINE\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKEY_LOCAL_MACHINE\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKEY_LOCAL_MACHINE\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKEY_LOCAL_MACHINE\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKEY_LOCAL_MACHINE\..\Run: [IS CfgWiz] "C:\Program Files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe" /MODULE CfgWiz /GUID {BC8D3EAF-F864-4d4b-AB4D-B3D0C32E2840} /MODE CfgWiz /CMDLINE "REBOOT"
O4 - HKEY_LOCAL_MACHINE\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKEY_LOCAL_MACHINE\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKEY_LOCAL_MACHINE\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
O4 - HKEY_LOCAL_MACHINE\..\Run: [HP Software Update] c:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKEY_LOCAL_MACHINE\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKEY_LOCAL_MACHINE\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKEY_LOCAL_MACHINE\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKEY_LOCAL_MACHINE\..\Run: [VirusProtectPro 3.7] "C:\Program Files\VirusProtectPro 3.7\VirusProtectPro 3.7.exe" /h
O4 - HKEY_LOCAL_MACHINE\..\RunOnce: [ST Recovery Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - Global Startup: Connexions HP.lnk = C:\Program Files\HP Connections\6811507\Program\HP Connections.exe
O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
O20 - AppInit_DLLs: APSHook.dll C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O22 - SharedTaskScheduler: glauke - {cc824bb2-d4b3-41f1-bba0-f8240e4cc495} - C:\Windows\System32\kvfvw.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - "C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe"
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - "C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe"
O23 - Service: GoogleDesktopManager - Google - "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe"
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - "C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe"
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - "C:\Program Files\Common Files\LightScribe\LSSrvc.exe"
O23 - Service: stllssvr - MicroVision Development, Inc. - "c:\Program Files\Common Files\SureThing Shared\stllssvr.exe"
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
All drivers whitelisted.
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 aawservice (Ad-Aware 2007 Service) - "c:\program files\lavasoft\ad-aware 2007\aawservice.exe" <Not Verified; Lavasoft AB; Ad-Aware 2007 Service>
S3 Com4Qlb - "c:\program files\hewlett-packard\hp quick launch buttons\com4qlb.exe" <Not Verified; Hewlett-Packard Development Company, L.P.; HP Quick Launch Buttons>
S3 stllssvr - "c:\program files\common files\surething shared\stllssvr.exe" <Not Verified; MicroVision Development, Inc.; SureThing CD Labeler>
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4d36e965-e325-11ce-bfc1-08002be10318}
Description: CD-ROM Drive
Device ID: IDE\CDROMTSSTCORP_CD/DVDW_TS-L632M_______________0817____\5&101396C2&0&0.0.0
Manufacturer: (Standard CD-ROM drives)
Name: TSSTcorp CD/DVDW TS-L632M ATA Device
PNP Device ID: IDE\CDROMTSSTCORP_CD/DVDW_TS-L632M_______________0817____\5&101396C2&0&0.0.0
Service: cdrom
-- Scheduled Tasks -------------------------------------------------------------
2007-08-30 16:48:36 416 --ah----- C:\Windows\Tasks\User_Feed_Synchronization-{944763DC-2BF9-4F16-905F-089BB0B28084}.job
2007-08-20 21:28:24 406 --a------ C:\Windows\Tasks\Norton Security Scan.job
-- Files created between 2007-07-31 and 2007-08-31 -----------------------------
2007-08-28 16:01:47 0 d-------- C:\Program Files\Alwil Software
2007-08-27 21:30:15 0 d-a------ C:\Users\All Users\TEMP
2007-08-27 21:30:13 0 d-------- C:\Program Files\VirusProtectPro 3.7
2007-08-25 20:23:53 212480 --a------ C:\Windows\PCDLIB32.DLL <Not Verified; Eastman Kodak; Kodak Photo CD Access Developer Toolkit>
2007-08-25 20:21:35 0 -rahs---- C:\MSDOS.SYS
2007-08-25 20:21:35 0 -rahs---- C:\IO.SYS
2007-08-24 21:57:38 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-08-23 20:59:24 0 d-------- C:\Users\All Users\eMule
2007-08-23 20:58:12 0 d-------- C:\Program Files\eMule
2007-08-22 14:57:21 0 d-------- C:\Users\All Users\Messenger Plus!
2007-08-21 22:03:59 0 d-------- C:\Program Files\Lavasoft
2007-08-21 22:03:58 0 d-------- C:\Users\All Users\Lavasoft
2007-08-21 14:31:18 0 d-------- C:\Program Files\Windows Live
2007-08-21 14:31:17 0 d-------- C:\Program Files\Messenger Plus! Live
2007-08-21 10:02:17 0 d-------- C:\Program Files\Common Files\Real
2007-08-21 10:02:13 0 d-------- C:\Program Files\Real
2007-08-20 23:46:11 5171 --a------ C:\Windows\mozver.dat
2007-08-20 21:08:12 0 d-------- C:\Users\All Users\Mozilla
2007-08-20 21:07:42 0 d-------- C:\Program Files\Picasa2
2007-08-20 21:06:48 0 d-------- C:\Program Files\Norton Security Scan
2007-08-20 20:59:47 0 d-------- C:\Program Files\MSXML 4.0
2007-08-20 20:57:02 0 d-------- C:\Users\All Users\Google Updater
2007-08-20 20:07:35 0 d-------- C:\Program Files\MSN Messenger
2007-08-20 19:55:40 0 d-------- C:\Program Files\Common Files\France Telecom
2007-08-20 19:49:03 0 d-------- C:\Program Files\SAGEM
2007-08-20 19:47:11 0 d-------- C:\Securitoo
2007-08-20 07:15:53 0 d-------- C:\Windows\SoftwareDistribution
2007-08-20 07:11:01 0 d-------- C:\Windows\Prefetch
2007-08-20 01:41:42 0 dr------- C:\Users\momo\Searches
2007-08-20 01:41:26 0 dr------- C:\Users\momo\Contacts
2007-08-20 01:41:02 44 --a------ C:\Windows\system\hpsysdrv.dat
2007-08-20 01:27:03 0 d-------- C:\Users\All Users\Google
2007-08-20 01:27:00 0 d-------- C:\Program Files\Google
2007-08-20 01:25:56 0 d-------- C:\Users\All Users\InstallShield
2007-08-20 01:25:30 0 d-------- C:\Program Files\Macrovision Corp
2007-08-20 01:24:58 204800 --a------ C:\Windows\system32\IVIresizeW7.dll
2007-08-20 01:24:58 188416 --a------ C:\Windows\system32\IVIresizePX.dll
2007-08-20 01:24:58 192512 --a------ C:\Windows\system32\IVIresizeP6.dll
2007-08-20 01:24:58 192512 --a------ C:\Windows\system32\IVIresizeM6.dll
2007-08-20 01:24:57 200704 --a------ C:\Windows\system32\IVIresizeA6.dll
2007-08-20 01:24:57 20480 --a------ C:\Windows\system32\IVIresize.dll
2007-08-20 01:22:47 0 d-------- C:\Program Files\Common Files\InterVideo
2007-08-20 01:22:15 0 d-------- C:\Program Files\InterVideo
2007-08-20 01:20:35 0 dr------- C:\Users\momo\Videos
2007-08-20 01:20:35 0 d--hs---- C:\Users\momo\Templates <TEMPLA~1>
2007-08-20 01:20:35 0 d--hs---- C:\Users\momo\Start Menu <STARTM~1>
2007-08-20 01:20:35 0 d--hs---- C:\Users\momo\SendTo
2007-08-20 01:20:35 0 dr------- C:\Users\momo\Saved Games <SAVEDG~1>
2007-08-20 01:20:35 0 d--hs---- C:\Users\momo\Recent
2007-08-20 01:20:35 0 d--hs---- C:\Users\momo\PrintHood <PRINTH~1>
2007-08-20 01:20:35 0 dr------- C:\Users\momo\Pictures
2007-08-20 01:20:35 1572864 --ahs---- C:\Users\momo\ntuser.dat
2007-08-20 01:20:35 0 d--hs---- C:\Users\momo\NetHood
2007-08-20 01:20:35 0 d--hs---- C:\Users\momo\My Documents <MYDOCU~1>
2007-08-20 01:20:35 0 dr------- C:\Users\momo\Music
2007-08-20 01:20:35 0 d--hs---- C:\Users\momo\Local Settings <LOCALS~1>
2007-08-20 01:20:35 0 dr------- C:\Users\momo\Links
2007-08-20 01:20:35 0 dr------- C:\Users\momo\Favorites <FAVORI~1>
2007-08-20 01:20:35 0 dr------- C:\Users\momo\Downloads <DOWNLO~1>
2007-08-20 01:20:35 0 dr------- C:\Users\momo\Documents <DOCUME~1>
2007-08-20 01:20:35 0 dr------- C:\Users\momo\Desktop
2007-08-20 01:20:35 0 d--hs---- C:\Users\momo\Cookies
2007-08-20 01:20:35 0 d--hs---- C:\Users\momo\Application Data <APPLIC~1>
2007-08-20 01:20:35 0 d--h----- C:\Users\momo\AppData
-- Find3M Report ---------------------------------------------------------------
2007-08-30 19:16:33 174 --ahs---- C:\Program Files\desktop.ini
2007-08-30 19:14:17 12 --a------ C:\Windows\bthservsdp.dat
2007-08-30 17:01:19 0 d-------- C:\Program Files\Windows Calendar
2007-08-27 20:22:12 1178 --a------ C:\Users\momo\AppData\Roaming\wklnhst.dat
2007-08-26 20:46:21 12288 --a-s---- C:\Windows\system32\kvfvw.dll
2007-08-25 21:01:57 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-08-25 21:01:57 0 d-------- C:\Program Files\Common Files
2007-08-25 20:30:20 0 d-------- C:\Users\momo\AppData\Roaming\ArcSoft
2007-08-22 02:06:12 0 d-------- C:\Users\momo\AppData\Roaming\InterVideo
2007-08-21 14:26:08 0 d-------- C:\Users\momo\AppData\Roaming\Real
2007-08-21 14:19:18 0 d-------- C:\Program Files\Microsoft.NET
2007-08-21 13:58:18 0 d-------- C:\Program Files\Microsoft Works
2007-08-21 11:53:27 0 d-------- C:\Users\momo\AppData\Roaming\Template
2007-08-20 21:25:46 0 d-------- C:\Program Files\Windows Mail
2007-08-20 21:25:45 0 d-------- C:\Program Files\Windows Defender
2007-08-20 21:12:24 0 d-------- C:\Users\momo\AppData\Roaming\Talkback
2007-08-20 21:11:52 0 d-------- C:\Users\momo\AppData\Roaming\Mozilla
2007-08-20 20:01:41 0 d-------- C:\Users\momo\AppData\Roaming\Google
2007-08-20 11:57:53 0 d-------- C:\Users\momo\AppData\Roaming\Microsoft Web Folders
2007-08-20 01:41:30 0 d-------- C:\Users\momo\AppData\Roaming\Identities
2007-08-20 01:29:26 0 d-------- C:\Users\momo\AppData\Roaming\Macromedia
2007-08-20 01:29:22 0 d-------- C:\Users\momo\AppData\Roaming\Hewlett-Packard
2007-08-20 01:25:30 0 d-------- C:\Program Files\Common Files\InstallShield
2007-08-20 01:22:28 0 d-------- C:\Users\momo\AppData\Roaming\InstallShield
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [20/08/2007 21:21]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [05/04/2007 11:45]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [05/04/2007 11:44]
"Persistence"="C:\Windows\system32\igfxpers.exe" [05/04/2007 11:44]
"PDF Complete"="C:\Program Files\PDF Complete\pdfsty.exe" [20/02/2007 22:48]
"PTHOSTTR"="C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.exe" [09/01/2007 23:52]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [08/06/2007 01:14]
"hpWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [10/01/2007 23:13]
"WAWifiMessage"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [10/01/2007 23:12]
"HP Health Check Scheduler"="C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [12/03/2007 19:54]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [09/01/2007 22:59]
"IS CfgWiz"="C:\Program Files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe" [12/01/2007 19:28]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0\bin\jusched.exe" [08/05/2007 15:28]
"QlbCtrl"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [05/03/2007 23:54]
"CognizanceTS"="C:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll" [22/12/2003 18:12]
"HP Software Update"="c:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [17/02/2005 07:11]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [21/02/2007 17:14]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [20/08/2007 20:59]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [16/06/2007 00:15]
"VirusProtectPro 3.7"="C:\Program Files\VirusProtectPro 3.7\VirusProtectPro 3.7.exe" [27/08/2007 13:17]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [02/11/2006 13:35]
"WindowsWelcomeCenter"="oobefldr.dll,ShowWelcomeCenter" []
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [19/01/2007 12:55]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [20/08/2007 20:57]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [02/11/2006 13:35]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce]
"ST Recovery Launcher"=%WINDIR%\SMINST\launcher.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Connexions HP.lnk - C:\Program Files\HP Connections\6811507\Program\HP Connections.exe [08/05/2007 15:09:42]
DVD Check.lnk - C:\Program Files\InterVideo\DVD Check\DVDCheck.exe [20/08/2007 01:22:15]
Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [20/08/2007 20:57:02]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=2 (0x2)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{cc824bb2-d4b3-41f1-bba0-f8240e4cc495}"= C:\Windows\system32\kvfvw.dll [26/08/2007 20:46 12288]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=APSHook.dll C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Notification Packages"= scecli ASWLNPkg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum
bthsvcs BthServ
Cognizance ASBroker ASChannel
GPSvcGroup GPSvc
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0ffc80c1-4ee4-11dc-be2a-806e6f6e6963}]
AutoRun\command- D:\Setup.exe
*Newly Created Service* - COMHOST
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
C:\Windows\system32\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI
-- End of Deckard's System Scanner: finished at 2007-08-31 13:50:31 ------------
voici le second
Deckard's System Scanner v20070826.66
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft® Windows Vista™ Home Premium (build 6000)
Architecture: X86; Language: English
CPU 0: Intel(R) Core(TM)2 Duo CPU T7100 @ 1.80GHz
Percentage of Memory in Use: 84%
Physical Memory (total/avail): 1014.69 MiB / 154.09 MiB
Pagefile Memory (total/avail): 2284.23 MiB / 1181.91 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1945.23 MiB
C: is Fixed (NTFS) - 102.42 GiB total, 81.35 GiB free.
E: is Fixed (NTFS) - 1.55 GiB total, 1.32 GiB free.
F: is Fixed (NTFS) - 7.81 GiB total, 1.35 GiB free.
\\.\PHYSICALDRIVE0 - Hitachi HTS541612J9SA00 ATA Device - 111.79 GiB - 3 partitions
\PARTITION0 (bootable) - Installable File System - 102.42 GiB - C:
\PARTITION1 - Installable File System - 7.81 GiB - F:
\PARTITION2 - Installable File System - 1589 MiB - E:
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.
FW: Norton Internet Security v2007 (Symantec Corporation) [COLOR=RED]Disabled[/COLOR]
AV: Norton Internet Security v2007 (Symantec Corporation) [COLOR=RED]Outdated[/COLOR]
AS: Windows Defender v1.1.1505.0 (Microsoft Corporation)
AS: Norton Internet Security v2007 (Symantec Corporation) [COLOR=RED]Outdated[/COLOR]
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\momo\AppData\Roaming
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=MOMO-PC
ComSpec=C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\momo
LOCALAPPDATA=C:\Users\momo\AppData\Local
LOGONSERVER=\\MOMO-PC
NUMBER_OF_PROCESSORS=2
OnlineServices=Online Services
OS=Windows_NT
Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files\Common Files\Roxio Shared\DLLShared\;c:\Program Files\Common Files\Roxio Shared\DLLShared\;c:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\Program Files\Hewlett-Packard\IAM\bin
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PLATFORM=BNB
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 13, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f0d
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files
PROMPT=$P$G
PUBLIC=C:\Users\Public
RoxioCentral=c:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\momo\AppData\Local\Temp
TMP=C:\Users\momo\AppData\Local\Temp
USERDOMAIN=momo-PC
USERNAME=momo
USERPROFILE=C:\Users\momo
windir=C:\Windows
-- User Profiles ---------------------------------------------------------------
momo
-- Add/Remove Programs ---------------------------------------------------------
--> C:\Program Files\InstallShield Installation Information\{69333A04-5134-40A5-A055-9166A7AA1EC8}\setup.exe -runfromtemp -l0x0009 -removeonly
--> MsiExec.exe /I{EC2ADB7C-8A45-40C9-BFD1-18F22D9A7DF5}
Activation Assistant for the 2007 Microsoft Office suites --> "C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware 2007 --> MsiExec.exe /X{E31C348B-63A9-4CBF-8D7F-D932ABB63244}
Adobe Flash Player 9 ActiveX --> C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Flash Player Plugin --> C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Agere Systems HDA Modem --> agrsmdel
AppCore --> MsiExec.exe /I{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}
Application Installer 4.00.B13 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{70CEFEBA-F757-4DBE-8A21-027C326137CE}\SETUP.EXE" -l0x9
AV --> MsiExec.exe /I{F4DB525F-A986-4249-B98B-42A8066251CA}
ccCommon --> MsiExec.exe /I{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}
Credential Manager for HP ProtectTools --> MsiExec.exe /X{377E3D59-C8FB-4E16-B3D1-E1D92D30DA00}
eMule --> "C:\Program Files\eMule\Uninstall.exe"
ESU for Microsoft Vista --> MsiExec.exe /X{091A6E73-BAE9-470F-A68A-B204E8C0698D}
Google Desktop --> C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
Hewlett-Packard Active Check --> MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
Hewlett-Packard Asset Agent --> MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
HP Active Support Library --> C:\Program Files\InstallShield Installation Information\{290B83AA-093A-45BF-A917-D1C4A1E8D917}\setup.exe -runfromtemp -l0x0409
HP Active Support Library 32 bit components --> MsiExec.exe /I{FAB0C302-CB18-4A7A-BA03-C3DC23101A68}
HP Backup & Recovery Manager Installer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F9F7336-6DF8-476F-ABF6-C70A17FAF619}\setup.exe" -l0x9 -uninst -removeonly
HP BIOS Configuration for ProtectTools --> MsiExec.exe /X{C74D0FA0-1D49-464F-A707-B427EE3385C1}
HP Connections (remove only) --> C:\Windows\HPCPCUninstall-6811507\HPBWSetup.exe -appid 6811507 -uninstall
HP Customer Experience Enhancements --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB5E289E-76BF-4251-9F3F-9B763F681AE0}\setup.exe" -l0x9 -removeonly
HP Doc Viewer --> MsiExec.exe /I{082702D5-5DD8-4600-BCE5-48B15174687F}
HP Easy Setup - Core --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F94234DB-FD06-42C3-B88D-6FC4DC9F988C}\setup.exe" -l0x9
HP Easy Setup - Frontend --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BBE5C83E-4DC5-494F-8A23-3AAE242E94C2}\setup.exe" -l0x9 -removeonly
HP Help and Support --> MsiExec.exe /I{E4DDBA93-769B-49D8-BA33-8814E45ED0C1}
HP MULTIPLE MODEM INSTALLER for VISTA --> MsiExec.exe /I{45A136EC-88BF-4B95-99F5-C45D3930E1CC}
HP Notebook Accessories Product Tour --> MsiExec.exe /I{521F72F4-FFE4-4959-AA88-EED06125211F}
HP ProtectTools Security Manager --> MsiExec.exe /I{2DB165DC-DDB4-403F-B985-19F3EC7D0357}
HP Quick Launch Buttons 6.20 D3 --> C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe -runfromtemp -l0x0009 -removeonly uninst
HP Total Care Advisor --> MsiExec.exe /X{509F2C70-1C5D-45BE-A48F-B785B51A8037}
HP Update --> MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134}
HP User Guides 0064 --> MsiExec.exe /I{E25AA53F-6878-4C64-8130-EB8D678DF303}
HP Wireless Assistant --> MsiExec.exe /I{6FE30813-AC60-40A3-BE53-F6713A1F3893}
Intel(R) Graphics Media Accelerator Driver --> C:\Windows\system32\igxpun.exe -uninstall
InterVideo DVD Check --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5D97A4A7-C274-4B63-86D9-07A33435F505}\setup.exe" REMOVEALL
InterVideo WinDVD --> "C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
Java(TM) SE Runtime Environment 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
Language pack for Ad-Aware SE --> C:\PROGRA~1\Lavasoft\AD-AWA~2\Plugins\Langs\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~2\Plugins\Langs\INSTALL.LOG
livebox --> C:\Program Files\InstallShield Installation Information\{17342E3B-0818-4A6F-BFF8-99476605ADD6}\Setup.exe -runfromtemp -l0x040c -removeonly
LiveUpdate 3.2 (Symantec Corporation) --> "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
Messenger Plus! Live --> "C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1 --> msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1 --> MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1 Hotfix (KB929729) --> "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M929729\M929729Uninstall.msp"
Microsoft Office Word Viewer 2003 --> MsiExec.exe /I{9085040C-6000-11D3-8CFE-0150048383C9}
Microsoft SQL Server Native Client --> MsiExec.exe /I{50A0893D-47D8-48E0-A7E8-44BCD7E4422E}
Microsoft SQL Server Setup Support Files (English) --> MsiExec.exe /X{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}
Microsoft SQL Server VSS Writer --> MsiExec.exe /I{C0D2F614-5CE5-4DCB-8678-E5C9AF7044F8}
Microsoft Works --> MsiExec.exe /I{A059DE09-1B49-4450-B340-7AE097EC3F04}
Mozilla Firefox (2.0.0.6) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSRedist --> MsiExec.exe /I{B7C61755-DB48-4003-948F-3D34DB8EAF69}
MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
Norton AntiVirus --> MsiExec.exe /X{830D8CBD-C668-49e2-A969-C2C2106332E0}
Norton Confidential Browser Component --> MsiExec.exe /I{4843B611-8FCB-4428-8C23-31D0A5EAE164}
Norton Confidential Web Protection Component --> MsiExec.exe /I{D353CC51-430D-4C6F-9B7E-52003DA1E05A}
Norton Internet Security --> MsiExec.exe /I{3672B097-EA69-4bfe-B92F-29AE6D9D2B34}
Norton Internet Security --> MsiExec.exe /I{48185814-A224-447A-81DA-71BD20580E1B}
Norton Internet Security --> MsiExec.exe /I{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}
Norton Internet Security --> MsiExec.exe /I{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}
Norton Internet Security --> MsiExec.exe /I{E5EE9939-259F-4DE2-8023-5C49E16A4F43}
Norton Internet Security (Symantec Corporation) --> "C:\Program Files\Common Files\Symantec Shared\SymSetup\{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}_10_2_0_30\{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}.exe" /X
Norton Protection Center --> MsiExec.exe /I{9A129ABC-A53A-4209-A21E-D5DEDFB7CCA8}
Norton™ Security Scan --> MsiExec.exe /I{E5431FB5-B3EB-46C8-8275-F6447131C98A}
Outil de mise à jour Google --> "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
PDF Complete --> C:\Program Files\PDF Complete\pdfiutil.exe /UGUI
Picasa 2 --> "C:\Program Files\Picasa2\Uninstall.exe"
Roxio Creator Audio --> MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82}
Roxio Creator Basic v9 --> MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
Roxio Creator Copy --> MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
Roxio Creator Data --> MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87}
Roxio Creator Tools --> MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF}
Roxio Express Labeler 3 --> MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Roxio MyDVD Basic v9 --> MsiExec.exe /I{33C65B6A-5D73-4E3E-A1F9-127C27BD3F72}
Sonic Activation Module --> MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
SoundMAX --> C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe -runfromtemp -l0x0009 -removeonly
SPBBC 32bit --> MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56}
Symantec Real Time Storage Protection Component --> MsiExec.exe /I{D6E6FA4A-5445-4850-8365-CF216C1CBB7A}
SymNet --> MsiExec.exe /I{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}
Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
VirusProtectPro 3.7 --> C:\Program Files\VirusProtectPro 3.7\uninst.exe
Vista Default Settings --> MsiExec.exe /I{93D44E47-EBE0-43FC-A427-8AC3CD026536}
Windows Live Messenger --> MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
Windows Live Sign-in Assistant --> MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7}
Windows Safety Alert --> C:\Users\momo\AppData\Local\Temp\laf2.exe /del
-- Application Event Log -------------------------------------------------------
Event Record #/Type5502 / Error
Event Submitted/Written: 08/31/2007 01:48:35 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application explorer.exe, version 6.0.6000.16386, time stamp 0x4549b091, faulting module kvfvw.dll_unloaded, version 0.0.0.0, time stamp 0x46d2b254, exception code 0xc0000005, fault offset 0x023d1757,
process id 0x1278, application start time 0xexplorer.exe0.
Event Record #/Type5499 / Error
Event Submitted/Written: 08/31/2007 01:48:23 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application explorer.exe, version 6.0.6000.16386, time stamp 0x4549b091, faulting module kvfvw.dll_unloaded, version 0.0.0.0, time stamp 0x46d2b254, exception code 0xc0000005, fault offset 0x01ff1752,
process id 0x1724, application start time 0xexplorer.exe0.
Event Record #/Type5496 / Error
Event Submitted/Written: 08/31/2007 01:48:09 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application explorer.exe, version 6.0.6000.16386, time stamp 0x4549b091, faulting module kvfvw.dll_unloaded, version 0.0.0.0, time stamp 0x46d2b254, exception code 0xc0000005, fault offset 0x02471752,
process id 0xfc4, application start time 0xexplorer.exe0.
Event Record #/Type5493 / Error
Event Submitted/Written: 08/31/2007 01:47:56 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application explorer.exe, version 6.0.6000.16386, time stamp 0x4549b091, faulting module kvfvw.dll_unloaded, version 0.0.0.0, time stamp 0x46d2b254, exception code 0xc0000005, fault offset 0x01d11752,
process id 0x1794, application start time 0xexplorer.exe0.
Event Record #/Type5489 / Error
Event Submitted/Written: 08/31/2007 01:47:44 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application explorer.exe, version 6.0.6000.16386, time stamp 0x4549b091, faulting module kvfvw.dll_unloaded, version 0.0.0.0, time stamp 0x46d2b254, exception code 0xc0000005, fault offset 0x02171752,
process id 0xc30, application start time 0xexplorer.exe0.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type7893 / Error
Event Submitted/Written: 08/31/2007 01:10:27 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
Parallel port driver%%1058
Event Record #/Type7852 / Warning
Event Submitted/Written: 08/31/2007 01:10:25 PM
Event ID/Source: 1003 / Dhcp
Event Description:
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 001B770EBEBC. The following error occurred:
%%121. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
Event Record #/Type7843 / Error
Event Submitted/Written: 08/31/2007 01:09:50 PM
Event ID/Source: 6008 / EventLog
Event Description:
The previous system shutdown at 01:11:58 on 31/08/2007 was unexpected.
Event Record #/Type7841 / Warning
Event Submitted/Written: 08/31/2007 01:13:09 AM
Event ID/Source: 1003 / Dhcp
Event Description:
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 001B770EBEBC. The following error occurred:
%%1223. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
Event Record #/Type7828 / Warning
Event Submitted/Written: 08/31/2007 01:11:43 AM
Event ID/Source: 1003 / Dhcp
Event Description:
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 001B770EBEBC. The following error occurred:
%%1223. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
-- End of Deckard's System Scanner: finished at 2007-08-31 13:50:31 ------------
voila, jespere que vous parviendrez a maider =)
Darckiller, je nai pas put faire ta méthode,car, il m'est impossible douvrir le panneau de configuration, car lorsque jy parvien, le virus le ferme automatiquement
sinon boulepate62 jai fais ta technique, voici le premier "truc" que comboscan ma affiché ^^
Deckard's System Scanner v20070826.66
Run by momo on 2007-08-31 13:39:42
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- Last 5 Restore Point(s) --
8: 2007-08-30 18:12:00 UTC - RP119 - Windows Update
7: 2007-08-30 15:50:46 UTC - RP118 - Windows Update
6: 2007-08-29 16:35:28 UTC - RP117 - Scheduled Checkpoint
5: 2007-08-28 20:40:15 UTC - RP116 - Windows Defender Checkpoint
4: 2007-08-28 18:50:55 UTC - RP114 - Windows Update
-- First Restore Point --
1: 2007-08-26 13:10:47 UTC - RP109 - Windows Update
Backed up registry hives.
Performed disk cleanup.
[color=red]Percentage of Memory in Use: 82% (more than 75%).[/color]
[color=red]Total Physical Memory: 1015 MiB (1024 MiB recommended).[/color]
-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of HijackThis v1.99.1
Scan saved at 2007-08-31 13:47:29
Platform: Windows Vista (6.00.6000)
MSIE: Internet Explorer (7.00.6000.16386)
Running processes:
C:\Windows\System32\taskeng.exe
C:\Windows\System32\dwm.exe
C:\Windows\SMINST\Scheduler.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\PDF Complete\pdfsty.exe
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Windows\System32\igfxsrvc.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\HP Connections\6811507\Program\HP Connections.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Common Files\microsoft shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\System32\Macromed\Flash\FlashUtil9b.exe
C:\Windows\System32\rundll32.exe
C:\Users\momo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9RLCUWR2\dss[1].exe
C:\Windows\System32\conime.exe
C:\Windows\explorer.exe
C:\Windows\System32\dllhost.exe
C:\Program Files\Google\googletoolbar2user.exe
C:\Windows\System32\SearchFilterHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www8.hp.com/fr/fr/home.html
R1 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main,Start Page = https://www8.hp.com/fr/fr/home.html
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\GoogleToolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar2.dll
O4 - HKEY_LOCAL_MACHINE\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKEY_LOCAL_MACHINE\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKEY_LOCAL_MACHINE\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKEY_LOCAL_MACHINE\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKEY_LOCAL_MACHINE\..\Run: [PDF Complete] "C:\Program Files\PDF Complete\pdfsty.exe"
O4 - HKEY_LOCAL_MACHINE\..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKEY_LOCAL_MACHINE\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKEY_LOCAL_MACHINE\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKEY_LOCAL_MACHINE\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKEY_LOCAL_MACHINE\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKEY_LOCAL_MACHINE\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKEY_LOCAL_MACHINE\..\Run: [IS CfgWiz] "C:\Program Files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe" /MODULE CfgWiz /GUID {BC8D3EAF-F864-4d4b-AB4D-B3D0C32E2840} /MODE CfgWiz /CMDLINE "REBOOT"
O4 - HKEY_LOCAL_MACHINE\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKEY_LOCAL_MACHINE\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKEY_LOCAL_MACHINE\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
O4 - HKEY_LOCAL_MACHINE\..\Run: [HP Software Update] c:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKEY_LOCAL_MACHINE\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKEY_LOCAL_MACHINE\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKEY_LOCAL_MACHINE\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKEY_LOCAL_MACHINE\..\Run: [VirusProtectPro 3.7] "C:\Program Files\VirusProtectPro 3.7\VirusProtectPro 3.7.exe" /h
O4 - HKEY_LOCAL_MACHINE\..\RunOnce: [ST Recovery Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - Global Startup: Connexions HP.lnk = C:\Program Files\HP Connections\6811507\Program\HP Connections.exe
O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
O20 - AppInit_DLLs: APSHook.dll C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O22 - SharedTaskScheduler: glauke - {cc824bb2-d4b3-41f1-bba0-f8240e4cc495} - C:\Windows\System32\kvfvw.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - "C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe"
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - "C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe"
O23 - Service: GoogleDesktopManager - Google - "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe"
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - "C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe"
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - "C:\Program Files\Common Files\LightScribe\LSSrvc.exe"
O23 - Service: stllssvr - MicroVision Development, Inc. - "c:\Program Files\Common Files\SureThing Shared\stllssvr.exe"
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
All drivers whitelisted.
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 aawservice (Ad-Aware 2007 Service) - "c:\program files\lavasoft\ad-aware 2007\aawservice.exe" <Not Verified; Lavasoft AB; Ad-Aware 2007 Service>
S3 Com4Qlb - "c:\program files\hewlett-packard\hp quick launch buttons\com4qlb.exe" <Not Verified; Hewlett-Packard Development Company, L.P.; HP Quick Launch Buttons>
S3 stllssvr - "c:\program files\common files\surething shared\stllssvr.exe" <Not Verified; MicroVision Development, Inc.; SureThing CD Labeler>
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4d36e965-e325-11ce-bfc1-08002be10318}
Description: CD-ROM Drive
Device ID: IDE\CDROMTSSTCORP_CD/DVDW_TS-L632M_______________0817____\5&101396C2&0&0.0.0
Manufacturer: (Standard CD-ROM drives)
Name: TSSTcorp CD/DVDW TS-L632M ATA Device
PNP Device ID: IDE\CDROMTSSTCORP_CD/DVDW_TS-L632M_______________0817____\5&101396C2&0&0.0.0
Service: cdrom
-- Scheduled Tasks -------------------------------------------------------------
2007-08-30 16:48:36 416 --ah----- C:\Windows\Tasks\User_Feed_Synchronization-{944763DC-2BF9-4F16-905F-089BB0B28084}.job
2007-08-20 21:28:24 406 --a------ C:\Windows\Tasks\Norton Security Scan.job
-- Files created between 2007-07-31 and 2007-08-31 -----------------------------
2007-08-28 16:01:47 0 d-------- C:\Program Files\Alwil Software
2007-08-27 21:30:15 0 d-a------ C:\Users\All Users\TEMP
2007-08-27 21:30:13 0 d-------- C:\Program Files\VirusProtectPro 3.7
2007-08-25 20:23:53 212480 --a------ C:\Windows\PCDLIB32.DLL <Not Verified; Eastman Kodak; Kodak Photo CD Access Developer Toolkit>
2007-08-25 20:21:35 0 -rahs---- C:\MSDOS.SYS
2007-08-25 20:21:35 0 -rahs---- C:\IO.SYS
2007-08-24 21:57:38 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-08-23 20:59:24 0 d-------- C:\Users\All Users\eMule
2007-08-23 20:58:12 0 d-------- C:\Program Files\eMule
2007-08-22 14:57:21 0 d-------- C:\Users\All Users\Messenger Plus!
2007-08-21 22:03:59 0 d-------- C:\Program Files\Lavasoft
2007-08-21 22:03:58 0 d-------- C:\Users\All Users\Lavasoft
2007-08-21 14:31:18 0 d-------- C:\Program Files\Windows Live
2007-08-21 14:31:17 0 d-------- C:\Program Files\Messenger Plus! Live
2007-08-21 10:02:17 0 d-------- C:\Program Files\Common Files\Real
2007-08-21 10:02:13 0 d-------- C:\Program Files\Real
2007-08-20 23:46:11 5171 --a------ C:\Windows\mozver.dat
2007-08-20 21:08:12 0 d-------- C:\Users\All Users\Mozilla
2007-08-20 21:07:42 0 d-------- C:\Program Files\Picasa2
2007-08-20 21:06:48 0 d-------- C:\Program Files\Norton Security Scan
2007-08-20 20:59:47 0 d-------- C:\Program Files\MSXML 4.0
2007-08-20 20:57:02 0 d-------- C:\Users\All Users\Google Updater
2007-08-20 20:07:35 0 d-------- C:\Program Files\MSN Messenger
2007-08-20 19:55:40 0 d-------- C:\Program Files\Common Files\France Telecom
2007-08-20 19:49:03 0 d-------- C:\Program Files\SAGEM
2007-08-20 19:47:11 0 d-------- C:\Securitoo
2007-08-20 07:15:53 0 d-------- C:\Windows\SoftwareDistribution
2007-08-20 07:11:01 0 d-------- C:\Windows\Prefetch
2007-08-20 01:41:42 0 dr------- C:\Users\momo\Searches
2007-08-20 01:41:26 0 dr------- C:\Users\momo\Contacts
2007-08-20 01:41:02 44 --a------ C:\Windows\system\hpsysdrv.dat
2007-08-20 01:27:03 0 d-------- C:\Users\All Users\Google
2007-08-20 01:27:00 0 d-------- C:\Program Files\Google
2007-08-20 01:25:56 0 d-------- C:\Users\All Users\InstallShield
2007-08-20 01:25:30 0 d-------- C:\Program Files\Macrovision Corp
2007-08-20 01:24:58 204800 --a------ C:\Windows\system32\IVIresizeW7.dll
2007-08-20 01:24:58 188416 --a------ C:\Windows\system32\IVIresizePX.dll
2007-08-20 01:24:58 192512 --a------ C:\Windows\system32\IVIresizeP6.dll
2007-08-20 01:24:58 192512 --a------ C:\Windows\system32\IVIresizeM6.dll
2007-08-20 01:24:57 200704 --a------ C:\Windows\system32\IVIresizeA6.dll
2007-08-20 01:24:57 20480 --a------ C:\Windows\system32\IVIresize.dll
2007-08-20 01:22:47 0 d-------- C:\Program Files\Common Files\InterVideo
2007-08-20 01:22:15 0 d-------- C:\Program Files\InterVideo
2007-08-20 01:20:35 0 dr------- C:\Users\momo\Videos
2007-08-20 01:20:35 0 d--hs---- C:\Users\momo\Templates <TEMPLA~1>
2007-08-20 01:20:35 0 d--hs---- C:\Users\momo\Start Menu <STARTM~1>
2007-08-20 01:20:35 0 d--hs---- C:\Users\momo\SendTo
2007-08-20 01:20:35 0 dr------- C:\Users\momo\Saved Games <SAVEDG~1>
2007-08-20 01:20:35 0 d--hs---- C:\Users\momo\Recent
2007-08-20 01:20:35 0 d--hs---- C:\Users\momo\PrintHood <PRINTH~1>
2007-08-20 01:20:35 0 dr------- C:\Users\momo\Pictures
2007-08-20 01:20:35 1572864 --ahs---- C:\Users\momo\ntuser.dat
2007-08-20 01:20:35 0 d--hs---- C:\Users\momo\NetHood
2007-08-20 01:20:35 0 d--hs---- C:\Users\momo\My Documents <MYDOCU~1>
2007-08-20 01:20:35 0 dr------- C:\Users\momo\Music
2007-08-20 01:20:35 0 d--hs---- C:\Users\momo\Local Settings <LOCALS~1>
2007-08-20 01:20:35 0 dr------- C:\Users\momo\Links
2007-08-20 01:20:35 0 dr------- C:\Users\momo\Favorites <FAVORI~1>
2007-08-20 01:20:35 0 dr------- C:\Users\momo\Downloads <DOWNLO~1>
2007-08-20 01:20:35 0 dr------- C:\Users\momo\Documents <DOCUME~1>
2007-08-20 01:20:35 0 dr------- C:\Users\momo\Desktop
2007-08-20 01:20:35 0 d--hs---- C:\Users\momo\Cookies
2007-08-20 01:20:35 0 d--hs---- C:\Users\momo\Application Data <APPLIC~1>
2007-08-20 01:20:35 0 d--h----- C:\Users\momo\AppData
-- Find3M Report ---------------------------------------------------------------
2007-08-30 19:16:33 174 --ahs---- C:\Program Files\desktop.ini
2007-08-30 19:14:17 12 --a------ C:\Windows\bthservsdp.dat
2007-08-30 17:01:19 0 d-------- C:\Program Files\Windows Calendar
2007-08-27 20:22:12 1178 --a------ C:\Users\momo\AppData\Roaming\wklnhst.dat
2007-08-26 20:46:21 12288 --a-s---- C:\Windows\system32\kvfvw.dll
2007-08-25 21:01:57 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-08-25 21:01:57 0 d-------- C:\Program Files\Common Files
2007-08-25 20:30:20 0 d-------- C:\Users\momo\AppData\Roaming\ArcSoft
2007-08-22 02:06:12 0 d-------- C:\Users\momo\AppData\Roaming\InterVideo
2007-08-21 14:26:08 0 d-------- C:\Users\momo\AppData\Roaming\Real
2007-08-21 14:19:18 0 d-------- C:\Program Files\Microsoft.NET
2007-08-21 13:58:18 0 d-------- C:\Program Files\Microsoft Works
2007-08-21 11:53:27 0 d-------- C:\Users\momo\AppData\Roaming\Template
2007-08-20 21:25:46 0 d-------- C:\Program Files\Windows Mail
2007-08-20 21:25:45 0 d-------- C:\Program Files\Windows Defender
2007-08-20 21:12:24 0 d-------- C:\Users\momo\AppData\Roaming\Talkback
2007-08-20 21:11:52 0 d-------- C:\Users\momo\AppData\Roaming\Mozilla
2007-08-20 20:01:41 0 d-------- C:\Users\momo\AppData\Roaming\Google
2007-08-20 11:57:53 0 d-------- C:\Users\momo\AppData\Roaming\Microsoft Web Folders
2007-08-20 01:41:30 0 d-------- C:\Users\momo\AppData\Roaming\Identities
2007-08-20 01:29:26 0 d-------- C:\Users\momo\AppData\Roaming\Macromedia
2007-08-20 01:29:22 0 d-------- C:\Users\momo\AppData\Roaming\Hewlett-Packard
2007-08-20 01:25:30 0 d-------- C:\Program Files\Common Files\InstallShield
2007-08-20 01:22:28 0 d-------- C:\Users\momo\AppData\Roaming\InstallShield
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [20/08/2007 21:21]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [05/04/2007 11:45]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [05/04/2007 11:44]
"Persistence"="C:\Windows\system32\igfxpers.exe" [05/04/2007 11:44]
"PDF Complete"="C:\Program Files\PDF Complete\pdfsty.exe" [20/02/2007 22:48]
"PTHOSTTR"="C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.exe" [09/01/2007 23:52]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [08/06/2007 01:14]
"hpWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [10/01/2007 23:13]
"WAWifiMessage"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [10/01/2007 23:12]
"HP Health Check Scheduler"="C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [12/03/2007 19:54]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [09/01/2007 22:59]
"IS CfgWiz"="C:\Program Files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe" [12/01/2007 19:28]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0\bin\jusched.exe" [08/05/2007 15:28]
"QlbCtrl"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [05/03/2007 23:54]
"CognizanceTS"="C:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll" [22/12/2003 18:12]
"HP Software Update"="c:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [17/02/2005 07:11]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [21/02/2007 17:14]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [20/08/2007 20:59]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [16/06/2007 00:15]
"VirusProtectPro 3.7"="C:\Program Files\VirusProtectPro 3.7\VirusProtectPro 3.7.exe" [27/08/2007 13:17]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [02/11/2006 13:35]
"WindowsWelcomeCenter"="oobefldr.dll,ShowWelcomeCenter" []
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [19/01/2007 12:55]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [20/08/2007 20:57]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [02/11/2006 13:35]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce]
"ST Recovery Launcher"=%WINDIR%\SMINST\launcher.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Connexions HP.lnk - C:\Program Files\HP Connections\6811507\Program\HP Connections.exe [08/05/2007 15:09:42]
DVD Check.lnk - C:\Program Files\InterVideo\DVD Check\DVDCheck.exe [20/08/2007 01:22:15]
Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [20/08/2007 20:57:02]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=2 (0x2)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{cc824bb2-d4b3-41f1-bba0-f8240e4cc495}"= C:\Windows\system32\kvfvw.dll [26/08/2007 20:46 12288]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=APSHook.dll C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Notification Packages"= scecli ASWLNPkg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum
bthsvcs BthServ
Cognizance ASBroker ASChannel
GPSvcGroup GPSvc
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0ffc80c1-4ee4-11dc-be2a-806e6f6e6963}]
AutoRun\command- D:\Setup.exe
*Newly Created Service* - COMHOST
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
C:\Windows\system32\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI
-- End of Deckard's System Scanner: finished at 2007-08-31 13:50:31 ------------
voici le second
Deckard's System Scanner v20070826.66
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft® Windows Vista™ Home Premium (build 6000)
Architecture: X86; Language: English
CPU 0: Intel(R) Core(TM)2 Duo CPU T7100 @ 1.80GHz
Percentage of Memory in Use: 84%
Physical Memory (total/avail): 1014.69 MiB / 154.09 MiB
Pagefile Memory (total/avail): 2284.23 MiB / 1181.91 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1945.23 MiB
C: is Fixed (NTFS) - 102.42 GiB total, 81.35 GiB free.
E: is Fixed (NTFS) - 1.55 GiB total, 1.32 GiB free.
F: is Fixed (NTFS) - 7.81 GiB total, 1.35 GiB free.
\\.\PHYSICALDRIVE0 - Hitachi HTS541612J9SA00 ATA Device - 111.79 GiB - 3 partitions
\PARTITION0 (bootable) - Installable File System - 102.42 GiB - C:
\PARTITION1 - Installable File System - 7.81 GiB - F:
\PARTITION2 - Installable File System - 1589 MiB - E:
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.
FW: Norton Internet Security v2007 (Symantec Corporation) [COLOR=RED]Disabled[/COLOR]
AV: Norton Internet Security v2007 (Symantec Corporation) [COLOR=RED]Outdated[/COLOR]
AS: Windows Defender v1.1.1505.0 (Microsoft Corporation)
AS: Norton Internet Security v2007 (Symantec Corporation) [COLOR=RED]Outdated[/COLOR]
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\momo\AppData\Roaming
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=MOMO-PC
ComSpec=C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\momo
LOCALAPPDATA=C:\Users\momo\AppData\Local
LOGONSERVER=\\MOMO-PC
NUMBER_OF_PROCESSORS=2
OnlineServices=Online Services
OS=Windows_NT
Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Program Files\Common Files\Roxio Shared\DLLShared\;c:\Program Files\Common Files\Roxio Shared\DLLShared\;c:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\Program Files\Hewlett-Packard\IAM\bin
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PLATFORM=BNB
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 13, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f0d
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files
PROMPT=$P$G
PUBLIC=C:\Users\Public
RoxioCentral=c:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\momo\AppData\Local\Temp
TMP=C:\Users\momo\AppData\Local\Temp
USERDOMAIN=momo-PC
USERNAME=momo
USERPROFILE=C:\Users\momo
windir=C:\Windows
-- User Profiles ---------------------------------------------------------------
momo
-- Add/Remove Programs ---------------------------------------------------------
--> C:\Program Files\InstallShield Installation Information\{69333A04-5134-40A5-A055-9166A7AA1EC8}\setup.exe -runfromtemp -l0x0009 -removeonly
--> MsiExec.exe /I{EC2ADB7C-8A45-40C9-BFD1-18F22D9A7DF5}
Activation Assistant for the 2007 Microsoft Office suites --> "C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware 2007 --> MsiExec.exe /X{E31C348B-63A9-4CBF-8D7F-D932ABB63244}
Adobe Flash Player 9 ActiveX --> C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Flash Player Plugin --> C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Agere Systems HDA Modem --> agrsmdel
AppCore --> MsiExec.exe /I{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}
Application Installer 4.00.B13 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{70CEFEBA-F757-4DBE-8A21-027C326137CE}\SETUP.EXE" -l0x9
AV --> MsiExec.exe /I{F4DB525F-A986-4249-B98B-42A8066251CA}
ccCommon --> MsiExec.exe /I{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}
Credential Manager for HP ProtectTools --> MsiExec.exe /X{377E3D59-C8FB-4E16-B3D1-E1D92D30DA00}
eMule --> "C:\Program Files\eMule\Uninstall.exe"
ESU for Microsoft Vista --> MsiExec.exe /X{091A6E73-BAE9-470F-A68A-B204E8C0698D}
Google Desktop --> C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
Hewlett-Packard Active Check --> MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
Hewlett-Packard Asset Agent --> MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
HP Active Support Library --> C:\Program Files\InstallShield Installation Information\{290B83AA-093A-45BF-A917-D1C4A1E8D917}\setup.exe -runfromtemp -l0x0409
HP Active Support Library 32 bit components --> MsiExec.exe /I{FAB0C302-CB18-4A7A-BA03-C3DC23101A68}
HP Backup & Recovery Manager Installer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F9F7336-6DF8-476F-ABF6-C70A17FAF619}\setup.exe" -l0x9 -uninst -removeonly
HP BIOS Configuration for ProtectTools --> MsiExec.exe /X{C74D0FA0-1D49-464F-A707-B427EE3385C1}
HP Connections (remove only) --> C:\Windows\HPCPCUninstall-6811507\HPBWSetup.exe -appid 6811507 -uninstall
HP Customer Experience Enhancements --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB5E289E-76BF-4251-9F3F-9B763F681AE0}\setup.exe" -l0x9 -removeonly
HP Doc Viewer --> MsiExec.exe /I{082702D5-5DD8-4600-BCE5-48B15174687F}
HP Easy Setup - Core --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F94234DB-FD06-42C3-B88D-6FC4DC9F988C}\setup.exe" -l0x9
HP Easy Setup - Frontend --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BBE5C83E-4DC5-494F-8A23-3AAE242E94C2}\setup.exe" -l0x9 -removeonly
HP Help and Support --> MsiExec.exe /I{E4DDBA93-769B-49D8-BA33-8814E45ED0C1}
HP MULTIPLE MODEM INSTALLER for VISTA --> MsiExec.exe /I{45A136EC-88BF-4B95-99F5-C45D3930E1CC}
HP Notebook Accessories Product Tour --> MsiExec.exe /I{521F72F4-FFE4-4959-AA88-EED06125211F}
HP ProtectTools Security Manager --> MsiExec.exe /I{2DB165DC-DDB4-403F-B985-19F3EC7D0357}
HP Quick Launch Buttons 6.20 D3 --> C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe -runfromtemp -l0x0009 -removeonly uninst
HP Total Care Advisor --> MsiExec.exe /X{509F2C70-1C5D-45BE-A48F-B785B51A8037}
HP Update --> MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134}
HP User Guides 0064 --> MsiExec.exe /I{E25AA53F-6878-4C64-8130-EB8D678DF303}
HP Wireless Assistant --> MsiExec.exe /I{6FE30813-AC60-40A3-BE53-F6713A1F3893}
Intel(R) Graphics Media Accelerator Driver --> C:\Windows\system32\igxpun.exe -uninstall
InterVideo DVD Check --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5D97A4A7-C274-4B63-86D9-07A33435F505}\setup.exe" REMOVEALL
InterVideo WinDVD --> "C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
Java(TM) SE Runtime Environment 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
Language pack for Ad-Aware SE --> C:\PROGRA~1\Lavasoft\AD-AWA~2\Plugins\Langs\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~2\Plugins\Langs\INSTALL.LOG
livebox --> C:\Program Files\InstallShield Installation Information\{17342E3B-0818-4A6F-BFF8-99476605ADD6}\Setup.exe -runfromtemp -l0x040c -removeonly
LiveUpdate 3.2 (Symantec Corporation) --> "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
Messenger Plus! Live --> "C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1 --> msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1 --> MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1 Hotfix (KB929729) --> "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M929729\M929729Uninstall.msp"
Microsoft Office Word Viewer 2003 --> MsiExec.exe /I{9085040C-6000-11D3-8CFE-0150048383C9}
Microsoft SQL Server Native Client --> MsiExec.exe /I{50A0893D-47D8-48E0-A7E8-44BCD7E4422E}
Microsoft SQL Server Setup Support Files (English) --> MsiExec.exe /X{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}
Microsoft SQL Server VSS Writer --> MsiExec.exe /I{C0D2F614-5CE5-4DCB-8678-E5C9AF7044F8}
Microsoft Works --> MsiExec.exe /I{A059DE09-1B49-4450-B340-7AE097EC3F04}
Mozilla Firefox (2.0.0.6) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSRedist --> MsiExec.exe /I{B7C61755-DB48-4003-948F-3D34DB8EAF69}
MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
Norton AntiVirus --> MsiExec.exe /X{830D8CBD-C668-49e2-A969-C2C2106332E0}
Norton Confidential Browser Component --> MsiExec.exe /I{4843B611-8FCB-4428-8C23-31D0A5EAE164}
Norton Confidential Web Protection Component --> MsiExec.exe /I{D353CC51-430D-4C6F-9B7E-52003DA1E05A}
Norton Internet Security --> MsiExec.exe /I{3672B097-EA69-4bfe-B92F-29AE6D9D2B34}
Norton Internet Security --> MsiExec.exe /I{48185814-A224-447A-81DA-71BD20580E1B}
Norton Internet Security --> MsiExec.exe /I{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}
Norton Internet Security --> MsiExec.exe /I{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}
Norton Internet Security --> MsiExec.exe /I{E5EE9939-259F-4DE2-8023-5C49E16A4F43}
Norton Internet Security (Symantec Corporation) --> "C:\Program Files\Common Files\Symantec Shared\SymSetup\{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}_10_2_0_30\{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}.exe" /X
Norton Protection Center --> MsiExec.exe /I{9A129ABC-A53A-4209-A21E-D5DEDFB7CCA8}
Norton™ Security Scan --> MsiExec.exe /I{E5431FB5-B3EB-46C8-8275-F6447131C98A}
Outil de mise à jour Google --> "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
PDF Complete --> C:\Program Files\PDF Complete\pdfiutil.exe /UGUI
Picasa 2 --> "C:\Program Files\Picasa2\Uninstall.exe"
Roxio Creator Audio --> MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82}
Roxio Creator Basic v9 --> MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
Roxio Creator Copy --> MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
Roxio Creator Data --> MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87}
Roxio Creator Tools --> MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF}
Roxio Express Labeler 3 --> MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Roxio MyDVD Basic v9 --> MsiExec.exe /I{33C65B6A-5D73-4E3E-A1F9-127C27BD3F72}
Sonic Activation Module --> MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
SoundMAX --> C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe -runfromtemp -l0x0009 -removeonly
SPBBC 32bit --> MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56}
Symantec Real Time Storage Protection Component --> MsiExec.exe /I{D6E6FA4A-5445-4850-8365-CF216C1CBB7A}
SymNet --> MsiExec.exe /I{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}
Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
VirusProtectPro 3.7 --> C:\Program Files\VirusProtectPro 3.7\uninst.exe
Vista Default Settings --> MsiExec.exe /I{93D44E47-EBE0-43FC-A427-8AC3CD026536}
Windows Live Messenger --> MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
Windows Live Sign-in Assistant --> MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7}
Windows Safety Alert --> C:\Users\momo\AppData\Local\Temp\laf2.exe /del
-- Application Event Log -------------------------------------------------------
Event Record #/Type5502 / Error
Event Submitted/Written: 08/31/2007 01:48:35 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application explorer.exe, version 6.0.6000.16386, time stamp 0x4549b091, faulting module kvfvw.dll_unloaded, version 0.0.0.0, time stamp 0x46d2b254, exception code 0xc0000005, fault offset 0x023d1757,
process id 0x1278, application start time 0xexplorer.exe0.
Event Record #/Type5499 / Error
Event Submitted/Written: 08/31/2007 01:48:23 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application explorer.exe, version 6.0.6000.16386, time stamp 0x4549b091, faulting module kvfvw.dll_unloaded, version 0.0.0.0, time stamp 0x46d2b254, exception code 0xc0000005, fault offset 0x01ff1752,
process id 0x1724, application start time 0xexplorer.exe0.
Event Record #/Type5496 / Error
Event Submitted/Written: 08/31/2007 01:48:09 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application explorer.exe, version 6.0.6000.16386, time stamp 0x4549b091, faulting module kvfvw.dll_unloaded, version 0.0.0.0, time stamp 0x46d2b254, exception code 0xc0000005, fault offset 0x02471752,
process id 0xfc4, application start time 0xexplorer.exe0.
Event Record #/Type5493 / Error
Event Submitted/Written: 08/31/2007 01:47:56 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application explorer.exe, version 6.0.6000.16386, time stamp 0x4549b091, faulting module kvfvw.dll_unloaded, version 0.0.0.0, time stamp 0x46d2b254, exception code 0xc0000005, fault offset 0x01d11752,
process id 0x1794, application start time 0xexplorer.exe0.
Event Record #/Type5489 / Error
Event Submitted/Written: 08/31/2007 01:47:44 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application explorer.exe, version 6.0.6000.16386, time stamp 0x4549b091, faulting module kvfvw.dll_unloaded, version 0.0.0.0, time stamp 0x46d2b254, exception code 0xc0000005, fault offset 0x02171752,
process id 0xc30, application start time 0xexplorer.exe0.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type7893 / Error
Event Submitted/Written: 08/31/2007 01:10:27 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
Parallel port driver%%1058
Event Record #/Type7852 / Warning
Event Submitted/Written: 08/31/2007 01:10:25 PM
Event ID/Source: 1003 / Dhcp
Event Description:
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 001B770EBEBC. The following error occurred:
%%121. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
Event Record #/Type7843 / Error
Event Submitted/Written: 08/31/2007 01:09:50 PM
Event ID/Source: 6008 / EventLog
Event Description:
The previous system shutdown at 01:11:58 on 31/08/2007 was unexpected.
Event Record #/Type7841 / Warning
Event Submitted/Written: 08/31/2007 01:13:09 AM
Event ID/Source: 1003 / Dhcp
Event Description:
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 001B770EBEBC. The following error occurred:
%%1223. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
Event Record #/Type7828 / Warning
Event Submitted/Written: 08/31/2007 01:11:43 AM
Event ID/Source: 1003 / Dhcp
Event Description:
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 001B770EBEBC. The following error occurred:
%%1223. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
-- End of Deckard's System Scanner: finished at 2007-08-31 13:50:31 ------------
voila, jespere que vous parviendrez a maider =)
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Utilisateur anonyme
31 août 2007 à 21:03
31 août 2007 à 21:03
En effet, tu as apparemment installé une saloperie !
Télécharge SmitfraudFix et enregistre le sur le bureau. Si ton anti-virus t'alerte d'un virus, désactive-le.
http://siri.urz.free.fr/Fix/SmitfraudFix.zip
décompresse SmitfraudFix
Redémarre le PC en mode sans échec : tu tapotes sur la touche F8 de ton clavier (ou F5 ) dès le démarrage et tu choisis le mode sans échec)
- Ouvre le dossier "SmitfraudFix" et double clique sur "Smitfraudfix.cmd", choisit l 'option 2 et tu réponds oui à tout.
Enregistre le rapport puis Copie/colle le rapport sur le forum stp.
Télécharge SmitfraudFix et enregistre le sur le bureau. Si ton anti-virus t'alerte d'un virus, désactive-le.
http://siri.urz.free.fr/Fix/SmitfraudFix.zip
décompresse SmitfraudFix
Redémarre le PC en mode sans échec : tu tapotes sur la touche F8 de ton clavier (ou F5 ) dès le démarrage et tu choisis le mode sans échec)
- Ouvre le dossier "SmitfraudFix" et double clique sur "Smitfraudfix.cmd", choisit l 'option 2 et tu réponds oui à tout.
Enregistre le rapport puis Copie/colle le rapport sur le forum stp.
