DSS
Fermé
elo2
Messages postés
984
Date d'inscription
jeudi 8 septembre 2005
Statut
Membre
Dernière intervention
17 avril 2008
-
17 avril 2008 à 11:05
mimit73 Messages postés 111 Date d'inscription jeudi 21 septembre 2006 Statut Membre Dernière intervention 17 février 2010 - 17 avril 2008 à 21:56
mimit73 Messages postés 111 Date d'inscription jeudi 21 septembre 2006 Statut Membre Dernière intervention 17 février 2010 - 17 avril 2008 à 21:56
A voir également:
- DSS
- Dss dj - Télécharger - Audio & Musique
- Tevion dss 2200 - Forum Matériel HiFi / Enceintes
- Avis expert log DSS main + extra - Forum Virus / Sécurité
4 réponses
mimit73
Messages postés
111
Date d'inscription
jeudi 21 septembre 2006
Statut
Membre
Dernière intervention
17 février 2010
34
17 avril 2008 à 11:07
17 avril 2008 à 11:07
Salut,
peux-tu m'expliquer à quoi ça correspond ?
peux-tu m'expliquer à quoi ça correspond ?
elo2
Messages postés
984
Date d'inscription
jeudi 8 septembre 2005
Statut
Membre
Dernière intervention
17 avril 2008
387
17 avril 2008 à 11:14
17 avril 2008 à 11:14
Bonjour,
C'est un genre d'hijack mais en plus complet. Il scanne pratiquement tout ton pc.
C'est un genre d'hijack mais en plus complet. Il scanne pratiquement tout ton pc.
elo2
Messages postés
984
Date d'inscription
jeudi 8 septembre 2005
Statut
Membre
Dernière intervention
17 avril 2008
387
17 avril 2008 à 12:09
17 avril 2008 à 12:09
Personne ne connait DSS ?
mimit73
Messages postés
111
Date d'inscription
jeudi 21 septembre 2006
Statut
Membre
Dernière intervention
17 février 2010
34
17 avril 2008 à 12:16
17 avril 2008 à 12:16
Peux-tu me montrer une log de DDS.
elo2
Messages postés
984
Date d'inscription
jeudi 8 septembre 2005
Statut
Membre
Dernière intervention
17 avril 2008
387
>
mimit73
Messages postés
111
Date d'inscription
jeudi 21 septembre 2006
Statut
Membre
Dernière intervention
17 février 2010
17 avril 2008 à 13:09
17 avril 2008 à 13:09
Merci d'avoir répondu. Voici un DSS :
Backed up registry hives.
Performed disk cleanup.
-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-04-16 23:26:25
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\hphmon06.exe
C:\WINDOWS\system32\Keyhook.exe
C:\WINDOWS\system\hpsysdrv.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Documents and Settings\HP_Propriétaire\Bureau\dss.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.com/search?q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R3 - URLSearchHook: (no name) - {AEEC3B59-CA98-4EBA-A140-57B94E283583} - C:\Program Files\Orange Toolbar FR\ToolbarIntegration234.dll
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Wanadoo\SearchPageURL.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Catcher Class - {ADECBED6-0366-4377-A739-E69DFBA04663} - C:\Program Files\Moyea\FLV Downloader\MoyeaCth.dll
O3 - Toolbar: (no name) - - (no file)
O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: barre d'outils Orange - {D3028143-6145-4318-99D3-3EDCE54A95A9} - C:\Program Files\Orange Toolbar FR\ToolbarContainer234.dll
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.15\AMVConverter\grab.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.15\MediaManager\grab.html
O8 - Extra context menu item: traduire la page - C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\cce43.html
O8 - Extra context menu item: traduire le texte sélectionné - C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\cce44.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Wanadoo Messager\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Wanadoo Messager\Wanadoo Messager.exe
O16 - DPF: {00000055-9980-0010-8000-00AA00389B71} () - http://codecs.microsoft.com/codecs/i386/fhg.CAB
O16 - DPF: {4B48D5DF-9021-45F7-A240-60304302A215} (Malicious Software Removal Tool) - http://download.microsoft.com/download/5/c/2/5c2fc4b7-3875-4eec-946b-ffe15472cabc/We bCleaner.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - https://bitdefender.solutions-antivirus.com/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_si te.cab?1207738743093
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html an53.cab
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega DownloadManager) - https://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{E460367A-3614-4C7B-9904-F9A1DCD3CB62}: NameServer = 81.253.149.9 80.10.246.132
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 11568 bytes
-- File Associations -----------------------------------------------------------
.reg - regfile - shell\open\command - regedit.exe "%1" %*
.scr - scrfile - shell\open\command - "%1" %*
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R1 PQNTDrv - c:\windows\system32\drivers\pqntdrv.sys <Not Verified; PowerQuest Corporation; PowerQuest product>
R2 CdaC15BA - c:\windows\system32\drivers\cdac15ba.sys <Not Verified; Macrovision Europe Ltd; Security Windows NT>
R3 Iviaspi (IVI ASPI Shell) - c:\windows\system32\drivers\iviaspi.sys <Not Verified; InterVideo, Inc.; InterVideo ASPI Shell>
R3 Pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus(R) ASPI Shell>
S1 Cryffin - c:\windows\system32\drivers\sdbbuhci.sys (file missing)
S1 InCDPass - c:\windows\system32\drivers\incdpass.sys (file missing)
S1 InCDRm (InCD Reader) - c:\windows\system32\drivers\incdrm.sys (file missing)
S3 Ad-Watch Connect Filter (Ad-Watch Connect Kernel Filter) - c:\windows\system32\drivers\nsdriver.sys <Not Verified; Lavasoft AB; Ad-Watch Connections>
S3 cdrmkaun - c:\docume~1\hp_pro~1\locals~1\temp\cdrmkaun.sys (file missing)
S3 ENTECH - c:\windows\system32\drivers\entech.sys <Not Verified; EnTech Taiwan; PowerStrip>
S3 Pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
S3 usbbus (LGE Mobile Composite USB Device) - c:\windows\system32\drivers\lgusbbus.sys (file missing)
S3 UsbDiag (LGE Mobile USB Serial Port) - c:\windows\system32\drivers\lgusbdiag.sys (file missing)
S3 USBModem (LGE Mobile USB Modem) - c:\windows\system32\drivers\lgusbmodem.sys (file missing)
S4 InCDFs (InCD File System) - c:\windows\system32\drivers\incdfs.sys (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 AntiVirScheduler (AntiVir PersonalEdition Classic Scheduler) - "c:\program files\antivir personaledition classic\sched.exe" <Not Verified; Avira GmbH; AntiVir Workstation>
R2 C-DillaCdaC11BA - c:\windows\system32\drivers\cdac11ba.exe <Not Verified; Macrovision; SafeCast Windows NT>
S4 Boonty Games - "c:\program files\fichiers communs\boonty shared\service\boonty.exe" (file missing)
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2008-02-25 11:39:21 274 --a------ C:\WINDOWS\Tasks\WebReg Deskjet F4100 series.job
2007-01-09 00:51:00 292 --a------ C:\WINDOWS\Tasks\Connexion facile à Internet.job
-- Files created between 2008-03-16 and 2008-04-16 -----------------------------
2008-04-16 12:27:00 0 dr-h----- C:\Documents and Settings\HP_Propriétaire\Recent
2008-04-15 11:46:58 0 d-------- C:\Documents and Settings\HP_Propriétaire\Application Data\Malwarebytes
2008-04-15 11:46:48 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-04-15 11:46:47 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-04-09 12:54:18 0 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-04-04 12:07:14 0 d-------- C:\Program Files\Lavasoft
2008-04-04 12:06:28 0 d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-03-29 15:54:28 0 d-------- C:\Documents and Settings\Administrateur\Application Data\Talkback
2008-03-29 15:53:59 0 d-------- C:\Documents and Settings\Administrateur\Application Data\Mozilla
2008-03-29 15:27:50 0 d-------- C:\Documents and Settings\Administrateur\Application Data\Auslogics
2008-03-29 08:46:15 0 dr-h----- C:\Documents and Settings\Administrateur\Recent
2008-03-29 08:43:34 0 d-------- C:\Documents and Settings\Administrateur\Application Data\Identities
2008-03-29 08:43:34 0 d-------- C:\Documents and Settings\Administrateur\Application Data\Apple Computer
2008-03-29 08:43:33 0 dr------- C:\Documents and Settings\Administrateur\Favoris
2008-03-29 08:43:33 0 d---s---- C:\Documents and Settings\Administrateur\Cookies
2008-03-29 08:43:33 0 d-------- C:\Documents and Settings\Administrateur\Bureau
2008-03-29 08:43:33 0 dr-h----- C:\Documents and Settings\Administrateur\Application Data
2008-03-29 08:43:33 0 d-------- C:\Documents and Settings\Administrateur\Application Data\Sun
2008-03-29 08:43:33 0 d-------- C:\Documents and Settings\Administrateur\Application Data\SampleView
2008-03-29 08:43:33 0 d---s---- C:\Documents and Settings\Administrateur\Application Data\Microsoft
2008-03-29 08:43:33 0 d-------- C:\Documents and Settings\Administrateur\Application Data\Intervideo
2008-03-29 08:43:32 0 d-------- C:\Documents and Settings\Administrateur\WINDOWS
2008-03-29 08:43:32 0 d--h----- C:\Documents and Settings\Administrateur\Voisinage réseau
2008-03-29 08:43:32 0 d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-03-29 08:43:32 0 dr-h----- C:\Documents and Settings\Administrateur\SendTo
2008-03-29 08:43:32 0 d--h----- C:\Documents and Settings\Administrateur\Modèles
2008-03-29 08:43:32 0 dr------- C:\Documents and Settings\Administrateur\Mes documents
2008-03-29 08:43:32 0 dr------- C:\Documents and Settings\Administrateur\Menu Démarrer
2008-03-29 08:43:32 0 d--h----- C:\Documents and Settings\Administrateur\Local Settings
2008-03-29 08:43:31 2359296 --ah----- C:\Documents and Settings\Administrateur\NTUSER.DAT
2008-03-29 01:25:00 0 d-------- C:\Documents and Settings\HP_Propriétaire\Application Data\Auslogics
2008-03-29 01:24:56 0 d-------- C:\Program Files\Auslogics
-- Find3M Report --------------------------------------------------------------
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Édition familiale (build 2600) SP 2.0
Architecture: X86; Language: French
CPU 0: AMD Athlon(tm) 64 Processor 3000+
Percentage of Memory in Use: 61%
Physical Memory (total/avail): 511.48 MiB / 194.85 MiB
Pagefile Memory (total/avail): 1248.47 MiB / 836.37 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1909.61 MiB
C: is Fixed (NTFS) - 143.81 GiB total, 127.7 GiB free.
D: is Fixed (FAT32) - 5.22 GiB total, 1.41 GiB free.
E: is CDROM (No Media)
F: is CDROM (No Media)
G: is Removable (No Media)
H: is Removable (No Media)
I: is Removable (No Media)
J: is Removable (No Media)
\\.\PHYSICALDRIVE0 - ST3160021A - 149.05 GiB - 2 partitions
\PARTITION0 - Unknown - 5.23 GiB - D:
\PARTITION1 (bootable) - Système de fichiers installable - 143.81 GiB - C:
\\.\PHYSICALDRIVE2 - Generic USB CF Reader USB Device
\\.\PHYSICALDRIVE4 - Generic USB MS Reader USB Device
\\.\PHYSICALDRIVE1 - Generic USB SD Reader USB Device
\\.\PHYSICALDRIVE3 - Generic USB SM Reader USB Device
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.
FirstRunDisabled is set.
FW: Norton Internet Security v2004 (Symantec Corporation)
FW: ZoneAlarm Firewall v7.0.337.000 (Check Point, LTD.)
AV: Avira AntiVir PersonalEdition v8.0.1.15 (Avira GmbH)
AV: Norton AntiVirus v2004 (Symantec Corporation)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\Authori zedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2re s.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Autho rizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2re s.dll,-22019"
"C:\\Program Files\\AOL 9.0\\waol.exe"="C:\\Program Files\\AOL 9.0\\waol.exe:*:Enabled:AOL France"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\eXeem Lite\\eXeem.exe"="C:\\Program Files\\eXeem Lite\\eXeem.exe:*:Enabled:eXeem"
"C:\\Program Files\\Morpheus\\Morpheus.exe"="C:\\Program Files\\Morpheus\\Morpheus.exe:*:Enabled:M5Shell"
"C:\\Program Files\\HP\\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\\hphver06.exe"="C:\\Program Files\\HP\\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\\hphver06.exe:*:Enabled:A propos de"
"C:\\WINDOWS\\system32\\ZoneLabs\\vsmon.exe"="C:\\WINDOWS\\system32\\ZoneLabs\\vsmon. exe:*:Enabled:TrueVector Service"
"C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"="C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe:*:Disabled:HP Software Update Client"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\IncrediMail\\bin\\ImApp.exe"="C:\\Program Files\\IncrediMail\\bin\\ImApp.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"="C:\\Program Files\\IncrediMail\\bin\\IncMail.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"="C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\HP_Propri‚taire\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Fichiers communs
COMPUTERNAME=NOM-641695C7437
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\HP_Propri‚taire
LOGONSERVER=\\NOM-641695C7437
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;c:\Python22;C:\Program Files\PC-Doctor for Windows\services;"C:\Program Files\Zone Labs\ZoneAlarm\MailFrontier"
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 12 Stepping 0, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0c00
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp
tvdumpflags=8
USERDOMAIN=NOM-641695C7437
USERNAME=HP_Propri‚taire
USERPROFILE=C:\Documents and Settings\HP_Propri‚taire
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
HP_Propriétaire (admin)
Administrateur (new local, admin)
-- Add/Remove Programs ---------------------------------------------------------
--> "C:\Program Files\InstallShield Installation Information\{1A91D1FA-B9B3-4556-9878-5C61059A19B2}\setup.exe" REMOVEALL
--> C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
--> c:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
--> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
--> C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
--> C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
--> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
--> C:\WINDOWS\UNRecode.exe /UNINSTALL
--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{39DA87A1-0B26-4562-A70C-2A6147366E47}\Setup.exe"
--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{89AD2814-AFA2-46AF-AE53-C27196D9FBE6}\setup.exe" REMOVEALL
--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9F765BD0-B900-4EDE-A90B-61C8A9E95C42}\Setup.exe"
--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AAA4CCCE-78DB-47B0-A651-68270D838BD4}\setup.exe" REMOVEALL
--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BAD59025-5B73-4E12-B789-0028C5A573C2}\Setup.exe"
--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E06E4F4E-72D6-4497-BFFD-BCB43077C2F4}\setup.exe" -l0x40c -uninst
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
32 Bit HP CIO Components Installer --> MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
a-squared Free 3.1 --> "C:\Program Files\a-squared Free\unins000.exe"
Ad-Aware 2007 --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.2 - Français --> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
Agere Systems PCI Soft Modem --> agrsmdel
AusLogics Disk Defrag --> "C:\Program Files\Auslogics\AusLogics Disk Defrag\unins000.exe"
AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
Avira AntiVir Personal – Free Antivirus --> C:\Program Files\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
Backup To DVD/CD 5.1 --> C:\WINDOWS\st6unst.exe -n "C:\Program Files\Willow Creek Software\ST6UNST.LOG"
barre d'outils Orange --> C:\Program Files\Orange Toolbar FR\uninst.exe
CartaGoGo v3.1.2 --> "C:\Program Files\CartaGoGo\unins000.exe"
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
CleanUp! --> C:\Program Files\CleanUp!\uninstall.exe
Complete Cleanup Trial --> C:\Program Files\DVD Shrink\unins000.exe
Complément Microsoft Word pour Microsoft Works Suite --> MsiExec.exe /I{7054ED85-498D-4D20-906F-14646AEC5581}
Connexion Facile à Internet --> C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{8105684D-8CA6-440D-8F58-7E5FD67A499D} /l1036
Digital Camera Driver --> C:\PROGRA~1\DIGITA~1\UNWISE.EXE C:\PROGRA~1\DIGITA~1\INSTALL.LOG
Encyclopédie Microsoft Encarta 2004 --> MsiExec.exe /I{04460044-9149-45C6-A806-F2BF9CFCE762}
Enhanced Multimedia Keyboard Solution --> C:\HP\KBD\Install.exe /u
Extension Système de Microsoft Money --> MsiExec.exe /I{8C64E149-54BA-11D6-91B1-00500462BE80}
Futuremark Measurement Services Client --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\msc3.inf,DefaultUninstall,5
Google Toolbar for Firefox --> MsiExec.exe /X{2CCBABCB-6427-4A55-B091-49864623C43F}
Help and Support Additions --> C:\PROGRA~1\HELPAN~1\UNWISE.EXE C:\PROGRA~1\HELPAN~1\INSTALL.LOG
HP Appareils photos Photosmart 4.0 --> C:\Program Files\HP\Digital Imaging\{9C70E67A-623C-4612-AF57-5014879E79CB}\setup\hpzscr01.exe -datfile hpiscr01.dat
HP Customer Participation Program 9.0 --> C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Deskjet All-In-One Software 9.0 --> C:\Program Files\HP\Digital Imaging\{706BB40A-4102-4c89-8107-DC68C4EBD19B}\setup\hpzscr01.exe -datfile hposcr14.dat
HP Deskjet Preloaded Printer Drivers --> MsiExec.exe /X{F419D20A-7719-4639-8E30-C073A040D878}
HP Image Zone 4.2 --> C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Image Zone Plus 4.2 --> C:\Program Files\HP\Digital Imaging\{5E1494D4-3562-4FFB-B35C-600F80F6934C}\setup\hpzscr01.exe -datfile hpdscr01.dat
HP Imaging Device Functions 9.0 --> C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Essential 2.01 --> C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP PSC & OfficeJet 4.0 --> "C:\Program Files\HP\Digital Imaging\{A1062847-0846-427A-92A1-BB8251A91E91}\setup\hpzscr01.exe" -datfile hposcr04.dat
HP Smart Web Printing --> MsiExec.exe /X{415CDA53-9100-476F-A7B2-476691E117C7}
HP Software Update --> MsiExec.exe /X{15EE79F4-4ED1-4267-9B0F-351009325D7D}
HP Solution Center 9.0 --> C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update --> MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134}
HPIZ402 --> MsiExec.exe /X{8D9768AE-DE42-4A04-A461-2361A58C384D}
HPSSupply --> MsiExec.exe /X{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}
Image Resizer Powertoy for Windows XP --> MsiExec.exe /I{1CB92574-96F2-467B-B793-5CEB35C40C29}
InterVideo Home Theater --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F7514465-E5F3-48E9-A952-327DAEF33DE6}\setup.exe" REMOVEALL
InterVideo WinDVD Creator 2 --> "C:\Program Files\InstallShield Installation Information\{2FCE4FC5-6930-40E7-A4F1-F862207424EF}\setup.exe" REMOVEALL
InterVideo WinDVD Player --> "C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
iTunes --> C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{35AFD495-EC2E-4B2B-B9DB-30EEBC74049D}
Java 2 Runtime Environment, SE v1.4.2_03 --> MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142030}
Java(TM) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Jewel Quest 2 --> "C:\Program Files\Jewel Quest 2\ReflexiveArcade\unins000.exe"
Lettrines du Petit Larousse --> "C:\WINDOWS\uninstall lettrinesNC_Clacroix_petitlarousse2005.exe"
Logitech Audio Echo Cancellation Component --> MsiExec.exe /X{BEF726DD-4037-4214-8C6A-E625C02D2870}
Logitech Desktop Messenger --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe" -l0x40c UNINSTALL
Logitech QuickCam --> MsiExec.exe /X{7D2370AC-D8E6-4996-986A-19824F8A167C}
Logitech Video Enumerator --> MsiExec.exe /X{EA516024-D84D-41F1-814F-83175A6188F2}
Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Media Bar --> C:\WINDOWS\Downloaded Program Files\CONFLICT.2\MusicManagerUnInstaller.exe "C:\WINDOWS\Downloaded Program Files\CONFLICT.2\MusicManagerPlugin.ocx" "{C45B1500-7B63-47C2-AB25-C28CB46AFDEE}"
Microsoft AutoRoute v11.0 --> MsiExec.exe /I{8704D51E-25B7-4F23-81E7-AA4F54790220}
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Money --> MsiExec.exe /I{1D643CD2-4DD6-11D7-A4E0-000874180BB3}
Microsoft Office PowerPoint Viewer 2003 --> MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft Picture It! Photo Premium 9 --> C:\WINDOWS\system32\msiexec.exe /i {DBA8B9E1-C6FF-4624-9598-73D3B41A0903}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Works --> MsiExec.exe /I{E6BAE954-487E-488B-BC4E-2E69E54E8117}
Moyea FLV Downloader version 1.15.0.15 --> "C:\Program Files\Moyea\FLV Downloader\unins000.exe"
Moyea FLV Player version 1.5.2.7 --> "C:\Program Files\Moyea\FLV Player\unins001.exe"
Mozilla Firefox (2.0.0.13) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.12) --> C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
MP3 Player Utilities --> MsiExec.exe /I{5BBFB0E4-2250-49C3-A8A3-65BE2197D13B}
MP3 Player Utilities 4.15 --> MsiExec.exe /I{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}
MSN --> C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
Music Manager --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5AFA4872-16B2-419E-ADCA-8E96E739115D}\setup.exe" -l0x40c
MVision --> MsiExec.exe /I{35725FBC-A136-4A46-9F29-091759D9BB93}
Nero 7 Demo --> MsiExec.exe /I{C67B64FA-E69E-E061-6516-F8E911671036}
NVIDIA Drivers --> C:\WINDOWS\system32\nvudisp.exe UninstallGUI
overland --> MsiExec.exe /I{766273C1-A39B-47EB-ACE8-DEBDD8094BCC}
PC-Doctor pour Windows --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1F7CCFA3-D926-4882-B2A5-A0217ED25597}\Setup.exe"
Petit Larousse 2005 --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{495D3648-1D6B-4B71-B174-6A2452FFF8CD}\setup.exe" -l0x40c
Photo DVD 2.0 Shareware --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E6136D17-60D8-452A-9F1D-851FB622AFE3}\Setup.exe" -l0x40c
Photo et imagerie HP 3.5 - HP Devices --> C:\Program Files\HP\Digital Imaging\{15B9DC72-73F9-4d99-9E28-848D66DA8D99}\setup\hpzscr01.exe -datfile hpiscr01.dat
Photosmart 320,370,7400,8100,8400 Series (fra) --> C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\setup\hpzscr01.exe -datfile hphscr01.dat
Player Orange --> MsiExec.exe /I{9F3EDA43-76A1-4936-871C-C8811C33EE9E}
PowerArchiver 2004 v9.25 French --> "C:\Program Files\PowerArchiver\unins000.exe"
PowerQuest PartitionMagic 8.0 Demo --> C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}
Programme de gestion Camera de Logitech® --> "C:\Program Files\Fichiers communs\LogiShrd\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
PS2 --> C:\WINDOWS\system32\ps2.exe uninstall
Python 2.2 combined Win32 extensions --> C:\Python22\Lib\SITE-P~1\UNWISE~1.EXE C:\Python22\Lib\SITE-P~1\w32inst.log
Python 2.2.1 --> C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
QuickTime --> C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
Readiris Pro 9 --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3CA9D105-113C-11D8-AB3E-000102B0F79A}\setup.exe" -l0x40c
RealPlayer --> C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
SafeCast Shared Components --> C:\Program Files\Fichiers communs\Macrovision Shared\SafeCast\Install\CDAC13BA.EXE /uninstall
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Shockwave --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
SiS VGA Utilities --> Rundll32 SiSInst.dll,Uninstall VGA,R
Sonic RecordNow! --> MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
SpeedTouch USB Software --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D41FAAA9-8048-4906-86B2-9AADEA1FA0B7}\setup.exe" /l040c -Control_Panel
Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Spybot - Search & Destroy 1.5.2.20 --> "C:\WINDOWS\unins000.exe"
Sélecteur d'installation de Microsoft Works 2004 --> C:\Program Files\Microsoft Works Suite 2004\Setup\Launcher.exe /ARP E:\
VirginMega DownloadManager --> "C:\Program Files\VirginMega\DownloadManager\Uninstall.exe" "C:\Program Files\VirginMega\DownloadManager\install.log"
Wanadoo --> C:\PROGRA~1\Wanadoo\Shell.exe desinstall.shl
Wanadoo Messager --> C:\PROGRA~1\WANADO~1\UNWISE.EXE C:\PROGRA~1\WANADO~1\INSTALL.LOG
Windows Live Messenger --> MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
Windows Live Sign-in Assistant --> MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
ZoneAlarm --> C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe
-- Application Event Log -------------------------------------------------------
Event Record #/Type9192 / Warning
Event Submitted/Written: 04/16/2008 00:28:52 PM
Event ID/Source: 1001 / MsiInstaller
Event Description:
Échec de détection du produit '{8D9768AE-DE42-4A04-A461-2361A58C384D}', fonctionnalité 'HPIZ402' lors de la demande du composant '{1D348E08-84BE-4FB8-83B0-9FC721A44641}'
Event Record #/Type9191 / Warning
Event Submitted/Written: 04/16/2008 00:28:52 PM
Event ID/Source: 1004 / MsiInstaller
Event Description:
Échec de détection du produit '{8D9768AE-DE42-4A04-A461-2361A58C384D}', fonctionnalité 'HPIZ402', composant '{00F96358-A54A-4FB9-8144-C90F621489FB}. La ressource 'HKEY_LOCAL_MACHINE\SOFTWARE\Hewlett-Packard\DigitalImaging\LeadToolsPath' n'existe pas
Event Record #/Type9162 / Error
Event Submitted/Written: 04/16/2008 09:35:57 AM
Event ID/Source: 1000 / Application Error
Event Description:
Application défaillante firefox.exe, version 1.8.20080.31114, module défaillant nss3.dll, version 3.11.5.0, adresse de défaillance 0x000306df.
Traitement de l'événement propre au support pour [firefox.exe!ws!]
Event Record #/Type9142 / Warning
Event Submitted/Written: 04/15/2008 07:33:08 PM
Event ID/Source: 1001 / MsiInstaller
Event Description:
Échec de détection du produit '{8D9768AE-DE42-4A04-A461-2361A58C384D}', fonctionnalité 'HPIZ402' lors de la demande du composant '{1D348E08-84BE-4FB8-83B0-9FC721A44641}'
Event Record #/Type9141 / Warning
Event Submitted/Written: 04/15/2008 07:33:08 PM
Event ID/Source: 1004 / MsiInstaller
Event Description:
Échec de détection du produit '{8D9768AE-DE42-4A04-A461-2361A58C384D}', fonctionnalité 'HPIZ402', composant '{00F96358-A54A-4FB9-8144-C90F621489FB}. La ressource 'HKEY_LOCAL_MACHINE\SOFTWARE\Hewlett-Packard\DigitalImaging\LeadToolsPath' n'existe pas
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type109538 / Error
Event Submitted/Written: 04/16/2008 11:42:03 AM
Event ID/Source: 7026 / Service Control Manager
Event Description:
Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se charger :
Cryffin
Event Record #/Type109492 / Error
Event Submitted/Written: 04/16/2008 10:54:17 AM
Event ID/Source: 7026 / Service Control Manager
Event Description:
Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se charger :
Cryffin
Event Record #/Type109448 / Error
Event Submitted/Written: 04/16/2008 09:27:21 AM
Event ID/Source: 7026 / Service Control Manager
Event Description:
Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se charger :
Cryffin
Event Record #/Type109416 / Error
Event Submitted/Written: 04/15/2008 08:50:04 PM
Event ID/Source: 7026 / Service Control Manager
Event Description:
Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se charger :
Cryffin
Event Record #/Type109363 / Error
Event Submitted/Written: 04/15/2008 01:25:35 PM
Event ID/Source: 7026 / Service Control Manager
Event Description:
Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se charger :
Cryffin
-- End of Deckard's System Scanner: finished at 2008-04-16 23:27:29 ------------
Backed up registry hives.
Performed disk cleanup.
-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-04-16 23:26:25
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\hphmon06.exe
C:\WINDOWS\system32\Keyhook.exe
C:\WINDOWS\system\hpsysdrv.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Documents and Settings\HP_Propriétaire\Bureau\dss.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.com/search?q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R3 - URLSearchHook: (no name) - {AEEC3B59-CA98-4EBA-A140-57B94E283583} - C:\Program Files\Orange Toolbar FR\ToolbarIntegration234.dll
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Wanadoo\SearchPageURL.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Catcher Class - {ADECBED6-0366-4377-A739-E69DFBA04663} - C:\Program Files\Moyea\FLV Downloader\MoyeaCth.dll
O3 - Toolbar: (no name) - - (no file)
O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: barre d'outils Orange - {D3028143-6145-4318-99D3-3EDCE54A95A9} - C:\Program Files\Orange Toolbar FR\ToolbarContainer234.dll
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.15\AMVConverter\grab.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.15\MediaManager\grab.html
O8 - Extra context menu item: traduire la page - C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\cce43.html
O8 - Extra context menu item: traduire le texte sélectionné - C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\cce44.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Wanadoo Messager\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Wanadoo Messager\Wanadoo Messager.exe
O16 - DPF: {00000055-9980-0010-8000-00AA00389B71} () - http://codecs.microsoft.com/codecs/i386/fhg.CAB
O16 - DPF: {4B48D5DF-9021-45F7-A240-60304302A215} (Malicious Software Removal Tool) - http://download.microsoft.com/download/5/c/2/5c2fc4b7-3875-4eec-946b-ffe15472cabc/We bCleaner.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - https://bitdefender.solutions-antivirus.com/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_si te.cab?1207738743093
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html an53.cab
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega DownloadManager) - https://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{E460367A-3614-4C7B-9904-F9A1DCD3CB62}: NameServer = 81.253.149.9 80.10.246.132
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 11568 bytes
-- File Associations -----------------------------------------------------------
.reg - regfile - shell\open\command - regedit.exe "%1" %*
.scr - scrfile - shell\open\command - "%1" %*
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R1 PQNTDrv - c:\windows\system32\drivers\pqntdrv.sys <Not Verified; PowerQuest Corporation; PowerQuest product>
R2 CdaC15BA - c:\windows\system32\drivers\cdac15ba.sys <Not Verified; Macrovision Europe Ltd; Security Windows NT>
R3 Iviaspi (IVI ASPI Shell) - c:\windows\system32\drivers\iviaspi.sys <Not Verified; InterVideo, Inc.; InterVideo ASPI Shell>
R3 Pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus(R) ASPI Shell>
S1 Cryffin - c:\windows\system32\drivers\sdbbuhci.sys (file missing)
S1 InCDPass - c:\windows\system32\drivers\incdpass.sys (file missing)
S1 InCDRm (InCD Reader) - c:\windows\system32\drivers\incdrm.sys (file missing)
S3 Ad-Watch Connect Filter (Ad-Watch Connect Kernel Filter) - c:\windows\system32\drivers\nsdriver.sys <Not Verified; Lavasoft AB; Ad-Watch Connections>
S3 cdrmkaun - c:\docume~1\hp_pro~1\locals~1\temp\cdrmkaun.sys (file missing)
S3 ENTECH - c:\windows\system32\drivers\entech.sys <Not Verified; EnTech Taiwan; PowerStrip>
S3 Pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
S3 usbbus (LGE Mobile Composite USB Device) - c:\windows\system32\drivers\lgusbbus.sys (file missing)
S3 UsbDiag (LGE Mobile USB Serial Port) - c:\windows\system32\drivers\lgusbdiag.sys (file missing)
S3 USBModem (LGE Mobile USB Modem) - c:\windows\system32\drivers\lgusbmodem.sys (file missing)
S4 InCDFs (InCD File System) - c:\windows\system32\drivers\incdfs.sys (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 AntiVirScheduler (AntiVir PersonalEdition Classic Scheduler) - "c:\program files\antivir personaledition classic\sched.exe" <Not Verified; Avira GmbH; AntiVir Workstation>
R2 C-DillaCdaC11BA - c:\windows\system32\drivers\cdac11ba.exe <Not Verified; Macrovision; SafeCast Windows NT>
S4 Boonty Games - "c:\program files\fichiers communs\boonty shared\service\boonty.exe" (file missing)
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2008-02-25 11:39:21 274 --a------ C:\WINDOWS\Tasks\WebReg Deskjet F4100 series.job
2007-01-09 00:51:00 292 --a------ C:\WINDOWS\Tasks\Connexion facile à Internet.job
-- Files created between 2008-03-16 and 2008-04-16 -----------------------------
2008-04-16 12:27:00 0 dr-h----- C:\Documents and Settings\HP_Propriétaire\Recent
2008-04-15 11:46:58 0 d-------- C:\Documents and Settings\HP_Propriétaire\Application Data\Malwarebytes
2008-04-15 11:46:48 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-04-15 11:46:47 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-04-09 12:54:18 0 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-04-04 12:07:14 0 d-------- C:\Program Files\Lavasoft
2008-04-04 12:06:28 0 d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-03-29 15:54:28 0 d-------- C:\Documents and Settings\Administrateur\Application Data\Talkback
2008-03-29 15:53:59 0 d-------- C:\Documents and Settings\Administrateur\Application Data\Mozilla
2008-03-29 15:27:50 0 d-------- C:\Documents and Settings\Administrateur\Application Data\Auslogics
2008-03-29 08:46:15 0 dr-h----- C:\Documents and Settings\Administrateur\Recent
2008-03-29 08:43:34 0 d-------- C:\Documents and Settings\Administrateur\Application Data\Identities
2008-03-29 08:43:34 0 d-------- C:\Documents and Settings\Administrateur\Application Data\Apple Computer
2008-03-29 08:43:33 0 dr------- C:\Documents and Settings\Administrateur\Favoris
2008-03-29 08:43:33 0 d---s---- C:\Documents and Settings\Administrateur\Cookies
2008-03-29 08:43:33 0 d-------- C:\Documents and Settings\Administrateur\Bureau
2008-03-29 08:43:33 0 dr-h----- C:\Documents and Settings\Administrateur\Application Data
2008-03-29 08:43:33 0 d-------- C:\Documents and Settings\Administrateur\Application Data\Sun
2008-03-29 08:43:33 0 d-------- C:\Documents and Settings\Administrateur\Application Data\SampleView
2008-03-29 08:43:33 0 d---s---- C:\Documents and Settings\Administrateur\Application Data\Microsoft
2008-03-29 08:43:33 0 d-------- C:\Documents and Settings\Administrateur\Application Data\Intervideo
2008-03-29 08:43:32 0 d-------- C:\Documents and Settings\Administrateur\WINDOWS
2008-03-29 08:43:32 0 d--h----- C:\Documents and Settings\Administrateur\Voisinage réseau
2008-03-29 08:43:32 0 d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-03-29 08:43:32 0 dr-h----- C:\Documents and Settings\Administrateur\SendTo
2008-03-29 08:43:32 0 d--h----- C:\Documents and Settings\Administrateur\Modèles
2008-03-29 08:43:32 0 dr------- C:\Documents and Settings\Administrateur\Mes documents
2008-03-29 08:43:32 0 dr------- C:\Documents and Settings\Administrateur\Menu Démarrer
2008-03-29 08:43:32 0 d--h----- C:\Documents and Settings\Administrateur\Local Settings
2008-03-29 08:43:31 2359296 --ah----- C:\Documents and Settings\Administrateur\NTUSER.DAT
2008-03-29 01:25:00 0 d-------- C:\Documents and Settings\HP_Propriétaire\Application Data\Auslogics
2008-03-29 01:24:56 0 d-------- C:\Program Files\Auslogics
-- Find3M Report --------------------------------------------------------------
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Édition familiale (build 2600) SP 2.0
Architecture: X86; Language: French
CPU 0: AMD Athlon(tm) 64 Processor 3000+
Percentage of Memory in Use: 61%
Physical Memory (total/avail): 511.48 MiB / 194.85 MiB
Pagefile Memory (total/avail): 1248.47 MiB / 836.37 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1909.61 MiB
C: is Fixed (NTFS) - 143.81 GiB total, 127.7 GiB free.
D: is Fixed (FAT32) - 5.22 GiB total, 1.41 GiB free.
E: is CDROM (No Media)
F: is CDROM (No Media)
G: is Removable (No Media)
H: is Removable (No Media)
I: is Removable (No Media)
J: is Removable (No Media)
\\.\PHYSICALDRIVE0 - ST3160021A - 149.05 GiB - 2 partitions
\PARTITION0 - Unknown - 5.23 GiB - D:
\PARTITION1 (bootable) - Système de fichiers installable - 143.81 GiB - C:
\\.\PHYSICALDRIVE2 - Generic USB CF Reader USB Device
\\.\PHYSICALDRIVE4 - Generic USB MS Reader USB Device
\\.\PHYSICALDRIVE1 - Generic USB SD Reader USB Device
\\.\PHYSICALDRIVE3 - Generic USB SM Reader USB Device
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.
FirstRunDisabled is set.
FW: Norton Internet Security v2004 (Symantec Corporation)
FW: ZoneAlarm Firewall v7.0.337.000 (Check Point, LTD.)
AV: Avira AntiVir PersonalEdition v8.0.1.15 (Avira GmbH)
AV: Norton AntiVirus v2004 (Symantec Corporation)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\Authori zedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2re s.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Autho rizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2re s.dll,-22019"
"C:\\Program Files\\AOL 9.0\\waol.exe"="C:\\Program Files\\AOL 9.0\\waol.exe:*:Enabled:AOL France"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\eXeem Lite\\eXeem.exe"="C:\\Program Files\\eXeem Lite\\eXeem.exe:*:Enabled:eXeem"
"C:\\Program Files\\Morpheus\\Morpheus.exe"="C:\\Program Files\\Morpheus\\Morpheus.exe:*:Enabled:M5Shell"
"C:\\Program Files\\HP\\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\\hphver06.exe"="C:\\Program Files\\HP\\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\\hphver06.exe:*:Enabled:A propos de"
"C:\\WINDOWS\\system32\\ZoneLabs\\vsmon.exe"="C:\\WINDOWS\\system32\\ZoneLabs\\vsmon. exe:*:Enabled:TrueVector Service"
"C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"="C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe:*:Disabled:HP Software Update Client"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\IncrediMail\\bin\\ImApp.exe"="C:\\Program Files\\IncrediMail\\bin\\ImApp.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"="C:\\Program Files\\IncrediMail\\bin\\IncMail.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"="C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\HP_Propri‚taire\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Fichiers communs
COMPUTERNAME=NOM-641695C7437
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\HP_Propri‚taire
LOGONSERVER=\\NOM-641695C7437
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;c:\Python22;C:\Program Files\PC-Doctor for Windows\services;"C:\Program Files\Zone Labs\ZoneAlarm\MailFrontier"
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 12 Stepping 0, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0c00
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp
tvdumpflags=8
USERDOMAIN=NOM-641695C7437
USERNAME=HP_Propri‚taire
USERPROFILE=C:\Documents and Settings\HP_Propri‚taire
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
HP_Propriétaire (admin)
Administrateur (new local, admin)
-- Add/Remove Programs ---------------------------------------------------------
--> "C:\Program Files\InstallShield Installation Information\{1A91D1FA-B9B3-4556-9878-5C61059A19B2}\setup.exe" REMOVEALL
--> C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
--> c:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
--> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
--> C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
--> C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
--> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
--> C:\WINDOWS\UNRecode.exe /UNINSTALL
--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{39DA87A1-0B26-4562-A70C-2A6147366E47}\Setup.exe"
--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{89AD2814-AFA2-46AF-AE53-C27196D9FBE6}\setup.exe" REMOVEALL
--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9F765BD0-B900-4EDE-A90B-61C8A9E95C42}\Setup.exe"
--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AAA4CCCE-78DB-47B0-A651-68270D838BD4}\setup.exe" REMOVEALL
--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BAD59025-5B73-4E12-B789-0028C5A573C2}\Setup.exe"
--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E06E4F4E-72D6-4497-BFFD-BCB43077C2F4}\setup.exe" -l0x40c -uninst
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
32 Bit HP CIO Components Installer --> MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
a-squared Free 3.1 --> "C:\Program Files\a-squared Free\unins000.exe"
Ad-Aware 2007 --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.2 - Français --> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
Agere Systems PCI Soft Modem --> agrsmdel
AusLogics Disk Defrag --> "C:\Program Files\Auslogics\AusLogics Disk Defrag\unins000.exe"
AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
Avira AntiVir Personal – Free Antivirus --> C:\Program Files\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
Backup To DVD/CD 5.1 --> C:\WINDOWS\st6unst.exe -n "C:\Program Files\Willow Creek Software\ST6UNST.LOG"
barre d'outils Orange --> C:\Program Files\Orange Toolbar FR\uninst.exe
CartaGoGo v3.1.2 --> "C:\Program Files\CartaGoGo\unins000.exe"
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
CleanUp! --> C:\Program Files\CleanUp!\uninstall.exe
Complete Cleanup Trial --> C:\Program Files\DVD Shrink\unins000.exe
Complément Microsoft Word pour Microsoft Works Suite --> MsiExec.exe /I{7054ED85-498D-4D20-906F-14646AEC5581}
Connexion Facile à Internet --> C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{8105684D-8CA6-440D-8F58-7E5FD67A499D} /l1036
Digital Camera Driver --> C:\PROGRA~1\DIGITA~1\UNWISE.EXE C:\PROGRA~1\DIGITA~1\INSTALL.LOG
Encyclopédie Microsoft Encarta 2004 --> MsiExec.exe /I{04460044-9149-45C6-A806-F2BF9CFCE762}
Enhanced Multimedia Keyboard Solution --> C:\HP\KBD\Install.exe /u
Extension Système de Microsoft Money --> MsiExec.exe /I{8C64E149-54BA-11D6-91B1-00500462BE80}
Futuremark Measurement Services Client --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\msc3.inf,DefaultUninstall,5
Google Toolbar for Firefox --> MsiExec.exe /X{2CCBABCB-6427-4A55-B091-49864623C43F}
Help and Support Additions --> C:\PROGRA~1\HELPAN~1\UNWISE.EXE C:\PROGRA~1\HELPAN~1\INSTALL.LOG
HP Appareils photos Photosmart 4.0 --> C:\Program Files\HP\Digital Imaging\{9C70E67A-623C-4612-AF57-5014879E79CB}\setup\hpzscr01.exe -datfile hpiscr01.dat
HP Customer Participation Program 9.0 --> C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Deskjet All-In-One Software 9.0 --> C:\Program Files\HP\Digital Imaging\{706BB40A-4102-4c89-8107-DC68C4EBD19B}\setup\hpzscr01.exe -datfile hposcr14.dat
HP Deskjet Preloaded Printer Drivers --> MsiExec.exe /X{F419D20A-7719-4639-8E30-C073A040D878}
HP Image Zone 4.2 --> C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Image Zone Plus 4.2 --> C:\Program Files\HP\Digital Imaging\{5E1494D4-3562-4FFB-B35C-600F80F6934C}\setup\hpzscr01.exe -datfile hpdscr01.dat
HP Imaging Device Functions 9.0 --> C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Essential 2.01 --> C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP PSC & OfficeJet 4.0 --> "C:\Program Files\HP\Digital Imaging\{A1062847-0846-427A-92A1-BB8251A91E91}\setup\hpzscr01.exe" -datfile hposcr04.dat
HP Smart Web Printing --> MsiExec.exe /X{415CDA53-9100-476F-A7B2-476691E117C7}
HP Software Update --> MsiExec.exe /X{15EE79F4-4ED1-4267-9B0F-351009325D7D}
HP Solution Center 9.0 --> C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update --> MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134}
HPIZ402 --> MsiExec.exe /X{8D9768AE-DE42-4A04-A461-2361A58C384D}
HPSSupply --> MsiExec.exe /X{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}
Image Resizer Powertoy for Windows XP --> MsiExec.exe /I{1CB92574-96F2-467B-B793-5CEB35C40C29}
InterVideo Home Theater --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F7514465-E5F3-48E9-A952-327DAEF33DE6}\setup.exe" REMOVEALL
InterVideo WinDVD Creator 2 --> "C:\Program Files\InstallShield Installation Information\{2FCE4FC5-6930-40E7-A4F1-F862207424EF}\setup.exe" REMOVEALL
InterVideo WinDVD Player --> "C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
iTunes --> C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{35AFD495-EC2E-4B2B-B9DB-30EEBC74049D}
Java 2 Runtime Environment, SE v1.4.2_03 --> MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142030}
Java(TM) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Jewel Quest 2 --> "C:\Program Files\Jewel Quest 2\ReflexiveArcade\unins000.exe"
Lettrines du Petit Larousse --> "C:\WINDOWS\uninstall lettrinesNC_Clacroix_petitlarousse2005.exe"
Logitech Audio Echo Cancellation Component --> MsiExec.exe /X{BEF726DD-4037-4214-8C6A-E625C02D2870}
Logitech Desktop Messenger --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe" -l0x40c UNINSTALL
Logitech QuickCam --> MsiExec.exe /X{7D2370AC-D8E6-4996-986A-19824F8A167C}
Logitech Video Enumerator --> MsiExec.exe /X{EA516024-D84D-41F1-814F-83175A6188F2}
Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Media Bar --> C:\WINDOWS\Downloaded Program Files\CONFLICT.2\MusicManagerUnInstaller.exe "C:\WINDOWS\Downloaded Program Files\CONFLICT.2\MusicManagerPlugin.ocx" "{C45B1500-7B63-47C2-AB25-C28CB46AFDEE}"
Microsoft AutoRoute v11.0 --> MsiExec.exe /I{8704D51E-25B7-4F23-81E7-AA4F54790220}
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Money --> MsiExec.exe /I{1D643CD2-4DD6-11D7-A4E0-000874180BB3}
Microsoft Office PowerPoint Viewer 2003 --> MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft Picture It! Photo Premium 9 --> C:\WINDOWS\system32\msiexec.exe /i {DBA8B9E1-C6FF-4624-9598-73D3B41A0903}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Works --> MsiExec.exe /I{E6BAE954-487E-488B-BC4E-2E69E54E8117}
Moyea FLV Downloader version 1.15.0.15 --> "C:\Program Files\Moyea\FLV Downloader\unins000.exe"
Moyea FLV Player version 1.5.2.7 --> "C:\Program Files\Moyea\FLV Player\unins001.exe"
Mozilla Firefox (2.0.0.13) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.12) --> C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
MP3 Player Utilities --> MsiExec.exe /I{5BBFB0E4-2250-49C3-A8A3-65BE2197D13B}
MP3 Player Utilities 4.15 --> MsiExec.exe /I{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}
MSN --> C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
Music Manager --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5AFA4872-16B2-419E-ADCA-8E96E739115D}\setup.exe" -l0x40c
MVision --> MsiExec.exe /I{35725FBC-A136-4A46-9F29-091759D9BB93}
Nero 7 Demo --> MsiExec.exe /I{C67B64FA-E69E-E061-6516-F8E911671036}
NVIDIA Drivers --> C:\WINDOWS\system32\nvudisp.exe UninstallGUI
overland --> MsiExec.exe /I{766273C1-A39B-47EB-ACE8-DEBDD8094BCC}
PC-Doctor pour Windows --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1F7CCFA3-D926-4882-B2A5-A0217ED25597}\Setup.exe"
Petit Larousse 2005 --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{495D3648-1D6B-4B71-B174-6A2452FFF8CD}\setup.exe" -l0x40c
Photo DVD 2.0 Shareware --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E6136D17-60D8-452A-9F1D-851FB622AFE3}\Setup.exe" -l0x40c
Photo et imagerie HP 3.5 - HP Devices --> C:\Program Files\HP\Digital Imaging\{15B9DC72-73F9-4d99-9E28-848D66DA8D99}\setup\hpzscr01.exe -datfile hpiscr01.dat
Photosmart 320,370,7400,8100,8400 Series (fra) --> C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\setup\hpzscr01.exe -datfile hphscr01.dat
Player Orange --> MsiExec.exe /I{9F3EDA43-76A1-4936-871C-C8811C33EE9E}
PowerArchiver 2004 v9.25 French --> "C:\Program Files\PowerArchiver\unins000.exe"
PowerQuest PartitionMagic 8.0 Demo --> C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}
Programme de gestion Camera de Logitech® --> "C:\Program Files\Fichiers communs\LogiShrd\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
PS2 --> C:\WINDOWS\system32\ps2.exe uninstall
Python 2.2 combined Win32 extensions --> C:\Python22\Lib\SITE-P~1\UNWISE~1.EXE C:\Python22\Lib\SITE-P~1\w32inst.log
Python 2.2.1 --> C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
QuickTime --> C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
Readiris Pro 9 --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3CA9D105-113C-11D8-AB3E-000102B0F79A}\setup.exe" -l0x40c
RealPlayer --> C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
SafeCast Shared Components --> C:\Program Files\Fichiers communs\Macrovision Shared\SafeCast\Install\CDAC13BA.EXE /uninstall
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Shockwave --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
SiS VGA Utilities --> Rundll32 SiSInst.dll,Uninstall VGA,R
Sonic RecordNow! --> MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
SpeedTouch USB Software --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D41FAAA9-8048-4906-86B2-9AADEA1FA0B7}\setup.exe" /l040c -Control_Panel
Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Spybot - Search & Destroy 1.5.2.20 --> "C:\WINDOWS\unins000.exe"
Sélecteur d'installation de Microsoft Works 2004 --> C:\Program Files\Microsoft Works Suite 2004\Setup\Launcher.exe /ARP E:\
VirginMega DownloadManager --> "C:\Program Files\VirginMega\DownloadManager\Uninstall.exe" "C:\Program Files\VirginMega\DownloadManager\install.log"
Wanadoo --> C:\PROGRA~1\Wanadoo\Shell.exe desinstall.shl
Wanadoo Messager --> C:\PROGRA~1\WANADO~1\UNWISE.EXE C:\PROGRA~1\WANADO~1\INSTALL.LOG
Windows Live Messenger --> MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
Windows Live Sign-in Assistant --> MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
ZoneAlarm --> C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe
-- Application Event Log -------------------------------------------------------
Event Record #/Type9192 / Warning
Event Submitted/Written: 04/16/2008 00:28:52 PM
Event ID/Source: 1001 / MsiInstaller
Event Description:
Échec de détection du produit '{8D9768AE-DE42-4A04-A461-2361A58C384D}', fonctionnalité 'HPIZ402' lors de la demande du composant '{1D348E08-84BE-4FB8-83B0-9FC721A44641}'
Event Record #/Type9191 / Warning
Event Submitted/Written: 04/16/2008 00:28:52 PM
Event ID/Source: 1004 / MsiInstaller
Event Description:
Échec de détection du produit '{8D9768AE-DE42-4A04-A461-2361A58C384D}', fonctionnalité 'HPIZ402', composant '{00F96358-A54A-4FB9-8144-C90F621489FB}. La ressource 'HKEY_LOCAL_MACHINE\SOFTWARE\Hewlett-Packard\DigitalImaging\LeadToolsPath' n'existe pas
Event Record #/Type9162 / Error
Event Submitted/Written: 04/16/2008 09:35:57 AM
Event ID/Source: 1000 / Application Error
Event Description:
Application défaillante firefox.exe, version 1.8.20080.31114, module défaillant nss3.dll, version 3.11.5.0, adresse de défaillance 0x000306df.
Traitement de l'événement propre au support pour [firefox.exe!ws!]
Event Record #/Type9142 / Warning
Event Submitted/Written: 04/15/2008 07:33:08 PM
Event ID/Source: 1001 / MsiInstaller
Event Description:
Échec de détection du produit '{8D9768AE-DE42-4A04-A461-2361A58C384D}', fonctionnalité 'HPIZ402' lors de la demande du composant '{1D348E08-84BE-4FB8-83B0-9FC721A44641}'
Event Record #/Type9141 / Warning
Event Submitted/Written: 04/15/2008 07:33:08 PM
Event ID/Source: 1004 / MsiInstaller
Event Description:
Échec de détection du produit '{8D9768AE-DE42-4A04-A461-2361A58C384D}', fonctionnalité 'HPIZ402', composant '{00F96358-A54A-4FB9-8144-C90F621489FB}. La ressource 'HKEY_LOCAL_MACHINE\SOFTWARE\Hewlett-Packard\DigitalImaging\LeadToolsPath' n'existe pas
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type109538 / Error
Event Submitted/Written: 04/16/2008 11:42:03 AM
Event ID/Source: 7026 / Service Control Manager
Event Description:
Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se charger :
Cryffin
Event Record #/Type109492 / Error
Event Submitted/Written: 04/16/2008 10:54:17 AM
Event ID/Source: 7026 / Service Control Manager
Event Description:
Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se charger :
Cryffin
Event Record #/Type109448 / Error
Event Submitted/Written: 04/16/2008 09:27:21 AM
Event ID/Source: 7026 / Service Control Manager
Event Description:
Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se charger :
Cryffin
Event Record #/Type109416 / Error
Event Submitted/Written: 04/15/2008 08:50:04 PM
Event ID/Source: 7026 / Service Control Manager
Event Description:
Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se charger :
Cryffin
Event Record #/Type109363 / Error
Event Submitted/Written: 04/15/2008 01:25:35 PM
Event ID/Source: 7026 / Service Control Manager
Event Description:
Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se charger :
Cryffin
-- End of Deckard's System Scanner: finished at 2008-04-16 23:27:29 ------------
elo2
Messages postés
984
Date d'inscription
jeudi 8 septembre 2005
Statut
Membre
Dernière intervention
17 avril 2008
387
17 avril 2008 à 16:25
17 avril 2008 à 16:25
Personne ?????
mimit73
Messages postés
111
Date d'inscription
jeudi 21 septembre 2006
Statut
Membre
Dernière intervention
17 février 2010
34
17 avril 2008 à 21:56
17 avril 2008 à 21:56
Certaines notions sont assez connus sous WINDOWS. Mais pour d'autres, c'est plus difficile.
running processes:
c'est les processes qui tournent sur ton PC
HKCU (HkeyCurrentUser)
HKLM (HkeyLocalMachine)
quelques clés de registre pour les programmes sensibles dont InternetExplorer:
Les cles de registre pour les programmes qui vont être lancés au démarrage (HPmonitor, Norton, nero, ZoneALARM,):
HKLM\.. \RUN
Et plein d'autres infos plus ou moins importantes.
running processes:
c'est les processes qui tournent sur ton PC
HKCU (HkeyCurrentUser)
HKLM (HkeyLocalMachine)
quelques clés de registre pour les programmes sensibles dont InternetExplorer:
Les cles de registre pour les programmes qui vont être lancés au démarrage (HPmonitor, Norton, nero, ZoneALARM,):
HKLM\.. \RUN
Et plein d'autres infos plus ou moins importantes.