> Tous les forums > Forum Sécurité
 Ordi lent, écran noir au démarrage
Ajouter un message à la discussion
Page : [1] 
Page 1 sur 1
korrigane bleue
  Posté le 28/11/2009 @ 10:45 
Aller en bas de la page 
Petite astucienne

Bonjour,

Mon ordi met du temps à démarrer . des fois internet explorer plante et je me demande d'où cela vient. J'ai fait l'analyse en dessous et cela donne ça mais je débute là dedans et pour moi c'est du charabia tout çà. D'autre part Registry Mechanics me laisse toujours deux erreurs et quand je veux lançer le programme Yamaha music soft downlader il me dit qu'il n'est pas installé alors qu'il y est depuis 2007 !!!!

Merci de vos lumières.

info.txt logfile of random's system information tool 1.06 2009-11-28 10:27:44

======Uninstall list======

-->"C:\Program Files\InstallShield Installation Information\{A644254B-92F6-4970-8635-AB0775371E72}\setup.exe" --u:{A644254B-92F6-4970-8635-AB0775371E72}
-->C:\Program Files\InstallShield Installation Information\{22EB2FA7-1BA0-4FFB-972F-353EC6ABA9D5}\setup.exe -runfromtemp -l0x040c -removeonly
-->C:\Program Files\InstallShield Installation Information\{28B97CAB-828F-49D8-A30A-675476F9BA92}\setup.exe -runfromtemp -l0x040c/cont -removeonly
-->C:\Program Files\InstallShield Installation Information\{4E7DC12A-3597-4A94-9429-F6C6987361B1}\setup.exe -runfromtemp -l0x040c -removeonly
-->C:\Program Files\InstallShield Installation Information\{6813C983-427E-4511-8456-E98FCAA1A125}\setup.exe -runfromtemp -l0x040c -removeonly
-->C:\Program Files\InstallShield Installation Information\{7DADB304-AF20-48C3-A780-4B4133A08817}\setup.exe -runfromtemp -l0x040c -removeonly
-->C:\Program Files\InstallShield Installation Information\{9C423CF6-2DAA-4A37-94B8-59D7ECC7DB13}\setup.exe -runfromtemp -l0x040c -removeonly
-->C:\Program Files\InstallShield Installation Information\{ACE66099-E18E-4037-83C8-9D182E5B9FA8}\setup.exe -runfromtemp -l0x040c -removeonly
-->C:\Program Files\InstallShield Installation Information\{B34B6E67-FCDD-4E03-8742-B5701427FAFB}\setup.exe -runfromtemp -l0x040c -removeonly
-->C:\Program Files\InstallShield Installation Information\{FA6CC4B4-7741-4F8D-8E81-15C4BAB9869B}\setup.exe -runfromtemp -l0x040c -removeonly
-->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{028EC2AF-F501-4567-9CEA-140030DE8544}\setup.exe" -l0x40c -u
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2580F4DA-324F-4945-B16F-B2B867325085}\setup.exe" -l0x40c -u
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{622E6F16-0904-49B6-BBE1-4CC836314CCF}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{697AFC77-F318-4CD4-BF16-F50F4C1072DA}\setup.exe" -l0x40c
ABBYY FineReader 6.0 Sprint-->MsiExec.exe /I{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Photoshop Elements 7.0-->msiexec /i {CB6075D9-F912-40AE-BEA6-E590DA24F16B}
Adobe Premiere Elements 7.0 Templates-->msiexec /I {85AF94EC-55DE-452A-8FD7-C34E598B3F1F} REMOVEFROMARP=1
Adobe Premiere Elements 7.0 Templates-->MsiExec.exe /X{85AF94EC-55DE-452A-8FD7-C34E598B3F1F}
Adobe Premiere Elements 7.0-->msiexec /I {D564B5E2-CCB5-4A5C-B35E-2FC30BBC9336} REMOVEPREFS=1
Adobe Premiere Elements 7.0-->MsiExec.exe /I{D564B5E2-CCB5-4A5C-B35E-2FC30BBC9336}
Adobe Reader 9.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A92000000001}
Adobe Shockwave Player 11.5-->C:\Windows\system32\Adobe\uninstaller.exe
Apple Application Support-->MsiExec.exe /I{B607C354-CD79-4D22-86D1-92DC94153F42}
Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ArcSoft Panorama Maker 4-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D45E8C45-B601-4A80-AFD8-E16338744DE1}\Setup.exe" -l0x40c
Ask Toolbar-->"C:\Program Files\AskBarDis\unins000.exe"
Assistant de connexion Windows Live ID-->MsiExec.exe /X{10A44844-4465-456E-8C97-80BDD4F68845}
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
AVS Audio Converter version 5.1-->"C:\Program Files\AVS4YOU\AVSAudioConverter\unins000.exe"
AVS Audio Editor version 4.2-->"C:\Program Files\AVS4YOU\AVSAudioEditor\unins000.exe"
AVS DVDMenu Editor 1.2.1.20-->"C:\Program Files\Common Files\AVSMedia\AVS DVDMenu Editor\unins000.exe"
AVS Ringtone Maker version 1.6-->"C:\Program Files\AVS4YOU\AVSRingtoneMaker\unins000.exe"
AVS Update Manager 1.0-->"C:\Program Files\AVS4YOU\AVSUpdateManger\unins000.exe"
AVS Video Converter 6-->"C:\Program Files\AVS4YOU\AVSVideoConverter6\unins000.exe"
AVS Video ReMaker 2.4-->"C:\Program Files\AVS4YOU\AVSVideoReMaker\unins000.exe"
AVS YouTube Uploader version 1.0-->"C:\Program Files\AVS4YOU\AVSYouTubeUploader\unins000.exe"
AVS4YOU Software Navigator 1.3-->"C:\Program Files\AVS4YOU\AVSSoftwareNavigator\unins000.exe"
Babylon-->C:\Program Files\Babylon\Babylon-Pro\Utils\uninstbb.exe
Bluetooth Stack for Windows by Toshiba-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Camera Assistant Software for Toshiba-->C:\Program Files\InstallShield Installation Information\{37C866E4-AA67-4725-9E95-A39968DD7960}\setup.exe -runfromtemp -l0x040c
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
CDDRV_Installer-->MsiExec.exe /I{0C826C5B-B131-423A-A229-C71B3CACCD6A}
Codeur Windows Media Série 9-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Codeur Windows Media Série 9-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Cordial 2008 pour Microsoft Office, correcteur et analyseur de la langue française-->C:\Program Files\Cordial\Desinsta.exe
Crawler Toolbar-->C:\PROGRA~1\Crawler\CToolbar.exe uninst
Desktop SMS-->MsiExec.exe /I{5980B928-1C95-4B3E-957B-B02D8147FF9E}
DFX for RealNetworks-->C:\Users\Katell\Desktop\Pour icônes\uninstall_RealPlayer.exe
Driver Detective-->MsiExec.exe /X{5721A8EA-A30F-4F66-9046-3F40C43AE1DC}
DVD MovieFactory for TOSHIBA-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}\setup.exe" -l0x40c
Emdedded IR Driver-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{A6D4234C-CB02-4048-AC3E-AD09404FA35A}
Epson Easy Photo Print 2-->C:\Program Files\InstallShield Installation Information\{DEDB47A3-C988-4A43-A645-E2CEA571E680}\SETUP.EXE -runfromtemp -l0x040c UNINST -removeonly
Epson Event Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48F22622-1CC2-4A83-9C1E-644DD96F832D}\SETUP.EXE" -l0x40c -u
Epson Print CD-->C:\Program Files\InstallShield Installation Information\{D16A31F9-276D-4968-A753-FFEAC56995D0}\SETUP.EXE -runfromtemp -l0x040c -removeonly
EPSON PX700W Series Printer Uninstall-->C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FINSENE.EXE /R /APD /P:"EPSON PX700W Series"
EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r
EPSON Stylus Photo PX700W_PX800FW_TX700W_TX800FW Manuel-->C:\Program Files\EPSON\TPMANUAL\ESP_PX_TX_700W_800FW\FRA\USE_G\DOCUNINS.EXE
EpsonNet Print-->C:\Program Files\InstallShield Installation Information\{3E31400D-274E-4647-916C-2CACC3741799}\ENPSETUP.exe -runfromtemp -l0x040c -EPSON -removeonly
EVEREST Home Edition v2.20-->"E:\Program files\EVEREST Home Edition\unins000.exe"
Feneris Video Downloader-->MsiExec.exe /I{86AED2CA-EE00-400B-8516-5152CC10B32E}
Gadget Documents récents Microsoft Office 2007-->MsiExec.exe /X{90120000-008A-040C-0000-0000000FF1CE}
Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}
Gestionnaire de Connexion SFR 2009.03-->"C:\Program Files\SFR\Gestionnaire de Connexion SFR\unins000.exe"
Gestionnaire de téléchargement MusiClassics-->MsiExec.exe /X{C251E450-021F-4F12-AA67-8E54589CC39A}
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0E996B068B56FCA2.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
HiYo -->MsiExec.exe /X{1353AD69-6F86-484F-B56B-3508F60ACCC4} ARPVAL="UnInst" /qf /L*V "%temp%\HiYoUninstallLog.log"
HiYo-->MsiExec.exe /X{1353AD69-6F86-484F-B56B-3508F60ACCC4}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
IcoFX 1.6.4-->"C:\Program Files\IcoFX 1.6\unins000.exe"
Inbox Toolbar-->"C:\Program Files\Inbox Toolbar\unins000.exe"
IncrediMail 2.0-->C:\Program Files\IncrediMail\Bin\ImSetup.exe /uninstallProduct /addon:incredimail
IncrediMail JunkFilter Plus-->MsiExec.exe /X{DC754D8F-1D06-4016-BF57-8D21F97E1F0A} /qf /Lpar C:\Users\Katell\AppData\Local\Temp\\JfpUnInstall.log
IncrediMail-->MsiExec.exe /X{0473B4DA-BFD2-4919-A838-124254598437}
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Intel Matrix Storage Manager-->C:\Windows\system32\imsmudlg.exe -uninstall
iTunes-->MsiExec.exe /I{D1A74FBB-CA8D-4CCA-9B89-BAAA436DB178}
Japanese Fonts Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5760-0000-900000000003}
Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Runtime Environment 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
JunkFilterPlus-->MsiExec.exe /X{DC754D8F-1D06-4016-BF57-8D21F97E1F0A}
KhalInstallWrapper-->MsiExec.exe /I{3101CB58-3482-4D21-AF1A-7057FC935355}
La Chaîne Météo-->MsiExec.exe /X{095E78D4-1A02-D0CE-839C-B61734C39116}
Logitech SetPoint-->"C:\Program Files\InstallShield Installation Information\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}\setup.exe" -runfromtemp -l0x040c -removeonly
Manuels TOSHIBA-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5B1DD5AA-FF34-4D6E-A912-CB46BB7378DC}\setup.exe" -l0x40c -removeonly
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-001A-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.4-->MsiExec.exe /I{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}
Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
Microsoft Office Outlook 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall OUTLOOKR /dll OSETUP.DLL
Microsoft Office Outlook 2007-->MsiExec.exe /X{91120000-001A-0000-0000-0000000FF1CE}
Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0122-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual Studio 2005 Tools for Office Runtime-->MsiExec.exe /X{388E4B09-3E71-4649-8921-F44A3A2954A7}
Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}
Mise à jour Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {51EFB347-1F3D-4BAC-8B79-F056B904FE21}
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3}
Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Mozilla Firefox (3.5.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
myphotobook 3.1-->C:\Program Files\myphotobook\uninst.exe
Nero 8 Essentials-->MsiExec.exe /X{3DBBE5D1-AE9E-4B8B-9CD1-18740CE71036}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Netlog Music Tool-->C:\Program Files\Netlog Music Tool\Uninstaller.exe
Nikon Message Center-->MsiExec.exe /X{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}
Nikon Transfer-->MsiExec.exe /X{E9757890-7EC5-46C8-99AB-B00F07B6525C}
Nokia Connectivity Cable Driver-->MsiExec.exe /I{82427977-8776-4087-90CA-9F65174D3C4D}
Nokia Ovi Player-->MsiExec.exe /I{A528306A-C5EC-481C-A619-6106334E6800}
Nokia PC Suite-->C:\ProgramData\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Nokia_PC_Suite_7_1_26_0_fre.exe
Nokia PC Suite-->MsiExec.exe /I{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}
Nokia_Multimedia_Common_Components_2_5-->MsiExec.exe /I{3762698E-E9DF-4DD8-99F1-8192D0F8EE06}
NTRconnect-->MsiExec.exe /X{549514BF-2BDA-422B-9134-67B5A79C2487}
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
OpenOffice.org 3.0-->MsiExec.exe /I{6860B340-530D-46B3-91F8-1AE1F70F7C33}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Package de pilotes Windows - Nokia Modem (02/23/2009 7.01.0.2)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokbtmdm.inf_a366d9d6\nokbtmdm.inf
Package de pilotes Windows - Nokia Modem (02/24/2009 4.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokia_bluetooth.inf_9e7751a9\nokia_bluetooth.inf
Package de pilotes Windows - Nokia Modem (05/22/2008 3.8)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokia_bluetooth.inf_5e0e55c3\nokia_bluetooth.inf
Package de pilotes Windows - Nokia Modem (05/22/2008 7.00.0.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokbtmdm.inf_dcd936c5\nokbtmdm.inf
Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\Windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf
PC Connectivity Solution-->MsiExec.exe /I{9D6B740F-D9A2-45A6-BDC4-0A453D499FE6}
PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"
QuickTime-->MsiExec.exe /I{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -l0x040c -removeonly
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Réducteur de bruit du lecteur de CD/DVD-->C:\Program Files\InstallShield Installation Information\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}\setup.exe -runfromtemp -l0x040c -removeonly
Registry Mechanic 8.0-->"C:\Program Files\Registry Mechanic\unins000.exe" /Log
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-001A-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB973704)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office Excel 2007 (KB973593)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE}
Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {91120000-001A-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-001A-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-001A-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Windows Media Encoder (KB954156)-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} MSIPATCHREMOVE={E836F1B7-43FB-46B0-A0D9-E4D2A5951659} /qb
SiteRanker-->"C:\Program Files\SiteRanker\unins000.exe"
SmartSound Quicktracks for Premiere Elements-->"C:\Program Files\InstallShield Installation Information\{F6234880-85BE-4DCB-8A45-1FF85A1A8552}\setup.exe" -runfromtemp -l0x0409 -removeonly
SmartSound Quicktracks for Premiere Elements-->MsiExec.exe /I{F6234880-85BE-4DCB-8A45-1FF85A1A8552}
Sony Image Data Suite-->C:\Program Files\InstallShield Installation Information\{359FCAA7-B544-4147-AE3B-8C8A526E2427}\setup.exe -runfromtemp -l0x040c -removeonly
Sony Picture Utility-->C:\Program Files\InstallShield Installation Information\{D5068583-D569-468B-9755-5FBF5848F46F}\setup.exe -runfromtemp -l0x040c /removeonly uninstall -removeonly
Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Spyware Terminator-->"C:\Program Files\Spyware Terminator\unins000.exe"
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Texas Instruments PCIxx21/x515/xx12 drivers.-->C:\Program Files\InstallShield Installation Information\{DB780B85-B4B5-4864-A49C-9B706B169C93}\setup.exe -runfromtemp -l0x040c
TOSHIBA Assist-->C:\Program Files\InstallShield Installation Information\{12B3A009-A080-4619-9A2A-C6DB151D8D67}\setup.exe -runfromtemp -l0x040c -removeonly
TOSHIBA ConfigFree-->C:\Program Files\InstallShield Installation Information\{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}\setup.exe -runfromtemp -l0x040c uninstall
TOSHIBA Disc Creator-->MsiExec.exe /X{5DA0E02F-970B-424B-BF41-513A5018E4C0}
TOSHIBA DVD PLAYER-->C:\Program Files\InstallShield Installation Information\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}\setup.exe -runfromtemp -l0x040c -ADDREMOVE -removeonly
TOSHIBA Extended Tiles for Windows Mobility Center-->C:\Program Files\InstallShield Installation Information\{617C36FD-0CBE-4600-84B2-441CEB12FADF}\setup.exe -runfromtemp -l0x040c
TOSHIBA Flash Cards Support Utility-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{620BBA5E-F848-4D56-8BDA-584E44584C5E}
TOSHIBA Hardware Setup-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{5279374D-87FE-4879-9385-F17278EBB9D3} /l1036
TOSHIBA Mot de passe responsable-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE} /l1036
Toshiba Online Product Information-->C:\Program Files\InstallShield Installation Information\{2290A680-4083-410A-ADCC-7092C67FC052}\setup.exe -runfromtemp -l0x040c -removeonly
TOSHIBA SD Memory Utilities-->MsiExec.exe /X{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}
TOSHIBA Software Modem-->Tosmreg -U
TOSHIBA Value Added Package-->C:\Program Files\InstallShield Installation Information\{FEDD27A0-B306-45EF-BF58-B527406B42C8}\setup.exe -runfromtemp -l0x040c
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-001A-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {91120000-001A-0000-0000-0000000FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40C635331}
Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40C635331}
Update for Outlook 2007 Junk Email Filter (kb975960)-->msiexec /package {91120000-001A-0000-0000-0000000FF1CE} /uninstall {F1AB1BED-7477-4D5A-BD0C-04C2109459A5}
VirginMega DownloadManager-->"C:\Program Files\VirginMega\DownloadManager\Uninstall.exe" "C:\Program Files\VirginMega\DownloadManager\install.log"
Visual Studio 2005 Tools pour Office Second Edition Runtime-->C:\Program Files\Common Files\Microsoft Shared\VSTO\8.0\Microsoft Visual Studio 2005 Tools for Office Runtime\install.exe
WhiteCap-->C:\Program Files\SoundSpectrum\WhiteCap\Uninstall.exe
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA}
Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live Movie Maker-->MsiExec.exe /X{53B20C18-D8D4-4588-8737-9BBFE303C354}
Windows Live OneCare safety scanner-->"C:\Program Files\Windows Live Safety Center\UnInstall.exe"
Windows Live OneCare safety scanner-->MsiExec.exe /X{FE0646A7-19D0-41B4-A2BB-2C35D644270D}
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
YAMAHA Digital Music Notebook-->MsiExec.exe /X{D2EF6D61-EB17-461C-B3AB-24ED025C37C8}
YAMAHA Musicsoft Downloader 5.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6D3C6846-CDB6-418F-8FDB-DA21FE064F86}\Setup.exe" -l0x9

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

======Security center information======

AV: avast! antivirus 4.8.1335 [VPS 090414-0]
AS: Spybot - Search and Destroy (outdated)
AS: Windows Defender
AS: Spyware Terminator
AS: avast! antivirus 4.8.1335 [VPS 090414-0]

======System event log======

Computer Name: PC-de-Katell
Event Code: 4001
Message: Le Service d’autoconfiguration WLAN s’est arrêté correctement.

Record Number: 57281
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20090625214328.335000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: PC-de-Katell
Event Code: 15200
Message:
Record Number: 57259
Source Name: Microsoft-Windows-WPD-MTPClassDriver
Time Written: 20090625201722.000000-000
Event Type: Avertissement
User:

Computer Name: PC-de-Katell
Event Code: 7000
Message: Le service Parallel port driver n'a pas pu démarrer en raison de l'erreur :
Le service ne peut pas être démarré parce qu'il est désactivé ou qu'aucun périphérique activé ne lui est associé.
Record Number: 57187
Source Name: Service Control Manager
Time Written: 20090625194432.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-Katell
Event Code: 15016
Message: Impossible d’initialiser le package de sécurité Kerberos pour l’authentification côté serveur. Le champ de données contient le numéro de l’erreur.
Record Number: 57148
Source Name: Microsoft-Windows-HttpEvent
Time Written: 20090625194413.717371-000
Event Type: Erreur
User:

Computer Name: PC-de-Katell
Event Code: 4001
Message: Le Service d’autoconfiguration WLAN s’est arrêté correctement.

Record Number: 57131
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20090625180449.320000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

=====Application event log=====

Computer Name: PC-de-Katell
Event Code: 5007
Message: Impossible d’analyser le fichier cible de la plateforme de signalement de problèmes Windows (fichier DLL contenant la liste des problèmes de l’ordinateur et nécessitant la collecte de données supplémentaires à des fins de diagnostic). Le code d’erreur était : 8014FFF9.
Record Number: 3387
Source Name: WerSvc
Time Written: 20090411121910.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-Katell
Event Code: 1008
Message: Le service Windows Search tente de supprimer l’ancien catalogue.

Record Number: 3382
Source Name: Microsoft-Windows-Search
Time Written: 20090411121849.000000-000
Event Type: Avertissement
User:

Computer Name: LH-4IN3DUL7QW4M
Event Code: 1036
Message: Échec de InitializePrintProvider pour le fournisseur inetpp.dll. Cela peut se produire à la suite d’une instabilité du système ou d’une insuffisance des ressources système.
Record Number: 3360
Source Name: Microsoft-Windows-SpoolerSpoolss
Time Written: 20090411121252.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: LH-4IN3DUL7QW4M
Event Code: 5007
Message: Impossible d’analyser le fichier cible de la plateforme de signalement de problèmes Windows (fichier DLL contenant la liste des problèmes de l’ordinateur et nécessitant la collecte de données supplémentaires à des fins de diagnostic). Le code d’erreur était : 8014FFF9.
Record Number: 3354
Source Name: WerSvc
Time Written: 20090411121059.000000-000
Event Type: Erreur
User:

Computer Name: LH-4IN3DUL7QW4M
Event Code: 5007
Message: Impossible d’analyser le fichier cible de la plateforme de signalement de problèmes Windows (fichier DLL contenant la liste des problèmes de l’ordinateur et nécessitant la collecte de données supplémentaires à des fins de diagnostic). Le code d’erreur était : 8014FFF9.
Record Number: 3329
Source Name: WerSvc
Time Written: 20071001135327.000000-000
Event Type: Erreur
User:

=====Security event log=====

Computer Name: PC-de-Katell
Event Code: 4907
Message: Les paramètres d’audit sur l’objet ont changé.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-KATELL$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7

Objet :
Serveur de l’objet : Security
Type d’objet : File
Nom de l’objet : C:\Windows\System32\NlsLexicons081a.dll
ID du handle : 0x18

Informations sur le processus :
ID du processus : 0x4f4
Nom du processus : C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6001.18000_none_095f6148c74a7a64\poqexec.exe

Paramètres d’audit :
Descripteur de sécurité d’origine :
Nouveau descripteur de sécurité : S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 6619
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090414150238.747194-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-Katell
Event Code: 4907
Message: Les paramètres d’audit sur l’objet ont changé.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-KATELL$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7

Objet :
Serveur de l’objet : Security
Type d’objet : File
Nom de l’objet : C:\Windows\System32\RASMM.dll
ID du handle : 0x18

Informations sur le processus :
ID du processus : 0x4f4
Nom du processus : C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6001.18000_none_095f6148c74a7a64\poqexec.exe

Paramètres d’audit :
Descripteur de sécurité d’origine :
Nouveau descripteur de sécurité : S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 6618
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090414150238.747194-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-Katell
Event Code: 4907
Message: Les paramètres d’audit sur l’objet ont changé.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-KATELL$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7

Objet :
Serveur de l’objet : Security
Type d’objet : File
Nom de l’objet : C:\Windows\System32\gpsvc.dll
ID du handle : 0x18

Informations sur le processus :
ID du processus : 0x4f4
Nom du processus : C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6001.18000_none_095f6148c74a7a64\poqexec.exe

Paramètres d’audit :
Descripteur de sécurité d’origine :
Nouveau descripteur de sécurité : S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 6617
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090414150238.731594-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-Katell
Event Code: 4907
Message: Les paramètres d’audit sur l’objet ont changé.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-KATELL$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7

Objet :
Serveur de l’objet : Security
Type d’objet : File
Nom de l’objet : C:\Windows\System32\dmview.ocx
ID du handle : 0x18

Informations sur le processus :
ID du processus : 0x4f4
Nom du processus : C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6001.18000_none_095f6148c74a7a64\poqexec.exe

Paramètres d’audit :
Descripteur de sécurité d’origine :
Nouveau descripteur de sécurité : S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 6616
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090414150238.731594-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-Katell
Event Code: 4907
Message: Les paramètres d’audit sur l’objet ont changé.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-KATELL$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7

Objet :
Serveur de l’objet : Security
Type d’objet : File
Nom de l’objet : C:\Windows\System32\pintlgnt.ime
ID du handle : 0x18

Informations sur le processus :
ID du processus : 0x4f4
Nom du processus : C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6001.18000_none_095f6148c74a7a64\poqexec.exe

Paramètres d’audit :
Descripteur de sécurité d’origine :
Nouveau descripteur de sécurité : S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 6615
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090414150238.731594-000
Event Type: Succès de l'audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\Nokia\PC Connectivity Solution\;%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG;C:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 11, GenuineIntel
"PROCESSOR_REVISION"=0f0b
"NUMBER_OF_PROCESSORS"=2
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

Publicité
Anonyme
 Posté le 30/11/2009 à 12:05 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Nouvel astucien

Bonjour korrigane bleue,

ta machine est infectée et tu as posté la moitié du rapport RSIT...

Désactive le Contrôle des comptes utilisateurs (UAC, tu le réactiveras après la désinfection) :

- Va dans démarrer>Panneau de configuration
- Double-clique sur l' icône Comptes d' utilisateurs
- Clique ensuite sur désactiver puis valide

* Télécharge ToolBar-S&D (merci Team Idn).

  • Double-clique sur ToolBar-SD afin de lancer l' installation, un raccourci sera ajouté sur le Bureau
  • Double-clique dessus pour démarrer l' outil et choisis la langue.
  • Tape 1 puis sur la touche [Entrée] afin de lancer la recherche.
  • Patiente jusqu' à la fin de celle-ci, le rapport s' ouvrira dans le Bloc-notes
  • Poste le rapport (se trouvant également C:\TB.txt).

A+

korrigane bleue
 Posté le 30/11/2009 à 20:04 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

Je ferai cela mercredi car je sortirai de garde et j'aurai plus de temps...

korrigane bleue
 Posté le 02/12/2009 à 17:17 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

Voilà j'ai fait ce qui m'a été prescrit. Je vous remercie de votre aide, car après je ne sais ce qu'il faut faire....J'ai fait un copier coller, normalement il dervrait y avoir tout...
-----------\\ ToolBar S&D 1.2.9 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6002 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T7500 @ 2.20GHz )
BIOS : Ver 1.00PARTTBL
USER : Katell ( Not Administrator ! )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1335 [VPS 090414-0] 4.8.1335 (Activated)
C:\ (Local Disk) - NTFS - Total:92 Go (Free:12 Go)
D:\ (Local Disk) - FAT32 - Total:465 Go (Free:223 Go)
E:\ (Local Disk) - NTFS - Total:92 Go (Free:22 Go)
F:\ (CD or DVD)
H:\ (USB) - FAT - Total:963 Mo (Free:0 Go)
Z:\ (Network Disk) - FAT - Total:0 Go (Free:0 Go)

"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [1] ( 02/12/2009|17:16 )

[ UAC => 0 ]

-----------\\ Recherche de Fichiers / Dossiers ...

C:\Program Files\AskBarDis
C:\Program Files\AskBarDis\bar
C:\Program Files\AskBarDis\unins000.dat
C:\Program Files\AskBarDis\unins000.exe
C:\Program Files\AskBarDis\bar\bin
C:\Program Files\AskBarDis\bar\Settings
C:\Program Files\AskBarDis\bar\bin\askBar.dll
C:\Program Files\AskBarDis\bar\bin\askPopStp.dll
C:\Program Files\AskBarDis\bar\bin\psvince.dll
C:\Program Files\AskBarDis\bar\Settings\config.dat
C:\Program Files\AskBarDis\bar\Settings\config.dat.bak
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Barre d'outils Crawler
C:\Program Files\Crawler
C:\Program Files\Crawler\adrkeys.dat
C:\Program Files\Crawler\common_ff.dat
C:\Program Files\Crawler\confirm.dat
C:\Program Files\Crawler\ctbcomm.dll
C:\Program Files\Crawler\ctbr.dll
C:\Program Files\Crawler\CTConf.dat
C:\Program Files\Crawler\CTipsDef.dll
C:\Program Files\Crawler\CToolbar.exe
C:\Program Files\Crawler\CUpdate.exe
C:\Program Files\Crawler\Cursors
C:\Program Files\Crawler\Download
C:\Program Files\Crawler\firefox
C:\Program Files\Crawler\Languages
C:\Program Files\Crawler\lookfor.dat
C:\Program Files\Crawler\majorse.dat
C:\Program Files\Crawler\rootmenu.dat
C:\Program Files\Crawler\services.dat
C:\Program Files\Crawler\Skins
C:\Program Files\Crawler\STWSGLanguageAct
C:\Program Files\Crawler\STWSG_FF.dat
C:\Program Files\Crawler\TBR5LanguageAct
C:\Program Files\Crawler\Update
C:\Program Files\Crawler\WebSecurityGuard.dll
C:\Program Files\Crawler\WSGData
C:\Program Files\Crawler\Cursors\92E3D6A9EB667762A16BE7C643F3820A
C:\Program Files\Crawler\Cursors\cursors.xml
C:\Program Files\Crawler\Cursors\E50413B68DBF2331BBC67F7EF3896D6E
C:\Program Files\Crawler\Cursors\92E3D6A9EB667762A16BE7C643F3820A\appstarting.ani
C:\Program Files\Crawler\Cursors\92E3D6A9EB667762A16BE7C643F3820A\arrow.cur
C:\Program Files\Crawler\Cursors\92E3D6A9EB667762A16BE7C643F3820A\cursor.xml
C:\Program Files\Crawler\Cursors\92E3D6A9EB667762A16BE7C643F3820A\wait.ani
C:\Program Files\Crawler\Cursors\E50413B68DBF2331BBC67F7EF3896D6E\appstarting.ani
C:\Program Files\Crawler\Cursors\E50413B68DBF2331BBC67F7EF3896D6E\arrow.ani
C:\Program Files\Crawler\Cursors\E50413B68DBF2331BBC67F7EF3896D6E\cursor.xml
C:\Program Files\Crawler\Cursors\E50413B68DBF2331BBC67F7EF3896D6E\wait.ani
C:\Program Files\Crawler\firefox\chrome
C:\Program Files\Crawler\firefox\chrome.bak
C:\Program Files\Crawler\firefox\chrome.manifest
C:\Program Files\Crawler\firefox\components
C:\Program Files\Crawler\firefox\install.bak
C:\Program Files\Crawler\firefox\install.ini
C:\Program Files\Crawler\firefox\install.rdf
C:\Program Files\Crawler\firefox\stwsg_ff.ini
C:\Program Files\Crawler\firefox\chrome\common.jar
C:\Program Files\Crawler\firefox\chrome\stwsg.jar
C:\Program Files\Crawler\firefox\components\xcomm.bak
C:\Program Files\Crawler\firefox\components\xcomm.dll
C:\Program Files\Crawler\firefox\components\xplugin.bak
C:\Program Files\Crawler\firefox\components\xplugin.xpt
C:\Program Files\Crawler\firefox\components\xshared.bak
C:\Program Files\Crawler\firefox\components\xshared.dll
C:\Program Files\Crawler\firefox\components\xshared.xpt
C:\Program Files\Crawler\firefox\components\xsupport.bak
C:\Program Files\Crawler\firefox\components\xsupport.dll
C:\Program Files\Crawler\firefox\components\xsupport.xpt
C:\Program Files\Crawler\firefox\components\xwsg.dll
C:\Program Files\Crawler\Languages\STWSG_CS.cab
C:\Program Files\Crawler\Languages\STWSG_DE.cab
C:\Program Files\Crawler\Languages\STWSG_EN.cab
C:\Program Files\Crawler\Languages\STWSG_EN.cab.old
C:\Program Files\Crawler\Languages\STWSG_ES.cab
C:\Program Files\Crawler\Languages\STWSG_FF.cab
C:\Program Files\Crawler\Languages\STWSG_FR.cab
C:\Program Files\Crawler\Languages\STWSG_IT.cab
C:\Program Files\Crawler\Languages\STWSG_NL.cab
C:\Program Files\Crawler\Languages\STWSG_PT-BR.cab
C:\Program Files\Crawler\Languages\STWSG_PT.cab
C:\Program Files\Crawler\Languages\TBR5_CS.cab
C:\Program Files\Crawler\Languages\TBR5_DE.cab
C:\Program Files\Crawler\Languages\TBR5_EN.cab
C:\Program Files\Crawler\Languages\TBR5_ES.cab
C:\Program Files\Crawler\Languages\TBR5_FR.cab
C:\Program Files\Crawler\Languages\TBR5_IT.cab
C:\Program Files\Crawler\Languages\TBR5_NL.cab
C:\Program Files\Crawler\Languages\TBR5_PL.cab
C:\Program Files\Crawler\Languages\TBR5_PT-BR.cab
C:\Program Files\Crawler\Languages\TBR5_PT.cab
C:\Program Files\Crawler\Languages\TBR5_RU.cab
C:\Program Files\Crawler\Skins\6734
C:\Program Files\Crawler\Skins\95A92FFBEAB70415496FAFBCD65E1A35
C:\Program Files\Crawler\Skins\6734\skin.xml
C:\Program Files\Crawler\Skins\6734\skin1020x100.bmp
C:\Program Files\Crawler\Skins\6734\skin1020x135.bmp
C:\Program Files\Crawler\Skins\6734\skin1020x175.bmp
C:\Program Files\Crawler\Skins\6734\skin1020x70.bmp
C:\Program Files\Crawler\Skins\95A92FFBEAB70415496FAFBCD65E1A35\skin.xml
C:\Program Files\Crawler\Skins\95A92FFBEAB70415496FAFBCD65E1A35\skin1020x100.BMP
C:\Program Files\Crawler\Skins\95A92FFBEAB70415496FAFBCD65E1A35\skin1020x135.BMP
C:\Program Files\Crawler\Skins\95A92FFBEAB70415496FAFBCD65E1A35\skin1020x175.BMP
C:\Program Files\Crawler\Skins\95A92FFBEAB70415496FAFBCD65E1A35\skin1020x70.BMP
C:\Program Files\Crawler\STWSGLanguageAct\info.ini
C:\Program Files\Crawler\STWSGLanguageAct\language.ini
C:\Program Files\Crawler\TBR5LanguageAct\info.ini
C:\Program Files\Crawler\TBR5LanguageAct\language.ini
C:\Program Files\Crawler\Update\domains.cab
C:\Program Files\Crawler\WSGData\domains
C:\Program Files\Crawler\WSGData\g_S-1-5-18.dat
C:\Program Files\Crawler\WSGData\g_S-1-5-21-446135144-2737758520-2824294349-1000.dat
C:\Program Files\Crawler\WSGData\ud_S-1-5-21-446135144-2737758520-2824294349-1000.dat
C:\Program Files\Crawler\WSGData\wfilter.dat
C:\Program Files\Crawler\WSGData\w_S-1-5-18.dat
C:\Program Files\Crawler\WSGData\w_S-1-5-21-446135144-2737758520-2824294349-1000.dat
C:\Program Files\Crawler\WSGData\domains\domains_000.dat
C:\Program Files\Crawler\WSGData\domains\domains_000_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_001.dat
C:\Program Files\Crawler\WSGData\domains\domains_001_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_002.dat
C:\Program Files\Crawler\WSGData\domains\domains_002_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_003.dat
C:\Program Files\Crawler\WSGData\domains\domains_003_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_004.dat
C:\Program Files\Crawler\WSGData\domains\domains_004_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_005.dat
C:\Program Files\Crawler\WSGData\domains\domains_005_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_006.dat
C:\Program Files\Crawler\WSGData\domains\domains_006_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_007.dat
C:\Program Files\Crawler\WSGData\domains\domains_007_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_008.dat
C:\Program Files\Crawler\WSGData\domains\domains_008_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_009.dat
C:\Program Files\Crawler\WSGData\domains\domains_009_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_010.dat
C:\Program Files\Crawler\WSGData\domains\domains_010_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_011.dat
C:\Program Files\Crawler\WSGData\domains\domains_011_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_012.dat
C:\Program Files\Crawler\WSGData\domains\domains_012_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_013.dat
C:\Program Files\Crawler\WSGData\domains\domains_013_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_014.dat
C:\Program Files\Crawler\WSGData\domains\domains_014_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_015.dat
C:\Program Files\Crawler\WSGData\domains\domains_015_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_016.dat
C:\Program Files\Crawler\WSGData\domains\domains_016_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_017.dat
C:\Program Files\Crawler\WSGData\domains\domains_017_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_018.dat
C:\Program Files\Crawler\WSGData\domains\domains_018_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_019.dat
C:\Program Files\Crawler\WSGData\domains\domains_019_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_020.dat
C:\Program Files\Crawler\WSGData\domains\domains_020_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_021.dat
C:\Program Files\Crawler\WSGData\domains\domains_021_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_022.dat
C:\Program Files\Crawler\WSGData\domains\domains_022_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_023.dat
C:\Program Files\Crawler\WSGData\domains\domains_023_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_024.dat
C:\Program Files\Crawler\WSGData\domains\domains_024_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_025.dat
C:\Program Files\Crawler\WSGData\domains\domains_025_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_026.dat
C:\Program Files\Crawler\WSGData\domains\domains_026_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_027.dat
C:\Program Files\Crawler\WSGData\domains\domains_027_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_028.dat
C:\Program Files\Crawler\WSGData\domains\domains_028_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_029.dat
C:\Program Files\Crawler\WSGData\domains\domains_029_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_030.dat
C:\Program Files\Crawler\WSGData\domains\domains_030_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_031.dat
C:\Program Files\Crawler\WSGData\domains\domains_031_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_032.dat
C:\Program Files\Crawler\WSGData\domains\domains_032_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_033.dat
C:\Program Files\Crawler\WSGData\domains\domains_033_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_034.dat
C:\Program Files\Crawler\WSGData\domains\domains_034_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_035.dat
C:\Program Files\Crawler\WSGData\domains\domains_035_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_036.dat
C:\Program Files\Crawler\WSGData\domains\domains_036_diff.dat
C:\Program Files\Crawler\WSGData\domains\index.dat

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.google.com/"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Url"="http://go.microsoft.com/fwlink/?LinkId=75720"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Local Page"="C:\\Windows\\System32\\blank.htm"
"CustomizeSearch"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"SearchAssistant"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"


--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[ UAC => 1 ]


1 - "C:\ToolBar SD\TB_1.txt" - 02/12/2009|17:17 - Option : [1]

-----------\\ Fin du rapport a 17:17:01,34

Anonyme
 Posté le 02/12/2009 à 21:07 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Nouvel astucien

Bonsoir korrigane bleue,

double-clique sur le raccourci de ToolBar-S&D présent sur ton Bureau

  • Tape 2 et valide par la touche [Entrée]

/!\ Ne ferme pas la fenêtre lors de la suppression /!\

  • Un rapport sera généré.
  • Poste le rapport.

Note : Si ton bureau ne réapparaît pas, fais CTRL>ALT>SUPP pour ouvrir le Gestionnaire de tâches

  • Rends-toi à l' onglet Processus, clique en haut à gauche sur Fichiers et choisis Exécuter
  • Tape : explorer et valide. Cela le fera réapparaître.

A+

korrigane bleue
 Posté le 04/12/2009 à 15:42 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

Voilà le rapport en question; D'habitude la barre d'outils Crawler ne pose pas de souci. Par contre en faisnt Windows Defender ils disent qu'il y a quelque chose mais je n'ose pas y toucher...

-----------\\ ToolBar S&D 1.2.9 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6002 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T7500 @ 2.20GHz )
BIOS : Ver 1.00PARTTBL
USER : Katell ( Not Administrator ! )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1335 [VPS 090414-0] 4.8.1335 (Activated)
C:\ (Local Disk) - NTFS - Total:92 Go (Free:12 Go)
D:\ (Local Disk) - FAT32 - Total:465 Go (Free:223 Go)
E:\ (Local Disk) - NTFS - Total:92 Go (Free:22 Go)
F:\ (CD or DVD)
H:\ (USB) - FAT - Total:963 Mo (Free:0 Go)

"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [2] ( 04/12/2009|15:37 )

[ UAC => 1 ]

-----------\\ SUPPRESSION

Supprime! - C:\Program Files\AskBarDis\bar
Supprime! - C:\Program Files\AskBarDis\unins000.dat
Supprime! - C:\Program Files\AskBarDis\unins000.exe
Supprime! - C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Barre d'outils Crawler
Supprime! - C:\Program Files\Crawler\adrkeys.dat
Supprime! - C:\Program Files\Crawler\common_ff.dat
Supprime! - C:\Program Files\Crawler\confirm.dat
Supprime! - C:\Program Files\Crawler\ctbcomm.dll
Supprime! - C:\Program Files\Crawler\ctbr.dll
Supprime! - C:\Program Files\Crawler\CTConf.dat
Supprime! - C:\Program Files\Crawler\CTipsDef.dll
Supprime! - C:\Program Files\Crawler\CToolbar.exe
Supprime! - C:\Program Files\Crawler\CUpdate.exe
Supprime! - C:\Program Files\Crawler\Cursors
Supprime! - C:\Program Files\Crawler\Download
Supprime! - C:\Program Files\Crawler\firefox
Supprime! - C:\Program Files\Crawler\Languages
Supprime! - C:\Program Files\Crawler\lookfor.dat
Supprime! - C:\Program Files\Crawler\majorse.dat
Supprime! - C:\Program Files\Crawler\rootmenu.dat
Supprime! - C:\Program Files\Crawler\services.dat
Supprime! - C:\Program Files\Crawler\Skins
Supprime! - C:\Program Files\Crawler\STWSGLanguageAct
Supprime! - C:\Program Files\Crawler\STWSG_FF.dat
Supprime! - C:\Program Files\Crawler\TBR5LanguageAct
Supprime! - C:\Program Files\Crawler\Update
Supprime! - C:\Program Files\Crawler\WebSecurityGuard.dll
Supprime! - C:\Program Files\Crawler\WSGData
Supprime! - C:\Program Files\AskBarDis
Supprime! - C:\Program Files\Crawler

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.google.com/"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Url"="http://go.microsoft.com/fwlink/?LinkId=75720"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Local Page"="C:\\Windows\\System32\\blank.htm"
"CustomizeSearch"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"SearchAssistant"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"


--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[ UAC => 1 ]


1 - "C:\ToolBar SD\TB_1.txt" - 02/12/2009|17:17 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 04/12/2009|15:39 - Option : [2]

-----------\\ Fin du rapport a 15:39:23,94

Anonyme
 Posté le 04/12/2009 à 17:18 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Nouvel astucien
fredericx a écrit :

> ...tu as posté la moitié du rapport RSIT...

Bonjour korrigane bleue,

>

A+

korrigane bleue
 Posté le 05/12/2009 à 14:39 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

J'ai fait une visite de mon PC par Registry mechanics et il me donne toujours 2 éléments à réparer, les 2 sur IE

autrement RSIT donne ceci :

Logfile of random's system information tool 1.06 (written by random/random)
Run by Katell at 2009-12-05 14:32:27
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
System drive C: has 12 GB (13%) free of 95 GB
Total RAM: 2046 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:32:40, on 05/12/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe
C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Epson Software\Event Manager\EEventManager.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\SiteRanker\SiteRankTray.exe
C:\Program Files\HiYo\Bin\HiYo.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\Cordial\DLL_32\Integration_Cordial.exe
C:\Program Files\Registry Mechanic\RMTray.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\Netlog Music Tool\NetlogMusicTool.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
E:\LOGITECH\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
C:\Program Files\La Chaîne Météo\La Chaîne Météo.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Protector Suite QL\psqltray.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Users\Katell\AppData\Local\Temp\RoboForm\RoboTaskBarIcon.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Katell\Downloads\RSIT.exe
C:\Program Files\trend micro\Katell.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: (no name) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe /auto
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [FingerPrint] c:\windows\oemdrv\hidewin.exe c:\windows\oemdrv\fp.cmd
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe"
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [EEventManager] C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SiteRanker] "C:\Program Files\SiteRanker\SiteRankTray.exe"
O4 - HKLM\..\Run: [Hiyo] C:\Program Files\HiYo\bin\HiYo.exe /RunFromStartup
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [NokiaMusic FastStart] "C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [EPSON Stylus Photo PX700W(réseau)] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIENE.EXE /FU "C:\Windows\TEMP\E_S60B5.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Integration de Cordial] C:\PROGRAM FILES\CORDIAL\DLL_32\INTEGRATION_CORDIAL.EXE
O4 - HKCU\..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RMTray.exe /S
O4 - HKCU\..\Run: [Pareto_Update] C:\Program Files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKCU\..\Run: [Netlog Music Tool] "C:\Program Files\Netlog Music Tool\NetlogMusicTool.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-446135144-2737758520-2824294349-501\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Invité')
O4 - Startup: La Chaîne Météo.lnk = ?
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Logitech SetPoint.lnk = E:\LOGITECH\SetPoint\SetPoint.exe
O4 - Global Startup: Nikon Monitor.lnk = C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O8 - Extra context menu item: Translate with &Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/709-44555-9400-3/4 (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.fr/exec/obidos/redirect-home?tag=Toshibafrbholink-21&site=home (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix:
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega.DMFacade.Interface) - https://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab
O18 - Protocol: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NTRconnect (ntrconnect) - Net Transmit & Receive - C:\Program Files\NTR global\NTRconnect\NTRconnect.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Service SFR Gestionnaire Connexion (ServiceSFRABCD) - SFR & Celliance - C:\Program Files\SFR\Gestionnaire de Connexion SFR\SFRABCDService.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 16424 bytes

======Scheduled tasks folder======

C:\Windows\tasks\DriverCure.job
C:\Windows\tasks\GlaryInitialize.job
C:\Windows\tasks\ParetoLogic Registration.job
C:\Windows\tasks\ParetoLogic Update Version2.job
C:\Windows\tasks\User_Feed_Synchronization-{ED298705-4204-434A-A64D-450819531217}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-11-25 263280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-19 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}]
C:\PROGRA~1\INBOXT~1\Inbox.dll [2009-04-29 572416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]
{D7E97865-918F-41E4-9CD0-25AB1C574CE8} - &Inbox Toolbar - C:\PROGRA~1\INBOXT~1\Inbox.dll [2009-04-29 572416]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"KeNotify"=C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [2006-11-06 34352]
"SVPWUTIL"=C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [2006-03-22 438272]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-09-03 4702208]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2007-03-29 411192]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2006-12-07 55416]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2007-04-03 509496]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2007-05-22 538744]
"Desktop SMS"=C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe [2007-06-18 1507328]
"topi"=C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2007-07-10 581632]
"FingerPrint"=c:\windows\oemdrv\hidewin.exe [2004-09-09 28672]
"Camera Assistant Software"=C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2007-04-10 413696]
"SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-07-27 204800]
"Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe [2007-02-19 571024]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2007-02-12 174872]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-06-08 2221352]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-03-20 1451304]
"EEventManager"=C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe [2008-05-07 591696]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-08-01 13548064]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-08-01 92704]
"SiteRanker"=C:\Program Files\SiteRanker\SiteRankTray.exe [2009-06-25 273920]
"Hiyo"=C:\Program Files\HiYo\bin\HiYo.exe [2009-12-04 210288]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2009-10-02 2171904]
"NokiaMusic FastStart"=C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe [2009-11-06 2090272]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2009-06-17 55824]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-10-28 141600]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"=C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [2007-06-27 436088]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-04-16 39408]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"IncrediMail"=C:\Program Files\IncrediMail\bin\IncMail.exe [2009-08-12 271744]
"EPSON Stylus Photo PX700W(réseau)"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIENE.EXE [2008-04-07 188928]
"Integration de Cordial"=C:\PROGRAM FILES\CORDIAL\DLL_32\INTEGRATION_CORDIAL.EXE [2008-03-03 471040]
"RegistryMechanic"=C:\Program Files\Registry Mechanic\RMTray.exe [2008-07-03 812952]
"Pareto_Update"=C:\Program Files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe [2009-01-13 189808]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2009-10-02 3055616]
"Netlog Music Tool"=C:\Program Files\Netlog Music Tool\NetlogMusicTool.exe [2009-11-13 1728456]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Logitech SetPoint.lnk - E:\LOGITECH\SetPoint\SetPoint.exe
Nikon Monitor.lnk - C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe

C:\Users\Katell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
La Chaîne Météo.lnk - C:\Program Files\La Chaîne Météo\La Chaîne Météo.exe
Outil de détection de support Picture Motion Browser.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\Windows\system32\psqlpwd.dll [2006-12-03 90112]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
psqlpwd

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ntrconnect]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"FilterAdministratorToken"=1
"DisableCAD"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2f1558df-9223-11de-81c1-001b38b1adb0}]
shell\AutoRun\command - G:\SFR.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5f661691-3183-11de-a606-001b38b1adb0}]
shell\AutoRun\command - H:\PortableRoboForm.exe
shell\RoboForm2Go\command - H:\PortableRoboForm.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c6a221eb-28ca-11de-bd9a-001b38b1adb0}]
shell\AutoRun\command - D:\wd_windows_tools\setup.exe


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2009-12-02 17:16:13 ----AC---- C:\TB.txt
2009-12-02 17:15:28 ----DC---- C:\ToolBar SD
2009-12-02 17:04:52 ----A---- C:\Windows\EEventManager.INI
2009-12-02 16:56:30 ----A---- C:\Windows\NeroDigital.ini
2009-11-30 19:59:03 ----D---- C:\Program Files\La Chaîne Météo
2009-11-29 15:59:21 ----D---- C:\Program Files\Common Files\PCSuite
2009-11-29 15:57:03 ----D---- C:\Program Files\PC Connectivity Solution
2009-11-28 10:27:12 ----D---- C:\Program Files\trend micro
2009-11-28 10:27:11 ----DC---- C:\rsit
2009-11-26 13:44:43 ----A---- C:\Windows\system32\tzres.dll
2009-11-26 08:46:36 ----A---- C:\Windows\system32\msxml6.dll
2009-11-26 08:46:35 ----A---- C:\Windows\system32\msxml3.dll
2009-11-21 13:35:48 ----A---- C:\Windows\system32\javaws.exe
2009-11-21 13:35:48 ----A---- C:\Windows\system32\javaw.exe
2009-11-21 13:35:48 ----A---- C:\Windows\system32\java.exe
2009-11-18 20:59:06 ----D---- C:\Program Files\Windows Portable Devices
2009-11-18 20:41:06 ----A---- C:\Windows\system32\UIRibbonRes.dll
2009-11-18 20:41:06 ----A---- C:\Windows\system32\UIRibbon.dll
2009-11-18 20:41:06 ----A---- C:\Windows\system32\UIAnimation.dll
2009-11-18 20:40:43 ----A---- C:\Windows\system32\WMPhoto.dll
2009-11-18 20:40:42 ----A---- C:\Windows\system32\XpsRasterService.dll
2009-11-18 20:40:42 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2009-11-18 20:40:42 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-11-18 20:40:42 ----A---- C:\Windows\system32\d3d10warp.dll
2009-11-18 20:40:42 ----A---- C:\Windows\system32\cdd.dll
2009-11-18 20:40:41 ----A---- C:\Windows\system32\xpsservices.dll
2009-11-18 20:40:41 ----A---- C:\Windows\system32\XpsPrint.dll
2009-11-18 20:40:41 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-11-18 20:40:41 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-11-18 20:40:41 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-11-18 20:40:41 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-11-18 20:40:41 ----A---- C:\Windows\system32\OpcServices.dll
2009-11-18 20:40:41 ----A---- C:\Windows\system32\FntCache.dll
2009-11-18 20:40:41 ----A---- C:\Windows\system32\dxdiagn.dll
2009-11-18 20:40:41 ----A---- C:\Windows\system32\dxdiag.exe
2009-11-18 20:40:41 ----A---- C:\Windows\system32\DWrite.dll
2009-11-18 20:40:41 ----A---- C:\Windows\system32\d2d1.dll
2009-11-18 20:40:40 ----A---- C:\Windows\system32\dxgi.dll
2009-11-18 20:40:40 ----A---- C:\Windows\system32\d3d11.dll
2009-11-18 20:40:40 ----A---- C:\Windows\system32\d3d10level9.dll
2009-11-18 20:40:40 ----A---- C:\Windows\system32\d3d10core.dll
2009-11-18 20:40:40 ----A---- C:\Windows\system32\d3d10_1core.dll
2009-11-18 20:40:40 ----A---- C:\Windows\system32\d3d10_1.dll
2009-11-18 20:40:40 ----A---- C:\Windows\system32\d3d10.dll
2009-11-18 20:40:15 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2009-11-18 20:40:15 ----A---- C:\Windows\system32\wpdbusenum.dll
2009-11-18 20:40:15 ----A---- C:\Windows\system32\BthMtpContextHandler.dll
2009-11-18 20:40:10 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll
2009-11-18 20:40:09 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2009-11-18 20:40:09 ----A---- C:\Windows\system32\wpdshext.dll
2009-11-18 20:40:09 ----A---- C:\Windows\system32\WpdMtpUS.dll
2009-11-18 20:40:09 ----A---- C:\Windows\system32\WpdMtp.dll
2009-11-18 20:40:09 ----A---- C:\Windows\system32\WpdConns.dll
2009-11-18 20:40:09 ----A---- C:\Windows\system32\wpd_ci.dll
2009-11-18 20:40:08 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2009-11-18 20:40:08 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-11-18 20:40:08 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-11-18 20:40:08 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-11-18 20:40:06 ----A---- C:\Windows\system32\WPDSp.dll
2009-11-18 20:39:06 ----A---- C:\Windows\system32\oleaccrc.dll
2009-11-18 20:39:05 ----A---- C:\Windows\system32\UIAutomationCore.dll
2009-11-18 20:39:05 ----A---- C:\Windows\system32\oleacc.dll
2009-11-13 15:42:29 ----D---- C:\Program Files\Netlog Music Tool
2009-11-11 14:59:59 ----A---- C:\Windows\system32\WSDApi.dll
2009-11-08 16:33:55 ----D---- C:\Program Files\Microsoft Office Outlook Connector
2009-11-08 16:25:02 ----A---- C:\Windows\system32\d3dx9_32.dll
2009-11-08 11:10:23 ----D---- C:\Program Files\iPod

======List of files/folders modified in the last 1 months======

2009-12-05 14:32:39 ----D---- C:\Windows\Prefetch
2009-12-05 14:32:31 ----D---- C:\Windows\Temp
2009-12-05 14:23:38 ----AD---- C:\ProgramData\TEMP
2009-12-05 14:22:06 ----SHD---- C:\System Volume Information
2009-12-05 14:13:07 ----D---- C:\Program Files\Mozilla Firefox
2009-12-05 11:43:17 ----D---- C:\Windows\system32\drivers
2009-12-05 11:42:56 ----D---- C:\Windows\System32
2009-12-05 11:40:19 ----D---- C:\Users\Katell\AppData\Roaming\Spyware Terminator
2009-12-04 16:03:44 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-12-04 15:38:56 ----RD---- C:\Program Files
2009-12-04 11:45:32 ----SHD---- C:\Windows\Installer
2009-12-04 11:45:17 ----D---- C:\ProgramData\HiYo
2009-12-04 11:41:30 ----D---- C:\ProgramData\Spyware Terminator
2009-12-02 17:04:52 ----D---- C:\Windows
2009-12-02 17:00:14 ----D---- C:\Program Files\Registry Mechanic
2009-12-02 16:56:07 ----D---- C:\Windows\Tasks
2009-12-02 16:55:23 ----D---- C:\ProgramData\NVIDIA
2009-11-30 19:22:01 ----D---- C:\Windows\inf
2009-11-30 19:22:01 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-11-29 20:37:33 ----D---- C:\Windows\system32\catroot
2009-11-29 15:59:21 ----D---- C:\Program Files\Common Files
2009-11-29 15:59:08 ----D---- C:\Program Files\Common Files\Nokia
2009-11-29 15:59:03 ----D---- C:\Program Files\Nokia
2009-11-29 15:57:33 ----DC---- C:\Windows\system32\DRVSTORE
2009-11-29 15:56:01 ----D---- C:\Windows\system32\catroot2
2009-11-29 15:53:28 ----D---- C:\Windows\winsxs
2009-11-29 15:51:56 ----D---- C:\ProgramData\Installations
2009-11-26 14:31:57 ----D---- C:\Windows\rescache
2009-11-26 13:45:26 ----D---- C:\Windows\system32\fr-FR
2009-11-26 11:52:20 ----D---- C:\Windows\Globalization
2009-11-26 11:52:12 ----RSD---- C:\Windows\assembly
2009-11-26 11:51:47 ----RSD---- C:\Windows\Fonts
2009-11-25 00:54:29 ----A---- C:\Windows\system32\aswBoot.exe
2009-11-21 13:35:46 ----D---- C:\Program Files\Java
2009-11-18 21:18:27 ----D---- C:\Windows\system32\Tasks
2009-11-18 20:59:06 ----D---- C:\Windows\system32\wbem
2009-11-18 20:59:02 ----D---- C:\Windows\system32\zh-HK
2009-11-18 20:59:02 ----D---- C:\Windows\system32\uk-UA
2009-11-18 20:59:02 ----D---- C:\Windows\system32\sl-SI
2009-11-18 20:59:02 ----D---- C:\Windows\system32\pt-PT
2009-11-18 20:59:02 ----D---- C:\Windows\system32\pt-BR
2009-11-18 20:59:02 ----D---- C:\Windows\system32\pl-PL
2009-11-18 20:59:02 ----D---- C:\Windows\system32\nl-NL
2009-11-18 20:59:02 ----D---- C:\Windows\system32\ko-KR
2009-11-18 20:59:02 ----D---- C:\Windows\system32\it-IT
2009-11-18 20:59:02 ----D---- C:\Windows\system32\hu-HU
2009-11-18 20:59:02 ----D---- C:\Windows\system32\hr-HR
2009-11-18 20:59:02 ----D---- C:\Windows\system32\he-IL
2009-11-18 20:59:02 ----D---- C:\Windows\system32\el-GR
2009-11-18 20:59:02 ----D---- C:\Windows\system32\bg-BG
2009-11-18 20:59:01 ----D---- C:\Windows\system32\zh-TW
2009-11-18 20:59:01 ----D---- C:\Windows\system32\zh-CN
2009-11-18 20:59:01 ----D---- C:\Windows\system32\tr-TR
2009-11-18 20:59:01 ----D---- C:\Windows\system32\th-TH
2009-11-18 20:59:01 ----D---- C:\Windows\system32\sv-SE
2009-11-18 20:59:01 ----D---- C:\Windows\system32\sr-Latn-CS
2009-11-18 20:59:01 ----D---- C:\Windows\system32\sk-SK
2009-11-18 20:59:01 ----D---- C:\Windows\system32\ro-RO
2009-11-18 20:59:01 ----D---- C:\Windows\system32\lv-LV
2009-11-18 20:59:01 ----D---- C:\Windows\system32\lt-LT
2009-11-18 20:59:01 ----D---- C:\Windows\system32\ja-JP
2009-11-18 20:59:01 ----D---- C:\Windows\system32\fi-FI
2009-11-18 20:59:01 ----D---- C:\Windows\system32\et-EE
2009-11-18 20:59:01 ----D---- C:\Windows\system32\es-ES
2009-11-18 20:59:01 ----D---- C:\Windows\system32\de-DE
2009-11-18 20:59:01 ----D---- C:\Windows\system32\cs-CZ
2009-11-18 20:59:01 ----D---- C:\Windows\system32\ar-SA
2009-11-18 20:59:00 ----D---- C:\Windows\system32\ru-RU
2009-11-18 20:59:00 ----D---- C:\Windows\system32\nb-NO
2009-11-18 20:59:00 ----D---- C:\Windows\system32\en-US
2009-11-18 20:59:00 ----D---- C:\Windows\system32\da-DK
2009-11-15 20:13:51 ----D---- C:\Windows\system32\config
2009-11-13 19:41:41 ----D---- C:\Windows\Debug
2009-11-13 19:19:27 ----RD---- C:\Users
2009-11-13 15:42:30 ----D---- C:\Program Files\Windows Media Player
2009-11-12 08:13:55 ----D---- C:\Program Files\Windows Mail
2009-11-11 21:44:25 ----D---- C:\ProgramData\Microsoft Help
2009-11-08 16:58:08 ----D---- C:\Windows\Microsoft.NET
2009-11-08 16:33:56 ----D---- C:\Program Files\Common Files\System
2009-11-08 16:33:20 ----D---- C:\Program Files\Windows Live
2009-11-08 11:11:10 ----D---- C:\Program Files\iTunes
2009-11-08 11:10:23 ----D---- C:\Program Files\Common Files\Apple

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-11-25 23120]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-08-17 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\Windows\system32\drivers\sp_rsdrv2.sys [2009-10-02 142592]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-11-25 53328]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-09-05 1953944]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2009-06-17 35472]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2009-06-17 37392]
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2009-06-17 28560]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-08-01 7549568]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-04-30 81408]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-03-20 208688]
R3 TcUsb;TC USB Kernel Driver; C:\Windows\System32\Drivers\tcusb.sys [2006-12-03 39056]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128]
R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2007-01-24 290304]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 9216]
R3 usbvideo;Chicony USB 2.0 Camera; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 134016]
R3 UVCFTR;UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [2007-04-16 11776]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S3 athr;Pilote de périphérique LAN sans fil extensible Atheros; C:\Windows\system32\DRIVERS\athr.sys [2006-11-02 467456]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\E:\Program files\EVEREST Home Edition\kerneld.wnt [2005-08-17 7168]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 massfilter;ZTE Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys [2008-10-29 7680]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw4v32;Pilote de carte Intel(R) Wireless WiFi Link pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-04-26 2216448]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys []
S3 TpChoice;Touch Pad Detection Filter driver; C:\Windows\system32\DRIVERS\TpChoice.sys []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys []
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 YMIDUSB;YAMAHA Corporation USB MIDI Driver; C:\Windows\System32\Drivers\ymidusb.sys [2003-01-22 169088]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys [2008-10-15 104960]
S3 ZTEusbnet;ZTE USB-NDIS miniport; C:\Windows\system32\DRIVERS\ZTEusbnet.sys [2008-10-13 110080]
S3 ZTEusbnmea;ZTE NMEA Port; C:\Windows\system32\DRIVERS\ZTEusbnmea.sys [2008-10-29 105344]
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\Windows\system32\DRIVERS\ZTEusbser6k.sys [2008-10-15 104960]
S3 ZTEusbvoice;ZTE VoUSB Port; C:\Windows\system32\DRIVERS\ZTEusbvoice.sys [2008-10-15 104960]
S4 KR10I;KR10I; C:\Windows\system32\drivers\kr10i.sys [2007-01-18 219392]
S4 KR10N;KR10N; C:\Windows\system32\drivers\kr10n.sys [2007-01-18 211072]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7; C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-09-16 169312]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2006-11-14 40960]
R2 EpsonBidirectionalService;EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [2006-12-19 94208]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2007-02-12 355096]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
R2 ntrconnect;NTRconnect; C:\Program Files\NTR global\NTRconnect\NTRconnect.exe [2008-06-10 114688]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-08-01 196608]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 ServiceSFRABCD;Service SFR Gestionnaire Connexion; C:\Program Files\SFR\Gestionnaire de Connexion SFR\SFRABCDService.exe [2009-03-20 621184]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2009-10-02 487424]
R2 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe [2007-08-01 77824]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2006-05-25 114688]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2007-03-29 427576]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-25 125048]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-10-28 545568]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-04-16 651720]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-16 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe [2009-07-20 121360]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]

-----------------EOF-----------------

Que dois-je faire ? D'autre part la Windows Live Toolbar est partie...C'est désespérant...

Anonyme
 Posté le 05/12/2009 à 15:17 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Nouvel astucien
korrigane bleue a écrit :

> D'habitude la barre d'outils Crawler ne pose pas de souci.

Bonjour korrigane bleue,

> http://www.memoclic.com/forum/100295-fenetre-web-security-guard-warning/

1) Télécharge :
CCleaner - Slim : http://www.ccleaner.com/download/builds.aspx
Lance-le puis clique sur Options>Avancé et décoche Effacer uniquement les fichiers Temp de Windows datant de+ de 24 heures. Laisse-le avec ses réglages par défaut et ferme le programme pour l' instant.
Tuto : http://www.pcastuces.com/pratique/securite/nettoyer_windows/page1.htm

Malwarebytes' Anti-Malware : ICI
Lance-le et une fois l' exécutable téléchargé, double-clique sur mbam-setup.exe, l' installation commence. Laisse-toi guider par l' assistant : Choix de la langue, acceptation de la licence, dossier par défaut... Pense à cocher la case Créer une icône sur le Bureau. Tu arrives à présent à la fin de l' installation, ferme le programme pour l' instant.

2) Lance CCleaner :
Dans le menu Nettoyeur, clique sur Analyse (laisse-le travailler, cela peut durer longtemps).
Puis clique sur le bouton Lancer le nettoyage.
Fais cela plusieurs fois et ferme CCleaner

3) Lance Malwarebytes' Anti-Malware :
Tuto : https://forum.pcastuces.com/malwarebytes_anti_malware____scan_rapide-f31s27.htm

4) Poste le rapport Malwarebytes' Anti-Malware.

A+

Publicité
korrigane bleue
 Posté le 07/12/2009 à 13:57 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

Voici le rapport en question. Merci de vos tuyaux ; je vais me coucher car je suis malade . @ +,

Malwarebytes' Anti-Malware 1.42
Version de la base de données: 3308
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18828

07/12/2009 12:07:40
mbam-log-2009-12-07 (12-07-40).txt

Type de recherche: Examen complet (C:\|D:\|E:\|)
Eléments examinés: 474741
Temps écoulé: 2 hour(s), 25 minute(s), 45 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

Anonyme
 Posté le 08/12/2009 à 00:25 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Nouvel astucien
korrigane bleue a écrit :

> je vais me coucher car je suis malade .

Bonsoir korrigane bleue,

>

Fais un scan antivirus avec Antivir.
Tuto : http://www.libellules.ch/tuto_antivir.php
Poste le rapport.

A+

korrigane bleue
 Posté le 08/12/2009 à 19:07 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

Bonsoir,

Je peux faire un scan avec avast car j'ai la fonction avast pro. En effet ils me disent que ce n'est pas compatible avec cette version de windows...

Anonyme
 Posté le 08/12/2009 à 23:20 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Nouvel astucien
korrigane bleue a écrit :

> En effet ils me disent que ce n'est pas compatible avec cette version de windows...

Bonsoir korrigane bleue,

>

Fais un scan antivirus en ligne avec BitDefender.
Tuto : https://forum.pcastuces.com/bitdefender_online_scanner___tutoriel-f31s46.htm
Poste le rapport.

A+

korrigane bleue
 Posté le 13/12/2009 à 18:04 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

Bonsoir,

j'ai chopé une saloperie et j'étais au fond de mon lit, c'est la raison qui m'a fait tarder de répondre. Si j'essaie d'installer bit defender, il me dit de virer avast, alors que j'ai la version pro que j'ai acheté pour 2 ans. je fais quoi sachant qu'il y a des docs pour le boulot ????

Anonyme
 Posté le 13/12/2009 à 18:13 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Nouvel astucien
korrigane bleue a écrit :

> Si j'essaie d'installer bit defender, il me dit de virer avast, alors que j'ai la version pro que j'ai acheté pour 2 ans.

Bonsoir korrigane bleue,

> C' est impossible car c' est un scan en ligne...

Fais un scan avec Avast et poste le rapport.

A+

korrigane bleue
 Posté le 19/12/2009 à 19:28 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

Bonsoir,

J'ai eu un mal de chien car je n'arrivais pas à enregistrer les rapports. Les voici :

1°) AVAST erreurs de scan

25/10/2009 16:33:41 SYSTEM 1732 AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\Users\Katell\AppData\Local\Temp\~DFAB32.tmp failed, 00000008.
11/11/2009 20:20:21 SYSTEM 1708 AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\Users\Katell\AppData\Local\Temp\OneNoteRuntimeCache\OneNoteRuntimeCache.onecache failed, 00000005.
23/11/2009 08:13:28 SYSTEM 1720 AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\Windows\System32\conime.exe failed, 00000005.
04/12/2009 15:38:13 SYSTEM 1704 AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\Users\Katell\AppData\Roaming\Mozilla\Firefox\Profiles\fbq90wv6.default\places.sqlite failed, 00000005.

2°)Avast avis

10/05/2009 18:31:33 SYSTEM 1688 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
10/06/2009 08:28:18 SYSTEM 1704 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: C:\Windows\System32\conime.exe (C:\Windows\System32\conime.exe) returning error, 00000005.
14/06/2009 17:25:21 SYSTEM 1676 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
11/07/2009 10:44:33 SYSTEM 1704 Sign of "JS:Redirector-H4 [Trj]" has been found in "http://www.etab.ac-caen.fr/college.jean-rostand/pageeleve.htm" file.
11/07/2009 10:45:07 SYSTEM 1704 Sign of "JS:Redirector-H4 [Trj]" has been found in "http://www.etab.ac-caen.fr/college.jean-rostand/pageeleve.htm" file.
11/07/2009 10:49:45 SYSTEM 1704 Sign of "JS:Redirector-H4 [Trj]" has been found in "http://www.etab.ac-caen.fr/college.jean-rostand/pageeleve.htm" file.
11/07/2009 10:49:51 SYSTEM 1704 Sign of "JS:Redirector-H4 [Trj]" has been found in "C:\Users\Katell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OAL1VLH1\pageeleve[1].htm" file.
11/07/2009 10:51:02 SYSTEM 1704 Sign of "JS:Redirector-H4 [Trj]" has been found in "http://jpalexandre.chez-alice.fr/" file.
11/07/2009 11:01:11 SYSTEM 1704 Sign of "JS:Redirector-H4 [Trj]" has been found in "http://www.etab.ac-caen.fr/college.jean-rostand/pageeleve.htm" file.
11/07/2009 11:01:14 SYSTEM 1704 Sign of "JS:Redirector-H4 [Trj]" has been found in "C:\Users\Katell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\IRIRXM1Q\pageeleve[1].htm" file.
11/07/2009 11:01:30 SYSTEM 1704 Sign of "JS:Redirector-H4 [Trj]" has been found in "http://www.etab.ac-caen.fr/college.jean-rostand/pageeleve.htm" file.
11/07/2009 11:01:32 SYSTEM 1704 Sign of "JS:Redirector-H4 [Trj]" has been found in "C:\Users\Katell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LYMMO5SV\pageeleve[1].htm" file.
26/07/2009 23:18:38 SYSTEM 1680 Sign of "HTML:IFrame-EE [Trj]" has been found in "http://perso.numericable.fr/soyerandre/niala.reyos/angers/guichard.html" file.
26/07/2009 23:18:38 SYSTEM 1680 Sign of "HTML:IFrame-EE [Trj]" has been found in "http://perso.numericable.fr/soyerandre/niala.reyos/angers/guichard.html" file.
26/07/2009 23:18:46 SYSTEM 1680 Sign of "HTML:IFrame-EE [Trj]" has been found in "http://perso.numericable.fr/soyerandre/niala.reyos/angers/guichard.html" file.
26/07/2009 23:18:50 SYSTEM 1680 Sign of "HTML:IFrame-EE [Trj]" has been found in "http://perso.numericable.fr/soyerandre/niala.reyos/angers/guichard.html" file.
26/07/2009 23:18:54 SYSTEM 1680 Sign of "HTML:IFrame-EE [Trj]" has been found in "http://perso.numericable.fr/soyerandre/niala.reyos/angers/guichard.html" file.
12/09/2009 13:44:34 SYSTEM 2040 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: H:\Phoebus\Thabor dimanche 25 juillet 2009 080.JPG (H:\Phoebus\Thabor dimanche 25 juillet 2009 080.JPG) returning error, 00000570.
H:\Phoebus\03-08-2009 0.JPG (H:\Phoebus\03-08-2009 0.JPG) returning error, 00000570.
12/09/2009 13:57:09 SYSTEM 1960 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: H:\Phoebus\Thabor dimanche 25 juillet 2009 080.JPG (H:\Phoebus\Thabor dimanche 25 juillet 2009 080.JPG) returning error, 00000570.
12/09/2009 14:06:24 SYSTEM 1960 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: H:\CLE 16/09/2009 08:29:44 SYSTEM 1920 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: C:\Windows\System32\conime.exe (C:\Windows\System32\conime.exe) returning error, 00000005.
23/09/2009 08:57:10 SYSTEM 1976 Function setifaceUpdatePackages() has failed. Return code is 0xC0000142, dwRes is C0000142.
25/10/2009 16:32:40 SYSTEM 1732 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: C:\Users\Katell\AppData\Local\IM\Lex\IMSTP12.gif (C:\Users\Katell\AppData\Local\IM\Lex\IMSTP12.gif) returning error, 00000008.
25/10/2009 16:33:42 SYSTEM 1732 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: C:\Users\Katell\AppData\Local\Temp\~DFAB32.tmp (C:\Users\Katell\AppData\Local\Temp\~DFAB32.tmp) returning error, 00000008.
25/10/2009 16:34:32 SYSTEM 1732 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: C:\Users\Katell\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{75703780-C170-11DE-8063-001B38B1ADB0}.dat (C:\Users\Katell\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{75703780-C170-11DE-8063-001B38B1ADB0}.dat) returning error, 00000008.
11/11/2009 20:20:21 SYSTEM 1708 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: C:\Users\Katell\AppData\Local\Temp\OneNoteRuntimeCache\OneNoteRuntimeCache.onecache (C:\Users\Katell\AppData\Local\Temp\OneNoteRuntimeCache\OneNoteRuntimeCache.onecache) returning error, 00000005.
12/11/2009 18:33:21 SYSTEM 1960 Sign of "HTML:Script-inf" has been found in "http://h1.ripway.com/HenryCANAAN/Poesie_vit_pour_lavie_philippe2.mp3" file.
23/11/2009 08:13:28 SYSTEM 1720 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: C:\Windows\System32\conime.exe (C:\Windows\System32\conime.exe) returning error, 00000005.
04/12/2009 15:38:13 SYSTEM 1704 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: C:\Users\Katell\AppData\Roaming\Mozilla\Firefox\Profiles\fbq90wv6.default\places.sqlite (C:\Users\Katell\AppData\Roaming\Mozilla\Firefox\Profiles\fbq90wv6.default\places.sqlite) returning error, 00000005.
05/12/2009 19:26:56 Katell 1816 Sign of "Win32:Induc" has been found in "D:\Documents\Informatique\Install Logiciel\gusetup.exe\{app}\encryptexe.exe" file.
05/12/2009 19:27:20 Katell 1816 Sign of "Win32:Induc" has been found in "D:\Documents\Informatique\Install Logiciel\gusetup.exe\{app}\joinexe.exe" file.
09/12/2009 19:22:34 1720 Function setifaceUpdatePackages() has failed. Return code is 0xC0000142, dwRes is C0000142.
16/12/2009 14:18:37 SYSTEM 1720 Sign of "Win32:Malware-gen" has been found in "C:\Windows\System32\spool\drivers\w32x86\3\E_FASKENE.DLL" file.
16/12/2009 14:48:34 Katell 8588 Sign of "Win32:Malware-gen" has been found in "C:\Program Files\Alwil Software\Avast4\DATA\moved\E_FASKENE.DLL.vir" file.
16/12/2009 15:21:26 Katell 8588 Sign of "Win32:Malware-gen" has been found in "C:\Windows\System32\DriverStore\FileRepository\e_df1ene.inf_9f4c23a0\WINVISTA_XP_2K\EBAPI4.DLL" file.
16/12/2009 15:21:47 Katell 8588 Sign of "Win32:Malware-gen" has been found in "C:\Windows\System32\DriverStore\FileRepository\e_df1ene.inf_9f4c23a0\WINVISTA_XP_2K\EBAPI5.DLL" file.
16/12/2009 15:21:48 Katell 8588 Sign of "Win32:Malware-gen" has been found in "C:\Windows\System32\DriverStore\FileRepository\e_df1ene.inf_9f4c23a0\WINVISTA_XP_2K\EBAPI6.DLL" file.
16/12/2009 15:21:48 Katell 8588 Sign of "Win32:Trojan-gen" has been found in "C:\Windows\System32\DriverStore\FileRepository\e_df1ene.inf_9f4c23a0\WINVISTA_XP_2K\EBPBIDI.DLL" file.
16/12/2009 15:21:48 Katell 8588 Sign of "Win32:Trojan-gen" has been found in "C:\Windows\System32\DriverStore\FileRepository\e_df1ene.inf_9f4c23a0\WINVISTA_XP_2K\EBPBIDI6.DLL" file.
16/12/2009 15:21:53 Katell 8588 Sign of "Win32:Malware-gen" has been found in "C:\Windows\System32\DriverStore\FileRepository\e_df1ene.inf_9f4c23a0\WINVISTA_XP_2K\E_SKU327.DLL" file.
16/12/2009 15:27:27 Katell 8588 Sign of "Win32:Malware-gen" has been found in "C:\Windows\System32\spool\drivers\w32x86\3\EBAPI4.DLL" file.
16/12/2009 15:27:29 Katell 8588 Sign of "Win32:Trojan-gen" has been found in "C:\Windows\System32\spool\drivers\w32x86\3\EBPBIDI.DLL" file.
16/12/2009 15:27:29 Katell 8588 Sign of "Win32:Malware-gen" has been found in "C:\Windows\System32\spool\drivers\w32x86\3\E_FBA6ENE.DLL" file.
16/12/2009 15:27:29 Katell 8588 Sign of "Win32:Malware-gen" has been found in "C:\Windows\System32\spool\drivers\w32x86\3\E_FBAPENE.DLL" file.
16/12/2009 15:27:30 Katell 8588 Sign of "Win32:Trojan-gen" has been found in "C:\Windows\System32\spool\drivers\w32x86\3\E_FBL6ENE.DLL" file.
16/12/2009 15:27:41 Katell 8588 Sign of "Win32:Malware-gen" has been found in "C:\Windows\System32\spool\drivers\w32x86\PCC\e_df1ene.inf_9f4c23a0.cab\WINVISTA_XP_2K\EBAPI4.DLL" file.
16/12/2009 15:27:41 Katell 8588 Sign of "Win32:Malware-gen" has been found in "C:\Windows\System32\spool\drivers\w32x86\PCC\e_df1ene.inf_9f4c23a0.cab\WINVISTA_XP_2K\EBAPI5.DLL" file.
16/12/2009 15:27:41 Katell 8588 Sign of "Win32:Malware-gen" has been found in "C:\Windows\System32\spool\drivers\w32x86\PCC\e_df1ene.inf_9f4c23a0.cab\WINVISTA_XP_2K\EBAPI6.DLL" file.
16/12/2009 15:27:41 Katell 8588 Sign of "Win32:Trojan-gen" has been found in "C:\Windows\System32\spool\drivers\w32x86\PCC\e_df1ene.inf_9f4c23a0.cab\WINVISTA_XP_2K\EBPBIDI.DLL" file.
16/12/2009 15:27:41 Katell 8588 Sign of "Win32:Trojan-gen" has been found in "C:\Windows\System32\spool\drivers\w32x86\PCC\e_df1ene.inf_9f4c23a0.cab\WINVISTA_XP_2K\EBPBIDI6.DLL" file.
16/12/2009 15:27:45 Katell 8588 Sign of "Win32:Malware-gen" has been found in "C:\Windows\System32\spool\drivers\w32x86\PCC\e_df1ene.inf_9f4c23a0.cab\WINVISTA_XP_2K\E_SKU327.DLL" file.
19/12/2009 12:13:35 Katell 6732 Sign of "NSIS:FakeInst-C [Trj]" has been found in "D:\Downloads\LOGICIELS SET UP\install_wlsetupweb.exe\nsis.hdr" file.
19/12/2009 12:34:06 Katell 6732 Sign of "NSIS:FakeInst-C [Trj]" has been found in "D:\TOSHIBA B1\Memeo\Sauvegarde de Katell\C_\Users\Katell\Downloads\LOGICIELS SET UP\install_wlsetupweb.exe\nsis.hdr" file.
19/12/2009 15:34:15 Katell 6732 Sign of "NSIS:FakeInst-C [Trj]" has been found in "D:\SAUVEGARDE -04_09\Mme Durey\Katell\Downloads\LOGICIELS SET UP\install_wlsetupweb.exe\nsis.hdr" file.
19/12/2009 17:38:39 Katell 6732 Sign of "NSIS:FakeInst-E [Adw]" has been found in "D:\Téléchargemnts 1S 2008\install_CCleaner_.exe\nsis.hdr" file.

3°) mises à jour automatiques

.
29/11/2009 19:39:08 SYSTEM 1720 The virus database (VPS 091129-1) was automatically updated.
30/11/2009 17:22:14 SYSTEM 1708 The virus database (VPS 091130-0) was automatically updated.
30/11/2009 19:55:06 SYSTEM 1720 The virus database (VPS 091130-1) was automatically updated.
02/12/2009 10:16:29 SYSTEM 1700 The virus database (VPS 091201-1) was automatically updated.
02/12/2009 14:23:01 SYSTEM 1700 The virus database (VPS 091202-0) was automatically updated.
04/12/2009 11:41:13 SYSTEM 1704 There is a new version of the program available on the Internet.
05/12/2009 11:41:06 SYSTEM 1724 There is a new version of the program available on the Internet.
06/12/2009 19:41:24 SYSTEM 1700 The virus database (VPS 091206-0) was automatically updated.
07/12/2009 09:08:59 SYSTEM 1724 The virus database (VPS 091206-1) was automatically updated.
07/12/2009 15:50:30 SYSTEM 1712 The virus database (VPS 091207-0) was automatically updated.
08/12/2009 18:35:04 SYSTEM 1700 The virus database (VPS 091208-0) was automatically updated.
09/12/2009 13:14:58 SYSTEM 1724 The virus database (VPS 091209-0) was automatically updated.
11/12/2009 09:59:41 SYSTEM 1696 The virus database (VPS 091210-1) was automatically updated.
11/12/2009 18:05:46 SYSTEM 1696 The virus database (VPS 091211-0) was automatically updated.
12/12/2009 10:03:13 SYSTEM 1716 The virus database (VPS 091212-0) was automatically updated.
13/12/2009 15:19:59 SYSTEM 1712 The virus database (VPS 091213-0) was automatically updated.
14/12/2009 17:23:40 SYSTEM 1712 The virus database (VPS 091214-0) was automatically updated.
15/12/2009 07:40:55 SYSTEM 1716 The virus database (VPS 091214-1) was automatically updated.
16/12/2009 10:03:57 SYSTEM 1720 The virus database (VPS 091215-0) was automatically updated.
16/12/2009 14:09:21 SYSTEM 1720 The virus database (VPS 091216-0) was automatically updated.
18/12/2009 07:36:06 SYSTEM 1724 The virus database (VPS 091217-1) was automatically updated.
18/12/2009 18:06:06 SYSTEM 1716 The virus database (VPS 091218-0) was automatically updated.
18/12/2009 23:45:57 SYSTEM 1724 The virus database (VPS 091218-1) was automatically updated.
19/12/2009 17:23:58 SYSTEM 1716 The virus database (VPS 091219-0) was automatically updated.

4°)Malwarebytes rapport

Malwarebytes' Anti-Malware 1.42
Version de la base de données: 3374
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18865

18/12/2009 22:35:56
mbam-log-2009-12-18 (22-35-56).txt

Type de recherche: Examen complet (C:\|D:\|E:\|)
Eléments examinés: 481484
Temps écoulé: 2 hour(s), 13 minute(s), 31 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 3

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
D:\Documents\Informatique\Installation logiciels\111_Icones.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
D:\Documents\Informatique\Installation logiciels\Installation_Calendrier_2008.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
D:\Documents\Informatique\Installation logiciels\Installation_DigiClock.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Il y a des liens avec un bahut qui étaient corrompus, je n'ai pas compris car c'était la prof d'Allemand de ma fille qui avait demandé de se connecter là car il y avait des exercices pour jouer et apprendre..

Faut il que je supprime de la machine les journaux et que je ne garde que les derniers ???Registry Mechanics me dit que les deux clés dont j'avais parlé ne sont toujours pas réparées, c'est avec IE 8.pour le site internet de la boîte je ne peux malheureusement pas utiliser Firefox.

Anonyme
 Posté le 21/12/2009 à 20:05 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Nouvel astucien
Page : [1] 
Page 1 sur 1

Vous devez être connecté pour poster des messages. Cliquez ici pour vous identifier.

Vous n'avez pas de compte ? Créez-en un gratuitement !


Sujets relatifs
Démarrage très lent, encore + récemment (écran noir trés long)
ecran noir, démarrage bloqué sur uefi
PC Portable lent, démarrage difficile et écran qui "saute"
Ecran noir au demarrage XP
ecran noir demarrage windows 7
Ecran qui se fige puis écran noir même au démarrage
ordi lent au demarrage
a chaque demarrage xp ordi tres lent durant 20 min
ecran noir avec message au demarrage
Ecran noir Internet, bureau, vidéo ordi s'éteint
Plus de sujets relatifs à Ordi lent, écran noir au démarrage
 > Tous les forums > Forum Sécurité