Aller au contenu

jocepa

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    28

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par jocepa

  1. jocepa
    bonsoir, voila ce que ça donne: ComboFix 08-05-09.1 - joelle 2008-05-12 0:04:16.1 - NTFSx86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.442 [GMT 2:00] Endroit: C:\Users\joelle\Desktop\ComboFix.exe . ((((((((((((((((((((((((((((( Fichiers créés 2008-04-11 to 2008-05-11 )))))))))))))))))))))))))))))))))))) . 2008-05-11 12:40 . 2008-05-11 12:40 <REP> d-------- C:\Deckard 2008-05-08 16:54 . 2008-05-08 16:55 <REP> d-------- C:\Program Files\Astrocycle3 2008-05-08 16:53 . 2008-05-08 16:53 <REP> d-------- C:\Windows\Downloaded Installations 2008-05-02 23:10 . 2008-05-09 08:44 <REP> d-------- C:\Users\joelle\JOB MER 2008-05-01 15:20 . 2008-05-01 15:20 <REP> d-------- C:\Users\joelle\.fltk 2008-04-30 08:44 . 2008-04-30 08:44 <REP> d-------- C:\Program Files\CCleaner 2008-04-27 13:29 . 2008-04-27 18:09 524,288 --ahs---- C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT{dc283700-144b-11dd-97dc-0016d4adea2b}.TMContainer00000000000000000002.regtrans-ms 2008-04-27 13:29 . 2008-04-28 00:47 524,288 --ahs---- C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT{dc283700-144b-11dd-97dc-0016d4adea2b}.TMContainer00000000000000000001.regtrans-ms 2008-04-27 13:29 . 2008-04-27 18:09 524,288 --ahs---- C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT{dc283702-144b-11dd-97dc-0016d4adea2b}.TMContainer00000000000000000002.regtrans-ms 2008-04-27 13:29 . 2008-04-28 00:47 524,288 --ahs---- C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT{dc283702-144b-11dd-97dc-0016d4adea2b}.TMContainer00000000000000000001.regtrans-ms 2008-04-27 13:29 . 2008-04-27 18:08 524,288 --ahs---- C:\Users\joelle\ntuser.dat{dc283704-144b-11dd-97dc-0016d4adea2b}.TMContainer00000000000000000002.regtrans-ms 2008-04-27 13:29 . 2008-04-28 00:47 524,288 --ahs---- C:\Users\joelle\ntuser.dat{dc283704-144b-11dd-97dc-0016d4adea2b}.TMContainer00000000000000000001.regtrans-ms 2008-04-27 13:29 . 2008-04-28 00:47 65,536 --ahs---- C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT{dc283700-144b-11dd-97dc-0016d4adea2b}.TM.blf 2008-04-27 13:29 . 2008-04-28 00:47 65,536 --ahs---- C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT{dc283702-144b-11dd-97dc-0016d4adea2b}.TM.blf 2008-04-27 13:29 . 2008-04-28 00:47 65,536 --ahs---- C:\Users\joelle\ntuser.dat{dc283704-144b-11dd-97dc-0016d4adea2b}.TM.blf 2008-04-27 13:20 . 2008-04-27 13:27 524,288 --ahs---- C:\Users\joelle\ntuser.dat{c3a1ffec-142d-11dd-a337-0016d4adea2b}.TMContainer00000000000000000002.regtrans-ms 2008-04-27 13:20 . 2008-05-11 23:36 524,288 --ahs---- C:\Users\joelle\ntuser.dat{c3a1ffec-142d-11dd-a337-0016d4adea2b}.TMContainer00000000000000000001.regtrans-ms 2008-04-27 13:20 . 2008-05-11 23:36 65,536 --ahs---- C:\Users\joelle\ntuser.dat{c3a1ffec-142d-11dd-a337-0016d4adea2b}.TM.blf 2008-04-27 13:14 . 2008-04-27 13:21 <REP> d--h----- C:\RD4B335D2AF9F44185AFC417F8D8D4B473DR 2008-04-27 10:37 . 2008-04-27 10:38 <REP> d-------- C:\Users\joelle\AppData\Roaming\fretsonfire 2008-04-27 01:26 . 2008-04-27 01:26 <REP> d-------- C:\Users\joelle\AppData\Roaming\Voca 2008-04-26 13:24 . 2008-04-26 13:38 <REP> d-------- C:\LiberKeyBackup 2008-04-17 18:45 . 2008-04-17 19:04 <REP> d-------- C:\Users\joelle\AppData\Roaming\GlarySoft 2008-04-17 18:33 . 2008-04-17 18:33 <REP> d-------- C:\Program Files\Glary Utilities . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-05-11 21:47 13,072 ----a-w C:\Users\joelle\AppData\Roaming\nvModes.dat 2008-05-09 07:14 --------- d-----w C:\Users\joelle\AppData\Roaming\XnView 2008-05-08 00:05 --------- d-----w C:\Users\joelle\AppData\Roaming\Auslogics 2008-05-05 10:45 --------- d-----w C:\Users\joelle\AppData\Roaming\dvdcss 2008-05-05 07:31 --------- d-----w C:\ProgramData\DVD Shrink 2008-05-05 02:23 --------- d-----w C:\Program Files\FairUse Wizard 2 2008-05-01 19:06 --------- d-----w C:\Users\joelle\AppData\Roaming\App Launcher Gadget 2008-04-23 08:09 --------- d-----w C:\Program Files\VideoLAN 2008-04-17 22:05 --------- d-----w C:\Program Files\WinTV 2008-04-17 17:02 --------- d-----w C:\ProgramData\NtiDvdCopy 2008-04-10 12:20 --------- d-----w C:\Program Files\SlySoft 2008-04-09 20:46 --------- d-----w C:\Users\joelle\AppData\Roaming\gtk-2.0 2008-04-09 19:58 123,939 ----a-w C:\Windows\system32\drivers\kqemu.sys 2008-04-09 12:25 --------- d-----w C:\Program Files\Windows Mail 2008-04-08 11:15 --------- d-----w C:\Users\joelle\AppData\Roaming\ESBCalc 2008-04-05 03:19 --------- d-----w C:\Users\joelle\AppData\Roaming\profette 2008-03-26 11:17 --------- d-----w C:\Program Files\Google 2008-03-25 23:32 --------- d-----w C:\Program Files\Java 2008-03-25 23:30 --------- d-----w C:\Program Files\Common Files\Java 2008-03-24 22:47 --------- d-----w C:\ProgramData\WindowsSearch 2008-03-23 14:09 --------- d-----w C:\ProgramData\CyberLink 2008-03-20 16:29 0 ---ha-w C:\Windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf 2008-03-19 13:30 174 --sha-w C:\Program Files\desktop.ini 2008-03-19 13:18 --------- d-----w C:\Program Files\Windows Sidebar 2008-03-19 13:18 --------- d-----w C:\Program Files\Windows Photo Gallery 2008-03-19 13:18 --------- d-----w C:\Program Files\Windows Journal 2008-03-19 13:18 --------- d-----w C:\Program Files\Windows Defender 2008-03-19 13:18 --------- d-----w C:\Program Files\Windows Collaboration 2008-03-19 13:18 --------- d-----w C:\Program Files\Windows Calendar 2008-03-19 12:08 82,432 ----a-w C:\Windows\System32\axaltocm.dll 2008-03-19 12:08 101,888 ----a-w C:\Windows\System32\ifxcardm.dll 2008-03-18 06:43 --------- d-----w C:\Program Files\QuickTime 2008-03-18 06:42 --------- d-----w C:\ProgramData\Apple Computer 2008-03-18 06:41 --------- d-----w C:\ProgramData\Apple 2008-03-18 06:41 --------- d-----w C:\Program Files\Apple Software Update 2008-03-13 13:27 --------- d-----w C:\Users\joelle\AppData\Roaming\DAEMON Tools 2008-03-11 06:44 --------- d-----w C:\Program Files\Anuman Interactive 2008-02-29 07:14 19,000 ----a-w C:\Windows\System32\kd1394.dll 2008-02-29 07:11 988,216 ----a-w C:\Windows\System32\winload.exe 2008-02-29 07:11 927,288 ----a-w C:\Windows\System32\winresume.exe 2008-02-29 06:53 46,592 ----a-w C:\Windows\System32\setbcdlocale.dll 2008-02-29 06:53 40,960 ----a-w C:\Windows\System32\srclient.dll 2008-02-29 06:53 378,368 ----a-w C:\Windows\System32\srcore.dll 2008-02-29 06:35 6,656 ----a-w C:\Windows\System32\kbd106n.dll 2008-02-29 04:21 2,032,128 ----a-w C:\Windows\System32\win32k.sys 2008-02-29 04:12 318,464 ----a-w C:\Windows\System32\rstrui.exe 2008-02-29 04:12 14,848 ----a-w C:\Windows\System32\srdelayed.exe 2008-02-22 05:05 615,992 ----a-w C:\Windows\System32\ci.dll 2008-02-22 05:01 826,880 ----a-w C:\Windows\System32\wininet.dll 2008-02-22 04:57 295,936 ----a-w C:\Windows\System32\gdi32.dll 2007-10-23 10:03 16,384 --sha-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat 2007-10-23 10:03 32,768 --sha-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat 2007-10-23 10:03 16,384 --sha-w C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat . ------- Sigcheck ------- . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "????r"="" [] "?????????"="??????????????e" [] "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-19 09:33 125952] "ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-08-11 15:30 249856] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-03-26 10:10 171448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" [2006-12-01 07:37 4186112 C:\Windows\RtHDVCpl.exe] "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-23 05:00 815104] "LManager"="C:\PROGRA~1\LAUNCH~1\LManager.exe" [2006-12-08 14:35 614400] "WarReg_PopUp"="C:\Acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 21:48 57344] "LogitechCommunicationsManager"="C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe" [2006-10-31 01:06 304664] "LVCOMSX"="C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe" [2006-11-20 18:04 244512] "eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2006-11-17 08:26 453120] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-04-15 13:52 262401] "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25 6731312] "EPGServiceTool"="C:\PROGRA~1\WinTV\EPG Services\System\EPGClient.exe" [2007-08-01 05:26 675840] "NvSvc"="C:\Windows\system32\nvsvc.dll" [2006-11-22 09:29 90191] "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2006-11-22 09:29 7757824] "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2006-11-22 09:29 81920] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ AutoStart IR.lnk - C:\Program Files\WinTV\Ir.exe [2008-02-21 09:41:11 110647] Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe [2006-12-05 01:46:18 528384] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.mkdmp3enc"= C:\PROGRA~1\ACERAR~1\DVWIZA~1\Kernel\Burner\MKDMP3Enc.ACM [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcerOrbicamRibbon] --a------ 2006-11-20 18:09 754712 C:\Program Files\Acer\OrbiCam10\OrbiCam.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] --a------ 2008-01-11 23:16 39792 C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] --a------ 2008-02-14 01:09 486856 C:\Program Files\DAEMON Tools Lite\daemon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] --a------ 2008-02-22 05:25 144784 C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UacDisableNotify"=dword:00000001 "InternetSettingsDisableNotify"=dword:00000001 "AutoUpdateDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-180004561-2329296961-2839979958-1000] "EnableNotificationsRef"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{616520CB-540E-43D3-B883-D9651CF05361}"= UDP:C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\MCE Deluxe Suite.exe:CyberLink MCE Deluxe Suite "{58BC58A4-FE3F-42D3-81A1-B0978FE134F8}"= TCP:C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\MCE Deluxe Suite.exe:CyberLink MCE Deluxe Suite R0 PSDFilter;PSDFilter;C:\Windows\system32\DRIVERS\psdfilter.sys [2006-11-10 15:10] R0 PSDNServ;PSDNSERVER;C:\Windows\system32\drivers\PSDNServ.sys [2006-11-10 15:21] R0 psdvdisk;psdvdisk;C:\Windows\system32\drivers\psdvdisk.sys [2006-11-08 16:11] R2 eNet Service;eNet Service;C:\Acer\Empowering Technology\eNet\eNet Service.exe [2006-11-20 21:43] R2 EPGService;EPGService;C:\PROGRA~1\WinTV\EPG Services\System\EPGService.exe [2007-09-05 18:46] R2 eSettingsService;eSettings Service;C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2006-11-13 00:13] R2 MobilityService;MobilityService;C:\Acer\Mobility Center\MobilityService.exe [2006-11-24 13:57] R2 WMIService;ePower Service;C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [2006-12-01 10:34] R2 XAudio;XAudio;C:\Windows\system32\DRIVERS\xaudio.sys [2006-08-04 11:39] R3 lv321av;Logitech USB PC Camera (VC0321);C:\Windows\system32\DRIVERS\lv321av.sys [2006-11-20 12:02] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\b57nd60x.sys [2006-11-02 09:30] S3 HauppaugeTVServer;HauppaugeTVServer;C:\PROGRA~1\WinTV\HCWTVS~1.EXE [2007-02-20 16:11] S3 hcw95bda;Hauppauge MOD7700 Tuner Driver;C:\Windows\system32\Drivers\hcw95bda.sys [2007-06-04 20:00] S3 hcw95rc;Hauppauge MOD7700 IR Driver;C:\Windows\system32\DRIVERS\hcw95rc.sys [2007-06-04 20:02] S3 SMSCIRDA;SMSC Infrared Device Driver;C:\Windows\system32\DRIVERS\SMSCirda.sys [2006-10-18 16:44] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ *Newly Created Service* - CATCHME . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' "2008-05-11 21:47:18 C:\Windows\Tasks\GlaryInitialize.job" - C:\Program Files\Glary Utilities\initialize.exe "2008-05-02 18:00:00 C:\Windows\Tasks\Norton Internet Security - Analyse système complète - joelle.job" - C:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exeB/TASK: "2008-05-11 22:05:27 C:\Windows\Tasks\User_Feed_Synchronization-{9382FF5F-2B56-43B3-91C1-2042D738CD8E}.job" - C:\Windows\system32\msfeedssync.exe . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-05-12 00:08:05 Windows 6.0.6001 Service Pack 1 NTFS Balayage processus cachés ... Balayage caché autostart entries ... Balayage des fichiers cachés ... Scan terminé avec succès Les fichiers cachés: 0 ************************************************************************** . Temps d'accomplissement: 2008-05-12 0:09:18 ComboFix-quarantined-files.txt 2008-05-11 22:09:10 Pre-Run: 25,382,617,088 octets libres Post-Run: 25,350,262,784 octets libres 186 --- E O F --- 2008-05-09 10:27:34
  2. jocepa
    heuuuu... comme je le disais dans mon 1er message, je nai pas de cd de sauvegarde de vista qui etait pre installé qd j'ai acheté l'ordi(et l'utilitaire qui me permettrait d'en faire un plante le pc qd j'essaye de l'utilisé) si je te dis ça c'est parceque dans le tuto de combofix ils parlent d'utiliser le cd: "Les utilisateurs de Windows Vista peuvent utiliser leur CD Windows pour démarrer en mode Vista Recovery Environment (Environnement de réparation Vista)." ya aussi tout un topo sur comment faire si on a pas le cd de xp mais je n'ai rien vu pour vista Est ce que je peux utiliser combofix quand meme ??? et sans installer la console de récupération (???)????? désolée d'être ch... avec mes questions mais j'ai peur de planter complètement le pc ...
  3. jocepa
    Bonjour, tout d'abord merci pour la reponse et les explications détaillées j'ai téléchargé DSS, stoppé antivir (par contre j'ai oublié window defender, j'espère que ça n'aura pas d'incidence sur le résultat!) et ça me donne: pour le "main .txt" Deckard's System Scanner v20071014.68 Run by joelle on 2008-05-11 12:41:14 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- Last 5 Restore Point(s) -- 8: 2008-05-10 13:26:50 UTC - RP314 - Point de contrôle planifié 7: 2008-05-09 10:26:16 UTC - RP313 - Windows Update 6: 2008-05-08 14:54:10 UTC - RP312 - Installé Astrocycle 3.7.0.0 5: 2008-05-08 11:52:18 UTC - RP311 - Windows Update 4: 2008-05-04 01:21:49 UTC - RP310 - Point de contrôle planifié -- First Restore Point -- 1: 2008-04-30 07:20:04 UTC - RP307 - Point de contrôle planifié Backed up registry hives. Performed disk cleanup. Total Physical Memory: 1022 MiB (1024 MiB recommended). -- HijackThis (run as joelle.exe) ---------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:42:43, on 11/05/2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\RtHDVCpl.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Launch Manager\LManager.exe C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\Windows\System32\rundll32.exe C:\Windows\ehome\ehmsas.exe C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE C:\Users\joelle\AppData\Local\Temp\RtkBtMnt.exe C:\Windows\system32\wbem\unsecapp.exe C:\Users\joelle\Desktop\dss.exe C:\Windows\system32\conime.exe C:\Users\joelle\Desktop\joelle.exe C:\Windows\system32\SearchFilterHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://edit.europe.yahoo.com/config/mail?....=fr&.src=ym R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/def...://fr.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O1 - Hosts: ::1 localhost O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe" O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [EPGServiceTool] C:\PROGRA~1\WinTV\EPG Services\System\EPGClient.exe O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\RunOnce: [*Restore] C:\Windows\System32\rstrui.exe /runonce O4 - HKCU\..\Run: [?????????] ??????????????e O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [iSUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Global Startup: AutoStart IR.lnk = C:\Program Files\WinTV\Ir.exe O4 - Global Startup: Empowering Technology Launcher.lnk = ? O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O13 - Gopher Prefix: O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://charon888.free.fr/plugins/hardwared...on_2_0_4_13.cab O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe O23 - Service: EPGService - Hauppauge Computer Works - C:\PROGRA~1\WinTV\EPG Services\System\EPGService.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HauppaugeTVServer - Hauppauge Computer Works - C:\PROGRA~1\WinTV\HCWTVS~1.EXE O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe (file missing) O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 7478 bytes -- File Associations ----------------------------------------------------------- All associations okay. -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R0 PSDFilter - c:\windows\system32\drivers\psdfilter.sys <Not Verified; HiTRUST; > R0 PSDNServ (PSDNSERVER) - c:\windows\system32\drivers\psdnserv.sys <Not Verified; HiTRUST; > R0 psdvdisk - c:\windows\system32\drivers\psdvdisk.sys <Not Verified; HiTRUST; > R0 UBHelper - c:\windows\system32\drivers\ubhelper.sys R2 int15 - \??\c:\acer\empowering technology\erecovery\int15.sys R3 NTIDrvr (Upper Class Filter Driver) - c:\windows\system32\drivers\ntidrvr.sys <Not Verified; NewTech Infosystems, Inc.; > -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 AntiVirScheduler (AntiVir PersonalEdition Classic Scheduler) - "c:\program files\avira\antivir personaledition classic\sched.exe" <Not Verified; Avira GmbH; AntiVir Workstation> R2 eLockService (eLock Service) - c:\acer\empowering technology\elock\service\elockserv.exe <Not Verified; Acer Inc.; Acer eLock Management> R2 eNet Service - c:\acer\empowering technology\enet\enet service.exe <Not Verified; Acer Inc.; Acer eNet Management> R2 EPGService - c:\progra~1\wintv\epg services\system\epgservice.exe <Not Verified; Hauppauge Computer Works; EPGService Module> R2 eRecoveryService (eRecovery Service) - c:\acer\empowering technology\erecovery\erecoveryservice.exe <Not Verified; Acer Inc.; eRecoveryService> R2 eSettingsService (eSettings Service) - c:\acer\empowering technology\esettings\service\capuserv.exe <Not Verified; ; Service> R2 MobilityService - c:\acer\mobility center\mobilityservice.exe -p R2 RichVideo (Cyberlink RichVideo Service(CRVS)) - "c:\program files\cyberlink\shared files\richvideo.exe" <Not Verified; ; RichVideo Module> R2 WMIService (ePower Service) - c:\acer\empowering technology\epower\epowersvc.exe <Not Verified; acer; Acer ePower Management> S2 Planificateur LiveUpdate automatique - "c:\program files\symantec\liveupdate\aluschedulersvc.exe" (file missing) S3 HauppaugeTVServer - c:\progra~1\wintv\hcwtvs~1.exe <Not Verified; Hauppauge Computer Works; Hauppauge TV Server> S3 Symantec Core LC - "c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe" (file missing) -- Device Manager: Disabled ---------------------------------------------------- Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Carte Microsoft ISATAP Device ID: ROOT\*ISATAP\0003 Manufacturer: Microsoft Name: Carte Microsoft ISATAP PNP Device ID: ROOT\*ISATAP\0003 Service: tunnel -- Scheduled Tasks ------------------------------------------------------------- 2008-05-11 12:40:24 420 --ah----- C:\Windows\Tasks\User_Feed_Synchronization-{9382FF5F-2B56-43B3-91C1-2042D738CD8E}.job 2008-05-11 12:03:11 314 --a------ C:\Windows\Tasks\GlaryInitialize.job 2008-05-02 20:00:00 526 --a------ C:\Windows\Tasks\Norton Internet Security - Analyse système complète - joelle.job -- Files created between 2008-04-11 and 2008-05-11 ----------------------------- 2008-05-08 16:54:58 0 d-------- C:\Program Files\Astrocycle3 2008-05-08 16:53:10 0 d-------- C:\Windows\Downloaded Installations 2008-05-02 23:10:48 0 d-------- C:\Users\joelle\JOB MER 2008-05-01 15:20:53 0 d-------- C:\Users\joelle\.fltk 2008-04-30 08:44:42 0 d-------- C:\Program Files\CCleaner 2008-04-27 13:14:39 0 d--h----- C:\RD4B335D2AF9F44185AFC417F8D8D4B473DR 2008-04-26 13:24:50 0 d-------- C:\LiberKeyBackup 2008-04-17 18:33:27 0 d-------- C:\Program Files\Glary Utilities -- Find3M Report --------------------------------------------------------------- 2008-05-11 12:40:24 0 d-------- C:\Users\joelle\AppData\Roaming\Mozilla 2008-05-11 12:03:47 13072 --a------ C:\Users\joelle\AppData\Roaming\nvModes.dat 2008-05-11 12:03:45 13072 --a------ C:\Users\joelle\AppData\Roaming\nvModes.001 2008-05-11 11:00:31 12 --a------ C:\Windows\bthservsdp.dat 2008-05-09 09:14:23 0 d-------- C:\Users\joelle\AppData\Roaming\XnView 2008-05-08 02:05:16 0 d-------- C:\Users\joelle\AppData\Roaming\Auslogics 2008-05-07 06:59:46 669578 --a------ C:\Windows\system32\perfh00C.dat 2008-05-07 06:59:46 123556 --a------ C:\Windows\system32\perfc00C.dat 2008-05-05 12:45:11 0 d-------- C:\Users\joelle\AppData\Roaming\dvdcss 2008-05-05 04:23:13 0 d-------- C:\Program Files\FairUse Wizard 2 2008-05-01 21:06:36 0 d-------- C:\Users\joelle\AppData\Roaming\App Launcher Gadget 2008-04-27 10:38:13 0 d-------- C:\Users\joelle\AppData\Roaming\fretsonfire 2008-04-27 01:26:17 0 d-------- C:\Users\joelle\AppData\Roaming\Voca 2008-04-26 18:53:02 0 d-------- C:\Program Files\Common Files 2008-04-23 10:09:18 0 d-------- C:\Program Files\VideoLAN 2008-04-18 00:05:07 0 d-------- C:\Program Files\WinTV 2008-04-17 20:22:31 0 d-------- C:\Users\joelle\AppData\Roaming\Macromedia 2008-04-17 19:04:46 0 d-------- C:\Users\joelle\AppData\Roaming\GlarySoft 2008-04-10 14:20:17 0 d-------- C:\Program Files\SlySoft 2008-04-09 22:46:30 0 d-------- C:\Users\joelle\AppData\Roaming\gtk-2.0 2008-04-09 14:25:25 0 d-------- C:\Program Files\Windows Mail 2008-04-08 13:15:50 0 d-------- C:\Users\joelle\AppData\Roaming\ESBCalc 2008-04-05 05:19:25 0 d-------- C:\Users\joelle\AppData\Roaming\profette 2008-03-26 13:17:12 0 d-------- C:\Program Files\Google 2008-03-26 01:32:27 0 d-------- C:\Program Files\Java 2008-03-26 01:30:14 0 d-------- C:\Program Files\Common Files\Java 2008-03-22 08:59:13 0 d-------- C:\Users\joelle\AppData\Roaming\Adobe 2008-03-19 15:30:44 174 --ahs---- C:\Program Files\desktop.ini 2008-03-19 15:18:46 0 d-------- C:\Program Files\Windows Calendar 2008-03-19 15:18:45 0 d-------- C:\Program Files\Windows Sidebar 2008-03-19 15:18:45 0 d-------- C:\Program Files\Movie Maker 2008-03-19 15:18:40 0 d-------- C:\Program Files\Windows Collaboration 2008-03-19 15:18:39 0 d-------- C:\Program Files\Windows Photo Gallery 2008-03-19 15:18:39 0 d-------- C:\Program Files\Windows Journal 2008-03-19 15:18:28 0 d-------- C:\Program Files\Windows Defender 2008-03-18 08:43:16 0 d-------- C:\Program Files\QuickTime 2008-03-18 08:41:12 0 d-------- C:\Program Files\Apple Software Update 2008-03-13 19:00:01 0 d-------- C:\Users\joelle\AppData\Roaming\Google 2008-03-13 15:27:28 0 d-------- C:\Users\joelle\AppData\Roaming\DAEMON Tools 2008-03-11 08:44:36 0 d-------- C:\Program Files\Anuman Interactive 2008-03-10 23:52:00 131 --a------ C:\autoexec.bat -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" [01/12/2006 07:37 C:\Windows\RtHDVCpl.exe] "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [23/10/2006 05:00] "LManager"="C:\PROGRA~1\LAUNCH~1\LManager.exe" [08/12/2006 14:35] "WarReg_PopUp"="C:\Acer\WR_PopUp\WarReg_PopUp.exe" [05/11/2006 21:48] "LogitechCommunicationsManager"="C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe" [31/10/2006 01:06] "LVCOMSX"="C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe" [20/11/2006 18:04] "eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [17/11/2006 08:26] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [15/04/2008 13:52] "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [11/06/2007 11:25] "EPGServiceTool"="C:\PROGRA~1\WinTV\EPG Services\System\EPGClient.exe" [01/08/2007 05:26] "NvSvc"="C:\Windows\system32\nvsvc.dll" [22/11/2006 09:29] "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [22/11/2006 09:29] "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [22/11/2006 09:29] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "????r"="" [] "?????????"="??????????????e" [] "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [19/01/2008 09:33] "ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [11/08/2005 15:30] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [26/03/2008 10:10] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce] "*Restore"=C:\Windows\System32\rstrui.exe /runonce C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ AutoStart IR.lnk - C:\Program Files\WinTV\Ir.exe [21/02/2008 09:41:11] Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe [05/12/2006 01:46:18] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"=2 (0x2) "EnableUIADesktopToggle"=0 (0x0) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] @="Volume shadow copy" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] @="IEEE 1394 Bus host controllers" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] @="SBP2 IEEE 1394 Devices" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] @="SecurityDevices" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcerOrbicamRibbon] "C:\Program Files\Acer\OrbiCam10\OrbiCam.exe" /hide [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalService nsi lltdsvc SSDPSRV upnphost SCardSvr w32time EventSystem RemoteRegistry WinHttpAutoProxySvc lanmanworkstation TBS SLUINotify THREADORDER fdrespub netprofm fdphost wcncsvc QWAVE Mcx2Svc WebClient SstpSvc LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum bthsvcs BthServ [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] C:\Windows\system32\unregmp2.exe /ShowWMP [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI -- End of Deckard's System Scanner: finished at 2008-05-11 12:45:35 ------------ ------------------------------------------------------------------------------------------------------------------------------------------------- pour l'"extra.txt": Deckard's System Scanner v20071014.68 Extra logfile - please post this as an attachment with your post. -------------------------------------------------------------------------------- -- System Information ---------------------------------------------------------- Microsoft® Windows Vista™ Édition Familiale Premium (build 6001) SP 1.0 Architecture: X86; Language: French CPU 0: Intel® Core2 CPU T5500 @ 1.66GHz Percentage of Memory in Use: 57% Physical Memory (total/avail): 1021.38 MiB / 432.39 MiB Pagefile Memory (total/avail): 2342.07 MiB / 1341.5 MiB Virtual Memory (total/avail): 2047.88 MiB / 1903.87 MiB C: is Fixed (NTFS) - 71.28 GiB total, 23.84 GiB free. D: is Fixed (NTFS) - 70.94 GiB total, 32.73 GiB free. E: is CDROM (No Media) \\.\PHYSICALDRIVE0 - WDC WD1600BEVS-22RST0 ATA Device - 149.05 GiB - 3 partitions \PARTITION0 - Unknown - 6.83 GiB \PARTITION1 (bootable) - MS-DOS V4 Huge - 71.28 GiB - C: \PARTITION2 - Système de fichiers installable - 70.94 GiB - D: -- Security Center ------------------------------------------------------------- AUOptions is scheduled to auto-install. Windows Internal Firewall is enabled. AV: Avira AntiVir PersonalEdition v 7.0.3.160 (Avira GmbH) AS: Avira AntiVir PersonalEdition v 7.0.3.160 (Avira GmbH) AS: AVG Anti-Spyware v7, 5, 1, 43 (GRISOFT s.r.o.) Outdated AS: Windows Defender v1.1.1505.0 (Microsoft Corporation) Disabled [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] -- Environment Variables ------------------------------------------------------- ALLUSERSPROFILE=C:\ProgramData APPDATA=C:\Users\joelle\AppData\Roaming CLASSPATH=C:\PROGRA~1\COMMON~1\ENGLIS~1\mozilla.zip CommonProgramFiles=C:\Program Files\Common Files COMPUTERNAME=PC-DE-QUI ComSpec=C:\Windows\system32\cmd.exe FP_NO_HOST_CHECK=NO HOMEDRIVE=C: HOMEPATH=\Users\joelle LOCALAPPDATA=C:\Users\joelle\AppData\Local LOGONSERVER=\\PC-DE-QUI NUMBER_OF_PROCESSORS=2 OS=Windows_NT Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files\QuickTime\QTSystem\ PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC PROCESSOR_ARCHITECTURE=x86 PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 6, GenuineIntel PROCESSOR_LEVEL=6 PROCESSOR_REVISION=0f06 ProgramData=C:\ProgramData ProgramFiles=C:\Program Files PROMPT=$P$G PUBLIC=C:\Users\Public QTJAVA=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip SystemDrive=C: SystemRoot=C:\Windows TEMP=C:\Users\joelle\AppData\Local\Temp TMP=C:\Users\joelle\AppData\Local\Temp USERDOMAIN=PC-de-qui USERNAME=joelle USERPROFILE=C:\Users\joelle windir=C:\Windows -- User Profiles --------------------------------------------------------------- joelle -- Add/Remove Programs --------------------------------------------------------- --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B145EC69-66F5-11D8-9D75-000129760D75}\setup.exe" -uninstall --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B804C424-B66D-447A-84BD-C6B88C392C3A}\setup.exe" -uninstall --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F79A208D-D929-11D9-9D77-000129760D75}\setup.exe" -uninstall Acer Arcade Deluxe --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}\setup.exe" -uninstall Acer eDataSecurity Management --> C:\Acer\Empowering Technology\eDataSecurity\eDSnstHelper.exe -Operation UNINSTALL Acer eLock Management --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}\setup.exe" -l0x40c -removeonly Acer Empowering Technology --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB6097D9-D722-4987-BD9E-A076E2848EE2}\setup.exe" -l0x40c -removeonly Acer eNet Management --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C06554A1-2C1E-4D20-B613-EE62C79927CC}\setup.exe" -l0x40c -removeonly Acer ePower Management --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58E5844B-7CE2-413D-83D1-99294BF6C74F}\setup.exe" -l0x40c -removeonly Acer ePresentation Management --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BF839132-BD43-4056-ACBF-4377F4A88E2A}\setup.exe" -l0x40c -removeonly Acer eSettings Management --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CE65A9A0-9686-45C6-9098-3C9543A412F0}\setup.exe" -l0x40c -removeonly Acer GridVista --> C:\Windows\UnInst32.exe GridV.UNI Acer Mobility Center Plug-In --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11316260-6666-467B-AC34-183FCB5D4335}\setup.exe" -l0x40c -removeonly Acer OrbiCam Application --> MsiExec.exe /X{0F79C1B2-36B2-4B62-8221-42721CF54638} Acer ScreenSaver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}\setup.exe" -l0x9 -removeonly Acer Tour --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94389919-B0AA-4882-9BE8-9F0B004ECA35}\setup.exe" -l0x40c -removeonly Adobe Flash Player Plugin --> C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 8.1.2 - Français --> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003} Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4} Astrocycle 3.7.0.0 --> MsiExec.exe /X{81A36BE2-5EF5-4BFD-A73C-AD2AFE3BBB80} AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe Avira AntiVir Personal – Free Antivirus --> C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe" Donkey Kong --> C:\Program Files\Donkey Kong\Uninstal.exe DVDFab HD Decrypter 3.2.1.0 --> "C:\Program Files\DVDFab HD Decrypter 3\unins000.exe" EtudBio V3.0.0.408 --> "C:\Program Files\EtudBio\Uninstall.exe" FairUse Wizard 2 --> "C:\Program Files\FairUse Wizard 2\UnInstall_14333.exe" Glary Utilities 2.5.1 --> "C:\Program Files\Glary Utilities\unins000.exe" Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29} Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar2.dll" Hauppauge French Help Files and Resources --> C:\PROGRA~1\WinTV\UNHLPfra.EXE C:\PROGRA~1\WinTV\WTV2Kfra.LOG Hauppauge WinTV --> C:\PROGRA~1\WinTV\UNTV6.EXE C:\PROGRA~1\WinTV\WINTV6.LOG Hauppauge WinTV DVB-T EPG Service --> C:\Windows\System32\UNWISE.EXE C:\Windows\System32\UnEPGService.LOG Hauppauge WinTV Infrared Remote --> C:\PROGRA~1\WinTV\UNir32.EXE C:\PROGRA~1\WinTV\ir32.LOG Hauppauge WinTV Scheduler --> C:\PROGRA~1\WinTV\\SCHEDU~1\uniSCHED.exe C:\PROGRA~1\WinTV\\SCHEDU~1\uniSCHED.log Hauppauge WinTV TV Services --> C:\PROGRA~1\WinTV\uniTvSrv.exe C:\PROGRA~1\WinTV\UniTVSrv.LOG HDAUDIO Soft Data Fax Modem with SmartCP --> C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118\HXFSETUP.EXE -U -IAcrSUN32z.inf HijackThis 2.0.2 --> "C:\Users\joelle\Desktop\HijackThis.exe" /uninstall InterVideo FilterSDK for Hauppauge --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2227E1FA-01F5-483C-AB0E-2A308E900B3D}\setup.exe" REMOVEALL ISO Recorder --> MsiExec.exe /I{39600969-41C3-4658-876E-16F108FC5C92} Jargon Informatique --> C:\Program Files\Jargon Informatique\uninstall.exe Java 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050} KQEMU virtualisation module for QEMU --> RunDll32 setupapi.dll,InstallHinfSection Uninstall 132 %SystemRoot%\inf\kqemu.inf L'essentiel de la Pâtisserie 1.0 --> "c:\Patisserie\setup\uninst.exe" La Marmite du Chef - Recettes --> C:\PROGRA~1\ELJUKY~1\LAMARM~1\UNWISE.EXE C:\PROGRA~1\ELJUKY~1\LAMARM~1\INSTALL.LOG La Marmite du Chef 6.2.1 --> "C:\Program Files\La Marmite du Chef\unins000.exe" Launch Manager --> C:\Windows\UnInst32.exe LManager.UNI Les Océans - Référence --> C:\emme\Oceans_ref\Desinst.exe Lire_CD --> C:\WINDOWS\st6unst.exe -n "d:\Videos\discs pb\ST6UNST.LOG" Magic Reversi 1.51 --> "C:\Program Files\Magic Reversi\unins000.exe" Microsoft Office PowerPoint Viewer 2003 --> MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9} Microsoft Office Word Viewer 2003 --> MsiExec.exe /I{9085040C-6000-11D3-8CFE-0150048383C9} Microsoft Silverlight --> MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7} MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB941833) --> MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF} NTI Backup NOW! 4.7 --> "C:\Program Files\InstallShield Installation Information\{67ADE9AF-5CD9-4089-8825-55DE4B366799}\setup.exe" -removeonly NTI CD & DVD-Maker --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} /l1036 CDM7 NVIDIA Drivers --> C:\Windows\system32\NVUNINST.EXE UninstallGUI Plasma Pong v1.3b --> "C:\Program Files\Plasma Pong\unins000.exe" PowerProducer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.EXE" -uninstall QuickTime --> MsiExec.exe /I{BFD96B89-B769-4CD6-B11E-E79FFD46F067} Realtek High Definition Audio Driver --> RtlUpd.exe -r -m Recettes de cuisine pour les nuls --> "C:\Program Files\Anuman Interactive\Recettes de cuisine pour les nuls\unins000.exe" Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} SMSC Fast Infrared Driver --> C:\Program Files\InstallShield Installation Information\{1AEC7728-1640-4E98-AABC-5EBE3FB57FE4}\setup.exe -runfromtemp -l0x040c -removeonly Solone --> "C:\Program Files\Solone\unins000.exe" Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall System Requirements Lab --> C:\Program Files\SystemRequirementsLab\Uninstall.exe Tarobot (Enlever seulement) --> "C:\Program Files\Tarobot\uninstall.exe" VTPlus32 pour WinTV (French) --> C:\PROGRA~1\vtplus\UNVTplus.exe C:\PROGRA~1\vtplus\VTPlus.LOG XnView 1.91.5 --> "C:\Program Files\XnView\unins000.exe" Xvid 1.1.3 final uninstall --> "C:\Program Files\Xvid\unins000.exe" -- Application Event Log ------------------------------------------------------- Event Record #/Type72042 / Success Event Submitted/Written: 05/11/2008 00:03:05 PM Event ID/Source: 5617 / WinMgmt Event Description: Event Record #/Type72039 / Success Event Submitted/Written: 05/11/2008 00:03:03 PM Event ID/Source: 5615 / WinMgmt Event Description: Event Record #/Type72032 / Success Event Submitted/Written: 05/11/2008 00:02:58 PM Event ID/Source: 902 / Software Licensing Service Event Description: Le service de gestion des licences du logiciel a démarré. Event Record #/Type72024 / Warning Event Submitted/Written: 05/11/2008 11:00:18 AM Event ID/Source: 1530 / profsvc Event Description: Windows a détecté que votre fichier de Registre est toujours utilisé par d'autres applications ou services. Le fichier va être déchargé. Les applications ou services qui ont accès à votre Registre risquent de ne pas fonctionner correctement après cela. DÉTAIL - 1 user registry handles leaked from \Registry\User\S-1-5-21-180004561-2329296961-2839979958-1000_Classes: Process 988 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-180004561-2329296961-2839979958-1000_CLASSES Event Record #/Type72023 / Warning Event Submitted/Written: 05/11/2008 11:00:16 AM Event ID/Source: 1530 / profsvc Event Description: Windows a détecté que votre fichier de Registre est toujours utilisé par d'autres applications ou services. Le fichier va être déchargé. Les applications ou services qui ont accès à votre Registre risquent de ne pas fonctionner correctement après cela. DÉTAIL - 1 user registry handles leaked from \Registry\User\S-1-5-21-180004561-2329296961-2839979958-1000: Process 988 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-180004561-2329296961-2839979958-1000 -- Security Event Log ---------------------------------------------------------- No Errors/Warnings found. -- System Event Log ------------------------------------------------------------ Event Record #/Type329690 / Error Event Submitted/Written: 05/11/2008 00:05:38 PM Event ID/Source: 1002 / Dhcp Event Description: Le bail de l'adresse IP 192.168.1.22 pour la carte réseau dont l'adresse réseau est 0018DED8322E a été refusé par le serveur DHCP 192.168.0.1 (celui-ci a envoyé un message DHCPNACK). Event Record #/Type329689 / Warning Event Submitted/Written: 05/11/2008 00:05:38 PM Event ID/Source: 1003 / Dhcp Event Description: Votre ordinateur n'a pas pu renouveler son adresse à partir du réseau (à partir du serveur DHCP) pour la carte réseau dont l'adresse réseau est 0018DED8322E. Il s'est produit l'erreur suivante : %%2163146757. Votre ordinateur va continuer à essayer d'obtenir sa propre adresse auprès du serveur d'adresse réseau (DHCP). Event Record #/Type329686 / Warning Event Submitted/Written: 05/11/2008 00:05:33 PM Event ID/Source: 1003 / Dhcp Event Description: Votre ordinateur n'a pas pu renouveler son adresse à partir du réseau (à partir du serveur DHCP) pour la carte réseau dont l'adresse réseau est 0018DED8322E. Il s'est produit l'erreur suivante : %%1223. Votre ordinateur va continuer à essayer d'obtenir sa propre adresse auprès du serveur d'adresse réseau (DHCP). Event Record #/Type329684 / Warning Event Submitted/Written: 05/11/2008 00:05:15 PM Event ID/Source: 1003 / Dhcp Event Description: Votre ordinateur n'a pas pu renouveler son adresse à partir du réseau (à partir du serveur DHCP) pour la carte réseau dont l'adresse réseau est 0018DED8322E. Il s'est produit l'erreur suivante : %%121. Votre ordinateur va continuer à essayer d'obtenir sa propre adresse auprès du serveur d'adresse réseau (DHCP). Event Record #/Type329676 / Warning Event Submitted/Written: 05/11/2008 00:04:49 PM Event ID/Source: 1003 / Dhcp Event Description: Votre ordinateur n'a pas pu renouveler son adresse à partir du réseau (à partir du serveur DHCP) pour la carte réseau dont l'adresse réseau est 0018DED8322E. Il s'est produit l'erreur suivante : %%1223. Votre ordinateur va continuer à essayer d'obtenir sa propre adresse auprès du serveur d'adresse réseau (DHCP). -- End of Deckard's System Scanner: finished at 2008-05-11 12:45:35 ------------ ---------------------------------------------------------------------------------------------------------------------------------------------------- ....
×
×
  • Créer...