service.exe probleme au demarrage (reboot )
Forum Sécurité - Virus : service.exe probleme au demarrage (reboot )
Bonjour,
Je vais m'occuper de toi. Merci de prendre en compte que je suis bénévole, que j'ai une vie privée et que j'aide plusieurs internautes à la fois, donc merci d'être patient. Cependant, je ne lâche jamais un internaute tant que son PC n'est pas propre 
Télécharge Hijackthis (de Trend Micro) sur ton Bureau.
- Double clique sur HJTInstall.exe pour lancer l'installation.
- Clique sur Install.
- Double clique sur le raccourci d'HijackThis qui vient d'être créé pour le lancer. (Clique droit -> lancer en tant qu'admin si sous Vista)
- Accepte la licence en cliquant sur Yes.
- Clique sur "Do a system scan and save a logfile".
- Poste ici[ le rapport généré.
Note : Le rapport se trouve également ici : C:\Program Files\Trend Micro\Hijackthis\Hijackthis.log
Aide : Comment utiliser HijackThis.
Sécurité / Prévention
Répondre à Egwene
Re,
Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec
- Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
- Afin de lancer la recherche, clic sur"Rechercher".
- Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
-- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
-- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.
AIDE : Tuto en images sur MBAM
Et poste-moi un nouveau rapport HijackThis.
Sécurité / Prévention
Répondre à Egwene
Re,
Je peux avoir le rapport de MBAM comme demandé ?
Sécurité / Prévention
Répondre à Egwene
Re,
Télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.
- Double-clique sur RSIT.exe afin de lancer RSIT.
- Clique Continue à l'écran Disclaimer.
- Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
- Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
- NB : Les rapports sont sauvegardés dans le dossier C:\rsit
- Veille bien à me poster l'intégralité des rapports, vérifie qu'ils soient complets une fois que tu les as postés.
Sécurité / Prévention
Répondre à Egwene
log:
Logfile of random's system information tool 1.04 (written by random/random)
Run by ben et nat at 2008-10-03 14:18:01
Microsoft Windows XP Édition familiale Service Pack 3
System drive E: has 24 GB (30%) free of 80 GB
Total RAM: 2047 MB (43% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:18:25, on 03/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\rundll32.exe
E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
E:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
E:\WINDOWS\system32\rundll32.exe
E:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
E:\Program Files\Microsoft ActiveSync\wcescomm.exe
E:\PROGRA~1\MI3AA1~1\rapimgr.exe
E:\Program Files\IncrediMail\bin\IMApp.exe
E:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
E:\Program Files\Bonjour\mDNSResponder.exe
E:\WINDOWS\system32\nvsvc32.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Windows Live\Messenger\usnsvc.exe
E:\Program Files\eMule\emule.exe
E:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe
E:\WINDOWS\system32\drwtsn32.exe
E:\WINDOWS\system32\drwtsn32.exe
E:\WINDOWS\system32\drwtsn32.exe
E:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
E:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
E:\Program Files\IncrediMail\bin\IncMail.exe
E:\WINDOWS\system32\drwtsn32.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\Documents and Settings\ben et nat\Bureau\RSIT.exe
E:\Documents and Settings\ben et nat\Bureau\ben et nat.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://bl141w.blu141.mail.live.com [...] 7876382125
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://kaspersky.telechargement.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - E:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - E:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: fdkowvbp - {2A071B1F-95AD-467B-9463-64DA449CB769} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [AVP] "E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [Microsoft Works Update Detection] E:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [TkBellExe] "E:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "E:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [IncrediMail] E:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [H/PC Connection Agent] "E:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Active Desktop Calendar] E:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
O4 - HKCU\..\Run: [RegistryBooster 2 d’Uniblue ] E:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Reg [...] lashax.cab
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - E:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - E:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe
--
End of file - 7137 bytes
======Scheduled tasks folder======
E:\WINDOWS\tasks\AppleSoftwareUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - E:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-06-05 308856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - E:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll [2008-06-05 654320]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2A071B1F-95AD-467B-9463-64DA449CB769} - []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=E:\WINDOWS\system32\NvCpl.dll [2006-03-02 7557120]
"nwiz"=nwiz.exe /install []
"BluetoothAuthenticationAgent"=E:\WINDOWS\system32\bthprops.cpl [2008-04-14 110592]
"NWEReboot"= []
"AVP"=E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe [2007-06-28 218376]
"Microsoft Works Update Detection"=E:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe [2003-06-10 50688]
"TkBellExe"=E:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2008-06-05 185896]
"SunJavaUpdateSched"=E:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"QuickTime Task"=E:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=E:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"msnmsgr"=E:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]
"IncrediMail"=E:\Program Files\IncrediMail\bin\IncMail.exe [2008-07-24 243072]
"H/PC Connection Agent"=E:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-06-26 1211176]
"Active Desktop Calendar"=E:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe [2008-09-23 4467712]
"RegistryBooster 2 d’Uniblue "=E:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe [2007-11-21 1902592]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\acronis scheduler2 service]
E:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe [2006-03-02 118784]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\adobe reader speed launcher]
E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\christmastree]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hp software update]
E:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ituneshelper]
E:\Program Files\iTunes\iTunesHelper.exe [2008-09-10 289576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nerofiltercheck]
E:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\osselectorreinstall]
E:\Program Files\Fichiers communs\Acronis\Partition Suite\oss_reinstall.exe [2006-04-19 1281425]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\quicktime task]
E:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\soundman]
E:\WINDOWS\SOUNDMAN.EXE [2006-03-02 577536]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\trueimagemonitor.exe]
E:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe [2006-03-02 1009003]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\e:^documents and settings^all users^menu démarrer^programmes^démarrage^accélérateur de démarrage autocad.lnk]
E:\PROGRA~1\FICHIE~1\AUTODE~1\ACSTAR~1.EXE [2004-02-25 10872]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\e:^documents and settings^all users^menu démarrer^programmes^démarrage^démarrage rapide de hp photosmart premier.lnk]
E:\PROGRA~1\HP\DIGITA~1\bin\hpqthb08.exe [2006-02-10 73728]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\e:^documents and settings^all users^menu démarrer^programmes^démarrage^hp digital imaging monitor.lnk]
E:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2006-02-19 288472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\e:^documents and settings^all users^menu démarrer^programmes^démarrage^microsoft office.lnk]
E:\PROGRA~1\MICROS~2\Office10\OSA.EXE [2001-02-13 83360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\e:^documents and settings^ben et nat^menu démarrer^programmes^démarrage^zapu acceleration engine.lnk]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\e:^documents and settings^ben et nat^menu démarrer^programmes^démarrage^zapu.lnk]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Pml Driver HPZ12"=2
"iPod Service"=3
"idsvc"=3
"HP Status Server"=3
"HP Port Resolver"=3
"gusvc"=2
"Autodesk Licensing Service"=3
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
E:\WINDOWS\system32\klogon.dll [2007-06-28 206088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - E:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
relog_ap
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"E:\Program Files\IncrediMail\bin\ImApp.exe"="E:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
"E:\Program Files\IncrediMail\bin\IncMail.exe"="E:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"E:\Program Files\IncrediMail\bin\ImpCnt.exe"="E:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"="E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe:*:Enabled:Kaspersky Anti-Virus"
"E:\Program Files\eMule\emule.exe"="E:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"N:\Program Files\Wolfenstein - Enemy Territory\ET.exe"="N:\Program Files\Wolfenstein - Enemy Territory\ET.exe:*
isabled:ET"
"E:\Program Files\Zapu\Zapu\wDivi.exe"="E:\Program Files\Zapu\Zapu\wDivi.exe:*isabled:Zapu Control"
"E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"="E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe:*isabled:Kaspersky Anti-Virus"
"E:\WINDOWS\system32\[Emoticons-plus.com] Winkaa 2.0.exe"="E:\WINDOWS\system32\[Emoticons-plus.com] Winkaa 2.0.exe:*:Enabled:[Emoticons-plus.com] Winkaa 2.0"
"E:\Program Files\IncrediMail\bin\ImPackr.exe"="E:\Program Files\IncrediMail\bin\ImPackr.exe:*:Enabled:IncrediMail"
"E:\Program Files\KAZAA LITE TOOLS K++\KazaaLite.kpp"="E:\Program Files\KAZAA LITE TOOLS K++\KazaaLite.kpp:*:Enabled:KazaaLite"
"E:\WINDOWS\Network Diagnostic\xpnetdiag.exe"="E:\WINDOWS\Network Diagnostic\xpnetdiag.exe:*isabled:@xpsp3res.dll,-20000"
"E:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="E:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*isabled:hpfccopy.exe"
"E:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="E:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*isabled:hpoews01.exe"
"E:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="E:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*isabled:hpofxm08.exe"
"E:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="E:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*isabled:hposfx08.exe"
"E:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="E:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*isabled:hposid01.exe"
"E:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="E:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*isabled:hpqcopy.exe"
"E:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="E:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*isabled:hpqdia.exe"
"E:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="E:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*isabled:hpqkygrp.exe"
"E:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="E:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*isabled:hpqnrs08.exe"
"E:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="E:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*isabled:hpqphunl.exe"
"E:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="E:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*isabled:hpqscnvw.exe"
"E:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="E:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*isabled:hpqste08.exe"
"E:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="E:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*isabled:hpqtra08.exe"
"E:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="E:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*isabled:hpzwiz01.exe"
"E:\Program Files\Microsoft ActiveSync\rapimgr.exe"="E:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"E:\Program Files\Microsoft ActiveSync\wcescomm.exe"="E:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"E:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="E:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"E:\Program Files\Real\RealPlayer\realplay.exe"="E:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"E:\Program Files\Windows Live\Messenger\msnmsgr.exe"="E:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"E:\Program Files\Windows Live\Messenger\livecall.exe"="E:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"E:\Program Files\Bonjour\mDNSResponder.exe"="E:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"E:\Program Files\iTunes\iTunes.exe"="E:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"E:\Program Files\Microsoft ActiveSync\rapimgr.exe"="E:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"E:\Program Files\Microsoft ActiveSync\wcescomm.exe"="E:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"E:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="E:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"E:\Program Files\Windows Live\Messenger\msnmsgr.exe"="E:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"E:\Program Files\Windows Live\Messenger\livecall.exe"="E:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
======File associations======
.scr - open - "E:\WINDOWS\notepad.exe" "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 months======
2008-10-03 14:18:01 ----D---- E:\rsit
2008-10-03 11:04:44 ----D---- E:\Documents and Settings\ben et nat\Application Data\aicon
2008-10-02 09:31:20 ----D---- E:\WINDOWS\LastGood
2008-10-02 00:12:36 ----A---- E:\WINDOWS\ntbtlog.txt
2008-10-02 00:00:31 ----D---- E:\Documents and Settings\ben et nat\Application Data\Malwarebytes
2008-10-02 00:00:26 ----D---- E:\Program Files\Malwarebytes' Anti-Malware
2008-10-02 00:00:26 ----D---- E:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-01 22:02:37 ----D---- E:\Program Files\CCleaner
2008-10-01 21:53:12 ----D---- E:\Documents and Settings\ben et nat\Application Data\Uniblue
2008-10-01 21:53:04 ----D---- E:\Program Files\Uniblue
2008-10-01 21:50:45 ----D---- E:\Program Files\NODouble
2008-10-01 09:00:10 ----D---- E:\WINDOWS\pss
2008-09-30 22:38:31 ----D---- E:\Documents and Settings\ben et nat\Application Data\XemiComputers
2008-09-30 22:38:14 ----D---- E:\Program Files\XemiComputers
2008-09-29 21:36:03 ----A---- E:\WINDOWS\system32\VB5StKit.dll
2008-09-29 21:36:03 ----A---- E:\WINDOWS\system32\VB5ES.dll
2008-09-29 21:36:03 ----A---- E:\WINDOWS\ST5UNST.EXE
2008-09-28 21:53:51 ----D---- E:\AgendaST
2008-09-28 21:53:51 ----A---- E:\Renkar.ini
2008-09-28 21:35:23 ----D---- E:\Documents and Settings\ben et nat\Application Data\Pense-bete
2008-09-22 13:44:30 ----D---- E:\Program Files\Microsoft.NET
2008-09-22 12:30:23 ----D---- E:\Program Files\Microsoft Silverlight
2008-09-22 12:30:13 ----D---- E:\Program Files\Microsoft Synchronization Services
2008-09-22 12:30:12 ----D---- E:\Program Files\Microsoft SQL Server Compact Edition
2008-09-22 12:26:16 ----D---- E:\Program Files\Microsoft Visual Studio 9.0
2008-09-22 12:26:16 ----D---- E:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-09-22 12:25:37 ----D---- E:\Program Files\Microsoft SDKs
2008-09-22 12:24:13 ----HDC---- E:\WINDOWS\$NtUninstallXPSEPSCLP$
2008-09-22 12:21:43 ----D---- E:\Program Files\MSBuild
2008-09-22 12:21:37 ----D---- E:\WINDOWS\system32\XPSViewer
2008-09-22 12:21:31 ----D---- E:\WINDOWS\system32\en-us
2008-09-22 12:21:30 ----D---- E:\Program Files\Reference Assemblies
2008-09-22 12:20:58 ----N---- E:\WINDOWS\system32\spmsg2.dll
2008-09-22 10:45:48 ----N---- E:\WINDOWS\system32\SET157.tmp
2008-09-20 13:04:21 ----D---- E:\Program Files\SAV
2008-09-18 08:13:31 ----D---- E:\Program Files\Apple Software Update
2008-09-18 08:13:06 ----D---- E:\Documents and Settings\ben et nat\Application Data\Apple Computer
2008-09-18 08:12:23 ----A---- E:\WINDOWS\system32\GEARAspi.dll
2008-09-18 08:12:00 ----D---- E:\Program Files\iPod
2008-09-18 08:11:57 ----D---- E:\Program Files\iTunes
2008-09-18 08:11:57 ----D---- E:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-09-18 08:11:43 ----D---- E:\Program Files\Bonjour
2008-09-18 08:02:47 ----D---- E:\Program Files\Fichiers communs\Apple
2008-09-18 08:02:43 ----D---- E:\Program Files\QuickTime
2008-09-18 08:02:41 ----D---- E:\Documents and Settings\All Users\Application Data\Apple Computer
2008-09-14 17:48:52 ----D---- E:\films
2008-09-10 09:33:16 ----HDC---- E:\WINDOWS\$NtUninstallKB938464$
2008-09-10 09:32:26 ----HDC---- E:\WINDOWS\$NtUninstallKB954154_WM11$
2008-09-09 14:58:21 ----D---- E:\Documents and Settings\All Users\Application Data\Apple
2008-09-09 14:42:30 ----HDC---- E:\WINDOWS\ie7
2008-09-09 14:08:40 ----D---- E:\Program Files\Windows Live Safety Center
2008-09-09 10:50:19 ----D---- E:\Program Files\Edith
2008-09-06 00:43:13 ----D---- E:\Documents and Settings\All Users\Application Data\JollyBear
2008-09-06 00:39:06 ----D---- E:\Program Files\GameHouse
2008-09-05 15:25:01 ----A---- E:\WINDOWS\system32\lfpng13n.dll
2008-09-05 12:32:37 ----D---- E:\Program Files\Coucou le Hibou
2008-09-05 12:32:08 ----A---- E:\WINDOWS\gfact.ini
2008-09-05 12:32:07 ----D---- E:\WINDOWS\vocabulon
2008-09-05 12:32:07 ----A---- E:\WINDOWS\system32\cncs32.dll
2008-09-05 12:18:45 ----A---- E:\WINDOWS\JMC_1000.INI
======List of files/folders modified in the last 1 months======
2008-10-03 14:18:10 ----D---- E:\WINDOWS\Temp
2008-10-03 14:17:57 ----D---- E:\WINDOWS\Prefetch
2008-10-03 14:15:53 ----D---- E:\Program Files\Mozilla Firefox
2008-10-03 14:13:19 ----D---- E:\Program Files\eMule
2008-10-03 11:13:03 ----D---- E:\Program Files
2008-10-02 19:43:08 ----A---- E:\WINDOWS\NeroDigital.ini
2008-10-02 09:56:17 ----D---- E:\WINDOWS\system32\config
2008-10-02 09:32:15 ----HD---- E:\WINDOWS\inf
2008-10-02 09:31:22 ----D---- E:\WINDOWS
2008-10-02 07:38:25 ----D---- E:\WINDOWS\system32\CatRoot2
2008-10-02 07:38:15 ----D---- E:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-10-02 00:12:52 ----D---- E:\Documents and Settings
2008-10-02 00:11:32 ----A---- E:\WINDOWS\SchedLgU.Txt
2008-10-02 00:00:28 ----D---- E:\WINDOWS\system32\drivers
2008-10-01 22:59:28 ----D---- E:\WINDOWS\Debug
2008-10-01 21:14:13 ----A---- E:\WINDOWS\win.ini
2008-10-01 21:14:13 ----A---- E:\WINDOWS\system.ini
2008-09-30 23:11:41 ----SHD---- E:\WINDOWS\Installer
2008-09-30 23:11:41 ----SHD---- E:\Config.Msi
2008-09-30 22:51:46 ----D---- E:\Documents and Settings\All Users\Application Data\Google Updater
2008-09-29 21:42:56 ----D---- E:\WINDOWS\system32
2008-09-28 21:58:13 ----D---- E:\WINDOWS\system
2008-09-28 21:39:14 ----D---- E:\Program Files\Java
2008-09-28 21:38:23 ----D---- E:\Program Files\IncrediMail
2008-09-22 14:40:53 ----D---- E:\WINDOWS\Microsoft.NET
2008-09-22 14:40:52 ----RSD---- E:\WINDOWS\assembly
2008-09-22 13:45:43 ----D---- E:\WINDOWS\WinSxS
2008-09-22 13:44:37 ----D---- E:\Program Files\Fichiers communs\Microsoft Shared
2008-09-22 13:30:06 ----RSHDC---- E:\WINDOWS\system32\dllcache
2008-09-22 12:30:18 ----SD---- E:\Documents and Settings\All Users\Application Data\Microsoft
2008-09-22 12:28:31 ----SD---- E:\Documents and Settings\ben et nat\Application Data\Microsoft
2008-09-22 12:25:31 ----D---- E:\WINDOWS\system32\CatRoot
2008-09-22 12:23:55 ----D---- E:\WINDOWS\system32\fr-fr
2008-09-22 12:23:31 ----D---- E:\Program Files\Internet Explorer
2008-09-22 12:22:29 ----A---- E:\WINDOWS\system32\PerfStringBackup.INI
2008-09-22 12:21:41 ----RSD---- E:\WINDOWS\Fonts
2008-09-22 12:21:10 ----D---- E:\WINDOWS\system32\spool
2008-09-22 10:59:29 ----HD---- E:\Program Files\InstallShield Installation Information
2008-09-18 08:13:33 ----SD---- E:\WINDOWS\Tasks
2008-09-18 08:12:23 ----DC---- E:\WINDOWS\system32\DRVSTORE
2008-09-18 08:02:47 ----D---- E:\Program Files\Fichiers communs
2008-09-10 09:33:41 ----HD---- E:\WINDOWS\$hf_mig$
2008-09-09 14:48:18 ----D---- E:\WINDOWS\Help
2008-09-05 09:53:40 ----D---- E:\Program Files\Messenger Plus! Live
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 klif;Klif; \??\E:\WINDOWS\system32\drivers\klif.sys []
R2 SBKUPNT;SBKUPNT; \??\E:\WINDOWS\system32\Drivers\SBKUPNT.SYS []
R2 tifsfilter;Acronis TrueImage FS Filter; E:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2007-12-13 30688]
R3 3xHybrid;3xHybrid service; E:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2006-01-24 835200]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); E:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-05-19 3965056]
R3 Arp1394;Protocole client ARP 1394; E:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; E:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 hidusb;Pilote de classe HID Microsoft; E:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; E:\WINDOWS\system32\DRIVERS\klim5.sys [2007-04-04 24344]
R3 LVUSBSta;Logitech USB Monitor Filter; E:\WINDOWS\system32\drivers\lvusbsta.sys [2004-10-08 22016]
R3 mouhid;Pilote HID de souris; E:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288]
R3 NIC1394;Pilote réseau 1394; E:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; E:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-03-02 3648864]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; E:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-09-30 34048]
R3 nvnetbus;NVIDIA Network Bus Enumerator; E:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-09-30 13056]
R3 QCMerced;Logitech QuickCam Communicate; E:\WINDOWS\system32\DRIVERS\LVCM.sys [2004-10-08 585824]
R3 usbaudio;Pilote USB audio (WDM); E:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Pilote parent générique USB Microsoft; E:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; E:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; E:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; E:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbstor;Pilote de stockage de masse USB; E:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S1 kbdhid;Pilote HID de clavier; E:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S3 BthEnum;Service d'énumérateur Bluetooth; E:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BTHMODEM;Pilote de communication série Bluetooth; E:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
S3 BthPan;Périphérique Bluetooth (réseau personnel); E:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Pilote de port Bluetooth; E:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768]
S3 BTHUSB;Pilote USB radio Bluetooth; E:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 CCDECODE;Décodeur sous-titre fermé; E:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 HidBth;Miniport HID Microsoft Bluetooth; E:\WINDOWS\system32\DRIVERS\hidbth.sys [2008-04-14 25856]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; E:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-13 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; E:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-13 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; E:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-13 21568]
S3 MPE;Filtre BDA MPE; E:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; E:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; E:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; E:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); E:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 se57bus;Sony Ericsson Device 087 driver (WDM); E:\WINDOWS\system32\DRIVERS\se57bus.sys [2006-11-30 61536]
S3 se57mdfl;Sony Ericsson Device 087 USB WMC Modem Filter; E:\WINDOWS\system32\DRIVERS\se57mdfl.sys [2006-11-30 9360]
S3 se57mdm;Sony Ericsson Device 087 USB WMC Modem Driver; E:\WINDOWS\system32\DRIVERS\se57mdm.sys [2006-11-30 97088]
S3 se57mgmt;Sony Ericsson Device 087 USB WMC Device Management Drivers (WDM); E:\WINDOWS\system32\DRIVERS\se57mgmt.sys [2006-11-30 88624]
S3 se57nd5;Sony Ericsson Device 087 USB Ethernet Emulation SEMC57 (NDIS); E:\WINDOWS\system32\DRIVERS\se57nd5.sys [2006-11-30 18704]
S3 se57obex;Sony Ericsson Device 087 USB WMC OBEX Interface; E:\WINDOWS\system32\DRIVERS\se57obex.sys [2006-11-30 86432]
S3 se57unic;Sony Ericsson Device 087 USB Ethernet Emulation SEMC57 (WDM); E:\WINDOWS\system32\DRIVERS\se57unic.sys [2006-11-30 90800]
S3 SIS163u;SiS163 usb Wireless LAN Adapter Driver; E:\WINDOWS\system32\DRIVERS\sis163u.sys [2005-06-20 215040]
S3 SLIP;Détrameur décalage BDA; E:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); E:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; E:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbprint;Classe d'imprimantes USB Microsoft; E:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; E:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 wceusbsh;Windows CE USB Serial Host Driver; E:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2007-06-28 108208]
S3 WSTCODEC;Codec Teletext standard; E:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; E:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; E:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 ZSMC301b;Philips SPC 200NC PC Camera; E:\WINDOWS\System32\Drivers\usbVM31b.sys []
S4 IntelIde;IntelIde; E:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcrSch2Svc;Acronis Scheduler2 Service; E:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe [2006-03-02 172032]
R2 AVP;Kaspersky Anti-Virus 7.0; E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe [2007-06-28 218376]
R2 Bonjour Service;Service Bonjour; E:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 BthServ;Bluetooth Support Service; E:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 NVSvc;NVIDIA Display Driver Service; E:\WINDOWS\system32\nvsvc32.exe [2006-03-02 143426]
R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; E:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 aspnet_state;ASP.NET State Service; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; E:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 WLSetupSvc;Windows Live Setup Service; E:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; E:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; E:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 Apple Mobile Device;Apple Mobile Device; E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-09-10 116040]
S4 Autodesk Licensing Service;Autodesk Licensing Service; E:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe [2007-12-09 74360]
S4 gusvc;Google Updater Service; E:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-06-05 137200]
S4 HP Port Resolver;HP Port Resolver; E:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE [2005-05-20 81920]
S4 HP Status Server;HP Status Server; E:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE [2004-10-16 73728]
S4 idsvc;Windows CardSpace; E:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S4 iPod Service;Service de l’iPod; E:\Program Files\iPod\bin\iPodService.exe [2008-09-10 536872]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; E:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]
S4 Pml Driver HPZ12;Pml Driver HPZ12; E:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728]
-----------------EOF-----------------
et info:
info.txt logfile of random's system information tool 1.04 2008-10-03 14:18:32
======Uninstall list======
-->E:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 E:\WINDOWS\INF\PCHealth.inf
1000 mots pour apprendre à lire V 2.3-->C:\educampa\unins000.exe
Acronis True Image-->MsiExec.exe /X{CA83357B-931E-44DC-AD43-9996FEEB8116}
Active Desktop Calendar 7.6-->"E:\Program Files\XemiComputers\Active Desktop Calendar\unins000.exe"
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player ActiveX-->E:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
Album photo Microsoft 9-->E:\WINDOWS\system32\msiexec.exe /i {9F7FC79B-3059-4264-9450-39EB368E3225}
Apple Mobile Device Support-->MsiExec.exe /I{AA9768AA-FF0B-4C66-A085-31E934F77841}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->E:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
AutoCAD 2005 - Français-->MsiExec.exe /I{5783F2D7-0301-040C-0002-0060B0CE6BBA}
AviSynth 2.5-->"E:\Program Files\AviSynth 2.5\Uninstall.exe"
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
CCleaner (remove only)-->"E:\Program Files\CCleaner\uninst.exe"
CompuApps SwissKnife V3-->E:\WINDOWS\ISUNINST.EXE -fC:\SWISNIFE\SKUninst.ISU
Correctif pour Lecteur Windows Media 11 (KB939683)-->"E:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"E:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Coucou le Hibou-->E:\Program Files\Coucou le Hibou\Uninstal.exe
DWG TrueView 2008-->E:\Program Files\DWG TrueView 2008\Setup\Setup.exe /P {B1A9CD45-A702-4E3B-91ED-8CD562869901} /M AOEM
Edith-->E:\Program Files\Edith\Uninstal.exe
eMule-->"E:\Program Files\eMule\Uninstall.exe"
Fujitsu Siemens Computers WLAN 802.11b/g D1705/D1706-->E:\WINDOWS\system32\unwlsdrv.exe SiS163u
HijackThis 2.0.2-->"E:\Documents and Settings\ben et nat\Bureau\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"E:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
HP Customer Participation Program 7.0-->E:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Document Viewer 7.0-->E:\Program Files\HP\Digital Imaging\DocumentViewer\hpzscr01.exe -datfile hpqbud04.dat
HP Imaging Device Functions 7.0-->E:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Premier Software 6.5-->E:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Photosmart, Officejet and Deskjet 7.0.A-->E:\Program Files\HP\Digital Imaging\{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}\setup\hpzscr01.exe -datfile hposcr11.dat
HP Solution Center 7.0-->E:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{7059BDA7-E1DB-442C-B7A1-6144596720A4}
IncrediMail Xe-->E:\Program Files\IncrediMail\bin\ImSetup.exe /remove /addon:IncrediMail /log:IncMail.log
iTunes-->MsiExec.exe /I{41B9E2CF-0B3F-442A-B5B3-592A4A355634}
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Jasc Paint Shop Pro 8-->MsiExec.exe /I{81A34902-9D0B-4920-A25C-4CDC5D14B328}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Kaspersky Anti-Virus 7.0-->MsiExec.exe /I{4B9BB601-13E9-4042-A3BC-E7955BF4A98F}
Kaspersky Anti-Virus 7.0-->MsiExec.exe /I{4B9BB601-13E9-4042-A3BC-E7955BF4A98F}
K-Lite Codec Pack 3.5.9 Full BETA-->"E:\Program Files\K-Lite Codec Pack\unins000.exe"
Lecteur Windows Media 11-->"E:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Livebox-->RunDll32 E:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{17342E3B-0818-4A6F-BFF8-99476605ADD6}\Setup.exe" -l0x40c
Local Cooling Setup-->MsiExec.exe /I{79166E9D-4D2B-405A-B8F5-B43E0C795FF2}
Mahjong Escape-->E:\PROGRA~1\GAMEHO~1\MAHJON~1\UNWISE.EXE /U E:\PROGRA~1\GAMEHO~1\MAHJON~1\INSTALL.LOG
Malwarebytes' Anti-Malware-->"E:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Messenger Plus! Live-->"E:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"E:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "E:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA-->MsiExec.exe /I{3F7924B9-D148-3141-87B1-68F36043A940}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - FRA-->MsiExec.exe /I{511DF669-2930-30C0-8EB6-552887E29EC8}
Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
Microsoft .NET Framework 3.5 Language Pack - fra-->MsiExec.exe /I{5B76AEA2-D4E5-3B55-B965-ACC36AE0EAFC}
Microsoft .NET Framework 3.5-->E:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setup.exe
Microsoft .NET Framework 3.5-->MsiExec.exe /I{2FC099BD-AC9B-33EB-809C-D332E1B27C40}
Microsoft ActiveSync 4.0-->MsiExec.exe /I{B208806F-A231-4FA0-AB3F-5C1B8979223E}
Microsoft Compression Client Pack 1.0 for Windows XP-->"E:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"E:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"E:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Live Small Business Image Uploader-->MsiExec.exe /X{A580547F-4FB6-433E-A595-21CAA858C556}
Microsoft Office XP Professional avec FrontPage-->MsiExec.exe /I{9028040C-6000-11D3-8CFE-0050048383C9}
Microsoft Photo Pro 9-->E:\WINDOWS\system32\msiexec.exe /i {DBA8B9E1-C6FF-4624-9598-73D3B41A0905}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server Compact 3.5 Design Tools FRA-->MsiExec.exe /X{043ECF7B-4724-4F7B-8A9D-BC22719E95F7}
Microsoft SQL Server Compact 3.5 FRA-->MsiExec.exe /I{BE361597-42AC-4513-9BA6-FFAB310038FB}
Microsoft Visual Basic 2008 Express - Français-->E:\Program Files\Microsoft Visual Studio 9.0\Microsoft Visual Basic 2008 Express Edition - FRA\setup.exe
Microsoft Visual Basic 2008 Express Edition - FRA-->MsiExec.exe /X{ACC61C04-48C5-3F6F-977B-AD33E94E5F40}
Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework-->MsiExec.exe /X{AB47EEE8-507B-331F-AA28-B7C7257F014C}
Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32-->MsiExec.exe /X{07FCBED5-94C3-4F94-B9D3-360FA27C7B06}
MIKSOFT Mobile 3GP converter-->"E:\Program Files\MIKSOFT\Mobile 3GP converter\unins000.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"E:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"E:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"E:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"E:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"E:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"E:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"E:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950759)-->"E:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"E:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"E:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"E:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"E:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"E:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"E:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"E:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"E:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"E:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953838)-->"E:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"E:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"E:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"E:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Module linguistique Microsoft .NET Framework 3.5 - fra-->E:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - fra\setup.exe
Mozilla Firefox (3.0.3)-->E:\Program Files\Mozilla Firefox\uninstall\helper.exe
Nero 6 Ultra Edition-->E:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Nettoyeur de Disque-->MsiExec.exe /X{4E4DF456-9F14-4EB4-9D74-8A17A345B9D4}
NODouble-->E:\Program Files\NODouble\uninstall.exe
NVIDIA Drivers-->E:\WINDOWS\system32\nvudisp.exe UninstallGUI
OCR Software by I.R.I.S 7.0-->E:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
OpenOffice.org Installer 1.0-->MsiExec.exe /X{3A2AF807-9F9F-43C9-A24A-17B617238B74}
Outil de mise à jour Google-->"E:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Partition Suite-->MsiExec.exe /X{2300EE96-0A41-4FAB-BD03-989EC44577A0}
PC Inspector File Recovery-->RunDll32 E:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{0DD140D3-9563-481E-AA75-BA457CBDAEF2}\Setup.exe" -l0x40c
pvAuthor v3.3.1-->E:\PROGRA~1\PACKET~1\PVAuthor\UNWISE.EXE E:\PROGRA~1\PACKET~1\PVAuthor\INSTALL.LOG
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
RealPlayer-->E:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek AC'97 Audio-->Alcrmv.exe -r -m
Ri4m v5.0.1d-->E:\Program Files\Ripp-it_AM\Ri4m_Uninstal.exe
Shop for HP Supplies-->E:\Program Files\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat
StuffPlug-NG (Messenger Plus! Plugins)-->E:\Program Files\MessengerPlus! 3\Plugins\StuffPlug-NG\Uninstall.exe
Uniblue RegistryBooster 2-->"E:\Program Files\Uniblue\RegistryBooster 2\unins000.exe"
ViaMichelin Navigation PND-->"E:\Program Files\InstallShield Installation Information\{47FF921C-E834-47A6-8CE4-F0A99CDE347F}\setup.exe" -runfromtemp -l0x040c -removeonly
VideoLAN VLC media player 0.8.1-->E:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Internet Explorer 7-->"E:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Live OneCare safety scanner-->RunDll32.exe "E:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Media Format 11 runtime-->"E:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"E:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"E:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"E:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Winkaa 1.0 1.0-->"E:\Program Files\Emoticons-plus.com\Winkaa 1.0\uninstall.exe"
XML Paper Specification Shared Components Language Pack 1.0-->"E:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
=====HijackThis Backups=====
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - E:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Apple Mobile Device - Apple Inc. - E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe
======Security center information======
AV: Kaspersky Anti-Virus
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\WBEM;E:\PROGRA~1\FICHIE~1\AUTODE~1;E:\Program Files\Fichiers communs\Autodesk Shared\;E:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 43 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=2b01
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;E:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
"QTJAVA"=E:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
-----------------EOF-----------------
voila...
Re,
~Fais une analyse antivirus en ligne sur le site de Kaspersky
http://www.kaspersky.com/kos/eng/p [...] bscan.html
- Clique sur Accept
- Une barre jaune va te demander si tu acceptes d'installer le Kavwebscan_Unicode.cab, installe l'Active X.
- clique une nouvelle fois sur "Accept"
- Les bases de mises à jour vont s'installer, patiente un moment
- Clique sur Next.
- Clique sur My Computer, le scan se met en route; attends la fin du scan sans fermer la fenêtre sinon il s'arrêtera.
Sécurité / Prévention
Répondre à Egwene
Re,
Je n'ai rien trouvé d'inquiétant dans ton rapport, donc je demande une analyse online Kaspersky car elle est très poussée.
Il y a quelques bricoles à faire, mais rien d'inquiétant.
Sécurité / Prévention
Répondre à Egwene
Re,
E:\Renkar.ini
Ce fichier te dit-il quelque chose ?
***
Désinstalle via Ajout/Suppression de Programmes (si présents) :
- Adobe Reader 8.1.2 - Français
- Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
- eMule
- J2SE Runtime Environment 5.0 Update 6
- Uniblue RegistryBooster 2
Je te conseille de désinstaller et de supprimer tous tes logiciels de p2p : 50% de ce que tu télécharges via p2p est piégé. Le p2p est le premier vecteur d'infection de nos jours.
Plus d'informations disponibles en cliquant sur le lien suivant : Cracks / P2P
Tu es en train d'utiliser une vieille version de Adobe Acrobat Reader : cela peut constituer une faille de sécurité, c'est-à-dire une brèche dans ton système qu'un pirate pourrait exploiter. Tu peux le mettre à jour ici :
http://www.adobe.com/products/acrobat/readstep2.html
***
Relance HijackThis (clique droit -> lancer en tant qu'adminstrateur sous Vista), clique sur "do a system scan only", coche ces lignes ( si présentes ) :
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
Ferme toutes les applications en cours (particulièrement ton navigateur Internet).
Puis Fix Checked ! N.B : Il est très important de fermer toutes les applications en cours et de se déconnecter d'internet pour fixer avec hijackthis au risque d'interférer avec les résultats de la manip'.
***
Télécharge OTMoveIt3 (OldTimer). Sauvegarde-le sur ton Bureau.
Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :
:processes
|
Double clique sur OTMoveIt3.exe afin de le lancer.
Colle (ou Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.
Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.
Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
Comment va le PC ? Toujours des problèmes ?
Sécurité / Prévention
Répondre à Egwene
| Citation : Bref, du coup forcement sans service.exe ca marchait moins bien (mdr) j'ai fait une reparation de windows en bootant le cd... |
C'était un peu bourrin ça
Services.exe dans system32 est légitime, je pense que tu l'as appris à tes dépens 
Poste-moi un nouveau rapport RSIT qu'on fasse le point.
Sécurité / Prévention
Répondre à Egwene
bonjour,
Désolé de n'avoir pas donné de nouvelle depuis 1 mois... (pbm perso) 
J'ai aussi réinstallé sp2, car il avait un probleme aussi apparament (apres la MaJ de crosoft en sp3 qui fonctionnait pas...)
Message édité par cally le 13-11-2008 à 11:01:11
voici a nouveau un rapport de RSIT.
LOG:
Logfile of random's system information tool 1.04 (written by random/random)
Run by ben et nat at 2008-11-13 10:56:38
Microsoft Windows XP Édition familiale Service Pack 2
System drive E: has 23 GB (29%) free of 80 GB
Total RAM: 2047 MB (64% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:56:55, on 13/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\rundll32.exe
E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
E:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
E:\WINDOWS\system32\rundll32.exe
E:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
E:\WINDOWS\SOUNDMAN.EXE
E:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
E:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
E:\Program Files\Unlocker\UnlockerAssistant.exe
E:\Program Files\Microsoft ActiveSync\wcescomm.exe
E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
E:\PROGRA~1\MI3AA1~1\rapimgr.exe
E:\Program Files\IncrediMail\bin\IMApp.exe
E:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
E:\WINDOWS\system32\nvsvc32.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Windows Live\Messenger\msnmsgr.exe
E:\Program Files\Windows Live\Messenger\usnsvc.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\Program Files\Internet Explorer\IEXPLORE.EXE
E:\Documents and Settings\ben et nat\Bureau\RSIT.exe
E:\Program Files\trend micro\ben et nat.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://kaspersky.telechargement.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - E:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: fdkowvbp - {2A071B1F-95AD-467B-9463-64DA449CB769} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [AVP] "E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [Microsoft Works Update Detection] E:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [TkBellExe] "E:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] E:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
O4 - HKLM\..\Run: [VirtualCloneDrive] "E:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [UnlockerAssistant] "E:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [IncrediMail] E:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [H/PC Connection Agent] "E:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Active Desktop Calendar] E:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
O4 - HKCU\..\Run: [RegistryBooster 2 d’Uniblue ] E:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [WOOKIT] E:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [Software Informer] "E:\Program Files\Software Informer\softinfo.exe" -autorun
O4 - HKCU\..\Run: [SpybotSD TeaTimer] E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [AdobeUpdater] "E:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [searching] Search from the Address bar
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.co [...] 5913963390
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Reg [...] lashax.cab
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - E:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - E:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - E:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe
--
End of file - 8335 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - E:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-06-05 308856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - E:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2A071B1F-95AD-467B-9463-64DA449CB769} - []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=E:\WINDOWS\system32\NvCpl.dll [2006-03-02 7557120]
"nwiz"=nwiz.exe /install []
"BluetoothAuthenticationAgent"=E:\WINDOWS\system32\bthprops.cpl [2004-08-19 110592]
"NWEReboot"= []
"AVP"=E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe [2007-06-28 218376]
"Microsoft Works Update Detection"=E:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe [2003-06-10 50688]
"TkBellExe"=E:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2008-06-05 185896]
"QuickTime Task"=E:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]
"SoundMan"=E:\WINDOWS\SOUNDMAN.EXE [2006-03-02 577536]
"SunJavaUpdateSched"=E:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"VirtualCloneDrive"=E:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2008-06-29 52168]
"UnlockerAssistant"=E:\Program Files\Unlocker\UnlockerAssistant.exe [2008-05-02 15872]
"Adobe Reader Speed Launcher"=E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"IncrediMail"=E:\Program Files\IncrediMail\bin\IncMail.exe [2008-07-24 243072]
"H/PC Connection Agent"=E:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-06-26 1211176]
"Active Desktop Calendar"=E:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe [2008-09-23 4467712]
"RegistryBooster 2 d’Uniblue "=E:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S []
"WOOKIT"=E:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM= []
"Software Informer"=E:\Program Files\Software Informer\softinfo.exe -autorun []
"fsm"= []
"SpybotSD TeaTimer"=E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]
"AdobeUpdater"=E:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe [2008-09-26 2356088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\acronis scheduler2 service]
E:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe [2006-03-02 118784]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\adobe reader speed launcher]
E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\christmastree]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hp software update]
E:\Program Files\HP\HP Software Update\HPWuSchd2.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ituneshelper]
E:\Program Files\iTunes\iTunesHelper.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nerofiltercheck]
E:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\osselectorreinstall]
E:\Program Files\Fichiers communs\Acronis\Partition Suite\oss_reinstall.exe [2006-04-19 1281425]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\quicktime task]
E:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\soundman]
E:\WINDOWS\SOUNDMAN.EXE [2006-03-02 577536]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\trueimagemonitor.exe]
E:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\e:^documents and settings^all users^menu démarrer^programmes^démarrage^accélérateur de démarrage autocad.lnk]
E:\PROGRA~1\FICHIE~1\AUTODE~1\ACSTAR~1.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\e:^documents and settings^all users^menu démarrer^programmes^démarrage^démarrage rapide de hp photosmart premier.lnk]
E:\PROGRA~1\HP\DIGITA~1\bin\hpqthb08.exe -s []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\e:^documents and settings^all users^menu démarrer^programmes^démarrage^hp digital imaging monitor.lnk]
E:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\e:^documents and settings^all users^menu démarrer^programmes^démarrage^microsoft office.lnk]
E:\PROGRA~1\MICROS~2\Office10\OSA.EXE [2001-02-13 83360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\e:^documents and settings^ben et nat^menu démarrer^programmes^démarrage^zapu acceleration engine.lnk]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\e:^documents and settings^ben et nat^menu démarrer^programmes^démarrage^zapu.lnk]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Pml Driver HPZ12"=2
"iPod Service"=3
"idsvc"=3
"HP Status Server"=3
"HP Port Resolver"=3
"gusvc"=2
"Autodesk Licensing Service"=3
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
E:\WINDOWS\system32\klogon.dll [2007-06-28 206088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - E:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
relog_ap
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=95000000
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"E:\Program Files\IncrediMail\bin\ImApp.exe"="E:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
"E:\Program Files\IncrediMail\bin\IncMail.exe"="E:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"E:\Program Files\IncrediMail\bin\ImpCnt.exe"="E:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"="E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe:*:Enabled:Kaspersky Anti-Virus"
"E:\Program Files\eMule\emule.exe"="E:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"N:\Program Files\Wolfenstein - Enemy Territory\ET.exe"="N:\Program Files\Wolfenstein - Enemy Territory\ET.exe:*isabled:ET"
"E:\Program Files\Zapu\Zapu\wDivi.exe"="E:\Program Files\Zapu\Zapu\wDivi.exe:*isabled:Zapu Control"
"E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"="E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe:*isabled:Kaspersky Anti-Virus"
"E:\WINDOWS\system32\[Emoticons-plus.com] Winkaa 2.0.exe"="E:\WINDOWS\system32\[Emoticons-plus.com] Winkaa 2.0.exe:*:Enabled:[Emoticons-plus.com] Winkaa 2.0"
"E:\Program Files\IncrediMail\bin\ImPackr.exe"="E:\Program Files\IncrediMail\bin\ImPackr.exe:*:Enabled:IncrediMail"
"E:\Program Files\KAZAA LITE TOOLS K++\KazaaLite.kpp"="E:\Program Files\KAZAA LITE TOOLS K++\KazaaLite.kpp:*:Enabled:KazaaLite"
"E:\WINDOWS\Network Diagnostic\xpnetdiag.exe"="E:\WINDOWS\Network Diagnostic\xpnetdiag.exe:*isabled:@xpsp3res.dll,-20000"
"E:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="E:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*isabled:hpfccopy.exe"
"E:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="E:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*isabled:hpoews01.exe"
"E:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="E:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*isabled:hpofxm08.exe"
"E:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="E:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*isabled:hposfx08.exe"
"E:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="E:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*isabled:hposid01.exe"
"E:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="E:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*isabled:hpqcopy.exe"
"E:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="E:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*isabled:hpqdia.exe"
"E:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="E:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*isabled:hpqkygrp.exe"
"E:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="E:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*isabled:hpqnrs08.exe"
"E:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="E:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*isabled:hpqphunl.exe"
"E:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="E:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*isabled:hpqscnvw.exe"
"E:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="E:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*isabled:hpqste08.exe"
"E:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="E:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*isabled:hpqtra08.exe"
"E:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="E:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*isabled:hpzwiz01.exe"
"E:\Program Files\Microsoft ActiveSync\rapimgr.exe"="E:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"E:\Program Files\Microsoft ActiveSync\wcescomm.exe"="E:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"E:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="E:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"E:\Program Files\Real\RealPlayer\realplay.exe"="E:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"E:\Program Files\iTunes\iTunes.exe"="E:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"E:\Program Files\Windows Live\Messenger\msnmsgr.exe"="E:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"E:\Program Files\Microsoft ActiveSync\rapimgr.exe"="E:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"E:\Program Files\Microsoft ActiveSync\wcescomm.exe"="E:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"E:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="E:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"E:\Program Files\Windows Live\Messenger\msnmsgr.exe"="E:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
======List of files/folders created in the last 1 months======
2008-11-13 10:56:39 ----D---- E:\Program Files\trend micro
2008-11-12 19:17:19 ----N---- E:\WINDOWS\system32\spmsg.dll
2008-11-12 19:17:18 ----HDC---- E:\WINDOWS\$NtUninstallMSCompPackV1$
2008-11-06 17:29:56 ----D---- E:\Documents and Settings\ben et nat\Application Data\Desktopicon
2008-11-06 17:27:56 ----D---- E:\Program Files\Unlocker
2008-11-02 23:48:17 ----A---- E:\WINDOWS\game.ini
2008-11-02 23:28:31 ----D---- E:\Program Files\Activision
2008-11-02 16:46:13 ----A---- E:\WINDOWS\wininit.ini
2008-11-01 22:13:06 ----SHD---- E:\WINDOWS\ftpcache
2008-11-01 21:45:10 ----D---- E:\Program Files\Elaborate Bytes
2008-11-01 19:52:06 ----D---- E:\Program Files\Spybot - Search & Destroy
2008-11-01 19:52:06 ----D---- E:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-10-31 22:23:40 ----D---- E:\Program Files\Free Download Manager
2008-10-30 23:08:59 ----HDC---- E:\WINDOWS\$NtUninstallKB885836$
2008-10-30 23:03:45 ----HDC---- E:\WINDOWS\$NtUninstallKB941569$
2008-10-30 18:53:07 ----HDC---- E:\WINDOWS\$NtUninstallKB956803$
2008-10-30 18:52:58 ----HDC---- E:\WINDOWS\$NtUninstallKB956391$
2008-10-30 18:52:48 ----HDC---- E:\WINDOWS\$NtUninstallKB957095$
2008-10-30 18:51:49 ----HDC---- E:\WINDOWS\$NtUninstallKB954211$
2008-10-30 18:50:54 ----HDC---- E:\WINDOWS\$NtUninstallKB956841$
2008-10-30 18:49:05 ----HDC---- E:\WINDOWS\$NtUninstallKB925720$
2008-10-30 18:48:54 ----HDC---- E:\WINDOWS\$NtUninstallKB953155$
2008-10-30 18:48:18 ----HDC---- E:\WINDOWS\$NtUninstallKB958644$
2008-10-30 12:58:08 ----D---- E:\WINDOWS\system32\CatRoot_bak
2008-10-30 12:06:29 ----HDC---- E:\WINDOWS\$NtUninstallKB951376-v2$
2008-10-30 12:06:17 ----HDC---- E:\WINDOWS\$NtUninstallKB952954$
2008-10-30 12:06:05 ----HDC---- E:\WINDOWS\$NtUninstallKB950974$
2008-10-30 12:05:52 ----HDC---- E:\WINDOWS\$NtUninstallKB951698$
2008-10-30 12:05:20 ----HDC---- E:\WINDOWS\$NtUninstallKB950762$
2008-10-30 12:05:05 ----HDC---- E:\WINDOWS\$NtUninstallKB951072-v2$
2008-10-30 12:04:52 ----HDC---- E:\WINDOWS\$NtUninstallKB952287$
2008-10-30 12:03:13 ----HDC---- E:\WINDOWS\$NtUninstallKB951066$
2008-10-30 12:02:44 ----HDC---- E:\WINDOWS\$NtUninstallKB951748$
2008-10-30 12:02:24 ----HDC---- E:\WINDOWS\$NtUninstallKB938464$
2008-10-29 21:55:23 ----HDC---- E:\WINDOWS\$NtUninstallKB883939$
2008-10-29 21:46:35 ----D---- E:\WINDOWS\Prefetch
2008-10-29 21:30:17 ----A---- E:\WINDOWS\000001_.tmp
2008-10-29 19:08:08 ----HDC---- E:\WINDOWS\$NtUninstallKB885894$
2008-10-16 10:45:16 ----A---- E:\WINDOWS\system32\tasklist.exe
2008-10-16 09:57:29 ----D---- E:\WINDOWS\Internet Logs
2008-10-15 21:52:12 ----HDC---- E:\WINDOWS\ie7
2008-10-14 10:08:15 ----D---- E:\Program Files\SAGEM
2008-10-14 09:24:42 ----D---- E:\Program Files\MSBuild
2008-10-14 09:24:34 ----D---- E:\Program Files\Reference Assemblies
======List of files/folders modified in the last 1 months======
2008-11-13 10:56:40 ----D---- E:\WINDOWS\Temp
2008-11-13 10:56:39 ----RD---- E:\Program Files
2008-11-13 10:44:19 ----D---- E:\Program Files\Mozilla Firefox
2008-11-12 20:18:48 ----D---- E:\WINDOWS\system32\CatRoot2
2008-11-12 20:18:48 ----D---- E:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-11-12 20:16:54 ----A---- E:\WINDOWS\SchedLgU.Txt
2008-11-12 19:22:00 ----D---- E:\WINDOWS\system32
2008-11-12 19:21:29 ----D---- E:\WINDOWS
2008-11-12 19:21:07 ----RSHDC---- E:\WINDOWS\system32\dllcache
2008-11-12 19:21:07 ----D---- E:\WINDOWS\AppPatch
2008-11-12 19:21:07 ----D---- E:\Program Files\Windows Media Player
2008-11-12 19:18:18 ----HD---- E:\WINDOWS\inf
2008-11-12 19:18:15 ----HDC---- E:\WINDOWS\$NtUninstallKB926239$
2008-11-12 19:17:23 ----A---- E:\WINDOWS\imsins.BAK
2008-11-12 19:17:19 ----D---- E:\WINDOWS\system32\CatRoot
2008-11-12 19:16:21 ----D---- E:\WINDOWS\Help
2008-11-12 08:54:06 ----D---- E:\Program Files\eMule
2008-11-11 15:59:14 ----A---- E:\WINDOWS\NeroDigital.ini
2008-11-10 16:55:09 ----SHD---- E:\WINDOWS\Installer
2008-11-10 16:55:06 ----SHD---- E:\Config.Msi
2008-11-10 16:54:32 ----D---- E:\Program Files\Fichiers communs\Adobe
2008-11-10 16:54:20 ----D---- E:\Documents and Settings\All Users\Application Data\Adobe
2008-11-10 16:54:03 ----D---- E:\Program Files\Adobe
2008-11-02 23:25:24 ----D---- E:\Program Files\Fichiers communs\InstallShield
2008-11-01 21:45:31 ----D---- E:\WINDOWS\system32\drivers
2008-10-31 11:18:55 ----D---- E:\WINDOWS\msagent
2008-10-30 23:09:51 ----HDC---- E:\WINDOWS\$NtUninstallKB899587$
2008-10-30 23:09:41 ----HDC---- E:\WINDOWS\$NtUninstallKB927779$
2008-10-30 23:09:31 ----HDC---- E:\WINDOWS\$NtUninstallKB927802$
2008-10-30 23:09:16 ----HDC---- E:\WINDOWS\$NtUninstallKB943460$
2008-10-30 23:08:51 ----HDC---- E:\WINDOWS\$NtUninstallKB928255$
2008-10-30 23:08:41 ----HDC---- E:\WINDOWS\$NtUninstallKB933729$
2008-10-30 23:08:31 ----HDC---- E:\WINDOWS\$NtUninstallKB920685$
2008-10-30 23:08:21 ----HDC---- E:\WINDOWS\$NtUninstallKB923980$
2008-10-30 23:08:12 ----HDC---- E:\WINDOWS\$NtUninstallKB911280$
2008-10-30 23:08:03 ----HDC---- E:\WINDOWS\$NtUninstallKB936021$
2008-10-30 23:07:54 ----HDC---- E:\WINDOWS\$NtUninstallKB911562$
2008-10-30 23:07:44 ----HDC---- E:\WINDOWS\$NtUninstallKB938828$
2008-10-30 23:07:36 ----HDC---- E:\WINDOWS\$NtUninstallKB924667$
2008-10-30 23:07:30 ----HDC---- E:\WINDOWS\$NtUninstallKB900485$
2008-10-30 23:07:16 ----HDC---- E:\WINDOWS\$NtUninstallKB924270$
2008-10-30 23:07:08 ----HDC---- E:\WINDOWS\$NtUninstallKB931261$
2008-10-30 23:06:26 ----HDC---- E:\WINDOWS\$NtUninstallKB927891$
2008-10-30 23:06:18 ----HDC---- E:\WINDOWS\$NtUninstallKB946026$
2008-10-30 23:05:41 ----HDC---- E:\WINDOWS\$NtUninstallKB910437$
2008-10-30 23:05:01 ----HDC---- E:\WINDOWS\$NtUninstallKB925902$
2008-10-30 23:04:54 ----D---- E:\Program Files\Outlook Express
2008-10-30 23:04:53 ----D---- E:\Program Files\Fichiers communs\System
2008-10-30 23:04:52 ----HDC---- E:\WINDOWS\$NtUninstallKB929123$
2008-10-30 23:04:42 ----HDC---- E:\WINDOWS\$NtUninstallKB920670$
2008-10-30 23:04:33 ----HDC---- E:\WINDOWS\$NtUninstallKB918439$
2008-10-30 23:04:25 ----HDC---- E:\WINDOWS\$NtUninstallKB926436$
2008-10-30 23:04:17 ----HDC---- E:\WINDOWS\$NtUninstallKB920872$
2008-10-30 23:04:04 ----HDC---- E:\WINDOWS\$NtUninstallKB930178$
2008-10-30 23:03:55 ----HDC---- E:\WINDOWS\$NtUninstallKB914388$
2008-10-30 23:03:08 ----HDC---- E:\WINDOWS\$NtUninstallKB905414$
2008-10-30 23:02:59 ----HDC---- E:\WINDOWS\$NtUninstallKB932168$
2008-10-30 23:02:50 ----HDC---- E:\WINDOWS\$NtUninstallKB923191$
2008-10-30 23:02:43 ----HDC---- E:\WINDOWS\$NtUninstallKB922582$
2008-10-30 23:02:31 ----HDC---- E:\WINDOWS\$NtUninstallKB918118$
2008-10-30 23:02:23 ----HDC---- E:\WINDOWS\$NtUninstallKB926255$
2008-10-30 23:02:14 ----HDC---- E:\WINDOWS\$NtUninstallKB948590$
2008-10-30 23:02:06 ----HDC---- E:\WINDOWS\$NtUninstallKB920213$
2008-10-30 23:01:58 ----HDC---- E:\WINDOWS\$NtUninstallKB935840$
2008-10-30 23:01:50 ----HDC---- E:\WINDOWS\$NtUninstallKB943485$
2008-10-30 23:01:43 ----HDC---- E:\WINDOWS\$NtUninstallKB945553$
2008-10-30 23:01:35 ----HDC---- E:\WINDOWS\$NtUninstallKB916595$
2008-10-30 23:01:27 ----HDC---- E:\WINDOWS\$NtUninstallKB930916$
2008-10-30 23:01:15 ----HDC---- E:\WINDOWS\$NtUninstallKB950749$
2008-10-30 23:01:03 ----HDC---- E:\WINDOWS\$NtUninstallKB932823-v3$
2008-10-30 23:00:55 ----HDC---- E:\WINDOWS\$NtUninstallKB908531$
2008-10-30 23:00:43 ----HDC---- E:\WINDOWS\$NtUninstallKB913580$
2008-10-30 23:00:34 ----HDC---- E:\WINDOWS\$NtUninstallKB935839$
2008-10-30 23:00:26 ----HDC---- E:\WINDOWS\$NtUninstallKB943055$
2008-10-30 23:00:19 ----HDC---- E:\WINDOWS\$NtUninstallKB908519$
2008-10-30 23:00:10 ----HDC---- E:\WINDOWS\$NtUninstallKB920683$
2008-10-30 23:00:02 ----HDC---- E:\WINDOWS\$NtUninstallKB914389$
2008-10-30 22:59:54 ----HDC---- E:\WINDOWS\$NtUninstallKB944653$
2008-10-30 22:59:44 ----HDC---- E:\WINDOWS\$NtUninstallKB928843$
2008-10-30 20:59:55 ----D---- E:\Program Files\Internet Explorer
2008-10-30 18:53:06 ----HD---- E:\WINDOWS\$hf_mig$
2008-10-30 18:52:07 ----D---- E:\WINDOWS\ie7updates
2008-10-30 12:02:28 ----D---- E:\WINDOWS\WinSxS
2008-10-29 21:46:15 ----D---- E:\WINDOWS\system32\wbem
2008-10-29 21:45:19 ----D---- E:\WINDOWS\security
2008-10-29 21:36:21 ----D---- E:\WINDOWS\system32\oobe
2008-10-29 21:36:20 ----D---- E:\WINDOWS\system32\Setup
2008-10-29 21:36:19 ----D---- E:\WINDOWS\system32\mui
2008-10-29 21:36:19 ----D---- E:\WINDOWS\ime
2008-10-29 21:36:05 ----D---- E:\WINDOWS\PeerNet
2008-10-29 21:36:05 ----D---- E:\Program Files\Movie Maker
2008-10-29 21:33:30 ----D---- E:\WINDOWS\system32\Restore
2008-10-29 21:33:30 ----D---- E:\WINDOWS\system32\npp
2008-10-29 21:33:29 ----D---- E:\WINDOWS\srchasst
2008-10-29 21:33:28 ----D---- E:\Program Files\NetMeeting
2008-10-29 21:33:27 ----D---- E:\WINDOWS\system32\Com
2008-10-29 21:33:25 ----D---- E:\Program Files\Windows NT
2008-10-29 21:33:09 ----D---- E:\WINDOWS\system32\usmt
2008-10-29 21:33:08 ----D---- E:\WINDOWS\system
2008-10-29 21:13:48 ----D---- E:\WINDOWS\EHome
2008-10-29 20:39:53 ----SD---- E:\WINDOWS\Downloaded Program Files
2008-10-28 10:01:09 ----D---- E:\WINDOWS\Debug
2008-10-18 17:03:50 ----A---- E:\WINDOWS\win.ini
2008-10-15 17:59:28 ----A---- E:\WINDOWS\system32\netapi32.dll
2008-10-14 10:08:14 ----HD---- E:\Program Files\InstallShield Installation Information
2008-10-14 09:45:29 ----RSD---- E:\WINDOWS\assembly
2008-10-14 09:45:29 ----D---- E:\WINDOWS\Microsoft.NET
2008-10-14 09:32:18 ----D---- E:\Program Files\Fichiers communs
2008-10-14 09:32:17 ----D---- E:\Documents and Settings\All Users\Application Data\Autodesk
2008-10-14 09:32:12 ----RSD---- E:\WINDOWS\Fonts
2008-10-14 09:30:44 ----D---- E:\Program Files\Fichiers communs\Designer
2008-10-14 09:28:42 ----D---- E:\Program Files\VideoLAN
2008-10-14 09:25:24 ----D---- E:\WINDOWS\system32\XPSViewer
2008-10-14 09:22:06 ----A---- E:\WINDOWS\system32\PerfStringBackup.INI
2008-10-14 09:06:48 ----D---- E:\Program Files\Google
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 ElbyCDIO;ElbyCDIO Driver; E:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2008-07-21 24392]
R1 klif;Klif; \??\E:\WINDOWS\system32\drivers\klif.sys []
R2 SBKUPNT;SBKUPNT; \??\E:\WINDOWS\system32\Drivers\SBKUPNT.SYS []
R3 3xHybrid;3xHybrid service; E:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2006-01-24 835200]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); E:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-05-19 3965056]
R3 Arp1394;Protocole client ARP 1394; E:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-05 60800]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; E:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 hidusb;Pilote de classe HID Microsoft; E:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-05 9600]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; E:\WINDOWS\system32\DRIVERS\klim5.sys [2007-04-04 24344]
R3 LVUSBSta;Logitech USB Monitor Filter; E:\WINDOWS\system32\drivers\lvusbsta.sys [2004-10-08 22016]
R3 mouhid;Pilote HID de souris; E:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288]
R3 NIC1394;Pilote réseau 1394; E:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-05 61824]
R3 nv;nv; E:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-03-02 3648864]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; E:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-09-30 34048]
R3 nvnetbus;NVIDIA Network Bus Enumerator; E:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-09-30 13056]
R3 QCMerced;Logitech QuickCam Communicate; E:\WINDOWS\system32\DRIVERS\LVCM.sys [2004-10-08 585824]
R3 usbaudio;Pilote USB audio (WDM); E:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
R3 usbccgp;Pilote parent générique USB Microsoft; E:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-05 31616]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; E:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-05 26624]
R3 usbhub;Concentrateur USB2; E:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-05 57600]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; E:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-05 17024]
R3 usbstor;Pilote de stockage de masse USB; E:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 26496]
R3 VClone;VClone; E:\WINDOWS\system32\DRIVERS\VClone.sys [2008-09-24 29184]
S1 cd439d28;cd439d28; E:\WINDOWS\System32\drivers\cd439d28.sys []
S1 kbdhid;Pilote HID de clavier; E:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-05 14848]
S3 BthEnum;Pilote de bloc de demande Bluetooth; E:\WINDOWS\system32\DRIVERS\BthEnum.sys [2004-08-05 17024]
S3 BTHMODEM;Pilote de communication série Bluetooth; E:\WINDOWS\system32\DRIVERS\bthmodem.sys [2004-08-05 38016]
S3 BthPan;Périphérique Bluetooth (réseau personnel); E:\WINDOWS\system32\DRIVERS\bthpan.sys [2004-08-05 100992]
S3 BTHPORT;Pilote de port Bluetooth; E:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768]
S3 BTHUSB;Pilote USB radio Bluetooth; E:\WINDOWS\System32\Drivers\BTHUSB.sys [2004-08-05 18944]
S3 CCDECODE;Décodeur sous-titre fermé; E:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 HidBth;Miniport HID Microsoft Bluetooth; E:\WINDOWS\system32\DRIVERS\hidbth.sys [2004-08-05 25856]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; E:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-13 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; E:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-13 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; E:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-13 21568]
S3 MPE;Filtre BDA MPE; E:\WINDOWS\system32\DRIVERS\MPE.sys [2004-08-05 15360]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; E:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; E:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; E:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-05 10880]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); E:\WINDOWS\system32\DRIVERS\rfcomm.sys [2004-08-05 59648]
S3 se57bus;Sony Ericsson Device 087 driver (WDM); E:\WINDOWS\system32\DRIVERS\se57bus.sys [2006-11-30 61536]
S3 se57mdfl;Sony Ericsson Device 087 USB WMC Modem Filter; E:\WINDOWS\system32\DRIVERS\se57mdfl.sys [2006-11-30 9360]
S3 se57mdm;Sony Ericsson Device 087 USB WMC Modem Driver; E:\WINDOWS\system32\DRIVERS\se57mdm.sys [2006-11-30 97088]
S3 se57mgmt;Sony Ericsson Device 087 USB WMC Device Management Drivers (WDM); E:\WINDOWS\system32\DRIVERS\se57mgmt.sys [2006-11-30 88624]
S3 se57nd5;Sony Ericsson Device 087 USB Ethernet Emulation SEMC57 (NDIS); E:\WINDOWS\system32\DRIVERS\se57nd5.sys [2006-11-30 18704]
S3 se57obex;Sony Ericsson Device 087 USB WMC OBEX Interface; E:\WINDOWS\system32\DRIVERS\se57obex.sys [2006-11-30 86432]
S3 se57unic;Sony Ericsson Device 087 USB Ethernet Emulation SEMC57 (WDM); E:\WINDOWS\system32\DRIVERS\se57unic.sys [2006-11-30 90800]
S3 se58bus;Sony Ericsson Device 088 driver (WDM); E:\WINDOWS\system32\DRIVERS\se58bus.sys [2006-09-05 61536]
S3 se58mdfl;Sony Ericsson Device 088 USB WMC Modem Filter; E:\WINDOWS\system32\DRIVERS\se58mdfl.sys [2006-09-05 9360]
S3 se58mdm;Sony Ericsson Device 088 USB WMC Modem Driver; E:\WINDOWS\system32\DRIVERS\se58mdm.sys [2006-09-05 97088]
S3 SIS163u;SiS163 usb Wireless LAN Adapter Driver; E:\WINDOWS\system32\DRIVERS\sis163u.sys [2005-06-20 215040]
S3 SLIP;Détrameur décalage BDA; E:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-05 11136]
S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); E:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; E:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-05 15360]
S3 usbprint;Classe d'imprimantes USB Microsoft; E:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Pilote de scanneur USB; E:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 wceusbsh;Windows CE USB Serial Host Driver; E:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2004-08-05 32128]
S3 WSTCODEC;Codec Teletext standard; E:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; E:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; E:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 ZSMC301b;Philips SPC 200NC PC Camera; E:\WINDOWS\System32\Drivers\usbVM31b.sys []
S4 IntelIde;IntelIde; E:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcrSch2Svc;Acronis Scheduler2 Service; E:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe [2006-03-02 172032]
R2 AVP;Kaspersky Anti-Virus 7.0; E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe [2007-06-28 218376]
R2 BthServ;Bluetooth Support Service; E:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
R2 NVSvc;NVIDIA Display Driver Service; E:\WINDOWS\system32\nvsvc32.exe [2006-03-02 143426]
R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; E:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 aspnet_state;ASP.NET State Service; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; E:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 HP Port Resolver;HP Port Resolver; E:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE [2005-05-20 81920]
S3 HP Status Server;HP Status Server; E:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE [2004-10-16 73728]
S3 idsvc;Windows CardSpace; E:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 NetTcpPortSharing;Net.Tcp Port Sharing Service; E:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]
S3 WLSetupSvc;Windows Live Setup Service; E:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; E:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; E:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
S4 iPod Service;Service de l’iPod; E:\Program Files\iPod\bin\iPodService.exe []
S4 Pml Driver HPZ12;Pml Driver HPZ12; E:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728]
-----------------EOF-----------------
et INFO:
info.txt logfile of random's system information tool 1.04 2008-10-03 14:18:32
======Uninstall list======
-->E:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 E:\WINDOWS\INF\PCHealth.inf
1000 mots pour apprendre à lire V 2.3-->C:\educampa\unins000.exe
Acronis True Image-->MsiExec.exe /X{CA83357B-931E-44DC-AD43-9996FEEB8116}
Active Desktop Calendar 7.6-->"E:\Program Files\XemiComputers\Active Desktop Calendar\unins000.exe"
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player ActiveX-->E:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
Album photo Microsoft 9-->E:\WINDOWS\system32\msiexec.exe /i {9F7FC79B-3059-4264-9450-39EB368E3225}
Apple Mobile Device Support-->MsiExec.exe /I{AA9768AA-FF0B-4C66-A085-31E934F77841}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->E:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
AutoCAD 2005 - Français-->MsiExec.exe /I{5783F2D7-0301-040C-0002-0060B0CE6BBA}
AviSynth 2.5-->"E:\Program Files\AviSynth 2.5\Uninstall.exe"
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
CCleaner (remove only)-->"E:\Program Files\CCleaner\uninst.exe"
CompuApps SwissKnife V3-->E:\WINDOWS\ISUNINST.EXE -fC:\SWISNIFE\SKUninst.ISU
Correctif pour Lecteur Windows Media 11 (KB939683)-->"E:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"E:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Coucou le Hibou-->E:\Program Files\Coucou le Hibou\Uninstal.exe
DWG TrueView 2008-->E:\Program Files\DWG TrueView 2008\Setup\Setup.exe /P {B1A9CD45-A702-4E3B-91ED-8CD562869901} /M AOEM
Edith-->E:\Program Files\Edith\Uninstal.exe
eMule-->"E:\Program Files\eMule\Uninstall.exe"
Fujitsu Siemens Computers WLAN 802.11b/g D1705/D1706-->E:\WINDOWS\system32\unwlsdrv.exe SiS163u
HijackThis 2.0.2-->"E:\Documents and Settings\ben et nat\Bureau\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"E:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
HP Customer Participation Program 7.0-->E:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Document Viewer 7.0-->E:\Program Files\HP\Digital Imaging\DocumentViewer\hpzscr01.exe -datfile hpqbud04.dat
HP Imaging Device Functions 7.0-->E:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Premier Software 6.5-->E:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Photosmart, Officejet and Deskjet 7.0.A-->E:\Program Files\HP\Digital Imaging\{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}\setup\hpzscr01.exe -datfile hposcr11.dat
HP Solution Center 7.0-->E:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{7059BDA7-E1DB-442C-B7A1-6144596720A4}
IncrediMail Xe-->E:\Program Files\IncrediMail\bin\ImSetup.exe /remove /addon:IncrediMail /log:IncMail.log
iTunes-->MsiExec.exe /I{41B9E2CF-0B3F-442A-B5B3-592A4A355634}
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Jasc Paint Shop Pro 8-->MsiExec.exe /I{81A34902-9D0B-4920-A25C-4CDC5D14B328}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Kaspersky Anti-Virus 7.0-->MsiExec.exe /I{4B9BB601-13E9-4042-A3BC-E7955BF4A98F}
Kaspersky Anti-Virus 7.0-->MsiExec.exe /I{4B9BB601-13E9-4042-A3BC-E7955BF4A98F}
K-Lite Codec Pack 3.5.9 Full BETA-->"E:\Program Files\K-Lite Codec Pack\unins000.exe"
Lecteur Windows Media 11-->"E:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Livebox-->RunDll32 E:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{17342E3B-0818-4A6F-BFF8-99476605ADD6}\Setup.exe" -l0x40c
Local Cooling Setup-->MsiExec.exe /I{79166E9D-4D2B-405A-B8F5-B43E0C795FF2}
Mahjong Escape-->E:\PROGRA~1\GAMEHO~1\MAHJON~1\UNWISE.EXE /U E:\PROGRA~1\GAMEHO~1\MAHJON~1\INSTALL.LOG
Malwarebytes' Anti-Malware-->"E:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Messenger Plus! Live-->"E:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"E:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "E:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA-->MsiExec.exe /I{3F7924B9-D148-3141-87B1-68F36043A940}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - FRA-->MsiExec.exe /I{511DF669-2930-30C0-8EB6-552887E29EC8}
Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
Microsoft .NET Framework 3.5 Language Pack - fra-->MsiExec.exe /I{5B76AEA2-D4E5-3B55-B965-ACC36AE0EAFC}
Microsoft .NET Framework 3.5-->E:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setup.exe
Microsoft .NET Framework 3.5-->MsiExec.exe /I{2FC099BD-AC9B-33EB-809C-D332E1B27C40}
Microsoft ActiveSync 4.0-->MsiExec.exe /I{B208806F-A231-4FA0-AB3F-5C1B8979223E}
Microsoft Compression Client Pack 1.0 for Windows XP-->"E:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"E:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"E:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Live Small Business Image Uploader-->MsiExec.exe /X{A580547F-4FB6-433E-A595-21CAA858C556}
Microsoft Office XP Professional avec FrontPage-->MsiExec.exe /I{9028040C-6000-11D3-8CFE-0050048383C9}
Microsoft Photo Pro 9-->E:\WINDOWS\system32\msiexec.exe /i {DBA8B9E1-C6FF-4624-9598-73D3B41A0905}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server Compact 3.5 Design Tools FRA-->MsiExec.exe /X{043ECF7B-4724-4F7B-8A9D-BC22719E95F7}
Microsoft SQL Server Compact 3.5 FRA-->MsiExec.exe /I{BE361597-42AC-4513-9BA6-FFAB310038FB}
Microsoft Visual Basic 2008 Express - Français-->E:\Program Files\Microsoft Visual Studio 9.0\Microsoft Visual Basic 2008 Express Edition - FRA\setup.exe
Microsoft Visual Basic 2008 Express Edition - FRA-->MsiExec.exe /X{ACC61C04-48C5-3F6F-977B-AD33E94E5F40}
Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework-->MsiExec.exe /X{AB47EEE8-507B-331F-AA28-B7C7257F014C}
Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32-->MsiExec.exe /X{07FCBED5-94C3-4F94-B9D3-360FA27C7B06}
MIKSOFT Mobile 3GP converter-->"E:\Program Files\MIKSOFT\Mobile 3GP converter\unins000.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"E:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"E:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"E:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"E:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"E:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"E:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"E:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950759)-->"E:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"E:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"E:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"E:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"E:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"E:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"E:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"E:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"E:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"E:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953838)-->"E:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"E:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"E:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"E:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Module linguistique Microsoft .NET Framework 3.5 - fra-->E:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - fra\setup.exe
Mozilla Firefox (3.0.3)-->E:\Program Files\Mozilla Firefox\uninstall\helper.exe
Nero 6 Ultra Edition-->E:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Nettoyeur de Disque-->MsiExec.exe /X{4E4DF456-9F14-4EB4-9D74-8A17A345B9D4}
NODouble-->E:\Program Files\NODouble\uninstall.exe
NVIDIA Drivers-->E:\WINDOWS\system32\nvudisp.exe UninstallGUI
OCR Software by I.R.I.S 7.0-->E:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
OpenOffice.org Installer 1.0-->MsiExec.exe /X{3A2AF807-9F9F-43C9-A24A-17B617238B74}
Outil de mise à jour Google-->"E:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Partition Suite-->MsiExec.exe /X{2300EE96-0A41-4FAB-BD03-989EC44577A0}
PC Inspector File Recovery-->RunDll32 E:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{0DD140D3-9563-481E-AA75-BA457CBDAEF2}\Setup.exe" -l0x40c
pvAuthor v3.3.1-->E:\PROGRA~1\PACKET~1\PVAuthor\UNWISE.EXE E:\PROGRA~1\PACKET~1\PVAuthor\INSTALL.LOG
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
RealPlayer-->E:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek AC'97 Audio-->Alcrmv.exe -r -m
Ri4m v5.0.1d-->E:\Program Files\Ripp-it_AM\Ri4m_Uninstal.exe
Shop for HP Supplies-->E:\Program Files\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat
StuffPlug-NG (Messenger Plus! Plugins)-->E:\Program Files\MessengerPlus! 3\Plugins\StuffPlug-NG\Uninstall.exe
Uniblue RegistryBooster 2-->"E:\Program Files\Uniblue\RegistryBooster 2\unins000.exe"
ViaMichelin Navigation PND-->"E:\Program Files\InstallShield Installation Information\{47FF921C-E834-47A6-8CE4-F0A99CDE347F}\setup.exe" -runfromtemp -l0x040c -removeonly
VideoLAN VLC media player 0.8.1-->E:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Internet Explorer 7-->"E:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Live OneCare safety scanner-->RunDll32.exe "E:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Media Format 11 runtime-->"E:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"E:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"E:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"E:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Winkaa 1.0 1.0-->"E:\Program Files\Emoticons-plus.com\Winkaa 1.0\uninstall.exe"
XML Paper Specification Shared Components Language Pack 1.0-->"E:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
=====HijackThis Backups=====
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - E:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Apple Mobile Device - Apple Inc. - E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe
======Security center information======
AV: Kaspersky Anti-Virus
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\WBEM;E:\PROGRA~1\FICHIE~1\AUTODE~1;E:\Program Files\Fichiers communs\Autodesk Shared\;E:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 43 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=2b01
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;E:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
"QTJAVA"=E:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
-----------------EOF-----------------
