pkcl
-
Compteur de contenus
15 -
Inscription
-
Dernière visite
pkcl's Achievements
Junior Member (3/12)
0
Réputation sur la communauté
-
meilleur comparatif d'anti virus http://www.av-comparatives.org/seiten/ergebnisse_2008_11.php Meilleur comparatif de firewall http://www.matousec.com/projects/firewall-...nge/results.php Nod 32 security suite fait anti virus + firewall, mais n'est pas très bon. En revanche Nod 32 anti virus seul et payant est excellent. pour ma part, j'utilise Antivir gratuit (toujours parmis les meilleurs anti virus) + online armor firewall gratuit (toujours dans les meilleurs firewall) et 0 problème
-
D'après le dernier comparatif d'antivirus paru le 15 sept, Antivir semble être le meilleur, à égalité avec GData. http://www.av-comparatives.org/
-
Le dernier test AV COMPARATIV publié le 15 sept, bouscule un peu la hiérarchie des anti-virus. Antivir et G Data sont les mieux notés. http://www.av-comparatives.org/
-
[En parti résolu] Ecran bleu aléatoire sous vista
pkcl a répondu à un(e) sujet de slkn dans Windows Vista
Regardes ce site. Il te donnera l'interprétation des erreurs : http://www.docmemo.com/windows/erreursstop.php Sinon fait ce que t'a conseillé Ticlou, teste tes barettes mémoire avec memtest. Relis bien le post que je t'ai envoyé avec les conseils de Gof. Fait un sfc /scannow. n'hésite pas à désinstaller un prog et le le réinstaller avec la dernière version, donc les derniers pilotes, notamment Java. -
[En parti résolu] Ecran bleu aléatoire sous vista
pkcl a répondu à un(e) sujet de slkn dans Windows Vista
Tu as raison Désolé -
[En parti résolu] Ecran bleu aléatoire sous vista
pkcl a répondu à un(e) sujet de slkn dans Windows Vista
http://forum.zebulon.fr/index.php?showtopi...hl=ecrans+bleus Je ne sais pas si ce lien pourra t'aider, mais j'avais les mêmes problèmes que toi. Depuis 2 semaines je n'ai eu que 2 écrans bleus, alors que j'en avais 5/6 par jours!!! C'est un problème de pilote.Je pense qu'il y a un ou plusieurs pilotes qui provoquent cela. Commence avec des choses simples comme un sfc /scannow ou remettre ton disque d'installe de Vista et réparer. Je pense que malheureusement, il te faudra attendre la mi mars pour le SP1 de Vista afin de stabiliser vraiment le problème. Tu peux aussi aller sur ce site pour voir quels sont les mises à jour qui te manquent: http://secunia.com/software_inspector/ N'hésite pas à désinstaller un soft qui te semble être à l'origine de ton problème (azureus) et à le réinstaller. Tu devrais d'ailleurs essayer µtorrent à la place d'azureus (moins lourd). -
[Résolu]Ecrans bleus à répétition
pkcl a répondu à un(e) sujet de pkcl dans Analyses et éradication malwares
Tu as probablement raison. en revanche je suis bien incapable de savoir lequel posait problème. Toujours est t'il, qu'aujourd'hui mon problème qui durai depuis plusieurs mois est résolu, et je t'en remercie. -
Salut, Je ne sais pas si cela peut t'être utile, mais j'avais le même problème depuis plusieurs mois. Sur les conseils de Gof, j'ai désinstallé Java, et réinstallé la dernière version. J'ai aussi fait un scannow, et depuis tout marche parfaitement. avant cela j'avais essayé 1001 trucs, mais rien n'y faisait.
-
[Résolu]Amis Zébulonniens, j'ai besoins de vos conseils
pkcl a répondu à un(e) sujet de cyrilcvcf dans J'ai rien à dire mais j'le dis quand même
C'est bien que tu te sois décidé, sinon le meilleur casque au monde c'est l'UM2 de Westone. Peut être vois tu certains chanteurs à la télé avec un casque pour le retour...C'est l'UM2. Peut être as tu déjà vu Madona faire son jogging avec un casque... C'est l'UM2, etc... http://www.westone.com/hearing/UFIMM/Unive...s_Monitors.html Sinon tu as aussi Shure et Etymotic http://www.shure.com/PersonalAudio/Product...hones/index.htm http://www.etymotic.com/ephp/er6i.aspx Voila tu as les 3 meilleurs casques du monde: Westone / Etymotic / Shure -
[Résolu]Ecrans bleus à répétition
pkcl a répondu à un(e) sujet de pkcl dans Analyses et éradication malwares
Bonjour Gof, J'étais absent quelques jours, et de plus j'ai aussi voulu appliquer tous tes conseils durant quelques jours, pour être bien sur. En ce qui concerne les drivers, ceux installés sur mon ordi sont plus récents que ceux proposés. en revanche, j'ai désinstallé plusieurs drivers, puis réinstallé, ainsi que Java comme tu me l'avais suggéré. J'ai réinstallé la dernière version (Java), et depuis quelques jours.... plus aucun écran bleu!!! Je pense que tu avais vu juste avec Java. Je vais malgré tout attendre le SP1 de Vista, qui je l'espère va enfin stabiliser le système. En tous les cas, je te remercie énormément pour tes conseils judicieux, ta patience et ton professionnalisme. -
Bonjour McFive, Regardes à cette adresse: http://www.generation-nt.com/explorer-expl...ce-24642-1.html Je pense que tu trouveras la solution à ton problème. Si d'aventure cela ne marchait pas, je te conseille d'attendre le 15/02, le SP1, car au vu des nombreux utilisateurs de Vista connaissant le même problème que le tien, je pense que MS apportera le correctif nécessaire.
-
[Résolu]Ecrans bleus à répétition
pkcl a répondu à un(e) sujet de pkcl dans Analyses et éradication malwares
Bonjour Pear, J'ai commencé par là. Je tourne sous Vista Business (légal), et je fais toutes les mises à jours windows, ATI, etc... Maintenant, effectivement, peut être en ai-je oublié un, ou peut être que j'ai installé 1 pilote inadapté? Pour le savoir, Driver Genious est t'il l'outil adapté? Merci -
[Résolu]Ecrans bleus à répétition
pkcl a répondu à un(e) sujet de pkcl dans Analyses et éradication malwares
Oui tu as raison pour la version d'Outpost, elle était piratée car j'ai voulu tester plusieurs firewall, donc... J'avais très envie de Comodo, mais les avis un peu négatifs de Clubic m'en avait tout d'abord dissuadé. Cela dit j'ai tout essayé pour en supprimer toutes les traces, mais je n'y suis pas parvenu. Je te remercie de ton aide mais j'aime comprendre ce que je fais. Pourquoi m'as tu demandé de désinstaller Java6 update 2 & Dynamic Sécurity Agent 2.0? Aujourd'hui j'ai eu 2 nouveaux écrans bleus. Le traditionnel 0x0000007F et un nouveau!!! 0x00000024 qui semble confirmer un problème matériel et/ou logiciel. Concernant le scan Nod32, je pense que tu avais raison, il n'a rien trouvé. # version=4 # OnlineScanner.ocx=1.0.0.56 # OnlineScannerDLLA.dll=1, 0, 0, 51 # OnlineScannerDLLW.dll=1, 0, 0, 51 # OnlineScannerUninstaller.exe=1, 0, 0, 49 # vers_standard_module=2825 (20080127) # vers_arch_module=1.063 (20080117) # vers_adv_heur_module=1.060 (20070601) # EOSSerial=55afd85892bbc243848ce8dc62bba0ec # end=finished # remove_checked=false # unwanted_checked=false # utc_time=2008-01-27 01:33:05 # local_time=2008-01-27 08:33:05 (+0700, Asie du Sud-Est) # country="France" # osver=6.0.6000 NT # scanned=240041 # found=0 # scan_time=2601 # nod_component=NOD32MOD_WINNT_FRENCH_BASE Build:0x11081627 (NOD32 pour Windows NT/2000/XP/2003/Vista/x64 - base) # nod_component=NOD32MOD_WINNT_FRENCH_INET Build:0x11081627 (NOD32 pour Windows NT/2000/XP/2003/Vista/x64 - support Internet ) # nod_component=NOD32MOD_WINNT_FRENCH_STANDARD Build:0x11081627 (NOD32 pour Windows NT/2000/XP/2003/Vista/x64 - composant standard) -
[Résolu]Ecrans bleus à répétition
pkcl a répondu à un(e) sujet de pkcl dans Analyses et éradication malwares
Merci Beaucoup GOF, de bien vouloir m'accorder un peu de ton temps pour essayer de solutionner mon problème. J'ai très fréquemment (plusieurs fois par jour) des écrans bleus. La plupart sont 0x0000007F, mais il m'arrive aussi d'avoir des 0x00000008, et quelques autres plus rares comme 0x0000004E. Le dernier en date étant pendant le scan de DSS. Il m'arrive aussi d'avoir ces écrans bleu, même en mode sans échec, tout particulièrement pendant les scans d'A². De mon coté j'ai déjà beaucoup cherché, et essayé plein de nettoyages de toutes sorte, mais rien n'y fait. C'est la raison pour laquelle je pense que tu dois avoir raison,il ne s'agit probablement pas d'infection. Mais bien sûr, c'est la première chose à laquelle on pense, et certains malwares ou rootkits sont tellements virulants, qu'on pense qu'ils peuvent résister à tous les softs de nettoyage. Parmis les conflits possibles, j'ai 2 pistes: 1 - Windows update installe une maj de sécurité kb925902 qui provoque des écrans bleus avec certaines imprimantes en wifi. C'est mon cas. Ils ont donc sorti un correctif kb935843 (1Mo) que je n'arrive pas à installer. Windows me dit que je n'ai pas assez de place!!!! Je ne trouve plus non plus trace de la 1ère maj. Lorsque j'essaye de la réinstaller à nouveau, windows me dit que ce n'est pas pour mon système. Or c'est 100% pour mon système!!! 2 - J'ai installé Comodo en Firewall, et je vois qu'il me reste des traces d'Outpost que je n'arrive pas à supprimer Je te poste les 2 résultats DSS, en espérant que tu sauras y comprendre quelque chose. Moi non! Encore merci pour ton aide. Deckard's System Scanner v20071014.68 Run by pkcl on 2008-01-26 18:02:24 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- Last 5 Restore Point(s) -- 12: 2008-01-26 03:09:50 UTC - RP512 - Deckard's System Scanner Restore Point 11: 2008-01-25 02:22:07 UTC - RP511 - Windows Update 10: 2008-01-24 08:31:11 UTC - RP510 - Opera 9.50 togs bort 9: 2008-01-24 08:30:56 UTC - RP509 - Before uninstall Opera 9.50 8: 2008-01-24 08:29:32 UTC - RP507 - Before uninstall Opera -- First Restore Point -- 1: 2008-01-20 12:17:20 UTC - RP497 - Windows Update Backed up registry hives. Performed disk cleanup. -- HijackThis (run as pkcl.exe) ------------------------------------------------ Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:04:43, on 26/01/2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16575) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\ESET\nod32kui.exe C:\Program Files\RocketDock\RocketDock.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\System32\mobsync.exe C:\Windows\system32\wbem\unsecapp.exe C:\Users\pkcl\Desktop\dss.exe C:\Windows\system32\conime.exe C:\PROGRA~1\Trend Micro\HijackThis\pkcl.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02 N3 - Netscape 7: user_pref("browser.startup.homepage", "http://www.google.com"); (C:\Documents and Settings\PKCL\Application Data\Mozilla\Profiles\default\y3qyls7l.slt\prefs.js) N3 - Netscape 7: user_pref("browser.search.defaultengine", ""); (C:\Documents and Settings\PKCL\Application Data\Mozilla\Profiles\default\y3qyls7l.slt\prefs.js) O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -s O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Startup: CCC.lnk = ? O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe O4 - Global Startup: Bluetooth Manager.lnk.disabled O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - (no file) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll O20 - AppInit_DLLs: hplun.dll C:\Windows\system32\guard32.dll O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\Firewall\cmdagent.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: Privacyware network service (PFNet) - Privacyware/PWI, Inc. - C:\Program Files\Privacyware\Dynamic Security Agent\pfsvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe -- End of file - 5785 bytes -- HijackThis Fixed Entries (C:\PROGRA~1\Trend Micro\HijackThis\backups\) ------ backup-20080122-041020-932 O23 - Service: O&O Defrag - O&O Software GmbH - C:\Windows\system32\oodag.exe backup-20080124-093615-100 O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') backup-20080124-093615-110 O13 - Gopher Prefix: backup-20080124-093615-124 O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized backup-20080124-093615-146 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/ backup-20080124-093615-339 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html backup-20080124-093615-345 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = backup-20080124-093615-370 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 backup-20080124-093615-437 O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE backup-20080124-093615-476 O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - (disabled by BHODemon) backup-20080124-093615-660 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 backup-20080124-093615-694 O4 - HKCU\..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe backup-20080124-093615-737 O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll backup-20080124-093615-749 R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) backup-20080124-093615-790 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 backup-20080124-093615-896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = backup-20080124-093615-965 O4 - HKLM\..\Run: [sMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe backup-20080124-093634-290 O23 - Service: Nero BackItUp Scheduler 3 - Unknown owner - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe (file missing) backup-20080124-093634-364 O23 - Service: PDEngine - Unknown owner - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe (file missing) backup-20080124-093634-730 O23 - Service: ILLWT - Unknown owner - C:\Users\pkcl\AppData\Local\Temp\ILLWT.exe (file missing) backup-20080124-093634-747 O23 - Service: PDAgent - Unknown owner - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe (file missing) backup-20080124-093634-792 O23 - Service: NBService - Unknown owner - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe (file missing) backup-20080124-093634-796 O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe -- File Associations ----------------------------------------------------------- All associations okay. -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R3 WCPU - \??\c:\program files\p4g\wcpu.sys -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 ASLDRService (ASLDR Service) - c:\program files\atk hotkey\asldrsrv.exe <Not Verified; ; ADSMSrv> R2 RichVideo (Cyberlink RichVideo Service(CRVS)) - "c:\program files\cyberlink\shared files\richvideo.exe" <Not Verified; ; RichVideo Module> R2 TOSHIBA Bluetooth Service - c:\program files\toshiba\bluetooth toshiba stack\tosbtsrv.exe <Not Verified; TOSHIBA CORPORATION; Bluetooth Stack for Windows by TOSHIBA> S4 ILLWT - c:\users\pkcl\appdata\local\temp\illwt.exe (file missing) S4 NBService - c:\program files\nero\nero 7\nero backitup\nbservice.exe (file missing) S4 Nero BackItUp Scheduler 3 - c:\program files\nero\nero8\nero backitup\nbservice.exe S4 PDAgent - "c:\program files\raxco\perfectdisk\pdagent.exe" (file missing) S4 PDEngine - "c:\program files\raxco\perfectdisk\pdengine.exe" (file missing) -- Device Manager: Disabled ---------------------------------------------------- No disabled devices found. -- Scheduled Tasks ------------------------------------------------------------- 2008-01-25 17:17:49 392 --a------ C:\Windows\Tasks\Maintenance en 1 clic.job 2007-11-26 08:07:49 320 --ah----- C:\Windows\Tasks\User_Feed_Synchronization-{E620316F-33B5-40B8-8FDA-212DF236024E}.job -- Files created between 2007-12-26 and 2008-01-26 ----------------------------- 2008-01-24 22:03:51 0 d-------- C:\Program Files\Common Files\Skype 2008-01-24 09:01:09 0 d-------- C:\Program Files\SpywareGuard 2008-01-24 08:52:04 0 d-------- C:\Program Files\SpywareBlaster 2008-01-24 00:17:50 0 d-------- C:\Users\pkcl\Application Data\FreeCommander 2008-01-24 00:17:39 0 d-------- C:\Program Files\FreeCommander 2008-01-22 03:53:37 0 d-------- C:\Program Files\Trend Micro 2008-01-22 03:52:53 233472 --a------ C:\Windows\system32\wrap_oal.dll <Not Verified; Creative Labs; Creative Labs OpenAL32> 2008-01-21 03:38:01 0 d-------- C:\Users\pkcl\Application Data\Comodo 2008-01-21 03:38:00 0 d-------- C:\Users\All Users\comodo 2008-01-21 03:37:57 0 d-------- C:\Program Files\COMODO 2008-01-06 18:32:56 0 d-------- C:\Program Files\Intel Corporation 2008-01-04 15:59:49 99736 --a------ C:\Windows\system32\GDIPFONTCACHEV1.DAT 2008-01-04 13:11:27 0 d-------- C:\Program Files\Bluetack 2008-01-04 13:10:41 0 d-------- C:\Windows\Downloaded Installations 2008-01-04 12:20:57 0 d-------- C:\Users\All Users\Privacyware 2008-01-04 12:20:57 0 d-------- C:\Program Files\Privacyware 2007-12-29 06:50:18 0 d-------- C:\Program Files\Foxit Software 2007-12-29 05:27:49 0 d-------- C:\Users\All Users\SUPERAntiSpyware.com 2007-12-29 05:27:35 0 d-------- C:\Users\pkcl\Application Data\SUPERAntiSpyware.com 2007-12-29 05:27:35 0 d-------- C:\Program Files\SUPERAntiSpyware 2007-12-28 12:20:01 0 d-------- C:\Program Files\MSXML 4.0 2007-12-28 10:00:23 0 d-------- C:\Program Files\TuneUp Utilities 2008 2007-12-28 09:44:59 0 d-------- C:\Program Files\Yahoo! 2007-12-28 09:44:47 0 d-------- C:\Program Files\CCleaner 2007-12-28 06:06:07 0 d-------- C:\Users\pkcl\Application Data\WinRAR 2007-12-27 21:40:19 0 d-------- C:\Program Files\a-squared Free(969) 2007-12-27 13:37:50 0 d-------- C:\Users\pkcl\Application Data\Macromedia 2007-12-27 13:37:50 0 d-------- C:\Users\pkcl\Application Data\Adobe(1002) 2007-12-27 13:33:57 0 d-------- C:\Users\pkcl\Application Data\Mozilla(1080) 2007-12-27 13:15:04 0 d-------- C:\Users\pkcl\Application Data\skypePM 2007-12-27 13:14:58 0 d-------- C:\Users\pkcl\Application Data\ATI 2007-12-27 12:53:24 0 d-------- C:\Users\pkcl\Application Data\URSoft(1082) 2007-12-27 12:45:22 0 d-------- C:\Users\pkcl\Application Data\TuneUp Software(1081) -- Find3M Report --------------------------------------------------------------- 2008-01-26 17:58:23 0 d-------- C:\Users\pkcl\AppData\Roaming\Skype 2008-01-26 17:37:32 693588 --a------ C:\Windows\system32\perfh00C.dat 2008-01-26 17:37:32 118450 --a------ C:\Windows\system32\perfc00C.dat 2008-01-26 17:19:25 12 --a------ C:\Windows\bthservsdp.dat 2008-01-26 17:12:18 0 d-------- C:\Users\pkcl\AppData\Roaming\skypePM 2008-01-25 00:36:14 0 d-------- C:\Users\pkcl\AppData\Roaming\utorrent 2008-01-25 00:15:02 9256 --a------ C:\Windows\mozver.dat 2008-01-24 22:03:51 0 d-------- C:\Program Files\Common Files 2008-01-24 15:40:25 0 d-------- C:\Program Files\Opera 9.5 beta 2008-01-24 15:30:21 0 d-------- C:\Program Files\Opera 2008-01-24 00:17:50 0 d-------- C:\Users\pkcl\AppData\Roaming\FreeCommander 2008-01-21 03:38:01 0 d-------- C:\Users\pkcl\AppData\Roaming\Comodo 2008-01-14 15:02:14 0 d-------- C:\Program Files\a-squared Free 2008-01-09 05:11:29 0 d-------- C:\Program Files\Windows Mail 2008-01-09 05:11:28 0 d-------- C:\Program Files\Windows Sidebar 2007-12-30 02:47:00 0 d-------- C:\Users\pkcl\AppData\Roaming\vlc 2007-12-29 20:10:04 0 d-------- C:\Users\pkcl\AppData\Roaming\SUPERAntiSpyware.com 2007-12-29 20:09:54 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard 2007-12-28 22:32:34 0 d-------- C:\Program Files\ATI 2007-12-28 09:36:09 0 d--h----- C:\Users\pkcl\AppData\Roaming\Adobe 2007-12-28 07:58:10 0 d-------- C:\Program Files\Nero 2007-12-28 07:58:10 0 d-------- C:\Program Files\Common Files\Ahead 2007-12-28 06:59:01 0 d--h----- C:\Program Files\InstallShield Installation Information 2007-12-28 06:06:07 0 d-------- C:\Users\pkcl\AppData\Roaming\WinRAR 2007-12-28 05:08:31 0 d-------- C:\Users\pkcl\AppData\Roaming\Winamp 2007-12-28 05:08:26 0 d-------- C:\Users\pkcl\AppData\Roaming\foobar2000 2007-12-28 05:08:26 0 d-------- C:\Users\pkcl\AppData\Roaming\dvdcss 2007-12-28 05:08:12 0 d-------- C:\Program Files\Realtek 2007-12-28 05:07:05 0 d-------- C:\Users\pkcl\AppData\Roaming\URSoft 2007-12-28 05:07:05 0 d--h----- C:\Users\pkcl\AppData\Roaming\TuneUp Software 2007-12-28 05:07:04 0 d-------- C:\Users\pkcl\AppData\Roaming\Systenance 2007-12-28 05:07:01 0 d-------- C:\Users\pkcl\AppData\Roaming\Sun 2007-12-28 05:06:51 0 d-------- C:\Users\pkcl\AppData\Roaming\Opera 2007-12-28 05:06:51 0 d-------- C:\Users\pkcl\AppData\Roaming\NewSoft 2007-12-28 05:06:51 0 d-------- C:\Users\pkcl\AppData\Roaming\Nero 2007-12-28 05:06:50 0 d-------- C:\Users\pkcl\AppData\Roaming\Mozilla 2007-12-28 05:06:25 0 d-------- C:\Users\pkcl\AppData\Roaming\CyberScrub 2007-12-28 05:06:25 0 d-------- C:\Users\pkcl\AppData\Roaming\BinarySense 2007-12-27 14:43:00 0 d-------- C:\Users\pkcl\AppData\Roaming\Adobe(1002) 2007-12-27 13:37:50 0 d-------- C:\Users\pkcl\AppData\Roaming\Macromedia 2007-12-27 13:33:57 0 d-------- C:\Users\pkcl\AppData\Roaming\Mozilla(1080) 2007-12-27 13:14:58 0 d-------- C:\Users\pkcl\AppData\Roaming\ATI 2007-12-27 12:53:24 0 d-------- C:\Users\pkcl\AppData\Roaming\URSoft(1082) 2007-12-27 12:45:22 0 d-------- C:\Users\pkcl\AppData\Roaming\TuneUp Software(1081) 2007-12-18 23:52:24 0 d-------- C:\Program Files\ASUS 2007-12-15 06:01:43 315392 --a------ C:\Windows\HideWin.exe <Not Verified; Realtek Semiconductor Corp.; HD Audio Hide windows program> 2007-12-09 07:30:09 0 d-------- C:\Program Files\Your Uninstaller 2008 2007-11-19 11:17:26 298104 --a------ C:\Windows\system32\imon.dll <Not Verified; Eset; NOD32 Antivirus System> -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" [01/12/2006 18:37 C:\Windows\RtHDVCpl.exe] "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [22/11/2006 12:27] "nod32kui"="C:\Program Files\Eset\nod32kui.exe" [19/11/2007 11:17] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [11/04/2007 15:32 C:\Windows\KHALMNPR.Exe] "@"="" [] "COMODO Firewall Pro"="C:\Program Files\COMODO\Firewall\cfp.exe" [21/01/2008 03:37] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RocketDock"="C:\Program Files\RocketDock\RocketDock.exe" [19/03/2007 05:05] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [09/01/2008 05:00] "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [31/08/2007 16:46] "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [02/11/2006 19:36] "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [12/11/2007 15:48] C:\Users\pkcl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ CCC.lnk - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [29/09/2006 09:57:36] SpywareGuard.lnk - C:\Program Files\SpywareGuard\sgmain.exe [29/08/2003 19:05:35] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth Manager.lnk.disabled [10/07/2007 10:35:54] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"=2 (0x2) "EnableLUA"=0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoInstrumentation"=1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "appinit_dlls"=hplun.dll C:\Windows\system32\guard32.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] @="Volume shadow copy" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] @="IEEE 1394 Bus host controllers" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] @="SBP2 IEEE 1394 Devices" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] @="SecurityDevices" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "AnyDVD"=C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe "Mozilla Quick Launch"="C:\Program Files\Netscape\Netscape\Netscp.exe" -turbo "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" "LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" "NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" "OODefragTray"=C:\Windows\system32\oodtray.exe "Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdSync.exe "HControl"=C:\Windows\ATK0100\HControl.exe "Dynamic Security Agent"=C:\Program Files\Privacyware\Dynamic Security Agent\DSA.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalService nsi lltdsvc SSDPSRV upnphost SCardSvr w32time EventSystem RemoteRegistry WinHttpAutoProxySvc lanmanworkstation TBS SLUINotify THREADORDER fdrespub netprofm fdphost wcncsvc QWAVE WebClient LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc CscService TabletInputService UmRdpService wlansvc WPDBusEnum EMDMgmt LocalServiceNoNetwork PLA DPS BFE mpssvc LocalServiceNetworkRestricted DHCP eventlog AudioSrv LmHosts wscsvc p2pimsvc PNRPSvc p2psvc PnrpAutoReg bthsvcs BthServ WindowsMobile wcescomm rapimgr LocalServiceRestricted WcesComm RapiMgr HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E] AutoRun\command- E:\setup.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F] AutoRun\command- F:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4694ce7b-3e43-11dc-83ea-0018f371fa19}] AutoRun\command- F:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4694ce7c-3e43-11dc-83ea-0018f371fa19}] AutoRun\command- F:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4cdf660f-17c5-11dc-9f83-0018f371fa19}] AutoRun\command- F:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{782baacd-43e4-11dc-8b9a-806e6f6e6963}] AutoRun\command- F:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7b62a8b7-4665-11dc-a5aa-0018f371fa19}] AutoRun\command- F:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dac3c068-3c06-11dc-89bd-0018f371fa19}] AutoRun\command- F:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dac3c080-3c06-11dc-89bd-0018f371fa19}] AutoRun\command- F:\AutoRun.exe [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] C:\Windows\system32\unregmp2.exe /ShowWMP [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\ccc-core-static] msiexec /fums {8BB7F11E-4F20-9E97-0350-0EEDEF3C3D89} /qb [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI -- Hosts ----------------------------------------------------------------------- 127.0.0.1 localhost 127.0.0.1 123spywar.com 127.0.0.1 www.123spywar.com 127.0.0.1 1clickspyclean.com 127.0.0.1 www.1clickspyclean.com 127.0.0.1 1clicksuite.net 127.0.0.1 www.1clicksuite.net 127.0.0.1 1spyware-removal.com 127.0.0.1 www.1spyware-removal.com 127.0.0.1 1spywarekiller.com 10302 more entries in hosts file. -- End of Deckard's System Scanner: finished at 2008-01-26 18:16:00 ------------ Deckard's System Scanner v20071014.68 Extra logfile - please post this as an attachment with your post. -------------------------------------------------------------------------------- -- System Information ---------------------------------------------------------- Microsoft® Windows Vista™ Professionnel (build 6000) Architecture: X86; Language: French CPU 0: Intel® Core2 CPU T5600 @ 1.83GHz Percentage of Memory in Use: 33% Physical Memory (total/avail): 2046.66 MiB / 1356.87 MiB Pagefile Memory (total/avail): 4328.32 MiB / 3524.55 MiB Virtual Memory (total/avail): 2047.88 MiB / 1920.45 MiB C: is Fixed (NTFS) - 66.03 GiB total, 21.83 GiB free. D: is Fixed (NTFS) - 43.89 GiB total, 33.34 GiB free. E: is CDROM (No Media) \\.\PHYSICALDRIVE0 - Hitachi HTS541612J9SA00 ATA Device - 111.79 GiB - 3 partitions \PARTITION0 - Unknown - 1906.12 MiB \PARTITION1 (bootable) - Système de fichiers installable - 66.03 GiB - C: \PARTITION2 - Étendu avec Inter. 13 étendue - 43.89 GiB - D: -- Security Center ------------------------------------------------------------- AUOptions is scheduled to auto-install. Windows Internal Firewall is enabled. FW: COMODO Firewall Pro v3.0 (COMODO) FW: Privatefirewall v6.0 (Privacyware) Disabled FW: Outpost Firewall Pro v6.0 (Agnitum) AV: ESET NOD32 antivirus system 2.70 v2.70 (ESET, spol. s r.o.) AS: Spybot - Search and Destroy v1.0.0.4 (Safer Networking Ltd.) Disabled AS: Windows Defender v1.1.1505.0 (Microsoft Corporation) AS: Outpost Firewall Pro vASWDB6, VB4.3, VDB9 (Agnitum) Disabled [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] -- Environment Variables ------------------------------------------------------- ALLUSERSPROFILE=C:\ProgramData APPDATA=C:\Users\pkcl\AppData\Roaming CLASSPATH=C:\Program Files\QuickTime\QTSystem\QTJava.zip CommonProgramFiles=C:\Program Files\Common Files COMPUTERNAME=PC-DE-PKCL ComSpec=C:\Windows\system32\cmd.exe FP_NO_HOST_CHECK=NO HOMEDRIVE=C: HOMEPATH=\Users\pkcl LOCALAPPDATA=C:\Users\pkcl\AppData\Local LOGONSERVER=\\PC-DE-PKCL NUMBER_OF_PROCESSORS=2 OS=Windows_NT Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\QuickTime Alternative\QTSystem\ PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC PROCESSOR_ARCHITECTURE=x86 PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 6, GenuineIntel PROCESSOR_LEVEL=6 PROCESSOR_REVISION=0f06 ProgramData=C:\ProgramData ProgramFiles=C:\Program Files PROMPT=$P$G PUBLIC=C:\Users\Public SESSIONNAME=Console SystemDrive=C: SystemRoot=C:\Windows TEMP=C:\Users\pkcl\AppData\Local\Temp TMP=C:\Users\pkcl\AppData\Local\Temp USERDOMAIN=PC-de-pkcl USERNAME=pkcl USERPROFILE=C:\Users\pkcl windir=C:\Windows __COMPAT_LAYER=DisableNXShowUI -- User Profiles --------------------------------------------------------------- pkcl (admin) -- Add/Remove Programs --------------------------------------------------------- --> C:\Windows\IsUninst.exe -fC:\Windows\system32\UninstIPP.isu --> C:\Windows\UNNeroBackItUp.exe /UNINSTALL --> C:\Windows\UNNeroMediaHome.exe /UNINSTALL --> C:\Windows\UNNeroShowTime.exe /UNINSTALL --> C:\Windows\UNNeroVision.exe /UNINSTALL --> C:\Windows\UNRecode.exe /UNINSTALL --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{329899E1-CBBA-49BC-9FFE-199E94316727}\setup.exe" -l0x9 -removeonly 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} a-squared Free 3.0 --> "C:\Program Files\a-squared Free\unins000.exe" Adobe Flash Player Plugin --> C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe AnyDVD --> "C:\Program Files\SlySoft\AnyDVD\AnyDVD-uninst.exe" /D="C:\Program Files\SlySoft\AnyDVD" ArcSoft PhotoStudio 5.5 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{85309D89-7BE9-4094-BB17-24999C6118FC}\SETUP.EXE" -l0x9 ASUS Setting Center --> C:\Program Files\InstallShield Installation Information\{6A1AC289-45CD-4561-B666-DB80C72F6DAF}\Setup.exe -runfromtemp -l0x0009 -removeonly ATI - Software Uninstall Utility --> C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe ATK Hotkey --> C:\Program Files\InstallShield Installation Information\{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}\setup.exe -runfromtemp -l0x0009 -removeonly ATK Media --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}\setup.EXE" -l0x9 ATK0100 ACPI UTILITY --> C:\Windows\ATK0100\XPunin.exe ATKOSD2 --> C:\Program Files\InstallShield Installation Information\{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}\setup.exe -runfromtemp -l0x0009 -removeonly µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL µTorrent 1.6.1 (Build 490) --> C:\Program Files\utorrent\Uninstal.exe Bluetooth Stack for Windows by Toshiba --> MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6} Canon CanoScan Toolbox 5.0 --> "C:\Program Files\Canon\CanoScan Toolbox Ver5.0\Maint.exe" /UninstallRemove C:\Program Files\Canon\CanoScan Toolbox Ver5.0\uninst.ini CanoScan LiDE 70 --> "C:\Windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2411\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2411 /L0x000c CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe" CDDRV_Installer --> MsiExec.exe /I{8CC990CD-87C8-475C-AC32-8A7984E2FCFA} Color LaserJet 2600n --> C:\Program Files\Zenographics\{50B3275F-6D5B-41E5-8BE7-19FFC78856E6}\SETUP.EXE -u "HPCLJKCInstaller.dll=CLJ2600.INF" COMODO Firewall Pro --> C:\Program Files\COMODO\Firewall\cfpconfg.exe -u Debugging Tools for Windows --> MsiExec.exe /I{D459A7BB-F85E-4C0E-8AEC-3D90C4549740} Dynamic Security Agent 2.0 --> MsiExec.exe /X{AD88BB6D-EA59-444B-A8B3-2007F649186A} foobar2000 v0.9.4.3 --> "C:\Program Files\foobar2000\uninstall.exe" Foxit Reader --> C:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe Free Games Offer, Desktop Shortcut --> MsiExec.exe /X{31DABA20-10A1-4746-9D9F-57955B8DFF66} FreeCommander 2007.10a --> "C:\Program Files\FreeCommander\unins000.exe" FxVisor --> MsiExec.exe /I{F691A1F5-2789-46CE-A45A-57763198D384} Gestionnaire pour appareils Windows Mobile --> MsiExec.exe /I{1F2A5DF9-40E1-4644-ADBD-D80F347BA6C8} HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall Java 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020} Java 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030} KhalInstallWrapper --> MsiExec.exe /I{56918C0C-0D87-4CA6-92BF-4975A43AC719} Kill Process 5.0.0.5 (désinstaller seulement) --> "C:\Program Files\Kill Process\uninstall.exe" Logitech SetPoint --> C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe -runfromtemp -l0x040c -removeonly Microsoft Exchange 2007 Management Pack for MOM 2005 --> MsiExec.exe /X{3829A1F7-AF25-463F-9937-1519A4C24611} Microsoft Office Access MUI (French) 2007 --> MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE} Microsoft Office Excel MUI (French) 2007 --> MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE} Microsoft Office InfoPath MUI (French) 2007 --> MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE} Microsoft Office Language Pack 2007 Service Pack 1 (SP1) --> msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB} Microsoft Office Outlook MUI (French) 2007 --> MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (French) 2007 --> MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE} Microsoft Office Professional Plus 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL Microsoft Office Professional Plus 2007 --> MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE} Microsoft Office Proof (Arabic) 2007 --> MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE} Microsoft Office Proof (Dutch) 2007 --> MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE} Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007 --> MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (French) 2007 --> MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE} Microsoft Office Publisher MUI (French) 2007 --> MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE} Microsoft Office Shared MUI (French) 2007 --> MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE} Microsoft Office Word MUI (French) 2007 --> MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE} Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7} Mobile Connect --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3EAAC5FD-E209-4856-8C49-D4EA40F85032}\setup.exe" -l0x9 -removeonly Motorola SM56 Speakerphone Modem --> rundll32.exe sm56co6a.dll,SM56UnInstaller Mozilla Firefox (2.0.0.11) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSXML 4.0 SP2 (KB927978) --> MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F} MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB941833) --> MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF} neroxml --> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} Netscape (7.1) --> C:\Windows\NSUninst.exe /ua "7.1b1 (fr)" NOD32 Antivirus System --> C:\Program Files\Eset\Setup\setup.exe /UNINSTALL Power4Gear eXtreme --> C:\Program Files\InstallShield Installation Information\{8CFEBE9C-F29F-4C49-80E0-7106970F8734}\setup.EXE -runfromtemp -l0x040c -removeonly PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.EXE" -uninstall Real Alternative 1.52 --> "C:\Program Files\Real Alternative\unins000.exe" Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista --> C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\SETUP.EXE -runfromtemp -l0x040c -removeonly Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly Realtek USB 2.0 Card Reader --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DC24971E-1946-445D-8A82-CE685433FA7D}\setup.exe" -l0x9 -removeonly Remote Controller --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2B802EBE-CDAD-477C-9AD4-069615D377EB}\setup.exe" -l0x9 -removeonly RocketDock 1.3.1 --> "C:\Program Files\RocketDock\unins000.exe" Skype™ 3.6 --> MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82} Snoqualmie 1.0 --> C:\Windows\system32\snounin.exe Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe" SpywareBlaster v3.5.1 --> "C:\Program Files\SpywareBlaster\unins000.exe" SpywareGuard v2.2 --> "C:\Program Files\SpywareGuard\unins000.exe" Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall TuneUp Utilities 2008 --> MsiExec.exe /I{5888428E-699C-4E71-BF71-94EE06B497DA} Update for Outlook 2007 Junk Email Filter (kb943597) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A751F0DB-8476-4207-956E-20AEBBA4B1DA} USB2.0 1.3M Web Cam --> C:\Windows\StkUnist.exe USB2.0 1.3M WebCam --> C:\Windows\StkUnist.exe Utilitaire Intel® de lecture de la fréquence du processeur --> MsiExec.exe /X{B772E270-02DF-4B70-9FA8-1383BBB81FDD} VCRedistSetup --> MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027} VideoLAN VLC media player 0.8.6b --> C:\Program Files\VideoLAN\VLC\uninstall.exe Vista Codec Package --> MsiExec.exe /I{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99} Windows Media Player Firefox Plugin --> MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} WinFlash --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE10AB76-4756-4913-BE25-55D1C1051F9A}\Setup.exe" -l0x9 WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe Wireless Console 2 --> C:\Program Files\InstallShield Installation Information\{83F73CB1-7705-49D1-9852-84D839CA2A45}\setup.exe -runfromtemp -l0x040c -removeonly XNResourceEditor 3.0.0.1 --> "C:\Program Files\XN Resource Editor\unins000.exe" Your Uninstaller! 2008 Version 6.0 --> "C:\Program Files\Your Uninstaller 2008\unins000.exe" Your Uninstaller! PRO 2006 5.0.0.345 --> "C:\Program Files\Your Uninstaller 2006\unins000.exe" -- Application Event Log ------------------------------------------------------- Event Record #/Type58761 / Warning Event Submitted/Written: 01/26/2008 05:32:57 PM Event ID/Source: 1001 / MsiInstaller Event Description: Échec de détection du produit ‘{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}’, fonctionnalité ‘Phone’ lors de la demande du composant ‘{57FF4446-590E-4894-AE39-D55928DBDE01}’ Event Record #/Type58760 / Warning Event Submitted/Written: 01/26/2008 05:32:56 PM Event ID/Source: 1004 / MsiInstaller Event Description: Échec de détection du produit ‘{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}’, fonctionnalité ‘Phone’, composant ‘{7A702427-1ED2-4768-88B7-F563D4703DDC}. La ressource ‘HKEY_LOCAL_MACHINE\Software\Classes\{327C8820-8DED-4BD2-A7F6-D07B9DD5698F}\’ n’existe pas. Event Record #/Type58755 / Success Event Submitted/Written: 01/26/2008 05:32:51 PM Event ID/Source: 5617 / WinMgmt Event Description: Event Record #/Type58751 / Success Event Submitted/Written: 01/26/2008 05:32:29 PM Event ID/Source: 5615 / WinMgmt Event Description: Event Record #/Type58747 / Success Event Submitted/Written: 01/26/2008 05:31:29 PM Event ID/Source: 902 / Software Licensing Service Event Description: Le service de gestion des licences du logiciel a démarré. -- Security Event Log ---------------------------------------------------------- No Errors/Warnings found. -- System Event Log ------------------------------------------------------------ Event Record #/Type89411 / Error Event Submitted/Written: 01/26/2008 05:35:00 PM Event ID/Source: 7001 / Service Control Manager Event Description: Service Partage réseau du Lecteur Windows MediaHôte de périphérique UPnP%%1068 Event Record #/Type89410 / Error Event Submitted/Written: 01/26/2008 05:35:00 PM Event ID/Source: 7001 / Service Control Manager Event Description: Hôte de périphérique UPnPDécouverte SSDP%%1058 Event Record #/Type89395 / Error Event Submitted/Written: 01/26/2008 05:33:00 PM Event ID/Source: 7001 / Service Control Manager Event Description: Service Partage réseau du Lecteur Windows MediaHôte de périphérique UPnP%%1068 Event Record #/Type89394 / Error Event Submitted/Written: 01/26/2008 05:33:00 PM Event ID/Source: 7001 / Service Control Manager Event Description: Hôte de périphérique UPnPDécouverte SSDP%%1058 Event Record #/Type89375 / Error Event Submitted/Written: 01/26/2008 05:32:56 PM Event ID/Source: 7001 / Service Control Manager Event Description: Hôte de périphérique UPnPDécouverte SSDP%%1058 -- End of Deckard's System Scanner: finished at 2008-01-26 18:16:00 ------------ -
Bonjour à tous, J'ai depuis quelque temps des écrans bleus plusieurs fois par jour, et pas toujours les mêmes: 0x0000008 / 0x00000050 / 0x000000C2 / 0x0000004E / 0x0000008 / 0x0000007 Je n'arrive pas à comprendre pourquoi. Souvent c'est lorsque j'ouvre des photos, mais pas uniquement. Est ce quelqu'un au vu du rapport HijackThis ci-dessous pourrai m'aider? Merci d'avance. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:23:16, on 23/01/2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16575) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\ASUS\ASUS Live Update\ALU.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe C:\Program Files\ASUS\ATK Media\DMedia.exe C:\Program Files\ESET\nod32kui.exe C:\Program Files\COMODO\Firewall\cfp.exe C:\Program Files\RocketDock\RocketDock.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Windows\System32\mobsync.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) N3 - Netscape 7: user_pref("browser.startup.homepage", "http://www.google.com"); (C:\Documents and Settings\PKCL\Application Data\Mozilla\Profiles\default\y3qyls7l.slt\prefs.js) N3 - Netscape 7: user_pref("browser.search.defaultengine", ""); (C:\Documents and Settings\PKCL\Application Data\Mozilla\Profiles\default\y3qyls7l.slt\prefs.js) O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - (disabled by BHODemon) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [sMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -s O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Startup: CCC.lnk = ? O4 - Global Startup: Bluetooth Manager.lnk.disabled O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - (no file) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll O13 - Gopher Prefix: O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - (no file) O20 - AppInit_DLLs: hplun.dll C:\Windows\system32\guard32.dll O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\Firewall\cmdagent.exe O23 - Service: ILLWT - Unknown owner - C:\Users\pkcl\AppData\Local\Temp\ILLWT.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NBService - Unknown owner - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe (file missing) O23 - Service: Nero BackItUp Scheduler 3 - Unknown owner - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe (file missing) O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: PDAgent - Unknown owner - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe (file missing) O23 - Service: PDEngine - Unknown owner - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe (file missing) O23 - Service: Privacyware network service (PFNet) - Privacyware/PWI, Inc. - C:\Program Files\Privacyware\Dynamic Security Agent\pfsvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe -- End of file - 8095 bytes