PROBLEME ANTIVIRUS TOTAL SECURITY. (RESOLU)
Dernière réponse : dans Sécurité
Bonjour, j'ai un souci, "total security" a été installé sur mon ordinateur mais j'avais déjà "antivir" d'activer. Je ne sais pas si "total security" bloque mon antivitus mais depuis des pages s'ouvrent seules et je n'arrive pas à désinstaller cet antivirus. En plus "total security" fait des scan et me dit que mon pc est infecté or antivir ne me dit rien.
Merci de m"aider s'il vous plaît.
Merci de m"aider s'il vous plaît.
Autres pages sur : probleme antivirus total security resolu
Lassé par la pub ? Créez un compte
Bonjour,
Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
Afin de lancer la recherche, clic sur"Rechercher".
Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
~ Si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
~~ Si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau.
~~~~ Fais redémarrer ton ordinateur normalement et poste le rapport dans ta prochaine réponse.
REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]
Note : Si tu ne parviens à télécharger MBAM à part de MajorGeeks, tu peux le télécharger ici!
[#FF0000]Aide : Comment utiliser MBAM.
Comment faire démarrer son ordinateur en mode sans échec.
Télécharge MalwareByte's Anti-Malware sur ton Bureau.
~ Si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
~~ Si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau.
~~~~ Fais redémarrer ton ordinateur normalement et poste le rapport dans ta prochaine réponse.
REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]
Note : Si tu ne parviens à télécharger MBAM à part de MajorGeeks, tu peux le télécharger ici!
[#FF0000]Aide :
tu peux m'envoyer un rapport hijackthis? téléchargable ici: http://www.infos-du-net.com/telecharger/HijackThis,0301...
un tuto: http://forums.cnetfrance.fr/index.php?showtopic=796
un tuto: http://forums.cnetfrance.fr/index.php?showtopic=796
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:03:59, on 27/09/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Agence Exclusive\Agence.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\jouss\Downloads\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.troner.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AEBHO - {0495F4D7-9FE3-4456-AA9D-1D57E78DF5F0} - C:\Program Files\Agence Exclusive\AgenceBHO.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: &IE Help - {35A5B43B-CB8A-49CA-A9F4-D3B308D2E3CC} - C:\Windows\System32\iehelpmod.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePDIRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Agence] "C:\Program Files\Agence Exclusive\Agence.exe"
O4 - HKLM\..\RunOnce: [Helper] C:\Users\jouss\AppData\Roaming\Agence Exclusive\Update\UpdateHP.exe -runonce
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\fr-FR\local\search.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O13 - Gopher Prefix:
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 7951 bytes
Scan saved at 21:03:59, on 27/09/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Agence Exclusive\Agence.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\jouss\Downloads\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.troner.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AEBHO - {0495F4D7-9FE3-4456-AA9D-1D57E78DF5F0} - C:\Program Files\Agence Exclusive\AgenceBHO.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: &IE Help - {35A5B43B-CB8A-49CA-A9F4-D3B308D2E3CC} - C:\Windows\System32\iehelpmod.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePDIRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Agence] "C:\Program Files\Agence Exclusive\Agence.exe"
O4 - HKLM\..\RunOnce: [Helper] C:\Users\jouss\AppData\Roaming\Agence Exclusive\Update\UpdateHP.exe -runonce
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\fr-FR\local\search.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O13 - Gopher Prefix:
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 7951 bytes
quand je vais dans les programmes et fonctionnalités pour le désinstaller, j'ai d'abord un message de antivir cheval de troie sur l'ordi "TR/FakeXPA.A.729" puis quand je refuse l'accès de ce fichier, j'ai un autre message me disant que je ne dispose pas d'un accès suffisant pour désinstaller total security et qu'il faut que je contacte l'administrateur système.
ça me marque ensuite dans une autre fenêtre : "This version of total security is for evaluating purposes only. The removal features are disabled. You may scan your pc to locate malware/spyware threats. To de able to remove threats, you should activate total security, and to activate click get license."
Payant évidement sinon je vous aurait pas contacté
Payant évidement sinon je vous aurait pas contacté
Désolé mais très occupé dernièrement ![:/]( ":/")
tu as essayé avec un logiciel comme revounistaller ?
Télécharge Random's System Information Tool (RSIT) (de random/random) et sauvegarde-le sur le Bureau.
Double-clique sur RSIT.exe afin de lancer RSIT.
Clique Continue à l'écran Disclaimer.
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (qui sera affiché)
ainsi que de info.txt (qui sera réduit dans la Barre des Tâches)
NB : Les rapports sont sauvegardés dans le dossier C:\rsit
Veille bien à me poster l'intégralité des rapports, vérifie qu'ils soient complets une fois que tu les as postés.
tu as essayé avec un logiciel comme revounistaller ?Télécharge Random's System Information Tool (RSIT) (de random/random) et sauvegarde-le sur le Bureau.
ainsi que de info.txt (qui sera réduit dans la Barre des Tâches)
Logfile of random's system information tool 1.06 (written by random/random)
Run by jouss at 2009-09-30 21:57:08
Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 1
System drive C: has 184 GB (81%) free of 228 GB
Total RAM: 1790 MB (49% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:57:21, on 30/09/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Agence Exclusive\Agence.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\jouss\Downloads\RSIT.exe
C:\Program Files\trend micro\jouss.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.troner.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AEBHO - {0495F4D7-9FE3-4456-AA9D-1D57E78DF5F0} - C:\Program Files\Agence Exclusive\AgenceBHO.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: &IE Help - {35A5B43B-CB8A-49CA-A9F4-D3B308D2E3CC} - C:\Windows\System32\iehelpmod.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePDIRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Agence] "C:\Program Files\Agence Exclusive\Agence.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\fr-FR\local\search.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O13 - Gopher Prefix:
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Program Files\Common Files\LightScribe\LSSrvc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 8322 bytes
======Scheduled tasks folder======
C:\Windows\tasks\TS.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0495F4D7-9FE3-4456-AA9D-1D57E78DF5F0}]
AEBHO Class - C:\Program Files\Agence Exclusive\AgenceBHO.dll [2009-09-22 225280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35A5B43B-CB8A-49CA-A9F4-D3B308D2E3CC}]
&IE Help - C:\Windows\System32\iehelpmod.dll [2009-09-25 334848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}]
AOL Toolbar BHO - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll [2008-07-02 1185120]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-09-18 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{DE9C389F-3316-41A7-809B-AA305ED9D922} - AOL Toolbar - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll [2008-07-02 1185120]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-04-17 1049896]
"QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2008-09-23 468264]
"UpdateLBPShortCut"=C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
"UpdatePSTShortCut"=C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [2008-10-06 210216]
"UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2007-12-24 222504]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-08-01 202032]
"UpdateP2GoShortCut"=C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
"UpdatePDIRShortCut"=C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09 75008]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-15 488752]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2009-07-01 37888]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-09-18 149280]
"Agence"=C:\Program Files\Agence Exclusive\Agence.exe [2009-09-22 638976]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-07-11 13543968]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-07-11 92704]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-06-09 2363392]
C:\Users\jouss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2009-09-30 21:57:08 ----D---- C:\rsit
2009-09-27 19:43:17 ----D---- C:\Windows\Minidump
2009-09-25 01:32:18 ----D---- C:\Program Files\Common Files\TSUninstall
2009-09-25 01:32:04 ----A---- C:\Windows\system32\iehelpmod.dll
2009-09-25 01:31:55 ----D---- C:\Program Files\TS
2009-09-24 23:14:17 ----D---- C:\Program Files\Soccer-Trainer Démonstration
2009-09-24 20:36:24 ----D---- C:\Windows\system32\EventProviders
2009-09-24 19:08:30 ----D---- C:\Program Files\Agence Exclusive
2009-09-18 18:23:38 ----D---- C:\Users\jouss\AppData\Roaming\OpenOffice.org
2009-09-18 18:19:57 ----D---- C:\Program Files\JRE
2009-09-18 18:19:44 ----D---- C:\Program Files\OpenOffice.org 3
2009-09-18 18:19:00 ----A---- C:\Windows\system32\javaws.exe
2009-09-18 18:19:00 ----A---- C:\Windows\system32\javaw.exe
2009-09-18 18:19:00 ----A---- C:\Windows\system32\java.exe
2009-09-18 18:18:35 ----D---- C:\Program Files\Java
2009-09-11 21:20:15 ----D---- C:\Program Files\Dream Media Player
2009-09-09 12:43:22 ----A---- C:\Windows\system32\jscript.dll
2009-09-09 12:43:15 ----A---- C:\Windows\system32\netiohlp.dll
2009-09-09 12:43:14 ----A---- C:\Windows\system32\TCPSVCS.EXE
2009-09-09 12:43:14 ----A---- C:\Windows\system32\ROUTE.EXE
2009-09-09 12:43:14 ----A---- C:\Windows\system32\NETSTAT.EXE
2009-09-09 12:43:14 ----A---- C:\Windows\system32\netevent.dll
2009-09-09 12:43:14 ----A---- C:\Windows\system32\MRINFO.EXE
2009-09-09 12:43:14 ----A---- C:\Windows\system32\HOSTNAME.EXE
2009-09-09 12:43:14 ----A---- C:\Windows\system32\finger.exe
2009-09-09 12:43:14 ----A---- C:\Windows\system32\ARP.EXE
2009-09-09 12:42:06 ----A---- C:\Windows\system32\wlansvc.dll
2009-09-09 12:42:06 ----A---- C:\Windows\system32\wlansec.dll
2009-09-09 12:42:06 ----A---- C:\Windows\system32\wlanmsm.dll
2009-09-09 12:42:06 ----A---- C:\Windows\system32\L2SecHC.dll
2009-09-09 12:42:00 ----A---- C:\Windows\system32\WMVCORE.DLL
2009-09-09 12:42:00 ----A---- C:\Windows\system32\mf.dll
2009-09-07 17:49:33 ----D---- C:\ProgramData\eMule
2009-09-07 17:26:26 ----A---- C:\Windows\system32\wdigest.dll
2009-09-07 17:26:26 ----A---- C:\Windows\system32\kerberos.dll
2009-09-07 17:26:25 ----A---- C:\Windows\system32\schannel.dll
2009-09-07 17:26:25 ----A---- C:\Windows\system32\msv1_0.dll
2009-09-07 17:26:25 ----A---- C:\Windows\system32\lsasrv.dll
2009-09-07 17:26:24 ----A---- C:\Windows\system32\secur32.dll
2009-09-07 17:26:24 ----A---- C:\Windows\system32\lsass.exe
2009-09-03 11:09:09 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-09-03 11:09:07 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2009-09-01 22:46:23 ----D---- C:\Users\jouss\AppData\Roaming\Agence Exclusive
2009-08-31 21:10:07 ----A---- C:\Windows\system32\GIF89.DLL
2009-08-31 21:10:05 ----A---- C:\Windows\system32\SSubTmr6.dll
2009-08-31 21:10:04 ----D---- C:\Program Files\Free Easy Burner
======List of files/folders modified in the last 1 months======
2009-09-30 21:57:21 ----D---- C:\Program Files\trend micro
2009-09-30 21:57:20 ----D---- C:\Windows\Prefetch
2009-09-30 21:57:14 ----D---- C:\Windows\Temp
2009-09-30 20:56:54 ----D---- C:\Windows
2009-09-30 20:34:04 ----D---- C:\Windows\System32
2009-09-30 16:55:42 ----RSD---- C:\Windows\assembly
2009-09-30 16:55:42 ----D---- C:\Windows\Microsoft.NET
2009-09-30 16:45:48 ----D---- C:\Windows\rescache
2009-09-30 16:39:50 ----A---- C:\ProgramData\hpqp.ini
2009-09-30 16:37:28 ----D---- C:\Windows\inf
2009-09-30 16:37:28 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-09-30 16:37:24 ----D---- C:\Windows\winsxs
2009-09-30 16:32:22 ----D---- C:\Windows\system32\catroot
2009-09-30 16:32:21 ----D---- C:\Windows\system32\catroot2
2009-09-30 16:25:41 ----D---- C:\Program Files\Windows Mail
2009-09-30 16:25:41 ----D---- C:\Program Files\Windows Calendar
2009-09-30 16:25:41 ----D---- C:\Program Files\Movie Maker
2009-09-30 16:25:39 ----D---- C:\Program Files\Windows Sidebar
2009-09-30 16:25:39 ----D---- C:\Program Files\Windows Media Player
2009-09-30 16:25:39 ----D---- C:\Program Files\Windows Collaboration
2009-09-30 16:25:39 ----D---- C:\Program Files\Internet Explorer
2009-09-30 16:25:38 ----D---- C:\Program Files\Windows Photo Gallery
2009-09-30 16:25:38 ----D---- C:\Program Files\Common Files\System
2009-09-30 16:25:33 ----D---- C:\Windows\servicing
2009-09-30 16:25:33 ----D---- C:\Program Files\Windows Defender
2009-09-30 16:25:17 ----D---- C:\Windows\system32\XPSViewer
2009-09-30 16:25:17 ----D---- C:\Windows\system32\lv-LV
2009-09-30 16:25:17 ----D---- C:\Windows\IME
2009-09-30 16:25:16 ----D---- C:\Windows\system32\sk-SK
2009-09-30 16:25:16 ----D---- C:\Windows\system32\oobe
2009-09-30 16:25:16 ----D---- C:\Windows\system32\ko-KR
2009-09-30 16:25:16 ----D---- C:\Windows\system32\it-IT
2009-09-30 16:25:16 ----D---- C:\Windows\system32\hr-HR
2009-09-30 16:25:16 ----D---- C:\Windows\system32\fr
2009-09-30 16:25:16 ----D---- C:\Windows\system32\et-EE
2009-09-30 16:25:16 ----D---- C:\Windows\system32\en-US
2009-09-30 16:25:16 ----D---- C:\Windows\system32\el-GR
2009-09-30 16:25:16 ----D---- C:\Windows\system32\de-DE
2009-09-30 16:25:16 ----D---- C:\Windows\system32\da-DK
2009-09-30 16:25:15 ----D---- C:\Windows\system32\migration
2009-09-30 16:25:10 ----D---- C:\Windows\system32\ru-RU
2009-09-30 16:25:10 ----D---- C:\Windows\system32\AdvancedInstallers
2009-09-30 16:25:07 ----D---- C:\Windows\system32\fr-FR
2009-09-30 16:25:06 ----D---- C:\Windows\system32\zh-TW
2009-09-30 16:25:06 ----D---- C:\Windows\system32\zh-CN
2009-09-30 16:25:06 ----D---- C:\Windows\system32\uk-UA
2009-09-30 16:25:06 ----D---- C:\Windows\system32\sv-SE
2009-09-30 16:25:06 ----D---- C:\Windows\system32\sr-Latn-CS
2009-09-30 16:25:06 ----D---- C:\Windows\system32\SLUI
2009-09-30 16:25:06 ----D---- C:\Windows\system32\sl-SI
2009-09-30 16:25:06 ----D---- C:\Windows\system32\setup
2009-09-30 16:25:06 ----D---- C:\Windows\system32\ro-RO
2009-09-30 16:25:06 ----D---- C:\Windows\system32\pt-PT
2009-09-30 16:25:06 ----D---- C:\Windows\system32\pl-PL
2009-09-30 16:25:06 ----D---- C:\Windows\system32\manifeststore
2009-09-30 16:25:06 ----D---- C:\Windows\system32\ja-JP
2009-09-30 16:25:06 ----D---- C:\Windows\system32\hu-HU
2009-09-30 16:25:06 ----D---- C:\Windows\system32\he-IL
2009-09-30 16:25:06 ----D---- C:\Windows\system32\fi-FI
2009-09-30 16:25:06 ----D---- C:\Windows\system32\es-ES
2009-09-30 16:25:06 ----D---- C:\Windows\system32\cs-CZ
2009-09-30 16:25:06 ----D---- C:\Windows\system32\bg-BG
2009-09-30 16:25:04 ----D---- C:\Windows\system32\th-TH
2009-09-30 16:25:04 ----D---- C:\Windows\system32\drivers
2009-09-30 16:25:03 ----D---- C:\Windows\system32\wbem
2009-09-30 16:25:03 ----D---- C:\Windows\system32\tr-TR
2009-09-30 16:25:00 ----D---- C:\Windows\system32\nl-NL
2009-09-30 16:25:00 ----D---- C:\Windows\system32\nb-NO
2009-09-30 16:25:00 ----D---- C:\Windows\system32\lt-LT
2009-09-30 16:25:00 ----D---- C:\Windows\system32\ar-SA
2009-09-30 16:24:59 ----D---- C:\Windows\system32\pt-BR
2009-09-30 16:24:59 ----D---- C:\Windows\system32\migwiz
2009-09-30 16:24:06 ----RSD---- C:\Windows\Fonts
2009-09-30 16:24:06 ----D---- C:\Windows\AppPatch
2009-09-30 16:23:57 ----D---- C:\Windows\system32\Boot
2009-09-30 16:04:17 ----D---- C:\ProgramData\NVIDIA
2009-09-30 15:36:55 ----D---- C:\Windows\system32\Tasks
2009-09-30 00:33:32 ----SHD---- C:\System Volume Information
2009-09-29 17:38:31 ----HD---- C:\ProgramData
2009-09-28 21:01:22 ----D---- C:\Users\jouss\AppData\Roaming\vlc
2009-09-27 20:08:25 ----D---- C:\Windows\system32\spool
2009-09-27 19:59:33 ----D---- C:\Windows\Logs
2009-09-27 19:57:46 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-09-25 01:32:18 ----D---- C:\Windows\Tasks
2009-09-25 01:32:18 ----D---- C:\Program Files\Common Files
2009-09-25 01:31:55 ----RD---- C:\Program Files
2009-09-24 22:17:09 ----D---- C:\Users\jouss\AppData\Roaming\Winamp
2009-09-22 12:54:27 ----SD---- C:\Windows\Downloaded Program Files
2009-09-21 23:42:58 ----D---- C:\Program Files\Mozilla Firefox
2009-09-18 18:22:50 ----SHD---- C:\Windows\Installer
2009-09-18 18:18:44 ----A---- C:\Windows\system32\deploytk.dll
2009-09-18 17:55:05 ----D---- C:\Program Files\Microsoft Office
2009-09-18 17:55:05 ----D---- C:\Program Files\Common Files\microsoft shared
2009-09-17 11:58:49 ----D---- C:\ProgramData\Microsoft Help
2009-09-17 11:58:31 ----D---- C:\Program Files\Microsoft Works
2009-09-17 01:07:03 ----SD---- C:\Users\jouss\AppData\Roaming\Microsoft
2009-09-11 23:45:03 ----D---- C:\Windows\Debug
2009-09-10 17:32:45 ----D---- C:\Program Files\Microsoft Silverlight
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-07-25 28520]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-08-20 55656]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-18 8704]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-04-27 909824]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-06-05 222208]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-11-01 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-11-01 208896]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2008-01-29 1042464]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-05-09 43040]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-07-11 7530656]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2008-04-25 14848]
R3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2008-09-19 61952]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-04-17 199344]
R3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-11-01 661504]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
S1 imrvknfnxvbyopyt;imrvknfnxvbyopyt; C:\Windows\system32\drivers\imrvknfnxvbyopyt.sys []
S3 catchme;catchme; \??\C:\Users\jouss\AppData\Local\Temp\catchme.sys []
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS [2007-04-05 19712]
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS [2007-04-05 18304]
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2008-01-21 2225664]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-07-25 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-20 185089]
R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-10-09 94208]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-07-11 196608]
R2 Recovery Service for Windows;Recovery Service for Windows; C:\Program Files\SMINST\BLService.exe [2008-10-06 365952]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2008-09-15 241734]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-18 386560]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-05-01 165192]
S2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe []
S3 GameConsoleService;GameConsoleService; C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe [2008-05-06 165416]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.06 2009-09-30 21:57:24
======Uninstall list======
-->"C:\Program Files\HP Games\5 Card Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Agatha Christie - Death on the Nile\Uninstall.exe"
-->"C:\Program Files\HP Games\Age of Castles\Uninstall.exe"
-->"C:\Program Files\HP Games\Bejeweled 2 Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Blasterball 3\Uninstall.exe"
-->"C:\Program Files\HP Games\Build-a-lot 2\Uninstall.exe"
-->"C:\Program Files\HP Games\Cake Mania\Uninstall.exe"
-->"C:\Program Files\HP Games\Chuzzle Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Diner Dash 2 Restaurant Rescue\Uninstall.exe"
-->"C:\Program Files\HP Games\Diner Dash\Uninstall.exe"
-->"C:\Program Files\HP Games\FATE\Uninstall.exe"
-->"C:\Program Files\HP Games\Fish Tycoon\Uninstall.exe"
-->"C:\Program Files\HP Games\Gem Shop\Uninstall.exe"
-->"C:\Program Files\HP Games\Granny in Paradise\Uninstall.exe"
-->"C:\Program Files\HP Games\Insaniquarium Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Mah Jong Quest\Uninstall.exe"
-->"C:\Program Files\HP Games\Mahjongg Artifacts\Uninstall.exe"
-->"C:\Program Files\HP Games\My HP Game Console\Uninstall.exe"
-->"C:\Program Files\HP Games\Ocean Express\Uninstall.exe"
-->"C:\Program Files\HP Games\Peggle\Uninstall.exe"
-->"C:\Program Files\HP Games\Polar Bowler\Uninstall.exe"
-->"C:\Program Files\HP Games\Polar Golfer\Uninstall.exe"
-->"C:\Program Files\HP Games\Polar Pool\Uninstall.exe"
-->"C:\Program Files\HP Games\Puzzle Express\Uninstall.exe"
-->"C:\Program Files\HP Games\Slingo Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\SPORE Creature Creator Trial Edition\Uninstall.exe"
-->"C:\Program Files\HP Games\Sudoku Quest\Uninstall.exe"
-->"C:\Program Files\HP Games\The Treasures of Montezuma\Uninstall.exe"
-->"C:\Program Files\HP Games\Tradewinds\Uninstall.exe"
-->"C:\Program Files\HP Games\Virtual Villagers - The Secret City\Uninstall.exe"
-->"C:\Program Files\HP Games\Zuma Deluxe\Uninstall.exe"
-->C:\Program Files\Conexant\SmartAudio\SETUP.EXE -U -ISmartAudio -SM=SMAUDIO.EXE,1801
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
ActiveCheck component for HP Active Support Library-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.1.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001}
Adobe Shockwave Player-->MsiExec.exe /X{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}
Agence 1.0-->"C:\Program Files\Agence Exclusive\unins000.exe"
AOL Toolbar 5.0-->"C:\Program Files\AOL\AOL Toolbar 5.0\uninstall.exe"
Atheros Driver Installation Program-->C:\Program Files\InstallShield Installation Information\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}\setup.exe -runfromtemp -l0x040c
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
bwin Poker-->"C:\bwinPoker\unins000.exe"
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Cisco EAP-FAST Module-->MsiExec.exe /I{415B2719-AD3A-4944-B404-C472DB6085B3}
Cisco LEAP Module-->MsiExec.exe /I{83770D14-21B9-44B3-8689-F7B523F94560}
Cisco PEAP Module-->MsiExec.exe /I{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}
Conexant HD Audio-->C:\Program Files\CONEXANT\CNXT_AUDIO_HDA\UIU32a.exe -U -IWAHerza.INF
CyberLink DVD Suite-->"C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
CyberLink DVD Suite-->"C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
CyberLink YouCam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
CyberLink YouCam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
Dream Media Player 1.0-->"C:\Program Files\Dream Media Player\unins000.exe"
e-Carte Bleue La Banque Postale-->"C:\Program Files\InstallShield Installation Information\{11B0F8D4-FD80-4800-ABA8-50D28FF769AF}\setup.exe" -runfromtemp -l0x040c -removeonly
ESU for Microsoft Vista-->MsiExec.exe /I{3877C901-7B90-4727-A639-B6ED2DD59D43}
Free Easy Burner V 3.9-->"C:\Program Files\Free Easy Burner\unins000.exe"
Free Mp3 Wma Converter V 1.81-->"C:\Program Files\Free Audio Pack\unins000.exe"
HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_HERMOSA_HSF\UIU32m.exe -U -IHPQHERzm.inf
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Active Support Library-->"C:\Program Files\InstallShield Installation Information\{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}\setup.exe" -runfromtemp -l0x0409 -removeonly
HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57A5AEC1-97FC-474D-92C4-908FCC2253D4}\setup.exe" -l0x9 -removeonly
HP Doc Viewer-->MsiExec.exe /I{082702D5-5DD8-4600-BCE5-48B15174687F}
HP DVD Play 3.7-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall
HP Help and Support-->MsiExec.exe /I{0054A0F6-00C9-4498-B821-B5C9578F433E}
HP Quick Launch Buttons 6.40 H2-->C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe -runfromtemp -l0x040c uninst
HP Total Care Advisor-->MsiExec.exe /X{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}
HP Update-->MsiExec.exe /X{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}
HP User Guides 0118-->MsiExec.exe /I{B6D0B141-B2BE-4DD0-B08F-B9186F3E36B3}
HP Wireless Assistant-->MsiExec.exe /I{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}
HPAsset component for HP Active Support Library-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
HPNetworkAssistant-->MsiExec.exe /I{228C6B46-64E2-404E-898A-EF0830603EF4}
HPTCSSetup-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{846DDADA-0239-4B67-A6B1-33658863793B}\setup.exe" -l0x9 -removeonly
Java(TM) 6 Update 16-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF}
LabelPrint-->"C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
LabelPrint-->"C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
LightScribe System Software 1.14.17.1-->MsiExec.exe /X{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Works-->MsiExec.exe /I{3B160861-7250-451E-B5EE-8B92BF30A710}
Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Mozilla Firefox (3.5.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
muvee Reveal-->MsiExec.exe /X{DD35C328-F115-BEDA-6EEE-E00C5AACCCBC}
My HP Games-->"C:\Program Files\HP Games\Uninstall.exe"
NetWaiting-->C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x040c -removeonly
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
OpenOffice.org 3.1-->MsiExec.exe /I{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}
Outils Club Internet-->"C:\Program Files\Club-Internet\Assistance\OutilsCI\uninstall.exe"
Power2Go-->"C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
Power2Go-->"C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
PowerDirector-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall
PowerDirector-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall
Realtek USB 2.0 Card Reader-->C:\Program Files\InstallShield Installation Information\{DC24971E-1946-445D-8A82-CE685433FA7D}\setup.exe -runfromtemp -l0x040c -removeonly
Soccer-Trainer Démonstration 3.04-->"C:\Program Files\Soccer-Trainer Démonstration\unins000.exe"
SPORE Creature Creator Trial Edition-->"C:\Program Files\HP Games\SPORE Creature Creator Trial Edition\Uninstall.exe"
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Titan Poker-->"C:\Poker\Titan Poker\_SetupPoker_465317.exe" /uninstall
Update 1.3-->"C:\Users\jouss\AppData\Roaming\Agence Exclusive\Update\unins000.exe"
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
VLC media player 1.0.1-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
======Security center information======
AS: Windows Defender
======System event log======
Computer Name: PC-de-jouss
Event Code: 4375
Message: Windows Servicing a échoué lors de la définition du package Package_for_KB973540_client_1~31bf3856ad364e35~x86~~6.0.1.0 () à l’état Installé(Installed)
Record Number: 48846
Source Name: Microsoft-Windows-Servicing
Time Written: 20090930143756.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-jouss
Event Code: 4375
Message: Windows Servicing a échoué lors de la définition du package Package_for_KB973540_client_2~31bf3856ad364e35~x86~~6.0.1.0 () à l’état Intermédiaire(Staged)
Record Number: 48847
Source Name: Microsoft-Windows-Servicing
Time Written: 20090930143756.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-jouss
Event Code: 4375
Message: Windows Servicing a échoué lors de la définition du package Package_for_KB973540_client~31bf3856ad364e35~x86~~6.0.1.0 () à l’état Installé(Installed)
Record Number: 48848
Source Name: Microsoft-Windows-Servicing
Time Written: 20090930143756.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-jouss
Event Code: 4375
Message: Windows Servicing a échoué lors de la définition du package Package_for_KB973540~31bf3856ad364e35~x86~~6.0.1.0 () à l’état Installé(Installed)
Record Number: 48849
Source Name: Microsoft-Windows-Servicing
Time Written: 20090930143756.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-jouss
Event Code: 20
Message: Échec de l'installation : l'installation de la mise à jour suivante a échoue avec l'erreur 0x80004005 : Windows Vista Service Pack 2 (KB948465).
Record Number: 48862
Source Name: Microsoft-Windows-WindowsUpdateClient
Time Written: 20090930144617.980648-000
Event Type: Erreur
User: AUTORITE NT\SYSTEM
=====Application event log=====
Computer Name: PC-de-jouss
Event Code: 4113
Message: AntiVir a détecté dans le fichier C:\Users\jouss\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KR6I83QL\dg[1].exe un code suspect avec la désignation 'TR/Drop.TDss.94208'!
Record Number: 7012
Source Name: Avira AntiVir
Time Written: 20090930185609.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
Computer Name: PC-de-jouss
Event Code: 4113
Message: AntiVir a détecté dans le fichier C:\Users\jouss\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KR6I83QL\dg[2].exe un code suspect avec la désignation 'TR/Drop.TDss.94208'!
Record Number: 7013
Source Name: Avira AntiVir
Time Written: 20090930185613.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
Computer Name: PC-de-jouss
Event Code: 4113
Message: AntiVir a détecté dans le fichier C:\Users\jouss\AppData\Local\Temp\bykiqqxbfo.tmp un code suspect avec la désignation 'TR/Drop.TDss.94208'!
Record Number: 7014
Source Name: Avira AntiVir
Time Written: 20090930185618.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
Computer Name: PC-de-jouss
Event Code: 3036
Message: La source de contenu <iehistory://{s-1-5-21-1317669061-3156044905-884152237-1000}/> est inaccessible.
Contexte : Application , Catalogue SystemIndex
Détails :
Le filtrage a été arrêté du fait d'une action de l'utilisateur, comme par exemple l'arrêt de l'analyse. (0x80040d54)
Record Number: 7015
Source Name: Microsoft-Windows-Search
Time Written: 20090930185701.000000-000
Event Type: Avertissement
User:
Computer Name: PC-de-jouss
Event Code: 3023
Message: Impossible de démarrer l'analyse car toutes les sources de contenu ont été exclues par des règles de chemin d'accès au site ou supprimées de la configuration de l'index.
Contexte : Application , Catalogue SystemIndex
Détails :
Fonction incorrecte.
(0x00000001)
Record Number: 7016
Source Name: Microsoft-Windows-Search
Time Written: 20090930185710.000000-000
Event Type: Avertissement
User:
=====Security event log=====
Computer Name: PC-de-jouss
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 13140
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090930195719.439000-000
Event Type: Échec de l'audit
User:
Computer Name: PC-de-jouss
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 13141
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090930195719.498000-000
Event Type: Échec de l'audit
User:
Computer Name: PC-de-jouss
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 13142
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090930195719.561000-000
Event Type: Échec de l'audit
User:
Computer Name: PC-de-jouss
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 13143
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090930195719.625000-000
Event Type: Échec de l'audit
User:
Computer Name: PC-de-jouss
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 13144
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090930195719.690000-000
Event Type: Échec de l'audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\CyberLink\Power2Go
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=17
"PROCESSOR_IDENTIFIER"=x86 Family 17 Model 3 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=0301
"NUMBER_OF_PROCESSORS"=1
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE
"OnlineServices"=Online Services
"Platform"=MCD
"PCBRAND"=Presario
-----------------EOF-----------------
Run by jouss at 2009-09-30 21:57:08
Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 1
System drive C: has 184 GB (81%) free of 228 GB
Total RAM: 1790 MB (49% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:57:21, on 30/09/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Agence Exclusive\Agence.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\jouss\Downloads\RSIT.exe
C:\Program Files\trend micro\jouss.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.troner.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AEBHO - {0495F4D7-9FE3-4456-AA9D-1D57E78DF5F0} - C:\Program Files\Agence Exclusive\AgenceBHO.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: &IE Help - {35A5B43B-CB8A-49CA-A9F4-D3B308D2E3CC} - C:\Windows\System32\iehelpmod.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePDIRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Agence] "C:\Program Files\Agence Exclusive\Agence.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\fr-FR\local\search.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O13 - Gopher Prefix:
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Program Files\Common Files\LightScribe\LSSrvc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 8322 bytes
======Scheduled tasks folder======
C:\Windows\tasks\TS.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0495F4D7-9FE3-4456-AA9D-1D57E78DF5F0}]
AEBHO Class - C:\Program Files\Agence Exclusive\AgenceBHO.dll [2009-09-22 225280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35A5B43B-CB8A-49CA-A9F4-D3B308D2E3CC}]
&IE Help - C:\Windows\System32\iehelpmod.dll [2009-09-25 334848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}]
AOL Toolbar BHO - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll [2008-07-02 1185120]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-09-18 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{DE9C389F-3316-41A7-809B-AA305ED9D922} - AOL Toolbar - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll [2008-07-02 1185120]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-04-17 1049896]
"QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2008-09-23 468264]
"UpdateLBPShortCut"=C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
"UpdatePSTShortCut"=C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [2008-10-06 210216]
"UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2007-12-24 222504]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-08-01 202032]
"UpdateP2GoShortCut"=C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
"UpdatePDIRShortCut"=C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09 75008]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-15 488752]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2009-07-01 37888]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-09-18 149280]
"Agence"=C:\Program Files\Agence Exclusive\Agence.exe [2009-09-22 638976]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-07-11 13543968]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-07-11 92704]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-06-09 2363392]
C:\Users\jouss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2009-09-30 21:57:08 ----D---- C:\rsit
2009-09-27 19:43:17 ----D---- C:\Windows\Minidump
2009-09-25 01:32:18 ----D---- C:\Program Files\Common Files\TSUninstall
2009-09-25 01:32:04 ----A---- C:\Windows\system32\iehelpmod.dll
2009-09-25 01:31:55 ----D---- C:\Program Files\TS
2009-09-24 23:14:17 ----D---- C:\Program Files\Soccer-Trainer Démonstration
2009-09-24 20:36:24 ----D---- C:\Windows\system32\EventProviders
2009-09-24 19:08:30 ----D---- C:\Program Files\Agence Exclusive
2009-09-18 18:23:38 ----D---- C:\Users\jouss\AppData\Roaming\OpenOffice.org
2009-09-18 18:19:57 ----D---- C:\Program Files\JRE
2009-09-18 18:19:44 ----D---- C:\Program Files\OpenOffice.org 3
2009-09-18 18:19:00 ----A---- C:\Windows\system32\javaws.exe
2009-09-18 18:19:00 ----A---- C:\Windows\system32\javaw.exe
2009-09-18 18:19:00 ----A---- C:\Windows\system32\java.exe
2009-09-18 18:18:35 ----D---- C:\Program Files\Java
2009-09-11 21:20:15 ----D---- C:\Program Files\Dream Media Player
2009-09-09 12:43:22 ----A---- C:\Windows\system32\jscript.dll
2009-09-09 12:43:15 ----A---- C:\Windows\system32\netiohlp.dll
2009-09-09 12:43:14 ----A---- C:\Windows\system32\TCPSVCS.EXE
2009-09-09 12:43:14 ----A---- C:\Windows\system32\ROUTE.EXE
2009-09-09 12:43:14 ----A---- C:\Windows\system32\NETSTAT.EXE
2009-09-09 12:43:14 ----A---- C:\Windows\system32\netevent.dll
2009-09-09 12:43:14 ----A---- C:\Windows\system32\MRINFO.EXE
2009-09-09 12:43:14 ----A---- C:\Windows\system32\HOSTNAME.EXE
2009-09-09 12:43:14 ----A---- C:\Windows\system32\finger.exe
2009-09-09 12:43:14 ----A---- C:\Windows\system32\ARP.EXE
2009-09-09 12:42:06 ----A---- C:\Windows\system32\wlansvc.dll
2009-09-09 12:42:06 ----A---- C:\Windows\system32\wlansec.dll
2009-09-09 12:42:06 ----A---- C:\Windows\system32\wlanmsm.dll
2009-09-09 12:42:06 ----A---- C:\Windows\system32\L2SecHC.dll
2009-09-09 12:42:00 ----A---- C:\Windows\system32\WMVCORE.DLL
2009-09-09 12:42:00 ----A---- C:\Windows\system32\mf.dll
2009-09-07 17:49:33 ----D---- C:\ProgramData\eMule
2009-09-07 17:26:26 ----A---- C:\Windows\system32\wdigest.dll
2009-09-07 17:26:26 ----A---- C:\Windows\system32\kerberos.dll
2009-09-07 17:26:25 ----A---- C:\Windows\system32\schannel.dll
2009-09-07 17:26:25 ----A---- C:\Windows\system32\msv1_0.dll
2009-09-07 17:26:25 ----A---- C:\Windows\system32\lsasrv.dll
2009-09-07 17:26:24 ----A---- C:\Windows\system32\secur32.dll
2009-09-07 17:26:24 ----A---- C:\Windows\system32\lsass.exe
2009-09-03 11:09:09 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-09-03 11:09:07 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2009-09-01 22:46:23 ----D---- C:\Users\jouss\AppData\Roaming\Agence Exclusive
2009-08-31 21:10:07 ----A---- C:\Windows\system32\GIF89.DLL
2009-08-31 21:10:05 ----A---- C:\Windows\system32\SSubTmr6.dll
2009-08-31 21:10:04 ----D---- C:\Program Files\Free Easy Burner
======List of files/folders modified in the last 1 months======
2009-09-30 21:57:21 ----D---- C:\Program Files\trend micro
2009-09-30 21:57:20 ----D---- C:\Windows\Prefetch
2009-09-30 21:57:14 ----D---- C:\Windows\Temp
2009-09-30 20:56:54 ----D---- C:\Windows
2009-09-30 20:34:04 ----D---- C:\Windows\System32
2009-09-30 16:55:42 ----RSD---- C:\Windows\assembly
2009-09-30 16:55:42 ----D---- C:\Windows\Microsoft.NET
2009-09-30 16:45:48 ----D---- C:\Windows\rescache
2009-09-30 16:39:50 ----A---- C:\ProgramData\hpqp.ini
2009-09-30 16:37:28 ----D---- C:\Windows\inf
2009-09-30 16:37:28 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-09-30 16:37:24 ----D---- C:\Windows\winsxs
2009-09-30 16:32:22 ----D---- C:\Windows\system32\catroot
2009-09-30 16:32:21 ----D---- C:\Windows\system32\catroot2
2009-09-30 16:25:41 ----D---- C:\Program Files\Windows Mail
2009-09-30 16:25:41 ----D---- C:\Program Files\Windows Calendar
2009-09-30 16:25:41 ----D---- C:\Program Files\Movie Maker
2009-09-30 16:25:39 ----D---- C:\Program Files\Windows Sidebar
2009-09-30 16:25:39 ----D---- C:\Program Files\Windows Media Player
2009-09-30 16:25:39 ----D---- C:\Program Files\Windows Collaboration
2009-09-30 16:25:39 ----D---- C:\Program Files\Internet Explorer
2009-09-30 16:25:38 ----D---- C:\Program Files\Windows Photo Gallery
2009-09-30 16:25:38 ----D---- C:\Program Files\Common Files\System
2009-09-30 16:25:33 ----D---- C:\Windows\servicing
2009-09-30 16:25:33 ----D---- C:\Program Files\Windows Defender
2009-09-30 16:25:17 ----D---- C:\Windows\system32\XPSViewer
2009-09-30 16:25:17 ----D---- C:\Windows\system32\lv-LV
2009-09-30 16:25:17 ----D---- C:\Windows\IME
2009-09-30 16:25:16 ----D---- C:\Windows\system32\sk-SK
2009-09-30 16:25:16 ----D---- C:\Windows\system32\oobe
2009-09-30 16:25:16 ----D---- C:\Windows\system32\ko-KR
2009-09-30 16:25:16 ----D---- C:\Windows\system32\it-IT
2009-09-30 16:25:16 ----D---- C:\Windows\system32\hr-HR
2009-09-30 16:25:16 ----D---- C:\Windows\system32\fr
2009-09-30 16:25:16 ----D---- C:\Windows\system32\et-EE
2009-09-30 16:25:16 ----D---- C:\Windows\system32\en-US
2009-09-30 16:25:16 ----D---- C:\Windows\system32\el-GR
2009-09-30 16:25:16 ----D---- C:\Windows\system32\de-DE
2009-09-30 16:25:16 ----D---- C:\Windows\system32\da-DK
2009-09-30 16:25:15 ----D---- C:\Windows\system32\migration
2009-09-30 16:25:10 ----D---- C:\Windows\system32\ru-RU
2009-09-30 16:25:10 ----D---- C:\Windows\system32\AdvancedInstallers
2009-09-30 16:25:07 ----D---- C:\Windows\system32\fr-FR
2009-09-30 16:25:06 ----D---- C:\Windows\system32\zh-TW
2009-09-30 16:25:06 ----D---- C:\Windows\system32\zh-CN
2009-09-30 16:25:06 ----D---- C:\Windows\system32\uk-UA
2009-09-30 16:25:06 ----D---- C:\Windows\system32\sv-SE
2009-09-30 16:25:06 ----D---- C:\Windows\system32\sr-Latn-CS
2009-09-30 16:25:06 ----D---- C:\Windows\system32\SLUI
2009-09-30 16:25:06 ----D---- C:\Windows\system32\sl-SI
2009-09-30 16:25:06 ----D---- C:\Windows\system32\setup
2009-09-30 16:25:06 ----D---- C:\Windows\system32\ro-RO
2009-09-30 16:25:06 ----D---- C:\Windows\system32\pt-PT
2009-09-30 16:25:06 ----D---- C:\Windows\system32\pl-PL
2009-09-30 16:25:06 ----D---- C:\Windows\system32\manifeststore
2009-09-30 16:25:06 ----D---- C:\Windows\system32\ja-JP
2009-09-30 16:25:06 ----D---- C:\Windows\system32\hu-HU
2009-09-30 16:25:06 ----D---- C:\Windows\system32\he-IL
2009-09-30 16:25:06 ----D---- C:\Windows\system32\fi-FI
2009-09-30 16:25:06 ----D---- C:\Windows\system32\es-ES
2009-09-30 16:25:06 ----D---- C:\Windows\system32\cs-CZ
2009-09-30 16:25:06 ----D---- C:\Windows\system32\bg-BG
2009-09-30 16:25:04 ----D---- C:\Windows\system32\th-TH
2009-09-30 16:25:04 ----D---- C:\Windows\system32\drivers
2009-09-30 16:25:03 ----D---- C:\Windows\system32\wbem
2009-09-30 16:25:03 ----D---- C:\Windows\system32\tr-TR
2009-09-30 16:25:00 ----D---- C:\Windows\system32\nl-NL
2009-09-30 16:25:00 ----D---- C:\Windows\system32\nb-NO
2009-09-30 16:25:00 ----D---- C:\Windows\system32\lt-LT
2009-09-30 16:25:00 ----D---- C:\Windows\system32\ar-SA
2009-09-30 16:24:59 ----D---- C:\Windows\system32\pt-BR
2009-09-30 16:24:59 ----D---- C:\Windows\system32\migwiz
2009-09-30 16:24:06 ----RSD---- C:\Windows\Fonts
2009-09-30 16:24:06 ----D---- C:\Windows\AppPatch
2009-09-30 16:23:57 ----D---- C:\Windows\system32\Boot
2009-09-30 16:04:17 ----D---- C:\ProgramData\NVIDIA
2009-09-30 15:36:55 ----D---- C:\Windows\system32\Tasks
2009-09-30 00:33:32 ----SHD---- C:\System Volume Information
2009-09-29 17:38:31 ----HD---- C:\ProgramData
2009-09-28 21:01:22 ----D---- C:\Users\jouss\AppData\Roaming\vlc
2009-09-27 20:08:25 ----D---- C:\Windows\system32\spool
2009-09-27 19:59:33 ----D---- C:\Windows\Logs
2009-09-27 19:57:46 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-09-25 01:32:18 ----D---- C:\Windows\Tasks
2009-09-25 01:32:18 ----D---- C:\Program Files\Common Files
2009-09-25 01:31:55 ----RD---- C:\Program Files
2009-09-24 22:17:09 ----D---- C:\Users\jouss\AppData\Roaming\Winamp
2009-09-22 12:54:27 ----SD---- C:\Windows\Downloaded Program Files
2009-09-21 23:42:58 ----D---- C:\Program Files\Mozilla Firefox
2009-09-18 18:22:50 ----SHD---- C:\Windows\Installer
2009-09-18 18:18:44 ----A---- C:\Windows\system32\deploytk.dll
2009-09-18 17:55:05 ----D---- C:\Program Files\Microsoft Office
2009-09-18 17:55:05 ----D---- C:\Program Files\Common Files\microsoft shared
2009-09-17 11:58:49 ----D---- C:\ProgramData\Microsoft Help
2009-09-17 11:58:31 ----D---- C:\Program Files\Microsoft Works
2009-09-17 01:07:03 ----SD---- C:\Users\jouss\AppData\Roaming\Microsoft
2009-09-11 23:45:03 ----D---- C:\Windows\Debug
2009-09-10 17:32:45 ----D---- C:\Program Files\Microsoft Silverlight
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-07-25 28520]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-08-20 55656]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-18 8704]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-04-27 909824]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-06-05 222208]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-11-01 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-11-01 208896]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2008-01-29 1042464]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-05-09 43040]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-07-11 7530656]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2008-04-25 14848]
R3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2008-09-19 61952]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-04-17 199344]
R3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-11-01 661504]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
S1 imrvknfnxvbyopyt;imrvknfnxvbyopyt; C:\Windows\system32\drivers\imrvknfnxvbyopyt.sys []
S3 catchme;catchme; \??\C:\Users\jouss\AppData\Local\Temp\catchme.sys []
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS [2007-04-05 19712]
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS [2007-04-05 18304]
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2008-01-21 2225664]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-07-25 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-20 185089]
R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-10-09 94208]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-07-11 196608]
R2 Recovery Service for Windows;Recovery Service for Windows; C:\Program Files\SMINST\BLService.exe [2008-10-06 365952]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2008-09-15 241734]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-18 386560]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-05-01 165192]
S2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe []
S3 GameConsoleService;GameConsoleService; C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe [2008-05-06 165416]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.06 2009-09-30 21:57:24
======Uninstall list======
-->"C:\Program Files\HP Games\5 Card Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Agatha Christie - Death on the Nile\Uninstall.exe"
-->"C:\Program Files\HP Games\Age of Castles\Uninstall.exe"
-->"C:\Program Files\HP Games\Bejeweled 2 Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Blasterball 3\Uninstall.exe"
-->"C:\Program Files\HP Games\Build-a-lot 2\Uninstall.exe"
-->"C:\Program Files\HP Games\Cake Mania\Uninstall.exe"
-->"C:\Program Files\HP Games\Chuzzle Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Diner Dash 2 Restaurant Rescue\Uninstall.exe"
-->"C:\Program Files\HP Games\Diner Dash\Uninstall.exe"
-->"C:\Program Files\HP Games\FATE\Uninstall.exe"
-->"C:\Program Files\HP Games\Fish Tycoon\Uninstall.exe"
-->"C:\Program Files\HP Games\Gem Shop\Uninstall.exe"
-->"C:\Program Files\HP Games\Granny in Paradise\Uninstall.exe"
-->"C:\Program Files\HP Games\Insaniquarium Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Mah Jong Quest\Uninstall.exe"
-->"C:\Program Files\HP Games\Mahjongg Artifacts\Uninstall.exe"
-->"C:\Program Files\HP Games\My HP Game Console\Uninstall.exe"
-->"C:\Program Files\HP Games\Ocean Express\Uninstall.exe"
-->"C:\Program Files\HP Games\Peggle\Uninstall.exe"
-->"C:\Program Files\HP Games\Polar Bowler\Uninstall.exe"
-->"C:\Program Files\HP Games\Polar Golfer\Uninstall.exe"
-->"C:\Program Files\HP Games\Polar Pool\Uninstall.exe"
-->"C:\Program Files\HP Games\Puzzle Express\Uninstall.exe"
-->"C:\Program Files\HP Games\Slingo Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\SPORE Creature Creator Trial Edition\Uninstall.exe"
-->"C:\Program Files\HP Games\Sudoku Quest\Uninstall.exe"
-->"C:\Program Files\HP Games\The Treasures of Montezuma\Uninstall.exe"
-->"C:\Program Files\HP Games\Tradewinds\Uninstall.exe"
-->"C:\Program Files\HP Games\Virtual Villagers - The Secret City\Uninstall.exe"
-->"C:\Program Files\HP Games\Zuma Deluxe\Uninstall.exe"
-->C:\Program Files\Conexant\SmartAudio\SETUP.EXE -U -ISmartAudio -SM=SMAUDIO.EXE,1801
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
ActiveCheck component for HP Active Support Library-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.1.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001}
Adobe Shockwave Player-->MsiExec.exe /X{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}
Agence 1.0-->"C:\Program Files\Agence Exclusive\unins000.exe"
AOL Toolbar 5.0-->"C:\Program Files\AOL\AOL Toolbar 5.0\uninstall.exe"
Atheros Driver Installation Program-->C:\Program Files\InstallShield Installation Information\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}\setup.exe -runfromtemp -l0x040c
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
bwin Poker-->"C:\bwinPoker\unins000.exe"
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Cisco EAP-FAST Module-->MsiExec.exe /I{415B2719-AD3A-4944-B404-C472DB6085B3}
Cisco LEAP Module-->MsiExec.exe /I{83770D14-21B9-44B3-8689-F7B523F94560}
Cisco PEAP Module-->MsiExec.exe /I{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}
Conexant HD Audio-->C:\Program Files\CONEXANT\CNXT_AUDIO_HDA\UIU32a.exe -U -IWAHerza.INF
CyberLink DVD Suite-->"C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
CyberLink DVD Suite-->"C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
CyberLink YouCam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
CyberLink YouCam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
Dream Media Player 1.0-->"C:\Program Files\Dream Media Player\unins000.exe"
e-Carte Bleue La Banque Postale-->"C:\Program Files\InstallShield Installation Information\{11B0F8D4-FD80-4800-ABA8-50D28FF769AF}\setup.exe" -runfromtemp -l0x040c -removeonly
ESU for Microsoft Vista-->MsiExec.exe /I{3877C901-7B90-4727-A639-B6ED2DD59D43}
Free Easy Burner V 3.9-->"C:\Program Files\Free Easy Burner\unins000.exe"
Free Mp3 Wma Converter V 1.81-->"C:\Program Files\Free Audio Pack\unins000.exe"
HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_HERMOSA_HSF\UIU32m.exe -U -IHPQHERzm.inf
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Active Support Library-->"C:\Program Files\InstallShield Installation Information\{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}\setup.exe" -runfromtemp -l0x0409 -removeonly
HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57A5AEC1-97FC-474D-92C4-908FCC2253D4}\setup.exe" -l0x9 -removeonly
HP Doc Viewer-->MsiExec.exe /I{082702D5-5DD8-4600-BCE5-48B15174687F}
HP DVD Play 3.7-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall
HP Help and Support-->MsiExec.exe /I{0054A0F6-00C9-4498-B821-B5C9578F433E}
HP Quick Launch Buttons 6.40 H2-->C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe -runfromtemp -l0x040c uninst
HP Total Care Advisor-->MsiExec.exe /X{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}
HP Update-->MsiExec.exe /X{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}
HP User Guides 0118-->MsiExec.exe /I{B6D0B141-B2BE-4DD0-B08F-B9186F3E36B3}
HP Wireless Assistant-->MsiExec.exe /I{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}
HPAsset component for HP Active Support Library-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
HPNetworkAssistant-->MsiExec.exe /I{228C6B46-64E2-404E-898A-EF0830603EF4}
HPTCSSetup-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{846DDADA-0239-4B67-A6B1-33658863793B}\setup.exe" -l0x9 -removeonly
Java(TM) 6 Update 16-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF}
LabelPrint-->"C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
LabelPrint-->"C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
LightScribe System Software 1.14.17.1-->MsiExec.exe /X{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Works-->MsiExec.exe /I{3B160861-7250-451E-B5EE-8B92BF30A710}
Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Mozilla Firefox (3.5.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
muvee Reveal-->MsiExec.exe /X{DD35C328-F115-BEDA-6EEE-E00C5AACCCBC}
My HP Games-->"C:\Program Files\HP Games\Uninstall.exe"
NetWaiting-->C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x040c -removeonly
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
OpenOffice.org 3.1-->MsiExec.exe /I{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}
Outils Club Internet-->"C:\Program Files\Club-Internet\Assistance\OutilsCI\uninstall.exe"
Power2Go-->"C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
Power2Go-->"C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
PowerDirector-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall
PowerDirector-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall
Realtek USB 2.0 Card Reader-->C:\Program Files\InstallShield Installation Information\{DC24971E-1946-445D-8A82-CE685433FA7D}\setup.exe -runfromtemp -l0x040c -removeonly
Soccer-Trainer Démonstration 3.04-->"C:\Program Files\Soccer-Trainer Démonstration\unins000.exe"
SPORE Creature Creator Trial Edition-->"C:\Program Files\HP Games\SPORE Creature Creator Trial Edition\Uninstall.exe"
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Titan Poker-->"C:\Poker\Titan Poker\_SetupPoker_465317.exe" /uninstall
Update 1.3-->"C:\Users\jouss\AppData\Roaming\Agence Exclusive\Update\unins000.exe"
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
VLC media player 1.0.1-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
======Security center information======
AS: Windows Defender
======System event log======
Computer Name: PC-de-jouss
Event Code: 4375
Message: Windows Servicing a échoué lors de la définition du package Package_for_KB973540_client_1~31bf3856ad364e35~x86~~6.0.1.0 () à l’état Installé(Installed)
Record Number: 48846
Source Name: Microsoft-Windows-Servicing
Time Written: 20090930143756.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-jouss
Event Code: 4375
Message: Windows Servicing a échoué lors de la définition du package Package_for_KB973540_client_2~31bf3856ad364e35~x86~~6.0.1.0 () à l’état Intermédiaire(Staged)
Record Number: 48847
Source Name: Microsoft-Windows-Servicing
Time Written: 20090930143756.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-jouss
Event Code: 4375
Message: Windows Servicing a échoué lors de la définition du package Package_for_KB973540_client~31bf3856ad364e35~x86~~6.0.1.0 () à l’état Installé(Installed)
Record Number: 48848
Source Name: Microsoft-Windows-Servicing
Time Written: 20090930143756.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-jouss
Event Code: 4375
Message: Windows Servicing a échoué lors de la définition du package Package_for_KB973540~31bf3856ad364e35~x86~~6.0.1.0 () à l’état Installé(Installed)
Record Number: 48849
Source Name: Microsoft-Windows-Servicing
Time Written: 20090930143756.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-jouss
Event Code: 20
Message: Échec de l'installation : l'installation de la mise à jour suivante a échoue avec l'erreur 0x80004005 : Windows Vista Service Pack 2 (KB948465).
Record Number: 48862
Source Name: Microsoft-Windows-WindowsUpdateClient
Time Written: 20090930144617.980648-000
Event Type: Erreur
User: AUTORITE NT\SYSTEM
=====Application event log=====
Computer Name: PC-de-jouss
Event Code: 4113
Message: AntiVir a détecté dans le fichier C:\Users\jouss\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KR6I83QL\dg[1].exe un code suspect avec la désignation 'TR/Drop.TDss.94208'!
Record Number: 7012
Source Name: Avira AntiVir
Time Written: 20090930185609.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
Computer Name: PC-de-jouss
Event Code: 4113
Message: AntiVir a détecté dans le fichier C:\Users\jouss\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KR6I83QL\dg[2].exe un code suspect avec la désignation 'TR/Drop.TDss.94208'!
Record Number: 7013
Source Name: Avira AntiVir
Time Written: 20090930185613.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
Computer Name: PC-de-jouss
Event Code: 4113
Message: AntiVir a détecté dans le fichier C:\Users\jouss\AppData\Local\Temp\bykiqqxbfo.tmp un code suspect avec la désignation 'TR/Drop.TDss.94208'!
Record Number: 7014
Source Name: Avira AntiVir
Time Written: 20090930185618.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
Computer Name: PC-de-jouss
Event Code: 3036
Message: La source de contenu <iehistory://{s-1-5-21-1317669061-3156044905-884152237-1000}/> est inaccessible.
Contexte : Application , Catalogue SystemIndex
Détails :
Le filtrage a été arrêté du fait d'une action de l'utilisateur, comme par exemple l'arrêt de l'analyse. (0x80040d54)
Record Number: 7015
Source Name: Microsoft-Windows-Search
Time Written: 20090930185701.000000-000
Event Type: Avertissement
User:
Computer Name: PC-de-jouss
Event Code: 3023
Message: Impossible de démarrer l'analyse car toutes les sources de contenu ont été exclues par des règles de chemin d'accès au site ou supprimées de la configuration de l'index.
Contexte : Application , Catalogue SystemIndex
Détails :
Fonction incorrecte.
(0x00000001)
Record Number: 7016
Source Name: Microsoft-Windows-Search
Time Written: 20090930185710.000000-000
Event Type: Avertissement
User:
=====Security event log=====
Computer Name: PC-de-jouss
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 13140
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090930195719.439000-000
Event Type: Échec de l'audit
User:
Computer Name: PC-de-jouss
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 13141
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090930195719.498000-000
Event Type: Échec de l'audit
User:
Computer Name: PC-de-jouss
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 13142
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090930195719.561000-000
Event Type: Échec de l'audit
User:
Computer Name: PC-de-jouss
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 13143
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090930195719.625000-000
Event Type: Échec de l'audit
User:
Computer Name: PC-de-jouss
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 13144
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090930195719.690000-000
Event Type: Échec de l'audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\CyberLink\Power2Go
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=17
"PROCESSOR_IDENTIFIER"=x86 Family 17 Model 3 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=0301
"NUMBER_OF_PROCESSORS"=1
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE
"OnlineServices"=Online Services
"Platform"=MCD
"PCBRAND"=Presario
-----------------EOF-----------------
Je suis désolé mais, je suis nouveau, et vu que je veux me simplifier la vie,
mon message n'a aucun raport avec ce sujet, mais voilà:
Je voudrais créer un anti virus , mais bon, il faut savoir comment faire, quelqu'un saurais t-il en faire ou me dire ou trouver quelqu'un qui sache en faire, en bref,
comment l'on en fait.
prière de me joindre par E-mail sur l'adresse matisbourgeois@orange.fr
Merci...
mon message n'a aucun raport avec ce sujet, mais voilà:
Je voudrais créer un anti virus , mais bon, il faut savoir comment faire, quelqu'un saurais t-il en faire ou me dire ou trouver quelqu'un qui sache en faire, en bref,
comment l'on en fait.
prière de me joindre par E-mail sur l'adresse matisbourgeois@orange.fr
Merci...
Alors je vous écrit du pc de mon amie car je n'ai plus de connexion avec mon pc ; windows ne détecte aucun réseau alors que mon amie avec son pc navigue sans problème dans la même pièce. Quand j'allume l'ordinateur, les messages se font très insistants 8 ou 10 d'affilée puis mon bureau apparaît enfin mais maintenant que je ne peux plus me connecter, quelles sont les solutions? Je n'ai rien de vital dans mon pc, qui est relativement neuf, donc si il y avait possibilité de tout effacer et de le remettre à zero. Aider moi s'il vous plaît à corriger rapidement ce disfonctionnement.
Re,
On va essayer autre chose.
Télécharge ComboFix (de sUBs) sur ton Bureau.
Désactive temporairement toute protection résidente ! (Antivirus, antispywares..)
Double clique sur ComboFix.exe.
Accepte la licence en cliquant sur Oui.
Le programme va te demander si tu souhaites installer la Console de Récupération. C'est une précaution, au cas où l'ordinateur tomberait en panne. Je te conseille donc de l'installer, ça ne coûte rien, et ça pourrait potentiellement servir !
Lorsque l'opération sera terminée, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.
Le rapport se trouve ici : %SystemDrive%\ComboFix.txt (%systemdrive% étant la partition où est installée Windows; C:\ en général)
Aide : Comment utiliser ComboFix.
On va essayer autre chose.
Télécharge ComboFix (de sUBs) sur ton Bureau.
Le rapport se trouve ici : %SystemDrive%\ComboFix.txt (%systemdrive% étant la partition où est installée Windows; C:\ en général)
Aide : Comment utiliser ComboFix.
Je vous répond d'un autre pc. Je ne peux plus me connecter avec mon portable. Windows ne détecte aucun réseau or je suis dans un lieu ou la wifi fonctionne. Quand je clique sur " afficher les ordinateurs et les périphériques réseau " il n'y a rien. Dans centre Réseau et partage quand je veux afficher l'intégralité du mappage, il me met que la carte n'est pas connectée. Quand je met diagnostiquer et réparer, il me parle de problème sur une ou plusieurs cartes réseau. Est ce que je télécharge combofix d'un autre pc pour ensuite le mettre sur mon ordi avec une clé? C'est de pire en pire.
ok j'ai réussi à télécharger combofix ; voici le rapport :
ComboFix 09-10-04.01 - jouss 05/10/2009 21:42.1.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Basique 6.0.6001.1.1252.33.1036.18.1790.960 [GMT 2:00]
Lancé depuis: c:\users\jouss\Downloads\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\$recycle.bin\S-1-5-21-1317669061-3156044905-884152237-500
c:\$recycle.bin\S-1-5-21-2245400894-94728932-212463395-500
c:\windows\Installer\232ec.msi
c:\windows\Installer\232f0.msi
c:\windows\Installer\232f4.msi
c:\windows\Installer\232f8.msi
c:\windows\Installer\232fc.msi
c:\windows\Installer\2c2a9a.msi
c:\windows\system32\drivers\gasfkyrtmskjwp.sys
c:\windows\system32\gasfkybwvvyjsx.dat
c:\windows\system32\gasfkymrysydnb.dll
c:\windows\system32\gasfkyqbrjxgwe.dat
c:\windows\system32\gasfkyybhpcicj.dll
c:\windows\system32\gasfkyyewttnom.dll
c:\windows\system32\OGAAddin.dll
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_gasfkytpcxiert
-------\Service_gasfkytpcxiert
((((((((((((((((((((((((((((( Fichiers créés du 2009-09-05 au 2009-10-05 ))))))))))))))))))))))))))))))))))))
.
2009-10-05 19:25 . 2009-10-05 19:25 -------- d-----w- c:\users\jouss\AppData\Roaming\CyberLink
2009-10-05 19:25 . 2009-10-05 19:25 -------- d-----w- c:\users\Public\Recorded TV
2009-10-05 19:25 . 2009-10-05 19:34 -------- d-----w- c:\users\jouss\AppData\Local\QuickPlay
2009-10-05 16:29 . 2009-10-05 16:29 -------- d-----w- C:\found.001
2009-10-05 15:32 . 2009-10-05 15:32 -------- d-----w- c:\programdata\Office Genuine Advantage
2009-10-03 10:52 . 2009-10-01 08:29 195440 ------w- c:\windows\system32\MpSigStub.exe
2009-10-03 10:47 . 2009-08-07 02:24 44768 ----a-w- c:\windows\system32\wups2.dll
2009-10-03 10:47 . 2009-08-07 02:24 53472 ----a-w- c:\windows\system32\wuauclt.exe
2009-10-03 10:47 . 2009-08-07 02:23 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-10-03 10:47 . 2009-08-07 01:45 2421760 ----a-w- c:\windows\system32\wucltux.dll
2009-10-03 10:47 . 2009-08-07 02:24 35552 ----a-w- c:\windows\system32\wups.dll
2009-10-03 10:47 . 2009-08-07 02:23 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-10-03 10:47 . 2009-08-07 01:44 87552 ----a-w- c:\windows\system32\wudriver.dll
2009-10-03 10:47 . 2009-08-06 17:23 171608 ----a-w- c:\windows\system32\wuwebv.dll
2009-10-03 10:47 . 2009-08-06 16:44 33792 ----a-w- c:\windows\system32\wuapp.exe
2009-10-01 21:20 . 2009-10-01 21:20 -------- d-----w- c:\program files\VS Revo Group
2009-10-01 15:40 . 2009-10-01 15:40 -------- d-----w- C:\found.000
2009-09-30 19:57 . 2009-09-30 19:57 -------- d-----w- C:\rsit
2009-09-27 18:10 . 2009-09-29 15:48 1356 ----a-w- c:\users\jouss\AppData\Local\d3d9caps.dat
2009-09-24 23:32 . 2009-09-24 23:32 -------- d-----w- c:\program files\Common Files\TSUninstall
2009-09-24 21:14 . 2009-09-24 21:14 -------- d-----w- c:\users\jouss\soccer-trainer
2009-09-24 18:36 . 2009-09-24 18:36 -------- d-----w- c:\windows\system32\EventProviders
2009-09-24 17:08 . 2009-09-24 17:08 -------- d-----w- c:\users\jouss\AppData\Local\Agence Exclusive
2009-09-24 17:08 . 2009-09-24 17:08 -------- d-----w- c:\program files\Agence Exclusive
2009-09-18 16:24 . 2009-10-05 11:55 1 ----a-w- c:\users\jouss\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-09-18 16:23 . 2009-09-18 16:23 -------- d-----w- c:\users\jouss\AppData\Roaming\OpenOffice.org
2009-09-18 16:19 . 2009-09-18 16:19 -------- d-----w- c:\program files\JRE
2009-09-18 16:19 . 2009-09-18 16:19 -------- d-----w- c:\program files\OpenOffice.org 3
2009-09-18 16:18 . 2009-09-18 16:18 -------- d-----w- c:\program files\Java
2009-09-16 23:00 . 2009-09-16 23:00 -------- d-----w- c:\users\jouss\AppData\Local\Microsoft Help
2009-09-11 19:20 . 2009-09-12 14:27 -------- d-----w- c:\program files\Dream Media Player
2009-09-09 10:43 . 2009-08-14 17:07 897608 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-09-09 10:43 . 2009-08-14 16:29 104960 ----a-w- c:\windows\system32\netiohlp.dll
2009-09-09 10:43 . 2009-08-14 16:29 17920 ----a-w- c:\windows\system32\netevent.dll
2009-09-09 10:43 . 2009-08-14 14:16 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-09-09 10:43 . 2009-08-14 14:16 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-09-09 10:43 . 2009-08-14 14:16 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-09-09 10:43 . 2009-08-14 14:16 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-09-09 10:43 . 2009-08-14 14:16 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-09-09 10:43 . 2009-08-14 14:16 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-09-09 10:43 . 2009-08-14 14:16 10240 ----a-w- c:\windows\system32\finger.exe
2009-09-09 10:42 . 2009-07-11 19:32 513024 ----a-w- c:\windows\system32\wlansvc.dll
2009-09-09 10:42 . 2009-07-11 19:32 302592 ----a-w- c:\windows\system32\wlansec.dll
2009-09-09 10:42 . 2009-07-11 19:32 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2009-09-09 10:42 . 2009-07-11 19:29 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2009-09-09 10:42 . 2009-06-10 12:11 2868224 ----a-w- c:\windows\system32\mf.dll
2009-09-07 15:49 . 2009-09-07 16:08 -------- d-----w- c:\programdata\eMule
2009-09-07 15:26 . 2009-06-15 15:24 175104 ----a-w- c:\windows\system32\wdigest.dll
2009-09-07 15:26 . 2009-06-15 15:21 499712 ----a-w- c:\windows\system32\kerberos.dll
2009-09-07 15:26 . 2009-06-15 18:20 439896 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-09-07 15:26 . 2009-06-15 15:24 270848 ----a-w- c:\windows\system32\schannel.dll
2009-09-07 15:26 . 2009-06-15 15:23 1256448 ----a-w- c:\windows\system32\lsasrv.dll
2009-09-07 15:26 . 2009-06-15 15:22 213504 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-07 15:26 . 2009-06-15 15:24 72704 ----a-w- c:\windows\system32\secur32.dll
2009-09-07 15:26 . 2009-06-15 12:57 9728 ----a-w- c:\windows\system32\lsass.exe
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-05 19:25 . 2008-10-25 06:13 -------- d-----w- c:\programdata\CyberLink
2009-10-05 18:32 . 2008-10-25 13:59 669566 ----a-w- c:\windows\system32\perfh00C.dat
2009-10-05 18:32 . 2008-10-25 13:59 123556 ----a-w- c:\windows\system32\perfc00C.dat
2009-10-04 17:44 . 2009-08-21 15:17 -------- d-----w- c:\users\jouss\AppData\Roaming\Winamp
2009-09-30 19:57 . 2009-08-14 11:10 -------- d-----w- c:\program files\trend micro
2009-09-30 14:25 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Calendar
2009-09-30 14:25 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-09-30 14:25 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Sidebar
2009-09-30 14:25 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Collaboration
2009-09-30 14:25 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Photo Gallery
2009-09-30 14:25 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Defender
2009-09-30 14:04 . 2009-03-10 06:21 -------- d-----w- c:\programdata\NVIDIA
2009-09-29 15:35 . 2009-07-02 13:35 27839 ----a-w- c:\programdata\nvModes.dat
2009-09-28 19:01 . 2009-08-24 16:13 -------- d-----w- c:\users\jouss\AppData\Roaming\vlc
2009-09-27 17:57 . 2009-08-14 12:17 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-09-18 19:06 . 2009-06-30 23:15 78608 ----a-w- c:\users\jouss\AppData\Local\GDIPFONTCACHEV1.DAT
2009-09-18 16:18 . 2009-07-28 14:17 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-09-17 09:58 . 2008-10-25 06:05 -------- d-----w- c:\programdata\Microsoft Help
2009-09-17 09:58 . 2008-10-25 05:53 -------- d-----w- c:\program files\Microsoft Works
2009-09-16 21:25 . 2009-07-29 11:17 100 ----a-w- c:\users\jouss\AppData\Roaming\wklnhst.dat
2009-09-12 13:21 . 2009-08-31 19:10 -------- d-----w- c:\program files\Free Easy Burner
2009-09-10 15:32 . 2009-08-09 15:29 -------- d-----w- c:\program files\Microsoft Silverlight
2009-09-10 12:54 . 2009-08-14 12:17 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-10 12:53 . 2009-08-14 12:17 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-01 20:49 . 2009-09-01 20:46 698913 ----a-w- c:\users\jouss\AppData\Roaming\Agence Exclusive\Update\unins000.exe
2009-09-01 20:46 . 2009-09-01 20:46 -------- d-----w- c:\users\jouss\AppData\Roaming\Agence Exclusive
2009-08-30 13:42 . 2008-10-25 06:13 -------- d-----w- c:\program files\Common Files\Adobe
2009-08-28 12:39 . 2009-09-03 09:09 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-08-28 10:15 . 2009-09-03 09:09 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-08-24 16:20 . 2009-08-24 16:20 -------- d-----w- c:\users\jouss\AppData\Roaming\dvdcss
2009-08-24 16:13 . 2009-08-24 16:13 -------- d-----w- c:\program files\VideoLAN
2009-08-21 15:17 . 2009-08-21 15:17 -------- d-----w- c:\program files\Winamp
2009-08-21 15:17 . 2009-08-21 15:17 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2009-08-20 21:44 . 2009-07-01 13:17 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-08-14 12:38 . 2009-08-14 12:38 -------- d-----w- c:\program files\CCleaner
2009-08-14 12:36 . 2009-08-14 11:30 -------- d-----w- c:\program files\Navilog1
2009-08-14 12:17 . 2009-08-14 12:17 -------- d-----w- c:\users\jouss\AppData\Roaming\Malwarebytes
2009-08-14 12:17 . 2009-08-14 12:17 -------- d-----w- c:\programdata\Malwarebytes
2009-08-03 13:07 . 2009-08-03 13:07 403816 ----a-w- c:\windows\system32\OGACheckControl.dll
2009-08-03 13:07 . 2009-08-03 13:07 230768 ----a-w- c:\windows\system32\OGAEXEC.exe
2009-07-21 21:52 . 2009-07-29 10:08 915456 ----a-w- c:\windows\system32\wininet.dll
2009-07-21 21:47 . 2009-07-29 10:08 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-07-21 21:47 . 2009-07-29 10:08 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-07-21 20:13 . 2009-07-29 10:08 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-07-17 14:35 . 2009-08-12 11:26 71680 ----a-w- c:\windows\system32\atl.dll
2009-07-14 13:00 . 2009-08-12 11:26 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-14 12:59 . 2009-08-12 11:26 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-07-14 12:58 . 2009-08-12 11:26 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-07-14 10:59 . 2009-08-12 11:26 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2008-10-25 14:22 . 2008-10-25 14:02 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
2008-01-21 02:32 . 2008-01-21 02:32 397312 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.0.6001.18000_none_f1582d884fb532fb\WinMail.exe
2008-01-21 02:32 . 2008-01-21 02:32 397312 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.0.6002.18005_none_f343a6944cd6fe47\WinMail.exe
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0495F4D7-9FE3-4456-AA9D-1D57E78DF5F0}]
2009-09-22 14:24 225280 ----a-w- c:\program files\Agence Exclusive\AgenceBHO.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-17 1049896]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2008-09-23 468264]
"UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
"UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2008-10-06 210216]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-12-24 222504]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-08-01 202032]
"UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
"UpdatePDIRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-07-01 37888]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-09-18 149280]
"Agence"="c:\program files\Agence Exclusive\Agence.exe" [2009-09-22 638976]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-07-11 13543968]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-07-11 92704]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
c:\users\jouss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-8-18 384000]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=""
"FirewallOverride"=""
"UpdatesDisableNotify"=""
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):58,e8,7c,92,d8,41,ca,01
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{07DE1E13-5DA2-48D3-AB9E-7148AC9700BC}"= c:\program files\CyberLink\PowerDirector\PDR.EXE:CyberLink PowerDirector
"{FAD6F4ED-B7E3-473A-A165-717F219E0EAA}"= c:\program files\HP\QuickPlay\QP.exe:Quick Play
"{821B054A-9A80-4D98-A5AB-09344C33DF62}"= c:\program files\HP\QuickPlay\QPService.exe:Quick Play Resident Program
"TCP Query User{28FB2177-85F6-46DD-ACD9-FF053777D1B6}c:\\program files\\shareaza\\shareaza.exe"= UDP:c:\program files\shareaza\shareaza.exe:Shareaza Ultimate File Sharing
"UDP Query User{52E4984D-5E67-4A02-B657-B73C6933C7F8}c:\\program files\\shareaza\\shareaza.exe"= TCP:c:\program files\shareaza\shareaza.exe:Shareaza Ultimate File Sharing
R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [01/07/2009 15:17 108289]
R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe -k netsvcs [21/01/2008 04:33 21504]
R2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\SMINST\BLService.exe [25/10/2008 08:30 365952]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [25/10/2008 07:20 193840]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\System32\drivers\nvhda32v.sys [09/05/2008 21:17 43040]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Common Files\LightScribe\LSRunOnce.exe"
.
Contenu du dossier 'Tâches planifiées'
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://google%20.com/
mStart Page = hxxp://www.troner.net/
uInternet Settings,ProxyOverride = local
IE: &Recherche AOL Toolbar - c:\programdata\AOL\ieToolbar\resources\fr-FR\local\search.html
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\jouss\AppData\Roaming\Mozilla\Firefox\Profiles\wi2o7a1r.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-05 21:52
Windows 6.0.6001 Service Pack 1 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\System32\nvvsvc.exe
c:\windows\System32\audiodg.exe
c:\windows\System32\rundll32.exe
c:\windows\System32\wlanext.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\windows\System32\drivers\XAudio.exe
c:\windows\System32\rundll32.exe
c:\windows\System32\wbem\unsecapp.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files\OpenOffice.org 3\program\soffice.exe
c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
c:\program files\Hewlett-Packard\Shared\HpqToaster.exe
c:\program files\OpenOffice.org 3\program\soffice.bin
c:\windows\System32\wbem\WMIADAP.exe
.
**************************************************************************
.
Heure de fin: 2009-10-05 21:57 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-10-05 19:57
Avant-CF: 191 558 410 240 octets libres
Après-CF: 191 561 003 008 octets libres
261 --- E O F --- 2009-10-05 18:31
ComboFix 09-10-04.01 - jouss 05/10/2009 21:42.1.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Basique 6.0.6001.1.1252.33.1036.18.1790.960 [GMT 2:00]
Lancé depuis: c:\users\jouss\Downloads\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\$recycle.bin\S-1-5-21-1317669061-3156044905-884152237-500
c:\$recycle.bin\S-1-5-21-2245400894-94728932-212463395-500
c:\windows\Installer\232ec.msi
c:\windows\Installer\232f0.msi
c:\windows\Installer\232f4.msi
c:\windows\Installer\232f8.msi
c:\windows\Installer\232fc.msi
c:\windows\Installer\2c2a9a.msi
c:\windows\system32\drivers\gasfkyrtmskjwp.sys
c:\windows\system32\gasfkybwvvyjsx.dat
c:\windows\system32\gasfkymrysydnb.dll
c:\windows\system32\gasfkyqbrjxgwe.dat
c:\windows\system32\gasfkyybhpcicj.dll
c:\windows\system32\gasfkyyewttnom.dll
c:\windows\system32\OGAAddin.dll
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_gasfkytpcxiert
-------\Service_gasfkytpcxiert
((((((((((((((((((((((((((((( Fichiers créés du 2009-09-05 au 2009-10-05 ))))))))))))))))))))))))))))))))))))
.
2009-10-05 19:25 . 2009-10-05 19:25 -------- d-----w- c:\users\jouss\AppData\Roaming\CyberLink
2009-10-05 19:25 . 2009-10-05 19:25 -------- d-----w- c:\users\Public\Recorded TV
2009-10-05 19:25 . 2009-10-05 19:34 -------- d-----w- c:\users\jouss\AppData\Local\QuickPlay
2009-10-05 16:29 . 2009-10-05 16:29 -------- d-----w- C:\found.001
2009-10-05 15:32 . 2009-10-05 15:32 -------- d-----w- c:\programdata\Office Genuine Advantage
2009-10-03 10:52 . 2009-10-01 08:29 195440 ------w- c:\windows\system32\MpSigStub.exe
2009-10-03 10:47 . 2009-08-07 02:24 44768 ----a-w- c:\windows\system32\wups2.dll
2009-10-03 10:47 . 2009-08-07 02:24 53472 ----a-w- c:\windows\system32\wuauclt.exe
2009-10-03 10:47 . 2009-08-07 02:23 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-10-03 10:47 . 2009-08-07 01:45 2421760 ----a-w- c:\windows\system32\wucltux.dll
2009-10-03 10:47 . 2009-08-07 02:24 35552 ----a-w- c:\windows\system32\wups.dll
2009-10-03 10:47 . 2009-08-07 02:23 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-10-03 10:47 . 2009-08-07 01:44 87552 ----a-w- c:\windows\system32\wudriver.dll
2009-10-03 10:47 . 2009-08-06 17:23 171608 ----a-w- c:\windows\system32\wuwebv.dll
2009-10-03 10:47 . 2009-08-06 16:44 33792 ----a-w- c:\windows\system32\wuapp.exe
2009-10-01 21:20 . 2009-10-01 21:20 -------- d-----w- c:\program files\VS Revo Group
2009-10-01 15:40 . 2009-10-01 15:40 -------- d-----w- C:\found.000
2009-09-30 19:57 . 2009-09-30 19:57 -------- d-----w- C:\rsit
2009-09-27 18:10 . 2009-09-29 15:48 1356 ----a-w- c:\users\jouss\AppData\Local\d3d9caps.dat
2009-09-24 23:32 . 2009-09-24 23:32 -------- d-----w- c:\program files\Common Files\TSUninstall
2009-09-24 21:14 . 2009-09-24 21:14 -------- d-----w- c:\users\jouss\soccer-trainer
2009-09-24 18:36 . 2009-09-24 18:36 -------- d-----w- c:\windows\system32\EventProviders
2009-09-24 17:08 . 2009-09-24 17:08 -------- d-----w- c:\users\jouss\AppData\Local\Agence Exclusive
2009-09-24 17:08 . 2009-09-24 17:08 -------- d-----w- c:\program files\Agence Exclusive
2009-09-18 16:24 . 2009-10-05 11:55 1 ----a-w- c:\users\jouss\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-09-18 16:23 . 2009-09-18 16:23 -------- d-----w- c:\users\jouss\AppData\Roaming\OpenOffice.org
2009-09-18 16:19 . 2009-09-18 16:19 -------- d-----w- c:\program files\JRE
2009-09-18 16:19 . 2009-09-18 16:19 -------- d-----w- c:\program files\OpenOffice.org 3
2009-09-18 16:18 . 2009-09-18 16:18 -------- d-----w- c:\program files\Java
2009-09-16 23:00 . 2009-09-16 23:00 -------- d-----w- c:\users\jouss\AppData\Local\Microsoft Help
2009-09-11 19:20 . 2009-09-12 14:27 -------- d-----w- c:\program files\Dream Media Player
2009-09-09 10:43 . 2009-08-14 17:07 897608 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-09-09 10:43 . 2009-08-14 16:29 104960 ----a-w- c:\windows\system32\netiohlp.dll
2009-09-09 10:43 . 2009-08-14 16:29 17920 ----a-w- c:\windows\system32\netevent.dll
2009-09-09 10:43 . 2009-08-14 14:16 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-09-09 10:43 . 2009-08-14 14:16 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-09-09 10:43 . 2009-08-14 14:16 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-09-09 10:43 . 2009-08-14 14:16 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-09-09 10:43 . 2009-08-14 14:16 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-09-09 10:43 . 2009-08-14 14:16 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-09-09 10:43 . 2009-08-14 14:16 10240 ----a-w- c:\windows\system32\finger.exe
2009-09-09 10:42 . 2009-07-11 19:32 513024 ----a-w- c:\windows\system32\wlansvc.dll
2009-09-09 10:42 . 2009-07-11 19:32 302592 ----a-w- c:\windows\system32\wlansec.dll
2009-09-09 10:42 . 2009-07-11 19:32 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2009-09-09 10:42 . 2009-07-11 19:29 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2009-09-09 10:42 . 2009-06-10 12:11 2868224 ----a-w- c:\windows\system32\mf.dll
2009-09-07 15:49 . 2009-09-07 16:08 -------- d-----w- c:\programdata\eMule
2009-09-07 15:26 . 2009-06-15 15:24 175104 ----a-w- c:\windows\system32\wdigest.dll
2009-09-07 15:26 . 2009-06-15 15:21 499712 ----a-w- c:\windows\system32\kerberos.dll
2009-09-07 15:26 . 2009-06-15 18:20 439896 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-09-07 15:26 . 2009-06-15 15:24 270848 ----a-w- c:\windows\system32\schannel.dll
2009-09-07 15:26 . 2009-06-15 15:23 1256448 ----a-w- c:\windows\system32\lsasrv.dll
2009-09-07 15:26 . 2009-06-15 15:22 213504 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-07 15:26 . 2009-06-15 15:24 72704 ----a-w- c:\windows\system32\secur32.dll
2009-09-07 15:26 . 2009-06-15 12:57 9728 ----a-w- c:\windows\system32\lsass.exe
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-05 19:25 . 2008-10-25 06:13 -------- d-----w- c:\programdata\CyberLink
2009-10-05 18:32 . 2008-10-25 13:59 669566 ----a-w- c:\windows\system32\perfh00C.dat
2009-10-05 18:32 . 2008-10-25 13:59 123556 ----a-w- c:\windows\system32\perfc00C.dat
2009-10-04 17:44 . 2009-08-21 15:17 -------- d-----w- c:\users\jouss\AppData\Roaming\Winamp
2009-09-30 19:57 . 2009-08-14 11:10 -------- d-----w- c:\program files\trend micro
2009-09-30 14:25 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Calendar
2009-09-30 14:25 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-09-30 14:25 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Sidebar
2009-09-30 14:25 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Collaboration
2009-09-30 14:25 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Photo Gallery
2009-09-30 14:25 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Defender
2009-09-30 14:04 . 2009-03-10 06:21 -------- d-----w- c:\programdata\NVIDIA
2009-09-29 15:35 . 2009-07-02 13:35 27839 ----a-w- c:\programdata\nvModes.dat
2009-09-28 19:01 . 2009-08-24 16:13 -------- d-----w- c:\users\jouss\AppData\Roaming\vlc
2009-09-27 17:57 . 2009-08-14 12:17 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-09-18 19:06 . 2009-06-30 23:15 78608 ----a-w- c:\users\jouss\AppData\Local\GDIPFONTCACHEV1.DAT
2009-09-18 16:18 . 2009-07-28 14:17 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-09-17 09:58 . 2008-10-25 06:05 -------- d-----w- c:\programdata\Microsoft Help
2009-09-17 09:58 . 2008-10-25 05:53 -------- d-----w- c:\program files\Microsoft Works
2009-09-16 21:25 . 2009-07-29 11:17 100 ----a-w- c:\users\jouss\AppData\Roaming\wklnhst.dat
2009-09-12 13:21 . 2009-08-31 19:10 -------- d-----w- c:\program files\Free Easy Burner
2009-09-10 15:32 . 2009-08-09 15:29 -------- d-----w- c:\program files\Microsoft Silverlight
2009-09-10 12:54 . 2009-08-14 12:17 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-10 12:53 . 2009-08-14 12:17 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-01 20:49 . 2009-09-01 20:46 698913 ----a-w- c:\users\jouss\AppData\Roaming\Agence Exclusive\Update\unins000.exe
2009-09-01 20:46 . 2009-09-01 20:46 -------- d-----w- c:\users\jouss\AppData\Roaming\Agence Exclusive
2009-08-30 13:42 . 2008-10-25 06:13 -------- d-----w- c:\program files\Common Files\Adobe
2009-08-28 12:39 . 2009-09-03 09:09 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-08-28 10:15 . 2009-09-03 09:09 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-08-24 16:20 . 2009-08-24 16:20 -------- d-----w- c:\users\jouss\AppData\Roaming\dvdcss
2009-08-24 16:13 . 2009-08-24 16:13 -------- d-----w- c:\program files\VideoLAN
2009-08-21 15:17 . 2009-08-21 15:17 -------- d-----w- c:\program files\Winamp
2009-08-21 15:17 . 2009-08-21 15:17 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2009-08-20 21:44 . 2009-07-01 13:17 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-08-14 12:38 . 2009-08-14 12:38 -------- d-----w- c:\program files\CCleaner
2009-08-14 12:36 . 2009-08-14 11:30 -------- d-----w- c:\program files\Navilog1
2009-08-14 12:17 . 2009-08-14 12:17 -------- d-----w- c:\users\jouss\AppData\Roaming\Malwarebytes
2009-08-14 12:17 . 2009-08-14 12:17 -------- d-----w- c:\programdata\Malwarebytes
2009-08-03 13:07 . 2009-08-03 13:07 403816 ----a-w- c:\windows\system32\OGACheckControl.dll
2009-08-03 13:07 . 2009-08-03 13:07 230768 ----a-w- c:\windows\system32\OGAEXEC.exe
2009-07-21 21:52 . 2009-07-29 10:08 915456 ----a-w- c:\windows\system32\wininet.dll
2009-07-21 21:47 . 2009-07-29 10:08 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-07-21 21:47 . 2009-07-29 10:08 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-07-21 20:13 . 2009-07-29 10:08 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-07-17 14:35 . 2009-08-12 11:26 71680 ----a-w- c:\windows\system32\atl.dll
2009-07-14 13:00 . 2009-08-12 11:26 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-14 12:59 . 2009-08-12 11:26 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-07-14 12:58 . 2009-08-12 11:26 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-07-14 10:59 . 2009-08-12 11:26 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2008-10-25 14:22 . 2008-10-25 14:02 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
2008-01-21 02:32 . 2008-01-21 02:32 397312 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.0.6001.18000_none_f1582d884fb532fb\WinMail.exe
2008-01-21 02:32 . 2008-01-21 02:32 397312 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.0.6002.18005_none_f343a6944cd6fe47\WinMail.exe
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0495F4D7-9FE3-4456-AA9D-1D57E78DF5F0}]
2009-09-22 14:24 225280 ----a-w- c:\program files\Agence Exclusive\AgenceBHO.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-17 1049896]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2008-09-23 468264]
"UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
"UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2008-10-06 210216]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-12-24 222504]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-08-01 202032]
"UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
"UpdatePDIRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-07-01 37888]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-09-18 149280]
"Agence"="c:\program files\Agence Exclusive\Agence.exe" [2009-09-22 638976]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-07-11 13543968]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-07-11 92704]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
c:\users\jouss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-8-18 384000]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=""
"FirewallOverride"=""
"UpdatesDisableNotify"=""
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):58,e8,7c,92,d8,41,ca,01
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{07DE1E13-5DA2-48D3-AB9E-7148AC9700BC}"= c:\program files\CyberLink\PowerDirector\PDR.EXE:CyberLink PowerDirector
"{FAD6F4ED-B7E3-473A-A165-717F219E0EAA}"= c:\program files\HP\QuickPlay\QP.exe:Quick Play
"{821B054A-9A80-4D98-A5AB-09344C33DF62}"= c:\program files\HP\QuickPlay\QPService.exe:Quick Play Resident Program
"TCP Query User{28FB2177-85F6-46DD-ACD9-FF053777D1B6}c:\\program files\\shareaza\\shareaza.exe"= UDP:c:\program files\shareaza\shareaza.exe:Shareaza Ultimate File Sharing
"UDP Query User{52E4984D-5E67-4A02-B657-B73C6933C7F8}c:\\program files\\shareaza\\shareaza.exe"= TCP:c:\program files\shareaza\shareaza.exe:Shareaza Ultimate File Sharing
R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [01/07/2009 15:17 108289]
R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe -k netsvcs [21/01/2008 04:33 21504]
R2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\SMINST\BLService.exe [25/10/2008 08:30 365952]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [25/10/2008 07:20 193840]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\System32\drivers\nvhda32v.sys [09/05/2008 21:17 43040]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Common Files\LightScribe\LSRunOnce.exe"
.
Contenu du dossier 'Tâches planifiées'
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://google%20.com/
mStart Page = hxxp://www.troner.net/
uInternet Settings,ProxyOverride = local
IE: &Recherche AOL Toolbar - c:\programdata\AOL\ieToolbar\resources\fr-FR\local\search.html
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\jouss\AppData\Roaming\Mozilla\Firefox\Profiles\wi2o7a1r.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-05 21:52
Windows 6.0.6001 Service Pack 1 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\System32\nvvsvc.exe
c:\windows\System32\audiodg.exe
c:\windows\System32\rundll32.exe
c:\windows\System32\wlanext.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\windows\System32\drivers\XAudio.exe
c:\windows\System32\rundll32.exe
c:\windows\System32\wbem\unsecapp.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files\OpenOffice.org 3\program\soffice.exe
c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
c:\program files\Hewlett-Packard\Shared\HpqToaster.exe
c:\program files\OpenOffice.org 3\program\soffice.bin
c:\windows\System32\wbem\WMIADAP.exe
.
**************************************************************************
.
Heure de fin: 2009-10-05 21:57 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-10-05 19:57
Avant-CF: 191 558 410 240 octets libres
Après-CF: 191 561 003 008 octets libres
261 --- E O F --- 2009-10-05 18:31
Le voici mais j'ai eu un message comme quoi il y avait un problème avec ; Le rapport est quand même arrivé ensuite :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:15:22, on 13/10/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\jouss\Downloads\HiJackThis.exe
C:\Windows\system32\wuauclt.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.duxet.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.duxet.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePDIRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O8 - Extra context menu item: &Recherche AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\fr-FR\local\search.html
O8 - Extra context menu item: Download all by RedTube Grabber - C:\Program Files\RedTubeGrabber\downall.htm
O8 - Extra context menu item: Download by YouTube Robot - C:\Program Files\RedTubeGrabber\downlink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 6951 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:15:22, on 13/10/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\jouss\Downloads\HiJackThis.exe
C:\Windows\system32\wuauclt.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.duxet.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.duxet.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePDIRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O8 - Extra context menu item: &Recherche AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\fr-FR\local\search.html
O8 - Extra context menu item: Download all by RedTube Grabber - C:\Program Files\RedTubeGrabber\downall.htm
O8 - Extra context menu item: Download by YouTube Robot - C:\Program Files\RedTubeGrabber\downlink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 6951 bytes
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumGros probléme avec antivirus soft [Résolu]
- ForumProblème Antivirus Orange [RESOLU...MERCI !!]
- Forum[RESOLU] probleme etrange avec les antivirus
- ForumProblème résolution Empire total war
- Forumprobleme de virus windows sécurity alert [RESOLUE]
- ForumTotal Security = Total Arnaque
- Forum[résolu ] Détection du virus :TR / Aluroot.b.63. avec antivirus Avira.
- Forum[RESOLU] désintallation microsoft essential security + virus ! help
- Forum[Résolu] Infecté, message Security warning
- Voir plus
