

James Cash
Membres-
Compteur de contenus
16 -
Inscription
-
Dernière visite
James Cash's Achievements

Junior Member (3/12)
0
Réputation sur la communauté
-
Bonsoir, comme prévu j'ai désinstallé Ravemon et voici le rapport MBAM Pour ce qui est de jc.reg, je ne l'ai pas téléchargé puisque mon problème est bel et bien résolu. Bonne fin de soirée ^^ Malwarebytes' Anti-Malware 1.19 Version de la base de données: 927 Windows 5.1.2600 Service Pack 3 23:11:36 06/07/2008 mbam-log-7-6-2008 (23-11-36).txt Type de recherche: Examen complet (C:\|D:\|) Eléments examinés: 163772 Temps écoulé: 37 minute(s), 16 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 1 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 11 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\IST (Adware.ISTBar) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\SDFix\backups\new_drv.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP923\A0119930.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP925\A0120003.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP926\A0121003.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP926\A0122003.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP926\A0125002.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP926\A0125014.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP926\A0126014.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP926\A0126029.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP927\A0126047.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP927\A0126116.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
-
D'accord, je le ferais demain, ainsi mon ordinateur sera comme neuf Merci. A demain.
-
[Résolu] Mon ordinateur plante : écran bleu - BSOD
James Cash a répondu à un sujet dans Optimisation, Trucs & Astuces
Ca y est, j'ai réinstallé le jeu et il a bien voulu se lancer! C'est grâce à vous Dieu Thorgal et à Monsieur Gof, je vous remercie mille fois pour le temps que vous m'avez consacré, c'est incroyable de voir des gens réellement gentils à notre époque. Ce forum est un bijoux, et ses forumeurs sont des perles. Merci du fond du coeur. Je vous souhaite beaucoup de bonheur dans votre vie. ^^ MERCI. -
Ca marche... J'en ai les larmes aux yeux. Je vous aime!!!!! merci de votre gentillesse, c'est extra-ordinaire de voir ça. Après tant de temps, je vais pouvoir massacrer des gens sur Manhunt ^^ Merci mille fois, je ne sais comment vous remercier, si je peux faire quoi que ce soit dites le moi. Merci, du fond du coeur Je vous souhaite énormément de bonheur. Merci.
-
Effectivement tu as bien vu, je n'ai pas exécuté la manipulation avec FlashDisinfector, étant donné que je n'ai pas support amovible ( disque durs externes ) je n'en ai pas vu l'utilité... J'ai sûrement eu tord. Ravemon.exe m'embête depuis pas mal de temps, il est collant ^^ Je vais faire tout cela demain, merci.
-
Voilà le paquet, attention c'est lourd Main.txt Deckard's System Scanner v20071014.68 Run by david on 2008-07-04 23:05:16 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point. -- Last 5 Restore Point(s) -- 8: 2008-07-04 21:05:20 UTC - RP928 - Deckard's System Scanner Restore Point 7: 2008-07-03 19:02:18 UTC - RP927 - Point de vérification système 6: 2008-07-02 18:39:21 UTC - RP926 - Installé Manhunt 5: 2008-07-02 18:27:28 UTC - RP925 - Supprimé Hitman Blood Money 4: 2008-07-02 18:25:05 UTC - RP924 - Supprimé Manhunt -- First Restore Point -- 1: 2008-07-02 15:39:17 UTC - RP921 - Supprimé PunkBuster pour Battlefield Vietnam Backed up registry hives. Performed disk cleanup. -- HijackThis Clone ------------------------------------------------------------ Emulating logfile of Trend Micro HijackThis v2.0.2 Scan saved at 2008-07-04 23:06:15 Platform: Windows XP Service Pack 3 (5.01.2600) MSIE: Internet Explorer (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\system32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\CCPROXY.EXE C:\Program Files\Fichiers communs\Symantec Shared\CCSETMGR.EXE C:\Program Files\Norton Internet Security\ISSVC.exe C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Fichiers communs\Symantec Shared\CCEVTMGR.EXE C:\WINDOWS\system32\spoolsv.exe C:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe C:\WINDOWS\system32\FTRTSVC.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVAPSVC.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\APPS\Powercinema\Kernel\TV\CLSched.exe C:\WINDOWS\system32\ati2evxx.exe C:\WINDOWS\explorer.exe C:\WINDOWS\SOUNDMAN.EXE C:\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe C:\Program Files\Fichiers communs\Symantec Shared\CCAPP.EXE C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\Monitor.exe C:\APPS\Powercinema\PCMService.exe C:\APPS\ABOARD\ABOARD.EXE C:\WINDOWS\vsnpstd2.exe C:\Program Files\Java\jre1.5.0_02\bin\jucheck.exe C:\APPS\ABOARD\AOSD.EXE C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Wanadoo\TaskBarIcon.exe C:\Program Files\Inventel\Gateway\WLANCFG.EXE C:\Program Files\Mozilla Firefox\firefox.exe D:\Documents and Settings\david\Bureau\dss.exe C:\Program Files\Messenger\msmsgs.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://fr.rd.yahoo.com/customize/ycomp/def.../search/ie.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/def...://fr.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/def...://fr.yahoo.com R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = iexplore R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\fr.htm R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Wanadoo\SearchPageURL.dll R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32" O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe O4 - HKLM\..\Run: [sNPSTD2] C:\WINDOWS\vsnpstd2.exe O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [sDFix] C:\SDFix\RunThis.bat /second O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM= O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\NPJPI150_02.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\NPJPI150_02.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shock...ash/swflash.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O18 - Protocol: CDS300 - {AD43AA67-6860-4531-AC8A-0E68F9CF023E} - E:\Player\__CDS2.dll (file missing) O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\ati2evxx.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCEVTMGR.EXE O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPROXY.EXE O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPWDSVC.EXE O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCSETMGR.EXE O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\APPS\Powercinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\system32\FTRTSVC.exe O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: ISSVC - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe O23 - Service: MysqlInventime - Unknown owner - C:\APPS\Inventime\mysql\bin\mysqld-nt.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVAPSVC.EXE O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVSCAN.EXE O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\WLANCFG.EXE -- End of file - 11906 bytes -- File Associations ----------------------------------------------------------- .cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%* .cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%* -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R0 sfdrv01 (StarForce Protection Environment Driver (version 1.x)) - c:\windows\system32\drivers\sfdrv01.sys <Not Verified; Protection Technology; StarForce Protection System> R0 sfhlp02 (StarForce Protection Helper Driver (version 2.x)) - c:\windows\system32\drivers\sfhlp02.sys <Not Verified; Protection Technology; StarForce Protection System> R0 sfvfs02 (StarForce Protection VFS Driver (version 2.x)) - c:\windows\system32\drivers\sfvfs02.sys <Not Verified; Protection Technology; StarForce Protection System> R2 atksgt - c:\windows\system32\drivers\atksgt.sys R2 lirsgt - c:\windows\system32\drivers\lirsgt.sys R3 PCANDIS5 (PCANDIS5 NDIS Protocol Driver) - c:\windows\system32\pcandis5.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows> S3 47f3de3c-b47d-42c4-b156-06529d26a8ef - e:\player\cds300.dll (file missing) S3 btaudio (Périphérique audio Bluetooth) - c:\windows\system32\drivers\btaudio.sys (file missing) S3 BTDriver (Pilote de communications virtuelles Bluetooth) - c:\windows\system32\drivers\btport.sys (file missing) S3 BTKRNL (Enumérateur de bus Bluetooth) - c:\windows\system32\drivers\btkrnl.sys (file missing) S3 BTWUSB (WIDCOMM USB Bluetooth Driver) - c:\windows\system32\drivers\btwusb.sys (file missing) S3 catchme - d:\docume~1\david\locals~1\temp\catchme.sys (file missing) S3 cdrmkaun - d:\docume~1\david\locals~1\temp\cdrmkaun.sys (file missing) S3 PCAMPR5 (PCAMPR5 NDIS Protocol Driver) - c:\windows\system32\pcampr5.sys (file missing) S3 wanatw (WAN Miniport (ATW)) - c:\windows\system32\drivers\wanatw4.sys (file missing) -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 CLCapSvc (CyberLink Background Capture Service (CBCS)) - "c:\apps\powercinema\kernel\tv\clcapsvc.exe" <Not Verified; ; CLCapSvc Module> R2 CLSched (CyberLink Task Scheduler (CTS)) - "c:\apps\powercinema\kernel\tv\clsched.exe" <Not Verified; ; CLSched Module> R2 CyberLink Media Library Service - "c:\program files\cyberlink\shared files\clml_ntservice\clmlserver.exe" <Not Verified; Cyberlink; Cyberlink Media Library Server> R2 FTRTSVC (France Telecom Routing Table Service) - c:\windows\system32\ftrtsvc.exe <Not Verified; France Telecom; FTRTSVC NT Service> S2 GenericHidService (Generic Service for HID Keyboard Input Collections) - c:\apps\hidservice\hidservice.exe (file missing) S2 Wlancfg (Service de lancement de WlanCfg) - c:\program files\inventel\gateway\wlancfg.exe svc <Not Verified; Inventel; Application WLANCfg> S3 MysqlInventime - c:\apps\invent~1\mysql\bin\mysqld-nt --defaults-file=c:\apps\inventime\mysql\my.ini mysqlinventime -- Device Manager: Disabled ---------------------------------------------------- No disabled devices found. -- Scheduled Tasks ------------------------------------------------------------- 2008-07-04 21:19:35 364 --a------ C:\WINDOWS\Tasks\Symantec NetDetect.job 2008-07-04 19:30:00 238 --a------ C:\WINDOWS\Tasks\HDReg.job -- Files created between 2008-06-04 and 2008-07-04 ----------------------------- 2008-07-04 23:04:38 0 d-------- D:\Deckard 2008-07-04 04:24:29 0 d-------- C:\WINDOWS\ERUNT 2008-07-03 12:37:02 0 d-------- D:\Documents and Settings\david\Application Data\Auslogics 2008-07-03 12:36:49 0 d-------- C:\Program Files\Auslogics 2008-07-02 23:54:53 0 dr-h----- D:\Documents and Settings\david\Recent 2008-07-02 23:39:17 0 d-------- C:\Program Files\CCleaner 2008-07-02 18:00:33 43520 --a------ C:\WINDOWS\system32\CmdLineExt03.dll 2008-07-01 00:00:26 0 d-------- C:\WINDOWS\Prefetch 2008-06-30 23:51:25 0 d-------- C:\WINDOWS\system32\fr-fr 2008-06-30 23:51:24 0 d-------- C:\WINDOWS\l2schemas 2008-06-30 23:51:23 0 d-------- C:\WINDOWS\system32\fr 2008-06-30 23:51:23 0 d-------- C:\WINDOWS\system32\bits 2008-06-30 23:49:23 0 d-------- C:\WINDOWS\ServicePackFiles 2008-06-30 23:47:16 0 d-------- C:\WINDOWS\network diagnostic 2008-06-30 23:44:42 0 d-------- C:\WINDOWS\EHome 2008-06-30 23:12:12 372736 --a------ C:\WINDOWS\system\mss32.dll 2008-06-30 23:03:28 0 d-------- C:\Program Files\Managed DirectX (0901) 2008-06-30 12:22:38 0 d-------- D:\Documents and Settings\david\Application Data\SystemRequirementsLab 2008-06-30 12:21:25 0 d-------- C:\Program Files\SystemRequirementsLab 2008-06-30 11:48:20 643072 --a------ D:\Documents and Settings\NetworkService.AUTORITE NT.010\ntuser.dat 2008-06-30 11:48:20 643072 --a------ D:\Documents and Settings\LocalService.AUTORITE NT.010\ntuser.dat 2008-06-30 11:48:20 7077888 --a------ D:\Documents and Settings\david\ntuser.dat 2008-06-26 03:12:13 0 d---s---- D:\Documents and Settings\LocalService.AUTORITE NT.010\Application Data\Microsoft 2008-06-26 03:12:12 0 d--h----- D:\Documents and Settings\LocalService.AUTORITE NT.010\Local Settings 2008-06-26 03:12:12 0 d---s---- D:\Documents and Settings\LocalService.AUTORITE NT.010\Cookies 2008-06-26 03:12:12 0 d-------- D:\Documents and Settings\LocalService.AUTORITE NT.010\Application Data 2008-06-26 03:12:07 0 d---s---- D:\Documents and Settings\NetworkService.AUTORITE NT.010\Cookies 2008-06-26 03:12:07 0 d-------- D:\Documents and Settings\NetworkService.AUTORITE NT.010\Application Data 2008-06-26 03:12:07 0 d---s---- D:\Documents and Settings\NetworkService.AUTORITE NT.010\Application Data\Microsoft 2008-06-26 03:12:06 0 d--h----- D:\Documents and Settings\NetworkService.AUTORITE NT.010\Local Settings 2008-06-26 01:38:16 0 d-------- C:\Program Files\RADVideo 2008-06-25 23:55:51 786432 --ah----- D:\Documents and Settings\LocalService.AUTORITE NT.009\NTUSER.DAT 2008-06-25 23:55:51 0 d-------- D:\Documents and Settings\LocalService.AUTORITE NT.009\Local Settings 2008-06-25 23:55:51 0 d-------- D:\Documents and Settings\LocalService.AUTORITE NT.009\Cookies 2008-06-25 23:55:51 0 d-------- D:\Documents and Settings\LocalService.AUTORITE NT.009\Application Data 2008-06-25 23:55:51 0 d-------- D:\Documents and Settings\LocalService.AUTORITE NT.009\Application Data\Microsoft 2008-06-25 23:55:46 0 d-------- D:\Documents and Settings\NetworkService.AUTORITE NT.009\Cookies 2008-06-25 23:55:46 0 d-------- D:\Documents and Settings\NetworkService.AUTORITE NT.009\Application Data 2008-06-25 23:55:46 0 d-------- D:\Documents and Settings\NetworkService.AUTORITE NT.009\Application Data\Microsoft 2008-06-25 23:55:45 0 d-------- D:\Documents and Settings\NetworkService.AUTORITE NT.009\Local Settings 2008-06-25 23:55:44 786432 --ah----- D:\Documents and Settings\NetworkService.AUTORITE NT.009\NTUSER.DAT 2008-06-24 17:41:56 3514318 --a------ C:\WINDOWS\RavMonE.exe 2008-06-08 18:47:16 0 d-------- D:\Documents and Settings\Famille\Application Data\Talkback 2008-06-08 18:47:08 0 d-------- D:\Documents and Settings\Famille\Application Data\Mozilla -- Find3M Report --------------------------------------------------------------- 2008-07-04 19:01:52 0 d-------- C:\Program Files\Wanadoo 2008-07-04 19:01:40 0 d-------- C:\Program Files\Fichiers communs 2008-07-03 13:57:26 0 d-------- C:\Program Files\Fichiers communs\Symantec Shared 2008-07-02 20:39:23 0 d-------- C:\Program Files\Rockstar Games 2008-07-02 17:40:41 0 d-------- C:\Program Files\Ubisoft 2008-07-02 17:39:32 0 d--h----- C:\Program Files\InstallShield Installation Information 2008-07-02 17:17:33 98304 --a------ C:\WINDOWS\system32\CmdLineExt.dll <Not Verified; Sony DADC Austria AG.; > 2008-07-01 23:35:08 0 d-------- C:\Program Files\Microsoft Games 2008-07-01 00:02:05 445434 --a------ C:\WINDOWS\system32\perfh00C.dat 2008-07-01 00:02:05 63854 --a------ C:\WINDOWS\system32\perfc00C.dat 2008-06-30 23:51:43 0 d-------- C:\Program Files\Messenger 2008-06-30 23:51:23 0 d-------- C:\Program Files\Movie Maker 2008-06-30 23:49:07 0 d-------- C:\Program Files\Windows NT 2008-06-30 12:21:56 0 d-------- C:\Program Files\Postal2STP 2008-06-30 12:21:55 0 d-------- C:\Program Files\Eidos Interactive 2008-06-30 12:21:01 0 d-------- C:\Program Files\EA GAMES 2008-06-29 21:36:01 0 d-------- C:\Program Files\eMule 2008-06-06 21:52:06 549 --a------ C:\WINDOWS\eReg.dat -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [05/08/2004 14:00] "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [05/08/2004 14:00] "SoundMan"="SOUNDMAN.EXE" [17/05/2005 18:48 C:\WINDOWS\SOUNDMAN.EXE] "ATIPTA"="C:\ATI Technologies\ATI Control Panel\atiptaxx.exe" [22/03/2005 21:05] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe" [04/03/2005 03:36] "ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [12/04/2005 14:39] "Ulead AutoDetector v2"="C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe" [26/11/2004 11:43] "PCMService"="c:\Apps\Powercinema\PCMService.exe" [11/05/2005 13:48] "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [05/08/2004 14:00] "ACTIVBOARD"="c:\apps\ABoard\ABoard.exe" [02/05/2003 11:31] "SNPSTD2"="C:\WINDOWS\vsnpstd2.exe" [30/08/2004 16:37] "Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [05/01/2006 15:46] "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [16/10/2005 03:13] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [16/10/2005 03:08] "BluetoothAuthenticationAgent"="bthprops.cpl" [13/04/2008 19:34 C:\WINDOWS\system32\bthprops.cpl] "WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [23/08/2004 15:49] "WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [14/10/2004 17:55] "SDFix"="C:\SDFix\RunThis.bat /second" [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [23/08/2004 15:50] "msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [18/10/2007 12:34] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy] C:\WINDOWS\System32\dimsntfy.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] @="Volume shadow copy" [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs BthServ eapsvcs eaphost dot3svc dot3svc HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs napagent hkmsvc [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E] AutoRun\command- E:\LaunchBFII.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0a7f76e4-89b5-11da-affa-0013d38dc8cc}] Auto\command- K:\RavMonE.exe e AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1d4a10f6-0a75-11db-b122-0013d38dc8cc}] Auto\command- RavMonE.exe e AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4a73c222-9aef-11da-b021-0013d38dc8cc}] Auto\command- J:\RavMonE.exe e AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{59bff6d2-7896-11da-afbd-00073aa8e5f4}] Auto\command- J:\RavMonE.exe e AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bbc76fe2-66af-11db-b1fa-0013d38dc8cc}] Auto\command- J:\RavMonE.exe e AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{edba987d-69b2-11da-afa4-00038a000015}] Auto\command- J:\RavMonE.exe e AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e -- End of Deckard's System Scanner: finished at 2008-07-04 23:08:05 ------------ ________________________________________________________________________________ ___________________ Extra.txt Deckard's System Scanner v20071014.68 Extra logfile - please post this as an attachment with your post. -------------------------------------------------------------------------------- -- System Information ---------------------------------------------------------- Microsoft Windows XP Édition familiale (build 2600) SP 3.0 Architecture: X86; Language: French CPU 0: AMD Athlon 64 Processor 3400+ Percentage of Memory in Use: 49% Physical Memory (total/avail): 1023.36 MiB / 517.21 MiB Pagefile Memory (total/avail): 2459.52 MiB / 2072.72 MiB Virtual Memory (total/avail): 2047.88 MiB / 1909.05 MiB C: is Fixed (NTFS) - 29.99 GiB total, 5.37 GiB free. D: is Fixed (NTFS) - 150.3 GiB total, 132.7 GiB free. E: is CDROM (No Media) F: is Removable (No Media) G: is Removable (No Media) H: is Removable (No Media) I: is Removable (No Media) \\.\PHYSICALDRIVE0 - ST3200826AS - 186.31 GiB - 3 partitions \PARTITION0 - Unknown - 6.01 GiB \PARTITION1 (bootable) - Système de fichiers installable - 29.99 GiB - C: \PARTITION2 - Système de fichiers installable - 150.3 GiB - D: \\.\PHYSICALDRIVE2 - Generic USB CF Reader USB Device \\.\PHYSICALDRIVE4 - Generic USB MS Reader USB Device \\.\PHYSICALDRIVE1 - Generic USB SD Reader USB Device \\.\PHYSICALDRIVE3 - Generic USB SM Reader USB Device -- Security Center ------------------------------------------------------------- AUOptions is scheduled to auto-install. -- Environment Variables ------------------------------------------------------- ALLUSERSPROFILE=D:\Documents and Settings\All Users APPDATA=D:\Documents and Settings\david\Application Data CommonProgramFiles=C:\Program Files\Fichiers communs COMPUTERNAME=SN049141620364 ComSpec=C:\WINDOWS\system32\cmd.exe FP_NO_HOST_CHECK=NO HOMEDRIVE=D: HOMEPATH=\Documents and Settings\david LOGONSERVER=\\SN049141620364 NUMBER_OF_PROCESSORS=1 OS=Windows_NT Path=C:\Program Files\Mozilla Firefox;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\ATI Technologies\ATI Control Panel;C:\Program Files\Fichiers communs\Ulead Systems\MPEG;C:\PROGRA~1\FICHIE~1\SONICS~1\ PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH PROCESSOR_ARCHITECTURE=x86 PROCESSOR_IDENTIFIER=x86 Family 15 Model 47 Stepping 2, AuthenticAMD PROCESSOR_LEVEL=15 PROCESSOR_REVISION=2f02 ProgramFiles=C:\Program Files PROMPT=$P$G SESSIONNAME=Console SystemDrive=C: SystemRoot=C:\WINDOWS TEMP=D:\DOCUME~1\david\LOCALS~1\Temp TMP=D:\DOCUME~1\david\LOCALS~1\Temp USERDOMAIN=SN049141620364 USERNAME=david USERPROFILE=D:\Documents and Settings\david windir=C:\WINDOWS -- User Profiles --------------------------------------------------------------- david (admin) Famille -- Add/Remove Programs --------------------------------------------------------- --> "c:\apps\skype\phone\unins000.exe" --> C:\PROGRA~1\Norman\NORMAN~1\UNWISE.EXE C:\PROGRA~1\Norman\NORMAN~1\INSTALL.LOG --> C:\Program Files\Fichiers communs\AOL\Screensaver\uninst_ygpss.exe --> C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 --> C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 --> C:\Program Files\Fichiers communs\Symantec Shared\LiveReg\VCSetup.exe /REMOVE --> C:\Program Files\Fichiers communs\Symantec Shared\SymSetup\{A93C9E60-29B6-49da-BA21-F70AC6AADE20}.exe /X --> C:\Program Files\Learn2.com\StRunner\stuninst.exe --> C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U --> C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u --> C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu --> C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19} --> C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log --> msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} --> MsiExec.exe /I{8B543A39-9401-44F4-B572-069E64C15189} --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe" --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\Setup.EXE" -uninstall --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F9CFBD8-8F77-4DCD-8CB5-CDD5F653C872}\setup.exe" -l0x40c --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4F1DA6BF-3614-48A1-9970-9E90F646789E}\setup.exe" -l0x40c --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5A065EA0-0EEC-4E94-A2A0-40812576C122}\setup.exe" -l0x40c --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5AFA4872-16B2-419E-ADCA-8E96E739115D}\setup.exe" -l0x40c --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0x40c --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0A32C786-85DE-48F8-9E54-848B3E34A90C}\setup.exe" -l0x40c -removeonly --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf 7-Zip 4.57 --> MsiExec.exe /I{23170F69-40C1-2701-0457-000001000000} 802.11 USB Wireless LAN Adapter --> C:\WINDOWS\system32\unwlsdrv.exe SiS163u Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Reader 7.0 - Français --> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70000000000} Adobe Shockwave Player --> C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log Assistant de connexion Windows Live --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986} AusLogics Disk Defrag --> "C:\Program Files\Auslogics\AusLogics Disk Defrag\unins000.exe" Beyond Good & Evil --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6BF81CE7-3D5A-497F-8912-2A65A0253E1B}\setup.exe" -l0x40c Bink and Smacker --> C:\PROGRA~1\RADVideo\UNWISE.EXE C:\PROGRA~1\RADVideo\INSTALL.LOG CC_ccProxyExt --> MsiExec.exe /I{DA42FDCA-7C5A-43EF-9A05-CCE148ADF919} ccCommon --> MsiExec.exe /I{DC367608-64A7-4BF7-92F4-8BAA25BA02DB} CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe" ccPxyCore --> MsiExec.exe /I{FC08587A-4F01-4188-819F-F55880022917} Codeur Windows Media Série 9 --> MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} Correctif pour Lecteur Windows Media 11 (KB939683) --> "C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe" Dark Project : La Guilde des Voleurs --> C:\WINDOWS\IsUn040c.exe -f"C:\Dark Project\thiefalphaIIu.log" DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN EAX Unified --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Creative\EAX Unified\Uninst.isu" eMule --> "C:\Program Files\eMule\Uninstall.exe" EPSON Attach To Email --> C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{20C45B32-5AB6-46A4-94EF-58950CAF05E5} /l1033 ADDREMOVEDLG EPSON Copy Utility 3 --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\SETUP.EXE" -l0x40c -UnInstall EPSON Easy Photo Print --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5DA7BC15-18D3-41A0-9F59-838DA3EAEF17}\SETUP.EXE" -l0x40c UNINST EPSON File Manager --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E86BC406-944E-41F6-ADE6-2C136734C96B}\Setup.exe" -l0x40c UNINST EPSON Image Clip Palette --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{314F6D08-A8B7-11D8-8446-0050BA1D384D}\Setup.exe" -l0x40c -u EPSON Logiciel imprimante --> C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R EPSON Scan --> C:\Program Files\epson\escndv\setup\setup.exe /r EPSON Scan Assistant --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}\Setup.exe" -l0x40c -u EPSON Web-To-Page --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}\SETUP.EXE" -l0x40c -anything ESDX3800 Guide d'utilisation --> C:\Program Files\EPSON\TPMANUAL\ESDX3800\USE_G\DOCUNINS.EXE GameShadow --> MsiExec.exe /I{F7C1C17E-70E3-475F-BD52-EA554391F15D} Google Earth --> MsiExec.exe /I{407B9B5C-DAC5-4F44-A756-B57CAB4E6A8B} GUILD WARS --> "C:\Program Files\GUILD WARS\Gw.exe" -uninstall HijackThis 2.0.2 --> "D:\DOCUME~1\david\LOCALS~1\Temp\Répertoire temporaire 1 pour HiJackThis.zip\HijackThis.exe" /uninstall Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" InterActual Player --> C:\Program Files\InterActual\InterActual Player\inuninst.exe J2SE Runtime Environment 5.0 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150020} Les Sims Superstar --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1A7F8DF6-5A3E-4CDF-BC82-BE26B407E21B}\setup.exe" -l040c Macromedia Flash Player 8 --> RunDll32 advpack.dll,LaunchINFSection \swflash.inf,DefaultUninstall,5 Macromedia Shockwave Player --> MsiExec.exe /X{7D1D6A24-65D4-454C-8815-4F08A5FFF12C} Manhunt --> MsiExec.exe /X{8A62C8DA-2DB7-4D94-B5BA-1D38FC36E830} MAX-FX Tools --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7299E7F8-6921-4588-9A83-9BB7B867706F}\setup.exe" Messenger Plus! Live --> "C:\Program Files\Messenger Plus! Live\Uninstall.exe" Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565) --> "C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734) --> "C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782) --> "C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782) --> "C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Step by Step Interactive Training (KB898458) --> "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe" Mise à jour de sécurité pour Step by Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941569) --> "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950759) --> "C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950760) --> "C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950762) --> "C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376-v2) --> "C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376) --> "C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951698) --> "C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Mozilla Firefox (2.0.0.15) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSN --> C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP MSRedist --> MsiExec.exe /I{B7C61755-DB48-4003-948F-3D34DB8EAF69} Norton AntiSpam --> MsiExec.exe /I{3B29A786-5803-4e9e-9B58-3014A5B4E519} Norton AntiSpam --> MsiExec.exe /I{5677563D-0CB1-485f-9E18-C5025306BB3F} Norton AntiVirus 2005 --> MsiExec.exe /X{C6F5B6CF-609C-428E-876F-CA83176C021B} Norton Internet Security --> MsiExec.exe /I{12E2B9E9-05B1-407d-B0FD-B5F350535125} Norton Internet Security --> MsiExec.exe /I{449F3A9E-9903-4a0d-A209-08030D45A935} Norton Internet Security --> MsiExec.exe /I{48185814-A224-447a-81DA-71BD20580E1B} Norton Internet Security --> MsiExec.exe /I{526AD5DC-CFC4-4f2a-8442-C84CC91D6C7F} Norton Internet Security --> MsiExec.exe /I{A93C9E60-29B6-49da-BA21-F70AC6AADE20} Norton Internet Security --> MsiExec.exe /I{C9D599E1-6B68-4a1f-8A4F-A1DB433DB1BF} Norton Internet Security --> MsiExec.exe /I{E3EFA461-EB83-4C3B-9C47-2C1D58A01555} Norton Internet Security --> MsiExec.exe /I{E5EE9939-259F-4DE2-8023-5C49E16A4F43} Norton Internet Security --> MsiExec.exe /I{FC2C0536-583C-46c0-844A-62CECAE01F22} Norton WMI Update --> MsiExec.exe /X{E85FA9A1-C241-4698-893B-DD99509B8DB0} Norton WMI Update --> MsiExec.exe /X{F64306A5-4C32-41bb-B153-53986527FAB4} OpenAL --> "C:\Program Files\OpenAL\OpenALwEAX.exe" /U Outil de connexion Wanadoo --> C:\PROGRA~1\Wanadoo\MessageDesinstallation.exe Wanadoo PIF DESIGNER --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B90450DF-E781-46FD-B1F1-0C86DA40E443}\SETUP.EXE" -l0x40c anything Realtek AC'97 Audio --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\Setup.exe" -l0x40c REMOVE -removeonly Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Sonic MyDVD --> MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29} Sonic RecordNow! --> MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19} SPBBC --> MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56} Star Wars Battlefront II --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3D374523-CFDE-461A-827E-2A102E2AB365}\Setup.exe" -l0x40c -removeonly SymNet --> MsiExec.exe /I{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2} System Requirements Lab --> C:\Program Files\SystemRequirementsLab\Uninstall.exe Wanadoo Messager --> C:\PROGRA~1\WANADO~1\UNWISE.EXE C:\PROGRA~1\WANADO~1\INSTALL.LOG Windows Live installer --> MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390} Windows Live Messenger --> MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65} Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows XP Service Pack 3 --> "C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" Xvid 1.1.2 final uninstall --> "C:\Program Files\XviD\unins001.exe" Yahoo! Install Manager --> C:\WINDOWS\system32\regsvr32 /u C:\WINDOWS\cache\YINSTH~1.DLL Yahoo! Toolbar --> C:\PROGRA~1\Yahoo!\Common\unyt.exe -- Application Event Log ------------------------------------------------------- Event Record #/Type28254 / Error Event Submitted/Written: 07/03/2008 10:23:43 PM Event ID/Source: 1000 / Application Error Event Description: Application défaillante iexplore.exe, version 6.0.2900.5512, module défaillant unknown, version 0.0.0.0, adresse de défaillance 0x0024261a. Traitement de l'événement propre au support pour [iexplore.exe!ws!] Event Record #/Type28193 / Error Event Submitted/Written: 07/03/2008 00:25:45 AM Event ID/Source: 1000 / Windows Live Messenger Event Description: msnmsgr.exe8.5.1302.10184717a53bunknown0.0.0.0000000000b4402fa7 Event Record #/Type28192 / Error Event Submitted/Written: 07/02/2008 11:44:00 PM Event ID/Source: 1002 / Application Hang Event Description: Application bloquée ccsetup208.exe, version 2.0.0.0, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000. Event Record #/Type28106 / Error Event Submitted/Written: 07/02/2008 02:19:32 AM Event ID/Source: 1000 / Application Error Event Description: Application défaillante iexplore.exe, version 6.0.2900.5512, module défaillant unknown, version 0.0.0.0, adresse de défaillance 0x00141317. Traitement de l'événement propre au support pour [iexplore.exe!ws!] Event Record #/Type28075 / Error Event Submitted/Written: 07/02/2008 00:14:27 AM Event ID/Source: 1000 / Application Error Event Description: Application défaillante iexplore.exe, version 6.0.2900.5512, module défaillant unknown, version 0.0.0.0, adresse de défaillance 0x001a261a. Traitement de l'événement propre au support pour [iexplore.exe!ws!] -- Security Event Log ---------------------------------------------------------- No Errors/Warnings found. -- System Event Log ------------------------------------------------------------ Event Record #/Type58366 / Warning Event Submitted/Written: 07/04/2008 09:54:55 PM Event ID/Source: 1006 / Dhcp Event Description: Votre ordinateur n'a pas pu configurer automatiquement les paramètres IP pour la carte avec l'adresse réseau 00032F3F86B7. Il s'est produit l'erreur suivante pendant la configuration : %%55. Event Record #/Type58365 / Warning Event Submitted/Written: 07/04/2008 09:54:55 PM Event ID/Source: 1003 / Dhcp Event Description: Votre ordinateur n'a pas pu renouveler son adresse à partir du réseau (à partir du serveur DHCP) pour la carte réseau dont l'adresse réseau est 00032F3F86B7. Il s'est produit l'erreur suivante : %%10038. Votre ordinateur va continuer à essayer d'obtenir sa propre adresse auprès du serveur d'adresse réseau (DHCP). Event Record #/Type58364 / Warning Event Submitted/Written: 07/04/2008 09:54:55 PM Event ID/Source: 1003 / Dhcp Event Description: Votre ordinateur n'a pas pu renouveler son adresse à partir du réseau (à partir du serveur DHCP) pour la carte réseau dont l'adresse réseau est 00032F3F86B7. Il s'est produit l'erreur suivante : %%1223. Votre ordinateur va continuer à essayer d'obtenir sa propre adresse auprès du serveur d'adresse réseau (DHCP). Event Record #/Type58363 / Warning Event Submitted/Written: 07/04/2008 09:54:49 PM Event ID/Source: 1003 / Dhcp Event Description: Votre ordinateur n'a pas pu renouveler son adresse à partir du réseau (à partir du serveur DHCP) pour la carte réseau dont l'adresse réseau est 00032F3F86B7. Il s'est produit l'erreur suivante : %%1223. Votre ordinateur va continuer à essayer d'obtenir sa propre adresse auprès du serveur d'adresse réseau (DHCP). Event Record #/Type58362 / Error Event Submitted/Written: 07/04/2008 09:54:46 PM Event ID/Source: 7000 / Service Control Manager Event Description: Le service PCAMPR5 NDIS Protocol Driver n'a pas pu démarrer en raison de l'erreur : %%2 -- End of Deckard's System Scanner: finished at 2008-07-04 23:08:05 ------------
-
Juste, je me demandais, tous ces outils téléchargés ne prennent-ils pas trop de place dans le PC?
-
D'accord, si j'ai bien compris je fais le bilan complet de l'appareil ^^ Je suis allé chercher le disque XP mais je me suis aperçu que je n'en avais pas; pour la "réparation", faudra que je trouve autre chose. Alors je m'occupe de ce que vous demandez, je reviens avec le rapport. Merci.
-
Merci pour tout ces conseils. Je voudrais vous exposer mon véritable problème, pour mieux cibler la chose : http://forum.zebulon.fr/probleme-de-planta...eu-t147325.html
-
Non, il n'y a pas eu d'alerte, et concernant le fichier C:\SDFix\RunThis.bat /second, je ne trouve pas l'accès, quand je clique sur Runthis un écran noir s'affiche pour executer quelque chose...
-
Salut Gof, je joins à ce post le second rapport Hijackthis. Pour ce qui est du Report.txt, c'est le seul que j'ai dans le dossier SDFIX... Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:52:03, on 04/07/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Norton Internet Security\ISSVC.exe C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe C:\WINDOWS\System32\FTRTSVC.exe C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Inventel\Gateway\wlancfg.exe c:\APPS\Powercinema\Kernel\TV\CLSched.exe C:\WINDOWS\SOUNDMAN.EXE C:\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe C:\Apps\Powercinema\PCMService.exe C:\apps\ABoard\ABoard.exe C:\WINDOWS\vsnpstd2.exe C:\apps\ABoard\AOSD.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe D:\DOCUME~1\david\LOCALS~1\Temp\Répertoire temporaire 3 pour HiJackThis.zip\HijackThis.exe C:\Program Files\Messenger\msmsgs.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://fr.rd.yahoo.com/customize/ycomp/def.../search/ie.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/def...://fr.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\fr.htm R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/def...://fr.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32" O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe O4 - HKLM\..\Run: [sNPSTD2] C:\WINDOWS\vsnpstd2.exe O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [sDFix] C:\SDFix\RunThis.bat /second O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM= O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O18 - Protocol: CDS300 - {AD43AA67-6860-4531-AC8A-0E68F9CF023E} - E:\Player\__CDS2.dll (file missing) O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe O23 - Service: MysqlInventime - Unknown owner - C:\Apps\INVENT~1\mysql\bin\mysqld-nt.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe -- End of file - 11475 bytes Merci bien.
-
Voilà, cela est réglé SDFix: Version 1.201 Run by david on 04/07/2008 at 04:29 Microsoft Windows XP [version 5.1.2600] Running From: C:\SDFix Checking Services : Name : msupdate new_drv Path : c:\windows\system32\msvcrtd.exe \??\C:\WINDOWS\new_drv.sys msupdate - Deleted new_drv - Deleted Restoring Default Security Values Restoring Default Hosts File
-
Ok chef, je m'y attèle; la conspiration ne m'aura pas. Merci, bonne fin de soirée.
-
C'est gentil de m'aider, seulement est-ce que vous voyez quelque chose qui pourrait avoir un rapport avec la mémoire-vive de mon PC?
-
[Résolu] Mon ordinateur plante : écran bleu - BSOD
James Cash a répondu à un sujet dans Optimisation, Trucs & Astuces
Bonsoir, j'ai posté comme vous me le demandiez mon rapport de scan sur le système. Demain soir, je pense aller chercher le CD de Windows XP afin de "réparer" ce qui cloche... Merci, je vous tiens au courant.