Avis expert log DSS main + extra
flotekno
Messages postés
10
Statut
Membre
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour,
Voici les rapports ( main +extra ) du logiciel DDS de Deckard ( ex comboscan )
Deckard's System Scanner v20071014.68
Run by Flo on 2008-07-22 13:52:37
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
7: 2008-07-22 11:53:17 UTC - RP7 - Deckard's System Scanner Restore Point
6: 2008-07-18 01:16:07 UTC - RP6 - Software Distribution Service 3.0
5: 2008-07-18 00:44:52 UTC - RP5 - Software Distribution Service 3.0
4: 2008-07-18 00:00:42 UTC - RP4 - ComboFix created restore point
3: 2008-07-17 23:48:40 UTC - RP3 - Avira AntiVir Personal - 18/07/2008 01:48
-- First Restore Point --
1: 2008-07-14 22:44:00 UTC - RP1 - Point de vérification système
Backed up registry hives.
Performed disk cleanup.
[color=red]Total Physical Memory: 504 MiB (512 MiB recommended)./color
[color=red]System Drive C: has 4.02 GiB (less than 15%) free./color
-- HijackThis (run as Flo.exe) -------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:03:46, on 22/07/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\Documents and Settings\Flo\Bureau\dss.exe
C:\HIJACK~1\Flo.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.dell.com/en-ca
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {09CC593B-E8A9-4491-927D-A3E33534DDD4} - http://m6video.m6.fr/1click/install/files/installer2.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
--
End of file - 6319 bytes
-- File Associations -----------------------------------------------------------
[COLOR=red].bat - batfile - shell\edit\command - unable to read value/COLOR
[COLOR=red].cmd - cmdfile - shell\edit\command - unable to read value/COLOR
[COLOR=red].cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*/COLOR
[COLOR=red].cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*/COLOR
[COLOR=red].inf - inffile - shell\open\command - unable to read value/COLOR
[COLOR=red].ini - inifile - shell\open\command - notepad.exe %1/COLOR
[COLOR=red].js - JSFile - DefaultIcon - C:\Program Files\Macromedia\Dreamweaver MX 2004\Dreamweaver.exe,2/COLOR
[COLOR=red].js - JSFile - shell\open\command - "C:\Program Files\Macromedia\Dreamweaver MX 2004\Dreamweaver.exe" "%1"/COLOR
[COLOR=red].reg - regfile - shell\edit\command - unable to read value/COLOR
[COLOR=red].txt - txtfile - shell\open\command - notepad.exe %1/COLOR
[COLOR=red].vbs - VBSFile - shell\edit\command - unable to read value/COLOR
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R1 APPDRV - c:\windows\system32\drivers\appdrv.sys <Not Verified; Dell Inc; Application Driver>
R1 Asapi - c:\windows\system32\drivers\asapi.sys <Not Verified; VOB Computersysteme GmbH; asapi>
R1 mbmiodrvr - c:\windows\system32\mbmiodrvr.sys <Not Verified; cansoft@livewiredev.com; Windows (R) 2000 DDK driver>
R1 omci (OMCI WDM Device Driver) - c:\windows\system32\drivers\omci.sys <Not Verified; Dell Inc; OMCI Driver>
R2 AegisP (AEGIS Protocol (IEEE 802.1x) v3.1.0.1) - c:\windows\system32\drivers\aegisp.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 3.1.0.1>
R2 ASCTRM - c:\windows\system32\drivers\asctrm.sys <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>
R2 s24trans (WLAN Transport) - c:\windows\system32\drivers\s24trans.sys <Not Verified; Intel Corporation; Intel Wireless LAN Packet Driver>
S3 DELTAFW (Service for M-Audio FW Driver (WDM)) - c:\windows\system32\drivers\deltafw.sys <Not Verified; Midiman/M-Audio; M-Audio Delta FW WDM Driver>
S3 EverestDriver (Lavalys EVEREST Kernel Driver) - c:\program files\lavalys\everest home edition\kerneld.wnt
S3 k750bus (Sony Ericsson 750 driver (WDM)) - c:\windows\system32\drivers\k750bus.sys <Not Verified; MCCI; Sony Ericsson 750>
S3 k750mdfl (Sony Ericsson 750 USB WMC Modem Filter) - c:\windows\system32\drivers\k750mdfl.sys <Not Verified; MCCI; Sony Ericsson 750 USB WMC Modem Filter Driver>
S3 k750mdm (Sony Ericsson 750 USB WMC Modem Drivers) - c:\windows\system32\drivers\k750mdm.sys <Not Verified; MCCI; Sony Ericsson 750 USB WMC Modem>
S3 k750mgmt (Sony Ericsson 750 USB WMC Device Management Drivers) - c:\windows\system32\drivers\k750mgmt.sys <Not Verified; MCCI; Sony Ericsson 750 USB WMC Device Management>
S3 k750obex (Sony Ericsson 750 USB WMC OBEX Interface Drivers) - c:\windows\system32\drivers\k750obex.sys <Not Verified; MCCI; Sony Ericsson 750 USB WMC OBEX Interface>
S3 MAFWBOOT (Bootloader Service for M-Audio FW Driver (WDM)) - c:\windows\system32\drivers\mafwboot.sys <Not Verified; Midiman/M-Audio; M-Audio FW Bootloader Driver>
S3 PCAMPR5 (PCAMPR5 NDIS Protocol Driver) - c:\windows\system32\pcampr5.sys (file missing)
S3 PCANDIS5 (PCANDIS5 NDIS Protocol Driver) - c:\windows\system32\pcandis5.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>
S3 SE27bus (Sony Ericsson Device 039 Driver driver (WDM)) - c:\windows\system32\drivers\se27bus.sys <Not Verified; MCCI; Sony Ericsson Device 039 Driver>
S3 SE27mdfl (Sony Ericsson Device 039 USB WMC Modem Filter) - c:\windows\system32\drivers\se27mdfl.sys <Not Verified; MCCI; Sony Ericsson Device 039 USB WMC Modem Filter Driver>
S3 SE27mdm (Sony Ericsson Device 039 USB WMC Modem Driver) - c:\windows\system32\drivers\se27mdm.sys <Not Verified; MCCI; Sony Ericsson Device 039 USB WMC Data Modem>
S3 SE27mgmt (Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM)) - c:\windows\system32\drivers\se27mgmt.sys <Not Verified; MCCI; Sony Ericsson Device 039 USB WMC Device Management>
S3 se27nd5 (Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS)) - c:\windows\system32\drivers\se27nd5.sys <Not Verified; MCCI; Sony Ericsson Device 039 USB Ethernet Emulation>
S3 SE27obex (Sony Ericsson Device 039 USB WMC OBEX Interface) - c:\windows\system32\drivers\se27obex.sys <Not Verified; MCCI; Sony Ericsson Device 039 USB WMC OBEX Interface>
S3 se27unic (Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM)) - c:\windows\system32\drivers\se27unic.sys <Not Verified; MCCI; Sony Ericsson Device 039 USB Ethernet Emulation>
S3 wanatw (WAN Miniport (ATW)) - c:\windows\system32\drivers\wanatw4.sys (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 AntiVirScheduler (Avira AntiVir Personal – Free Antivirus Scheduler) - "c:\program files\avira\antivir personaledition classic\sched.exe" <Not Verified; Avira GmbH; AntiVir Workstation>
R2 RegSrvc - c:\program files\intel\wireless\bin\regsrvc.exe <Not Verified; Intel Corporation; RegSrvc Module>
R2 WLANKEEPER - c:\program files\intel\wireless\bin\wlkeeper.exe <Not Verified; Intel® Corporation; SSOFSet Service>
S3 ServiceLayer - "c:\program files\fichiers communs\pcsuite\services\servicelayer.exe" <Not Verified; Nokia.; PC Connectivity Solution>
S4 NICCONFIGSVC - c:\program files\dell\nicconfigsvc\nicconfigsvc.exe <Not Verified; Dell Inc.; NicConfigSvc>
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Broadcom 440x 10/100 Integrated Controller
Device ID: PCI\VEN_14E4&DEV_170C&SUBSYS_01881028&REV_02\4&2FA23535&0&00F0
Manufacturer: Broadcom
Name: Broadcom 440x 10/100 Integrated Controller
PNP Device ID: PCI\VEN_14E4&DEV_170C&SUBSYS_01881028&REV_02\4&2FA23535&0&00F0
Service: bcm4sbxp
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Carte réseau 1394
Device ID: V1394\NIC1394\2F6C5430314FC000
Manufacturer: Microsoft
Name: Carte réseau 1394
PNP Device ID: V1394\NIC1394\2F6C5430314FC000
Service: NIC1394
-- Scheduled Tasks -------------------------------------------------------------
2005-09-08 13:07:50 258 --a------ C:\WINDOWS\Tasks\Rappel d'abonnement 1 auprès de l'ISP.job
-- Files created between 2008-06-22 and 2008-07-22 -----------------------------
2008-07-20 20:02:56 0 d-------- C:\WINDOWS\LastGood
2008-07-20 19:10:16 0 dr-h----- C:\Documents and Settings\Flo\Recent
2008-07-19 19:08:27 2944 --a------ C:\WINDOWS\system32\mbmiodrvr.sys <Not Verified; cansoft@livewiredev.com; Windows (R) 2000 DDK driver>
2008-07-19 19:08:13 0 d-------- C:\Program Files\Motherboard Monitor 5
2008-07-18 03:37:16 0 d-------- C:\WINDOWS\system32\fr-fr
2008-07-18 03:37:13 0 d-------- C:\WINDOWS\l2schemas
2008-07-18 03:37:12 0 d-------- C:\WINDOWS\system32\fr
2008-07-18 03:37:11 0 d-------- C:\WINDOWS\system32\bits
2008-07-18 03:32:55 0 d-------- C:\WINDOWS\ServicePackFiles
2008-07-18 03:28:53 0 d-------- C:\WINDOWS\network diagnostic
2008-07-18 03:23:08 0 d-------- C:\WINDOWS\EHome
2008-07-18 02:49:59 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-07-18 02:46:11 0 d-------- C:\WINDOWS\system32\PreInstall
2008-07-18 02:34:32 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2008-07-18 02:01:19 0 d-------- C:\Documents and Settings\Flo\Start Menu
2008-07-18 02:00:02 68096 --a------ C:\WINDOWS\zip.exe
2008-07-18 02:00:02 49152 --a------ C:\WINDOWS\VFind.exe
2008-07-18 02:00:02 212480 --a------ C:\WINDOWS\swxcacls.exe <Not Verified; SteelWerX; SteelWerX Extended Configurator ACLists>
2008-07-18 02:00:02 136704 --a------ C:\WINDOWS\swsc.exe <Not Verified; SteelWerX; SteelWerX Service Controller>
2008-07-18 02:00:02 161792 --a------ C:\WINDOWS\swreg.exe <Not Verified; SteelWerX; SteelWerX Registry Editor>
2008-07-18 02:00:02 98816 --a------ C:\WINDOWS\sed.exe
2008-07-18 02:00:02 80412 --a------ C:\WINDOWS\grep.exe
2008-07-18 02:00:02 89504 --a------ C:\WINDOWS\fdsv.exe <Not Verified; Smallfrogs Studio; >
2008-07-18 01:48:58 0 d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-07-18 01:48:57 0 d-------- C:\Program Files\Avira
2008-07-15 23:56:35 0 d-------- C:\Documents and Settings\Administrateur.BASSQUIKNET\Application Data\Malwarebytes
2008-07-15 23:48:58 0 d-------- C:\Documents and Settings\Flo\Application Data\Malwarebytes
2008-07-15 23:48:46 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-07-15 23:48:41 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-07-15 19:15:30 0 d-------- C:\HijackThis
2008-07-15 19:15:09 0 d-------- C:\Program Files\Trend Micro
2008-07-15 01:19:35 0 d-------- C:\WINDOWS\BDOSCAN8
2008-07-15 01:07:54 0 d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-07-15 01:03:46 0 d-------- C:\Program Files\Yahoo!
2008-07-15 01:03:11 0 d-------- C:\Program Files\CCleaner
2008-07-14 20:49:55 0 d-------- C:\Documents and Settings\Administrateur.BASSQUIKNET\Application Data\Lavasoft
2008-07-14 20:43:55 0 d-------- C:\Documents and Settings\Administrateur.BASSQUIKNET\Application Data\Mozilla
2008-07-14 20:43:11 0 dr------- C:\Documents and Settings\Administrateur.BASSQUIKNET\Favoris
2008-07-14 20:43:11 0 d---s---- C:\Documents and Settings\Administrateur.BASSQUIKNET\Cookies
2008-07-14 20:43:11 0 d-------- C:\Documents and Settings\Administrateur.BASSQUIKNET\Bureau
2008-07-14 20:43:11 0 dr-h----- C:\Documents and Settings\Administrateur.BASSQUIKNET\Application Data
2008-07-14 20:43:11 0 d-------- C:\Documents and Settings\Administrateur.BASSQUIKNET\Application Data\You've Got Pictures Screensaver
2008-07-14 20:43:11 0 d-------- C:\Documents and Settings\Administrateur.BASSQUIKNET\Application Data\Symantec
2008-07-14 20:43:11 0 d-------- C:\Documents and Settings\Administrateur.BASSQUIKNET\Application Data\Sun
2008-07-14 20:43:11 0 d---s---- C:\Documents and Settings\Administrateur.BASSQUIKNET\Application Data\Microsoft
2008-07-14 20:43:11 0 d-------- C:\Documents and Settings\Administrateur.BASSQUIKNET\Application Data\Jasc Software Inc
2008-07-14 20:43:11 0 d-------- C:\Documents and Settings\Administrateur.BASSQUIKNET\Application Data\Intel
2008-07-14 20:43:11 0 d-------- C:\Documents and Settings\Administrateur.BASSQUIKNET\Application Data\Identities
2008-07-14 20:43:10 0 d--h----- C:\Documents and Settings\Administrateur.BASSQUIKNET\Voisinage réseau
2008-07-14 20:43:10 0 d--h----- C:\Documents and Settings\Administrateur.BASSQUIKNET\Voisinage d'impression
2008-07-14 20:43:10 0 dr-h----- C:\Documents and Settings\Administrateur.BASSQUIKNET\SendTo
2008-07-14 20:43:10 0 dr-h----- C:\Documents and Settings\Administrateur.BASSQUIKNET\Recent
2008-07-14 20:43:10 2359296 --ah----- C:\Documents and Settings\Administrateur.BASSQUIKNET\NTUSER.DAT
2008-07-14 20:43:10 0 d--h----- C:\Documents and Settings\Administrateur.BASSQUIKNET\Modèles
2008-07-14 20:43:10 0 dr------- C:\Documents and Settings\Administrateur.BASSQUIKNET\Mes documents
2008-07-14 20:43:10 0 dr------- C:\Documents and Settings\Administrateur.BASSQUIKNET\Menu Démarrer
2008-07-14 20:43:10 0 d--h----- C:\Documents and Settings\Administrateur.BASSQUIKNET\Local Settings
-- Find3M Report ---------------------------------------------------------------
2008-07-18 04:11:14 447222 --a------ C:\WINDOWS\system32\perfh00C.dat
2008-07-18 04:11:14 64922 --a------ C:\WINDOWS\system32\perfc00C.dat
2008-07-18 03:37:53 0 d-------- C:\Program Files\Messenger
2008-07-18 03:37:11 0 d-------- C:\Program Files\Movie Maker
2008-07-18 03:32:24 0 d-------- C:\Program Files\Windows NT
2008-07-15 21:44:05 0 d-------- C:\Program Files\RamBoost XP
2008-07-14 23:58:41 0 d-------- C:\Program Files\Hitman Pro
2008-07-11 04:01:39 0 d-------- C:\Program Files\Orange
2008-05-27 17:05:38 0 d-------- C:\Program Files\OpenOffice.org1.1.1
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [14/04/2008 04:34]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [12/02/2008 10:06]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)
"DisableTaskMgr"=0 (0x0)
"DisableRegistryTools"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoFolderOptions"=0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NofolderOptions"=0 (0x0)
"NoFind"=0 (0x0)
"NoRun"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
C:\WINDOWS\System32\dimsntfy.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless]
C:\Program Files\Intel\Wireless\Bin\LgNotify.dll 07/09/2004 17:08 110592 C:\Program Files\Intel\Wireless\Bin\LgNotify.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk
backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
C:\Program Files\Apoint\Apoint.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dla]
C:\WINDOWS\system32\dla\tfswctrl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DMXLauncher]
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
"C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX4800 Series]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE /P26 "EPSON Stylus DX4800 Series" /O6 "USB002" /M "Stylus DX4800"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\WINDOWS\system32\hkcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\WINDOWS\system32\igfxtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelWireless]
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
"C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\m6]
C:\Program Files\M6Video\M6video.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MAFWTaskbarApp]
C:\WINDOWS\system32\MAFWTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBJ]
"C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ORAWATCH]
C:\PROGRA~1\Orange\Watch.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\WINDOWS\system32\qttask.exe" -atboottime
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RamBoostXp]
C:\Program Files\RamBoost XP\rambxpfr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Brother XP spl Service"=2 (0x2)
"sdCoreService"=3 (0x3)
"sdAuxService"=3 (0x3)
"NICCONFIGSVC"=2 (0x2)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
eapsvcs eaphost
dot3svc dot3svc
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
napagent
hkmsvc
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
Auto\command- AdobeR.exe e
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
Auto\command- AdobeR.exe e
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\M]
Auto\command- AdobeR.exe e
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5b7269f8-a2d3-11da-930d-9391273c1e53}]
Auto\command- AdobeR.exe e
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5b7269f9-a2d3-11da-930d-9391273c1e53}]
Auto\command- AdobeR.exe e
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5b7269fa-a2d3-11da-930d-9391273c1e53}]
Auto\command- AdobeR.exe e
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e6eb115e-f86c-11dc-94ba-0013ce10a862}]
AutoRun\command- wd_windows_tools\setup.exe
-- End of Deckard's System Scanner: finished at 2008-07-22 14:10:16 ------------
Et le extra :
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Édition familiale (build 2600) SP 3.0
Architecture: X86; Language: French
CPU 0: Intel(R) Pentium(R) M processor 1.50GHz
Percentage of Memory in Use: 58%
Physical Memory (total/avail): 503.37 MiB / 209.3 MiB
Pagefile Memory (total/avail): 1227.46 MiB / 962.71 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1938.19 MiB
C: is Fixed (NTFS) - 52.89 GiB total, 4.02 GiB free.
D: is CDROM (No Media)
E: is Fixed (NTFS) - 97.65 GiB total, 10.31 GiB free.
F: is Fixed (NTFS) - 97.65 GiB total, 58.79 GiB free.
M: is Fixed (NTFS) - 84.16 GiB total, 18.86 GiB free.
\\.\PHYSICALDRIVE0 - FUJITSU MHV2060AH - 55.89 GiB - 3 partitions
\PARTITION0 - Unknown - 94.1 MiB
\PARTITION1 (bootable) - Système de fichiers installable - 52.89 GiB - C:
\PARTITION2 - Unknown - 2.9 GiB
\\.\PHYSICALDRIVE1 - Maxtor 6 L300R0 USB Device - 279.47 GiB - 3 partitions
\PARTITION0 - Système de fichiers installable - 97.65 GiB - E:
\PARTITION1 - Étendu avec Inter. 13 étendue - 181.82 GiB - F: - M:
-- Security Center -------------------------------------------------------------
AUOptions is disabled.
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Flo\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Fichiers communs
COMPUTERNAME=BASSQUIKNET
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Flo
LOGONSERVER=\\BASSQUIKNET
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Program Files\Fichiers communs\Sonic Shared
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 13 Stepping 8, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0d08
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SonicCentral=C:\Program Files\Fichiers communs\Sonic Shared\Sonic Central\
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Flo\LOCALS~1\Temp
TMP=C:\DOCUME~1\Flo\LOCALS~1\Temp
USERDOMAIN=BASSQUIKNET
USERNAME=Flo
USERPROFILE=C:\Documents and Settings\Flo
windir=C:\WINDOWS
__COMPAT_LAYER=EnableNXShowUI
-- User Profiles ---------------------------------------------------------------
Flo [I](admin)/I
Administrateur.BASSQUIKNET [I](admin)/I
-- Add/Remove Programs ---------------------------------------------------------
--> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ableton Live v5.0.2 --> C:\PROGRA~1\Ableton\LIVE50~1.2\UNWISE.EXE C:\PROGRA~1\Ableton\LIVE50~1.2\INSTALL.LOG
ACE Mega CoDecS Pack --> "C:\Program Files\ACE Mega CoDecS Pack\unins000.exe"
Ad-Aware SE Personal --> C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
Adobe Acrobat - Reader 6.0.2 Update --> MsiExec.exe /I{AC76BA86-0000-0000-0000-6028747ADE01}
Adobe Download Manager 2.0 (Supprimer uniquement) --> "C:\Program Files\Fichiers communs\Adobe\ESD\uninst.exe"
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Photoshop 7.0 --> C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Adobe\Photoshop 7.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 7.0\Uninst.dll"
Adobe Reader 6.0.1 - Français --> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A00000000001}
ALPS Touch Pad Driver --> C:\Program Files\Apoint\Uninstap.exe ADDREMOVE
ASAPI Update --> C:\PROGRA~1\VOB\ASAPIU~1\IWUNIN~1.EXE -uninstall C:\WINDOWS\ISUNINST.EXE -fC:\PROGRA~1\VOB\ASAPIU~1\ASAPI.isu
Avira AntiVir Personal – Free Antivirus --> C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
Broadcom Management Programs 2 --> C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{64A77F14-0E08-4A97-A859-E93CFF428756} /l1036
Canon S300 --> C:\WINDOWS\system32\CNMCP38.EXE -@C:\WINDOWS\IsUn040c.exe -f"C:\BJPrinter\CNMWINDOWS\Canon S300 Installer\Inst\DeIsL1.isu" -pCanon S300-c"C:\BJPrinter\CNMWINDOWS\Canon S300 Installer\Inst\bjinst.dll
Carte Novatel Wireless Merlin U530 --> C:\PROGRA~1\FranceTelecomUninstall\NOVU530PCM\Uninstall.exe Uninstall.ini
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
Conexant D110 MDC V.9x Modem --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_8086&DEV_24x6&SUBSYS_542214F1\HXFSETUP.EXE -U -Idel5422k.inf
Dell Driver Reset Tool --> MsiExec.exe /I{5905F42D-3F5F-4916-ADA6-94A3646AEE76}
Dell Media Experience --> MsiExec.exe /I{AC0EE5B0-A8FB-4D0A-AF03-2EDC518F841B}
Dell Media Experience Update --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CDE4CC8B-134B-421E-943C-90799E56F664}\setup.exe" -l0x40c -L0x40c /SMAINT
DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Player --> C:\WINDOWS\unvise32.exe C:\Program Files\DivX\DivX Player\uninstal.log
DivX Pro Codec Adware --> C:\WINDOWS\unvise32.exe C:\Program Files\DivX\DivX Pro Codec Adware\UninstalDivXProCodecAdware.log
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Emagic Logic Audio Platinum 5.5.1 --> C:\PROGRA~1\emagic\LOGIC5~1\UNWISE.EXE C:\PROGRA~1\emagic\LOGIC5~1\INSTALL.LOG
EPSON Logiciel imprimante --> C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
EVEREST Home Edition v2.20 --> "C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe"
FastStone Capture 5.2 (French) --> C:\Program Files\FastStone Capture\uninst.exe
FileZilla (remove only) --> "C:\Program Files\FileZilla\uninstall.exe"
Firewire Family --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D9CF5E60-42B1-489B-A0E2-9A6EE3DEB969}\setup.exe" -l0x9 -removeonly
Gestion de l'alimentation de la carte réseau interne --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1F528948-0E80-4C96-B455-DE4167CB1DF7}\setup.exe" -l0x40c UNINSTALL APPDRVNT4
Google Earth --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}\setup.exe" -l0x9 -removeonly
HijackThis 2.0.2 --> "C:\HijackThis\HijackThis.exe" /uninstall
Hitman Pro --> "C:\Program Files\Hitman Pro\unins000.exe"
Intel(R) Graphics Media Accelerator Driver for Mobile --> RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2792 PCI\VEN_8086&DEV_2592
Intel(R) PROSet/Wireless Software --> C:\WINDOWS\Installer\iProInst.exe
Internet Explorer 7 Standalone --> "C:\Program Files\IE7\unins000.exe"
Java 2 Runtime Environment, SE v1.4.2_03 --> MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142030}
Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Learn2 Player (Uninstall Only) --> C:\Program Files\Learn2.com\StRunner\stuninst.exe
LUXONIX LFX-1310 --> C:\Program Files\LUXONIX\LFX-1310\uninst LFX-1310.exe
M6Video version 2.2.16.200 --> "C:\Program Files\M6Video\unins000.exe"
Macromedia Dreamweaver MX 2004 --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{05BB2EC5-6BEF-4DDC-9E75-BEE7B161157A}\Setup.exe" -l0x40c mmUninstall
Macromedia Extension Manager --> MsiExec.exe /I{3C8C9FB3-5FDF-40B4-B314-EAD722728C76}
Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
mCore --> MsiExec.exe /I{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}
mDrWiFi --> MsiExec.exe /I{F6090A17-0967-4A8A-B3C3-422A1B514D49}
Mes SMS --> C:\PROGRA~1\Orange\MesSMS\UNWISE.EXE C:\PROGRA~1\Orange\MesSMS\INSTALL.LOG
mHlpDell --> MsiExec.exe /I{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}
Microsoft Works 7.0 --> MsiExec.exe /I{64D114CE-4234-45C2-B60A-2B07D5A48F72}
mIWA --> MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F}
mIWCA --> MsiExec.exe /I{6FFFE74E-3FBD-4E2E-97F9-5E9A2A077626}
mLogView --> MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}
mMHouse --> MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
Mobile PC Card --> C:\PROGRA~1\Orange\Uninstall.exe
Motherboard Monitor 5 --> "C:\Program Files\Motherboard Monitor 5\unins000.exe"
Mozilla Firefox (2.0.0.16) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
mPfMgr --> MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mPfWiz --> MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9}
mProSafe --> MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
MSN --> C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
mSSO --> MsiExec.exe /I{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}
mToolkit --> MsiExec.exe /I{CA9BAADB-C262-4E05-B2E2-CEE8CE9809EC}
mWlsSafe --> MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
mXML --> MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401}
myMP3 PRO 4.0 --> C:\PROGRA~1\STEINB~1\MYMP3P~1.0\UNWISE.EXE C:\PROGRA~1\STEINB~1\MYMP3P~1.0\INSTALL.LOG
mZConfig --> MsiExec.exe /I{94658027-9F16-4509-BBD7-A59FE57C3023}
Nero Suite --> C:\Program Files\Fichiers communs\Ahead\Uninstall\Setup.exe /uninstall
Nokia Connectivity Cable Driver --> MsiExec.exe /X{E4DD8B33-6F9B-41C5-96FF-5DBF27ED23E7}
Nokia MTP driver --> MsiExec.exe /I{59359B3D-ABE7-46BF-AB55-43B67A64DC68}
Nokia PC Connectivity Solution --> MsiExec.exe /I{588AA47B-9115-44D3-B2E5-4F10BC659D6C}
Nokia PC Suite --> MsiExec.exe /I{508FA22B-AFFC-46CD-9441-2567976574A4}
Nokia themes for your device --> MsiExec.exe /I{77F5816C-64A6-4FBE-BBE5-52EFE5EB84E8}
OpenOffice.org 1.1.1 --> C:\Program Files\OpenOffice.org1.1.1\program\setup.exe -deinstall
Outlook Express Backup Restore --> "C:\Program Files\Outlook Express Backup Restore\unins000.exe"
Poker 770 --> "C:\Poker\Poker 770\_SetupCasino.exe" /uninstall
PowerDVD 5.5 --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
QuickSet --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C5074CC4-0E26-4716-A307-960272A90040}\setup.exe" -l0x40c UNINSTALL APPDRVNT4 - ALL
QuickTime --> C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
RamBoost XP 4.0.6 --> "C:\Program Files\RamBoost XP\unins000.exe"
RealPlayer Basic --> C:\Program Files\Fichiers communs\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0
Reason 3.0 --> "C:\Program Files\Propellerhead\Reason\Uninstall Reason\unins000.exe"
SnagIt 8 --> MsiExec.exe /I{93699C3E-005E-4294-87CA-F5B7DE2CD687}
Sonic DLA --> MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Sonic Foundry ACID 4.0 --> MsiExec.exe /I{2A38B5AA-EA84-4F87-9937-2FB23982243A}
Sonic Foundry Sound Forge 6.0a --> MsiExec.exe /I{6CDC68BB-C997-4ADC-9BA0-6293FB88521E}
Sonic MyDVD LE --> MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic RecordNow Audio --> MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Sonic RecordNow Copy --> MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
Sonic RecordNow Data --> MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
Sonic Update Manager --> MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Spybot - Search & Destroy 1.4 --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Spyware Doctor 5.5 --> C:\Program Files\Spyware Doctor\unins000.exe /LOG
SpywareBlaster v3.5.1 --> "C:\Program Files\SpywareBlaster\unins000.exe"
USB Storage Driver --> DelUIDrv.exe
VeohTV BETA --> C:\Program Files\InstallShield Installation Information\{97A96172-A963-4A37-9FFB-DA6805BB915A}\setup.exe -runfromtemp -l0x0409
VideoLAN VLC media player 0.8.2 --> C:\Program Files\VideoLAN\VLC\uninstall.exe
Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
Winamp (remove only) --> "C:\Program Files\Winamp\UninstWA.exe"
Windows Driver Package - Nokia Modem (04/06/2006 6.8.0.17) --> C:\PROGRA~1\DIFX\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_7F91C37896B530901B0665F9EF32E19FF06F5687\nokbtmdm.inf
Windows Live Messenger --> MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
Windows XP Service Pack 3 --> "C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
Yahoo! Install Manager --> C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL
Yahoo! Toolbar avec bloqueur de fenêtres pop-up --> C:\PROGRA~1\Yahoo!\Common\unyt.exe
-- Application Event Log -------------------------------------------------------
Event Record #/Type416 / Error
Event Submitted/Written: 07/20/2008 08:40:36 PM
Event ID/Source: 4118 / Avira AntiVir
Event Description:
C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xmlUNKNOWN20664320
Event Record #/Type412 / Error
Event Submitted/Written: 07/20/2008 07:57:59 PM
Event ID/Source: 4118 / Avira AntiVir
Event Description:
C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xmlUNKNOWN20664320
Event Record #/Type404 / Error
Event Submitted/Written: 07/19/2008 07:18:59 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Application bloquée Settings.dll, version 5.3.7.0, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
Event Record #/Type388 / Warning
Event Submitted/Written: 07/18/2008 03:38:55 AM
Event ID/Source: 63 / WinMgmt
Event Description:
Un fournisseur, HiPerfCooker_v1, a été enregistré dans l'espace de noms WMI, Root\WMI, afin d'utiliser le compte LocalSystem. Ce compte bénéficie de privilèges et le fournisseur peut provoquer une violation de sécurité s'il ne représente pas correctement les demandes utilisateur.
Event Record #/Type385 / Error
Event Submitted/Written: 07/18/2008 02:50:03 AM
Event ID/Source: 11 / crypt32
Event Description:
Échec de l'extraction de la liste racine tierce partie depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l'erreur : Un certificat requis n'est pas dans sa période de validité selon la vérification par rapport à l'horloge système en cours ou le tampon daté dans le fichier signé.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type860845 / Warning
Event Submitted/Written: 07/22/2008 03:11:42 AM
Event ID/Source: 57 / Ftdisk
Event Description:
Le système n'a pas pu vider les données du journal de transaction. Les données pourraient être endommagées.
Event Record #/Type860844 / Warning
Event Submitted/Written: 07/22/2008 03:11:42 AM
Event ID/Source: 57 / Ftdisk
Event Description:
Le système n'a pas pu vider les données du journal de transaction. Les données pourraient être endommagées.
Event Record #/Type860843 / Warning
Event Submitted/Written: 07/22/2008 03:11:42 AM
Event ID/Source: 57 / Ftdisk
Event Description:
Le système n'a pas pu vider les données du journal de transaction. Les données pourraient être endommagées.
Event Record #/Type860842 / Warning
Event Submitted/Written: 07/22/2008 03:11:42 AM
Event ID/Source: 57 / Ftdisk
Event Description:
Le système n'a pas pu vider les données du journal de transaction. Les données pourraient être endommagées.
Event Record #/Type860841 / Warning
Event Submitted/Written: 07/22/2008 03:11:42 AM
Event ID/Source: 57 / Ftdisk
Event Description:
Le système n'a pas pu vider les données du journal de transaction. Les données pourraient être endommagées.
-- End of Deckard's System Scanner: finished at 2008-07-22 14:10:16 ------------
Merci à vous tous pour votre aide :)
Flo.
Voici les rapports ( main +extra ) du logiciel DDS de Deckard ( ex comboscan )
Deckard's System Scanner v20071014.68
Run by Flo on 2008-07-22 13:52:37
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
7: 2008-07-22 11:53:17 UTC - RP7 - Deckard's System Scanner Restore Point
6: 2008-07-18 01:16:07 UTC - RP6 - Software Distribution Service 3.0
5: 2008-07-18 00:44:52 UTC - RP5 - Software Distribution Service 3.0
4: 2008-07-18 00:00:42 UTC - RP4 - ComboFix created restore point
3: 2008-07-17 23:48:40 UTC - RP3 - Avira AntiVir Personal - 18/07/2008 01:48
-- First Restore Point --
1: 2008-07-14 22:44:00 UTC - RP1 - Point de vérification système
Backed up registry hives.
Performed disk cleanup.
[color=red]Total Physical Memory: 504 MiB (512 MiB recommended)./color
[color=red]System Drive C: has 4.02 GiB (less than 15%) free./color
-- HijackThis (run as Flo.exe) -------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:03:46, on 22/07/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\Documents and Settings\Flo\Bureau\dss.exe
C:\HIJACK~1\Flo.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.dell.com/en-ca
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {09CC593B-E8A9-4491-927D-A3E33534DDD4} - http://m6video.m6.fr/1click/install/files/installer2.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
--
End of file - 6319 bytes
-- File Associations -----------------------------------------------------------
[COLOR=red].bat - batfile - shell\edit\command - unable to read value/COLOR
[COLOR=red].cmd - cmdfile - shell\edit\command - unable to read value/COLOR
[COLOR=red].cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*/COLOR
[COLOR=red].cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*/COLOR
[COLOR=red].inf - inffile - shell\open\command - unable to read value/COLOR
[COLOR=red].ini - inifile - shell\open\command - notepad.exe %1/COLOR
[COLOR=red].js - JSFile - DefaultIcon - C:\Program Files\Macromedia\Dreamweaver MX 2004\Dreamweaver.exe,2/COLOR
[COLOR=red].js - JSFile - shell\open\command - "C:\Program Files\Macromedia\Dreamweaver MX 2004\Dreamweaver.exe" "%1"/COLOR
[COLOR=red].reg - regfile - shell\edit\command - unable to read value/COLOR
[COLOR=red].txt - txtfile - shell\open\command - notepad.exe %1/COLOR
[COLOR=red].vbs - VBSFile - shell\edit\command - unable to read value/COLOR
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R1 APPDRV - c:\windows\system32\drivers\appdrv.sys <Not Verified; Dell Inc; Application Driver>
R1 Asapi - c:\windows\system32\drivers\asapi.sys <Not Verified; VOB Computersysteme GmbH; asapi>
R1 mbmiodrvr - c:\windows\system32\mbmiodrvr.sys <Not Verified; cansoft@livewiredev.com; Windows (R) 2000 DDK driver>
R1 omci (OMCI WDM Device Driver) - c:\windows\system32\drivers\omci.sys <Not Verified; Dell Inc; OMCI Driver>
R2 AegisP (AEGIS Protocol (IEEE 802.1x) v3.1.0.1) - c:\windows\system32\drivers\aegisp.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 3.1.0.1>
R2 ASCTRM - c:\windows\system32\drivers\asctrm.sys <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>
R2 s24trans (WLAN Transport) - c:\windows\system32\drivers\s24trans.sys <Not Verified; Intel Corporation; Intel Wireless LAN Packet Driver>
S3 DELTAFW (Service for M-Audio FW Driver (WDM)) - c:\windows\system32\drivers\deltafw.sys <Not Verified; Midiman/M-Audio; M-Audio Delta FW WDM Driver>
S3 EverestDriver (Lavalys EVEREST Kernel Driver) - c:\program files\lavalys\everest home edition\kerneld.wnt
S3 k750bus (Sony Ericsson 750 driver (WDM)) - c:\windows\system32\drivers\k750bus.sys <Not Verified; MCCI; Sony Ericsson 750>
S3 k750mdfl (Sony Ericsson 750 USB WMC Modem Filter) - c:\windows\system32\drivers\k750mdfl.sys <Not Verified; MCCI; Sony Ericsson 750 USB WMC Modem Filter Driver>
S3 k750mdm (Sony Ericsson 750 USB WMC Modem Drivers) - c:\windows\system32\drivers\k750mdm.sys <Not Verified; MCCI; Sony Ericsson 750 USB WMC Modem>
S3 k750mgmt (Sony Ericsson 750 USB WMC Device Management Drivers) - c:\windows\system32\drivers\k750mgmt.sys <Not Verified; MCCI; Sony Ericsson 750 USB WMC Device Management>
S3 k750obex (Sony Ericsson 750 USB WMC OBEX Interface Drivers) - c:\windows\system32\drivers\k750obex.sys <Not Verified; MCCI; Sony Ericsson 750 USB WMC OBEX Interface>
S3 MAFWBOOT (Bootloader Service for M-Audio FW Driver (WDM)) - c:\windows\system32\drivers\mafwboot.sys <Not Verified; Midiman/M-Audio; M-Audio FW Bootloader Driver>
S3 PCAMPR5 (PCAMPR5 NDIS Protocol Driver) - c:\windows\system32\pcampr5.sys (file missing)
S3 PCANDIS5 (PCANDIS5 NDIS Protocol Driver) - c:\windows\system32\pcandis5.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>
S3 SE27bus (Sony Ericsson Device 039 Driver driver (WDM)) - c:\windows\system32\drivers\se27bus.sys <Not Verified; MCCI; Sony Ericsson Device 039 Driver>
S3 SE27mdfl (Sony Ericsson Device 039 USB WMC Modem Filter) - c:\windows\system32\drivers\se27mdfl.sys <Not Verified; MCCI; Sony Ericsson Device 039 USB WMC Modem Filter Driver>
S3 SE27mdm (Sony Ericsson Device 039 USB WMC Modem Driver) - c:\windows\system32\drivers\se27mdm.sys <Not Verified; MCCI; Sony Ericsson Device 039 USB WMC Data Modem>
S3 SE27mgmt (Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM)) - c:\windows\system32\drivers\se27mgmt.sys <Not Verified; MCCI; Sony Ericsson Device 039 USB WMC Device Management>
S3 se27nd5 (Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS)) - c:\windows\system32\drivers\se27nd5.sys <Not Verified; MCCI; Sony Ericsson Device 039 USB Ethernet Emulation>
S3 SE27obex (Sony Ericsson Device 039 USB WMC OBEX Interface) - c:\windows\system32\drivers\se27obex.sys <Not Verified; MCCI; Sony Ericsson Device 039 USB WMC OBEX Interface>
S3 se27unic (Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM)) - c:\windows\system32\drivers\se27unic.sys <Not Verified; MCCI; Sony Ericsson Device 039 USB Ethernet Emulation>
S3 wanatw (WAN Miniport (ATW)) - c:\windows\system32\drivers\wanatw4.sys (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 AntiVirScheduler (Avira AntiVir Personal – Free Antivirus Scheduler) - "c:\program files\avira\antivir personaledition classic\sched.exe" <Not Verified; Avira GmbH; AntiVir Workstation>
R2 RegSrvc - c:\program files\intel\wireless\bin\regsrvc.exe <Not Verified; Intel Corporation; RegSrvc Module>
R2 WLANKEEPER - c:\program files\intel\wireless\bin\wlkeeper.exe <Not Verified; Intel® Corporation; SSOFSet Service>
S3 ServiceLayer - "c:\program files\fichiers communs\pcsuite\services\servicelayer.exe" <Not Verified; Nokia.; PC Connectivity Solution>
S4 NICCONFIGSVC - c:\program files\dell\nicconfigsvc\nicconfigsvc.exe <Not Verified; Dell Inc.; NicConfigSvc>
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Broadcom 440x 10/100 Integrated Controller
Device ID: PCI\VEN_14E4&DEV_170C&SUBSYS_01881028&REV_02\4&2FA23535&0&00F0
Manufacturer: Broadcom
Name: Broadcom 440x 10/100 Integrated Controller
PNP Device ID: PCI\VEN_14E4&DEV_170C&SUBSYS_01881028&REV_02\4&2FA23535&0&00F0
Service: bcm4sbxp
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Carte réseau 1394
Device ID: V1394\NIC1394\2F6C5430314FC000
Manufacturer: Microsoft
Name: Carte réseau 1394
PNP Device ID: V1394\NIC1394\2F6C5430314FC000
Service: NIC1394
-- Scheduled Tasks -------------------------------------------------------------
2005-09-08 13:07:50 258 --a------ C:\WINDOWS\Tasks\Rappel d'abonnement 1 auprès de l'ISP.job
-- Files created between 2008-06-22 and 2008-07-22 -----------------------------
2008-07-20 20:02:56 0 d-------- C:\WINDOWS\LastGood
2008-07-20 19:10:16 0 dr-h----- C:\Documents and Settings\Flo\Recent
2008-07-19 19:08:27 2944 --a------ C:\WINDOWS\system32\mbmiodrvr.sys <Not Verified; cansoft@livewiredev.com; Windows (R) 2000 DDK driver>
2008-07-19 19:08:13 0 d-------- C:\Program Files\Motherboard Monitor 5
2008-07-18 03:37:16 0 d-------- C:\WINDOWS\system32\fr-fr
2008-07-18 03:37:13 0 d-------- C:\WINDOWS\l2schemas
2008-07-18 03:37:12 0 d-------- C:\WINDOWS\system32\fr
2008-07-18 03:37:11 0 d-------- C:\WINDOWS\system32\bits
2008-07-18 03:32:55 0 d-------- C:\WINDOWS\ServicePackFiles
2008-07-18 03:28:53 0 d-------- C:\WINDOWS\network diagnostic
2008-07-18 03:23:08 0 d-------- C:\WINDOWS\EHome
2008-07-18 02:49:59 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-07-18 02:46:11 0 d-------- C:\WINDOWS\system32\PreInstall
2008-07-18 02:34:32 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2008-07-18 02:01:19 0 d-------- C:\Documents and Settings\Flo\Start Menu
2008-07-18 02:00:02 68096 --a------ C:\WINDOWS\zip.exe
2008-07-18 02:00:02 49152 --a------ C:\WINDOWS\VFind.exe
2008-07-18 02:00:02 212480 --a------ C:\WINDOWS\swxcacls.exe <Not Verified; SteelWerX; SteelWerX Extended Configurator ACLists>
2008-07-18 02:00:02 136704 --a------ C:\WINDOWS\swsc.exe <Not Verified; SteelWerX; SteelWerX Service Controller>
2008-07-18 02:00:02 161792 --a------ C:\WINDOWS\swreg.exe <Not Verified; SteelWerX; SteelWerX Registry Editor>
2008-07-18 02:00:02 98816 --a------ C:\WINDOWS\sed.exe
2008-07-18 02:00:02 80412 --a------ C:\WINDOWS\grep.exe
2008-07-18 02:00:02 89504 --a------ C:\WINDOWS\fdsv.exe <Not Verified; Smallfrogs Studio; >
2008-07-18 01:48:58 0 d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-07-18 01:48:57 0 d-------- C:\Program Files\Avira
2008-07-15 23:56:35 0 d-------- C:\Documents and Settings\Administrateur.BASSQUIKNET\Application Data\Malwarebytes
2008-07-15 23:48:58 0 d-------- C:\Documents and Settings\Flo\Application Data\Malwarebytes
2008-07-15 23:48:46 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-07-15 23:48:41 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-07-15 19:15:30 0 d-------- C:\HijackThis
2008-07-15 19:15:09 0 d-------- C:\Program Files\Trend Micro
2008-07-15 01:19:35 0 d-------- C:\WINDOWS\BDOSCAN8
2008-07-15 01:07:54 0 d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-07-15 01:03:46 0 d-------- C:\Program Files\Yahoo!
2008-07-15 01:03:11 0 d-------- C:\Program Files\CCleaner
2008-07-14 20:49:55 0 d-------- C:\Documents and Settings\Administrateur.BASSQUIKNET\Application Data\Lavasoft
2008-07-14 20:43:55 0 d-------- C:\Documents and Settings\Administrateur.BASSQUIKNET\Application Data\Mozilla
2008-07-14 20:43:11 0 dr------- C:\Documents and Settings\Administrateur.BASSQUIKNET\Favoris
2008-07-14 20:43:11 0 d---s---- C:\Documents and Settings\Administrateur.BASSQUIKNET\Cookies
2008-07-14 20:43:11 0 d-------- C:\Documents and Settings\Administrateur.BASSQUIKNET\Bureau
2008-07-14 20:43:11 0 dr-h----- C:\Documents and Settings\Administrateur.BASSQUIKNET\Application Data
2008-07-14 20:43:11 0 d-------- C:\Documents and Settings\Administrateur.BASSQUIKNET\Application Data\You've Got Pictures Screensaver
2008-07-14 20:43:11 0 d-------- C:\Documents and Settings\Administrateur.BASSQUIKNET\Application Data\Symantec
2008-07-14 20:43:11 0 d-------- C:\Documents and Settings\Administrateur.BASSQUIKNET\Application Data\Sun
2008-07-14 20:43:11 0 d---s---- C:\Documents and Settings\Administrateur.BASSQUIKNET\Application Data\Microsoft
2008-07-14 20:43:11 0 d-------- C:\Documents and Settings\Administrateur.BASSQUIKNET\Application Data\Jasc Software Inc
2008-07-14 20:43:11 0 d-------- C:\Documents and Settings\Administrateur.BASSQUIKNET\Application Data\Intel
2008-07-14 20:43:11 0 d-------- C:\Documents and Settings\Administrateur.BASSQUIKNET\Application Data\Identities
2008-07-14 20:43:10 0 d--h----- C:\Documents and Settings\Administrateur.BASSQUIKNET\Voisinage réseau
2008-07-14 20:43:10 0 d--h----- C:\Documents and Settings\Administrateur.BASSQUIKNET\Voisinage d'impression
2008-07-14 20:43:10 0 dr-h----- C:\Documents and Settings\Administrateur.BASSQUIKNET\SendTo
2008-07-14 20:43:10 0 dr-h----- C:\Documents and Settings\Administrateur.BASSQUIKNET\Recent
2008-07-14 20:43:10 2359296 --ah----- C:\Documents and Settings\Administrateur.BASSQUIKNET\NTUSER.DAT
2008-07-14 20:43:10 0 d--h----- C:\Documents and Settings\Administrateur.BASSQUIKNET\Modèles
2008-07-14 20:43:10 0 dr------- C:\Documents and Settings\Administrateur.BASSQUIKNET\Mes documents
2008-07-14 20:43:10 0 dr------- C:\Documents and Settings\Administrateur.BASSQUIKNET\Menu Démarrer
2008-07-14 20:43:10 0 d--h----- C:\Documents and Settings\Administrateur.BASSQUIKNET\Local Settings
-- Find3M Report ---------------------------------------------------------------
2008-07-18 04:11:14 447222 --a------ C:\WINDOWS\system32\perfh00C.dat
2008-07-18 04:11:14 64922 --a------ C:\WINDOWS\system32\perfc00C.dat
2008-07-18 03:37:53 0 d-------- C:\Program Files\Messenger
2008-07-18 03:37:11 0 d-------- C:\Program Files\Movie Maker
2008-07-18 03:32:24 0 d-------- C:\Program Files\Windows NT
2008-07-15 21:44:05 0 d-------- C:\Program Files\RamBoost XP
2008-07-14 23:58:41 0 d-------- C:\Program Files\Hitman Pro
2008-07-11 04:01:39 0 d-------- C:\Program Files\Orange
2008-05-27 17:05:38 0 d-------- C:\Program Files\OpenOffice.org1.1.1
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [14/04/2008 04:34]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [12/02/2008 10:06]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)
"DisableTaskMgr"=0 (0x0)
"DisableRegistryTools"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoFolderOptions"=0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NofolderOptions"=0 (0x0)
"NoFind"=0 (0x0)
"NoRun"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
C:\WINDOWS\System32\dimsntfy.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless]
C:\Program Files\Intel\Wireless\Bin\LgNotify.dll 07/09/2004 17:08 110592 C:\Program Files\Intel\Wireless\Bin\LgNotify.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk
backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
C:\Program Files\Apoint\Apoint.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dla]
C:\WINDOWS\system32\dla\tfswctrl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DMXLauncher]
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
"C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX4800 Series]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE /P26 "EPSON Stylus DX4800 Series" /O6 "USB002" /M "Stylus DX4800"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\WINDOWS\system32\hkcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\WINDOWS\system32\igfxtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelWireless]
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
"C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\m6]
C:\Program Files\M6Video\M6video.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MAFWTaskbarApp]
C:\WINDOWS\system32\MAFWTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBJ]
"C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ORAWATCH]
C:\PROGRA~1\Orange\Watch.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\WINDOWS\system32\qttask.exe" -atboottime
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RamBoostXp]
C:\Program Files\RamBoost XP\rambxpfr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Brother XP spl Service"=2 (0x2)
"sdCoreService"=3 (0x3)
"sdAuxService"=3 (0x3)
"NICCONFIGSVC"=2 (0x2)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
eapsvcs eaphost
dot3svc dot3svc
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
napagent
hkmsvc
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
Auto\command- AdobeR.exe e
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
Auto\command- AdobeR.exe e
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\M]
Auto\command- AdobeR.exe e
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5b7269f8-a2d3-11da-930d-9391273c1e53}]
Auto\command- AdobeR.exe e
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5b7269f9-a2d3-11da-930d-9391273c1e53}]
Auto\command- AdobeR.exe e
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5b7269fa-a2d3-11da-930d-9391273c1e53}]
Auto\command- AdobeR.exe e
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e6eb115e-f86c-11dc-94ba-0013ce10a862}]
AutoRun\command- wd_windows_tools\setup.exe
-- End of Deckard's System Scanner: finished at 2008-07-22 14:10:16 ------------
Et le extra :
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Édition familiale (build 2600) SP 3.0
Architecture: X86; Language: French
CPU 0: Intel(R) Pentium(R) M processor 1.50GHz
Percentage of Memory in Use: 58%
Physical Memory (total/avail): 503.37 MiB / 209.3 MiB
Pagefile Memory (total/avail): 1227.46 MiB / 962.71 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1938.19 MiB
C: is Fixed (NTFS) - 52.89 GiB total, 4.02 GiB free.
D: is CDROM (No Media)
E: is Fixed (NTFS) - 97.65 GiB total, 10.31 GiB free.
F: is Fixed (NTFS) - 97.65 GiB total, 58.79 GiB free.
M: is Fixed (NTFS) - 84.16 GiB total, 18.86 GiB free.
\\.\PHYSICALDRIVE0 - FUJITSU MHV2060AH - 55.89 GiB - 3 partitions
\PARTITION0 - Unknown - 94.1 MiB
\PARTITION1 (bootable) - Système de fichiers installable - 52.89 GiB - C:
\PARTITION2 - Unknown - 2.9 GiB
\\.\PHYSICALDRIVE1 - Maxtor 6 L300R0 USB Device - 279.47 GiB - 3 partitions
\PARTITION0 - Système de fichiers installable - 97.65 GiB - E:
\PARTITION1 - Étendu avec Inter. 13 étendue - 181.82 GiB - F: - M:
-- Security Center -------------------------------------------------------------
AUOptions is disabled.
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Flo\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Fichiers communs
COMPUTERNAME=BASSQUIKNET
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Flo
LOGONSERVER=\\BASSQUIKNET
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Program Files\Fichiers communs\Sonic Shared
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 13 Stepping 8, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0d08
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SonicCentral=C:\Program Files\Fichiers communs\Sonic Shared\Sonic Central\
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Flo\LOCALS~1\Temp
TMP=C:\DOCUME~1\Flo\LOCALS~1\Temp
USERDOMAIN=BASSQUIKNET
USERNAME=Flo
USERPROFILE=C:\Documents and Settings\Flo
windir=C:\WINDOWS
__COMPAT_LAYER=EnableNXShowUI
-- User Profiles ---------------------------------------------------------------
Flo [I](admin)/I
Administrateur.BASSQUIKNET [I](admin)/I
-- Add/Remove Programs ---------------------------------------------------------
--> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ableton Live v5.0.2 --> C:\PROGRA~1\Ableton\LIVE50~1.2\UNWISE.EXE C:\PROGRA~1\Ableton\LIVE50~1.2\INSTALL.LOG
ACE Mega CoDecS Pack --> "C:\Program Files\ACE Mega CoDecS Pack\unins000.exe"
Ad-Aware SE Personal --> C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
Adobe Acrobat - Reader 6.0.2 Update --> MsiExec.exe /I{AC76BA86-0000-0000-0000-6028747ADE01}
Adobe Download Manager 2.0 (Supprimer uniquement) --> "C:\Program Files\Fichiers communs\Adobe\ESD\uninst.exe"
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Photoshop 7.0 --> C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Adobe\Photoshop 7.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 7.0\Uninst.dll"
Adobe Reader 6.0.1 - Français --> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A00000000001}
ALPS Touch Pad Driver --> C:\Program Files\Apoint\Uninstap.exe ADDREMOVE
ASAPI Update --> C:\PROGRA~1\VOB\ASAPIU~1\IWUNIN~1.EXE -uninstall C:\WINDOWS\ISUNINST.EXE -fC:\PROGRA~1\VOB\ASAPIU~1\ASAPI.isu
Avira AntiVir Personal – Free Antivirus --> C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
Broadcom Management Programs 2 --> C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{64A77F14-0E08-4A97-A859-E93CFF428756} /l1036
Canon S300 --> C:\WINDOWS\system32\CNMCP38.EXE -@C:\WINDOWS\IsUn040c.exe -f"C:\BJPrinter\CNMWINDOWS\Canon S300 Installer\Inst\DeIsL1.isu" -pCanon S300-c"C:\BJPrinter\CNMWINDOWS\Canon S300 Installer\Inst\bjinst.dll
Carte Novatel Wireless Merlin U530 --> C:\PROGRA~1\FranceTelecomUninstall\NOVU530PCM\Uninstall.exe Uninstall.ini
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
Conexant D110 MDC V.9x Modem --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_8086&DEV_24x6&SUBSYS_542214F1\HXFSETUP.EXE -U -Idel5422k.inf
Dell Driver Reset Tool --> MsiExec.exe /I{5905F42D-3F5F-4916-ADA6-94A3646AEE76}
Dell Media Experience --> MsiExec.exe /I{AC0EE5B0-A8FB-4D0A-AF03-2EDC518F841B}
Dell Media Experience Update --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CDE4CC8B-134B-421E-943C-90799E56F664}\setup.exe" -l0x40c -L0x40c /SMAINT
DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Player --> C:\WINDOWS\unvise32.exe C:\Program Files\DivX\DivX Player\uninstal.log
DivX Pro Codec Adware --> C:\WINDOWS\unvise32.exe C:\Program Files\DivX\DivX Pro Codec Adware\UninstalDivXProCodecAdware.log
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Emagic Logic Audio Platinum 5.5.1 --> C:\PROGRA~1\emagic\LOGIC5~1\UNWISE.EXE C:\PROGRA~1\emagic\LOGIC5~1\INSTALL.LOG
EPSON Logiciel imprimante --> C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
EVEREST Home Edition v2.20 --> "C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe"
FastStone Capture 5.2 (French) --> C:\Program Files\FastStone Capture\uninst.exe
FileZilla (remove only) --> "C:\Program Files\FileZilla\uninstall.exe"
Firewire Family --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D9CF5E60-42B1-489B-A0E2-9A6EE3DEB969}\setup.exe" -l0x9 -removeonly
Gestion de l'alimentation de la carte réseau interne --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1F528948-0E80-4C96-B455-DE4167CB1DF7}\setup.exe" -l0x40c UNINSTALL APPDRVNT4
Google Earth --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}\setup.exe" -l0x9 -removeonly
HijackThis 2.0.2 --> "C:\HijackThis\HijackThis.exe" /uninstall
Hitman Pro --> "C:\Program Files\Hitman Pro\unins000.exe"
Intel(R) Graphics Media Accelerator Driver for Mobile --> RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2792 PCI\VEN_8086&DEV_2592
Intel(R) PROSet/Wireless Software --> C:\WINDOWS\Installer\iProInst.exe
Internet Explorer 7 Standalone --> "C:\Program Files\IE7\unins000.exe"
Java 2 Runtime Environment, SE v1.4.2_03 --> MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142030}
Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Learn2 Player (Uninstall Only) --> C:\Program Files\Learn2.com\StRunner\stuninst.exe
LUXONIX LFX-1310 --> C:\Program Files\LUXONIX\LFX-1310\uninst LFX-1310.exe
M6Video version 2.2.16.200 --> "C:\Program Files\M6Video\unins000.exe"
Macromedia Dreamweaver MX 2004 --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{05BB2EC5-6BEF-4DDC-9E75-BEE7B161157A}\Setup.exe" -l0x40c mmUninstall
Macromedia Extension Manager --> MsiExec.exe /I{3C8C9FB3-5FDF-40B4-B314-EAD722728C76}
Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
mCore --> MsiExec.exe /I{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}
mDrWiFi --> MsiExec.exe /I{F6090A17-0967-4A8A-B3C3-422A1B514D49}
Mes SMS --> C:\PROGRA~1\Orange\MesSMS\UNWISE.EXE C:\PROGRA~1\Orange\MesSMS\INSTALL.LOG
mHlpDell --> MsiExec.exe /I{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}
Microsoft Works 7.0 --> MsiExec.exe /I{64D114CE-4234-45C2-B60A-2B07D5A48F72}
mIWA --> MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F}
mIWCA --> MsiExec.exe /I{6FFFE74E-3FBD-4E2E-97F9-5E9A2A077626}
mLogView --> MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}
mMHouse --> MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
Mobile PC Card --> C:\PROGRA~1\Orange\Uninstall.exe
Motherboard Monitor 5 --> "C:\Program Files\Motherboard Monitor 5\unins000.exe"
Mozilla Firefox (2.0.0.16) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
mPfMgr --> MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mPfWiz --> MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9}
mProSafe --> MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
MSN --> C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
mSSO --> MsiExec.exe /I{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}
mToolkit --> MsiExec.exe /I{CA9BAADB-C262-4E05-B2E2-CEE8CE9809EC}
mWlsSafe --> MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
mXML --> MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401}
myMP3 PRO 4.0 --> C:\PROGRA~1\STEINB~1\MYMP3P~1.0\UNWISE.EXE C:\PROGRA~1\STEINB~1\MYMP3P~1.0\INSTALL.LOG
mZConfig --> MsiExec.exe /I{94658027-9F16-4509-BBD7-A59FE57C3023}
Nero Suite --> C:\Program Files\Fichiers communs\Ahead\Uninstall\Setup.exe /uninstall
Nokia Connectivity Cable Driver --> MsiExec.exe /X{E4DD8B33-6F9B-41C5-96FF-5DBF27ED23E7}
Nokia MTP driver --> MsiExec.exe /I{59359B3D-ABE7-46BF-AB55-43B67A64DC68}
Nokia PC Connectivity Solution --> MsiExec.exe /I{588AA47B-9115-44D3-B2E5-4F10BC659D6C}
Nokia PC Suite --> MsiExec.exe /I{508FA22B-AFFC-46CD-9441-2567976574A4}
Nokia themes for your device --> MsiExec.exe /I{77F5816C-64A6-4FBE-BBE5-52EFE5EB84E8}
OpenOffice.org 1.1.1 --> C:\Program Files\OpenOffice.org1.1.1\program\setup.exe -deinstall
Outlook Express Backup Restore --> "C:\Program Files\Outlook Express Backup Restore\unins000.exe"
Poker 770 --> "C:\Poker\Poker 770\_SetupCasino.exe" /uninstall
PowerDVD 5.5 --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
QuickSet --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C5074CC4-0E26-4716-A307-960272A90040}\setup.exe" -l0x40c UNINSTALL APPDRVNT4 - ALL
QuickTime --> C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
RamBoost XP 4.0.6 --> "C:\Program Files\RamBoost XP\unins000.exe"
RealPlayer Basic --> C:\Program Files\Fichiers communs\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0
Reason 3.0 --> "C:\Program Files\Propellerhead\Reason\Uninstall Reason\unins000.exe"
SnagIt 8 --> MsiExec.exe /I{93699C3E-005E-4294-87CA-F5B7DE2CD687}
Sonic DLA --> MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Sonic Foundry ACID 4.0 --> MsiExec.exe /I{2A38B5AA-EA84-4F87-9937-2FB23982243A}
Sonic Foundry Sound Forge 6.0a --> MsiExec.exe /I{6CDC68BB-C997-4ADC-9BA0-6293FB88521E}
Sonic MyDVD LE --> MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic RecordNow Audio --> MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Sonic RecordNow Copy --> MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
Sonic RecordNow Data --> MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
Sonic Update Manager --> MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Spybot - Search & Destroy 1.4 --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Spyware Doctor 5.5 --> C:\Program Files\Spyware Doctor\unins000.exe /LOG
SpywareBlaster v3.5.1 --> "C:\Program Files\SpywareBlaster\unins000.exe"
USB Storage Driver --> DelUIDrv.exe
VeohTV BETA --> C:\Program Files\InstallShield Installation Information\{97A96172-A963-4A37-9FFB-DA6805BB915A}\setup.exe -runfromtemp -l0x0409
VideoLAN VLC media player 0.8.2 --> C:\Program Files\VideoLAN\VLC\uninstall.exe
Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
Winamp (remove only) --> "C:\Program Files\Winamp\UninstWA.exe"
Windows Driver Package - Nokia Modem (04/06/2006 6.8.0.17) --> C:\PROGRA~1\DIFX\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_7F91C37896B530901B0665F9EF32E19FF06F5687\nokbtmdm.inf
Windows Live Messenger --> MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
Windows XP Service Pack 3 --> "C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
Yahoo! Install Manager --> C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL
Yahoo! Toolbar avec bloqueur de fenêtres pop-up --> C:\PROGRA~1\Yahoo!\Common\unyt.exe
-- Application Event Log -------------------------------------------------------
Event Record #/Type416 / Error
Event Submitted/Written: 07/20/2008 08:40:36 PM
Event ID/Source: 4118 / Avira AntiVir
Event Description:
C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xmlUNKNOWN20664320
Event Record #/Type412 / Error
Event Submitted/Written: 07/20/2008 07:57:59 PM
Event ID/Source: 4118 / Avira AntiVir
Event Description:
C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xmlUNKNOWN20664320
Event Record #/Type404 / Error
Event Submitted/Written: 07/19/2008 07:18:59 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Application bloquée Settings.dll, version 5.3.7.0, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
Event Record #/Type388 / Warning
Event Submitted/Written: 07/18/2008 03:38:55 AM
Event ID/Source: 63 / WinMgmt
Event Description:
Un fournisseur, HiPerfCooker_v1, a été enregistré dans l'espace de noms WMI, Root\WMI, afin d'utiliser le compte LocalSystem. Ce compte bénéficie de privilèges et le fournisseur peut provoquer une violation de sécurité s'il ne représente pas correctement les demandes utilisateur.
Event Record #/Type385 / Error
Event Submitted/Written: 07/18/2008 02:50:03 AM
Event ID/Source: 11 / crypt32
Event Description:
Échec de l'extraction de la liste racine tierce partie depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l'erreur : Un certificat requis n'est pas dans sa période de validité selon la vérification par rapport à l'horloge système en cours ou le tampon daté dans le fichier signé.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type860845 / Warning
Event Submitted/Written: 07/22/2008 03:11:42 AM
Event ID/Source: 57 / Ftdisk
Event Description:
Le système n'a pas pu vider les données du journal de transaction. Les données pourraient être endommagées.
Event Record #/Type860844 / Warning
Event Submitted/Written: 07/22/2008 03:11:42 AM
Event ID/Source: 57 / Ftdisk
Event Description:
Le système n'a pas pu vider les données du journal de transaction. Les données pourraient être endommagées.
Event Record #/Type860843 / Warning
Event Submitted/Written: 07/22/2008 03:11:42 AM
Event ID/Source: 57 / Ftdisk
Event Description:
Le système n'a pas pu vider les données du journal de transaction. Les données pourraient être endommagées.
Event Record #/Type860842 / Warning
Event Submitted/Written: 07/22/2008 03:11:42 AM
Event ID/Source: 57 / Ftdisk
Event Description:
Le système n'a pas pu vider les données du journal de transaction. Les données pourraient être endommagées.
Event Record #/Type860841 / Warning
Event Submitted/Written: 07/22/2008 03:11:42 AM
Event ID/Source: 57 / Ftdisk
Event Description:
Le système n'a pas pu vider les données du journal de transaction. Les données pourraient être endommagées.
-- End of Deckard's System Scanner: finished at 2008-07-22 14:10:16 ------------
Merci à vous tous pour votre aide :)
Flo.
Configuration: Windows XP Firefox 2.0.0.16
2 réponses
Salut,
Télécharge RavAntivirus d'Evosla sur ton bureau : http://ww25.evosla.com/compteur.php?soft=rav_antivirus
- Branche tes sources de données externes à ton PC (clé USB, disque dur externe, etc...) sans les ouvrir avant de lancer ce FIX
- Clique droit sur le fichier .ZIP, puis "Extraire vers" Bureau.
- Doucle-clique sur "RAV.exe" pour lancer le fix.
- Laisse le programme agir : il scanne automatiquement tout les lecteurs (disques fixes et amovibles)
- En cas d'infections un rapport sera généré : poste le dans ta prochaine réponse stp.
- Ensuite : retire tes disques amovibles et redémarre le PC.
Télécharge RavAntivirus d'Evosla sur ton bureau : http://ww25.evosla.com/compteur.php?soft=rav_antivirus
- Branche tes sources de données externes à ton PC (clé USB, disque dur externe, etc...) sans les ouvrir avant de lancer ce FIX
- Clique droit sur le fichier .ZIP, puis "Extraire vers" Bureau.
- Doucle-clique sur "RAV.exe" pour lancer le fix.
- Laisse le programme agir : il scanne automatiquement tout les lecteurs (disques fixes et amovibles)
- En cas d'infections un rapport sera généré : poste le dans ta prochaine réponse stp.
- Ensuite : retire tes disques amovibles et redémarre le PC.
