RESOLU:pc rame au demarrage

[bibifricotin]

Bonjour Falkra et merci pour tes conseils.

Ci-dessous les rapports demandés

-rapport main.text:

Deckard's System Scanner v20071014.68

Run by philippe on 2008-06-25 07:41:48

Computer is in Normal Mode.

--------------------------------------------------------------------------------

 

-- System Restore --------------------------------------------------------------

 

Successfully created a Deckard's System Scanner Restore Point.

 

 

-- Last 5 Restore Point(s) --

11: 2008-06-25 05:41:52 UTC - RP286 - Deckard's System Scanner Restore Point

10: 2008-06-24 10:15:56 UTC - RP285 - Removed Windows Defender

9: 2008-06-23 14:05:01 UTC - RP284 - Point de vérification système

8: 2008-06-22 12:43:00 UTC - RP283 - Installé Java 6 Update 6

7: 2008-06-21 13:57:25 UTC - RP282 - Point de vérification système

 

 

-- First Restore Point --

1: 2008-06-17 16:28:54 UTC - RP276 - Point de vérification système

 

 

Backed up registry hives.

Performed disk cleanup.

 

 

 

-- HijackThis (run as philippe.exe) --------------------------------------------

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 07:42:40, on 25/06/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16674)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

C:\Program Files\Glary Utilities\Integrator.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe

C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe

c:\APPS\HIDSERVICE\HIDSERVICE.exe

C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe

C:\Program Files\CDBurnerXP\NMSAccessU.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe

c:\APPS\Powercinema\Kernel\TV\CLSched.exe

C:\WINDOWS\vsnpstd2.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe

C:\apps\ABoard\ABoard.exe

C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe

C:\apps\ABoard\AOSD.exe

C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe

C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe

C:\Apps\Powercinema\PCMService.exe

C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe

C:\Program Files\QuickTime\QTTask.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\OpenOffice.org 2.4\program\soffice.exe

C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN

C:\WINDOWS\system32\wuauclt.exe

C:\PROGRA~1\INCRED~1\bin\IMApp.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\wscntfy.exe

D:\Documents and Settings\philippe\Bureau\dss.exe

D:\DOCUME~1\philippe\Bureau\philippe.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC

O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName

O4 - HKLM\..\Run: [sNPSTD2] C:\WINDOWS\vsnpstd2.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe

O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe

O4 - HKLM\..\Run: [AliceSAV] C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe

O4 - HKLM\..\Run: [EPSON Stylus DX6000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBIE.EXE /FU "C:\WINDOWS\TEMP\E_SBC.tmp" /EF "HKLM"

O4 - HKLM\..\Run: [iSUSPM] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -scheduler

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"

O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"

O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe

O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll

O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab

O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-5d52bd3910a3692e.spaces.live.co...ad/MsnPUpld.cab

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://config.zebulon.fr/plugins/hardwaredetection.cab

O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe

O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe

O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe

O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe

O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe

O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe

O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

 

--

End of file - 9586 bytes

 

-- File Associations -----------------------------------------------------------

 

.cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*

.cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*

.reg - regfile - shell\open\command - regedit.exe "%1" %*

.scr - scrfile - shell\open\command - "%1" %*

 

 

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

 

R2 CdaC15BA - c:\windows\system32\drivers\cdac15ba.sys <Not Verified; Macrovision Europe Ltd; Security Windows NT>

R2 MASPINT - c:\windows\system32\drivers\maspint.sys <Not Verified; MicroStaff Co.,Ltd.; Aspi32 Driver for WinNT>

 

S3 driverhardwarev2 - c:\program files\ma-config.com\drivers\driverhardwarev2.sys <Not Verified; Ma-Config.com; ma-config.com>

S3 RT73 (Belkin USB Network Adapter) - c:\windows\system32\drivers\rt73.sys <Not Verified; Ralink Technology, Corp.; Ralink 802.11 Wireless Adapters>

 

 

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

 

R2 AntiVirScheduler (AntiVir PersonalEdition Classic Scheduler) - "c:\program files\avira\antivir personaledition classic\sched.exe" <Not Verified; Avira GmbH; AntiVir Workstation>

R2 Apple Mobile Device - "c:\program files\fichiers communs\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>

R2 CLCapSvc (CyberLink Background Capture Service (CBCS)) - "c:\apps\powercinema\kernel\tv\clcapsvc.exe" <Not Verified; ; CLCapSvc Module>

R2 CLSched (CyberLink Task Scheduler (CTS)) - "c:\apps\powercinema\kernel\tv\clsched.exe" <Not Verified; ; CLSched Module>

R2 CyberLink Media Library Service - "c:\program files\cyberlink\shared files\clml_ntservice\clmlserver.exe" <Not Verified; Cyberlink; Cyberlink Media Library Server>

R2 GenericHidService (Generic Service for HID Keyboard Input Collections) - c:\apps\hidservice\hidservice.exe

 

S3 Boonty Games - "c:\program files\fichiers communs\boonty shared\service\boonty.exe" <Not Verified; BOONTY; Boonty Games>

 

 

-- Device Manager: Disabled ----------------------------------------------------

 

No disabled devices found.

 

 

-- Scheduled Tasks -------------------------------------------------------------

 

2008-06-25 07:38:36 318 --a------ C:\WINDOWS\Tasks\GlaryInitialize.job

2008-06-25 07:30:00 260 --a------ C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job

2008-06-24 14:00:00 240 --a------ C:\WINDOWS\Tasks\Configurer mon PC.job

2008-05-21 21:50:22 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job

2007-11-14 00:32:52 196 --a------ C:\WINDOWS\Tasks\HDReg.job

 

 

-- Files created between 2008-05-25 and 2008-06-25 -----------------------------

 

2008-06-25 07:34:17 0 d------c- D:\Deckard

2008-06-24 23:34:28 0 dr-h----- D:\Documents and Settings\philippe\Recent

2008-06-24 09:55:58 0 d-------- D:\Documents and Settings\philippe\Application Data\Malwarebytes

2008-06-24 09:55:53 0 d------c- D:\Documents and Settings\All Users\Application Data\Malwarebytes

2008-06-24 09:55:52 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware

2008-06-22 12:16:56 0 d------c- D:\Documents and Settings\All Users\Application Data\Gogii

2008-06-22 10:20:36 0 d-------- D:\Documents and Settings\philippe\Application Data\Playrix Entertainment

2008-06-20 12:42:49 0 d------c- D:\_OTMoveIt

2008-06-19 15:47:40 0 d-------- C:\Program Files\QuickTime

2008-06-16 17:27:12 0 d-------- C:\Program Files\UnFREEz

2008-06-13 12:52:31 0 d------c- D:\Documents and Settings\All Users\Application Data\GameHouse

2008-06-12 15:44:40 0 d-------- D:\Documents and Settings\philippe\Application Data\MysteryStudio

2008-06-09 15:43:28 0 d-------- C:\Program Files\OpenOffice.org 2.4

2008-06-09 13:01:34 49152 --a------ C:\WINDOWS\system32\Xsusie.dll <Not Verified; XnView; XnView JPEG-LS plugin>

2008-06-09 13:01:34 114688 --a------ C:\WINDOWS\system32\Xjpegls.dll <Not Verified; XnView; XnView JPEG-LS plugin>

2008-06-09 13:01:34 225280 --a------ C:\WINDOWS\system32\Xjp2.dll <Not Verified; XnView; XnView JPEG2000 plugin>

2008-06-09 13:01:34 49152 --a------ C:\WINDOWS\system32\Xjng.dll <Not Verified; XnView; XnView MNG/JNG plugin>

2008-06-09 13:01:34 81920 --a------ C:\WINDOWS\system32\Xjbig.dll <Not Verified; XnView; XnView JBIG plugin>

2008-06-09 13:01:34 364544 --a------ C:\WINDOWS\system32\Xfpx.dll <Not Verified; XnView; XnView FlashPix plugin>

2008-06-09 13:01:34 307200 --a------ C:\WINDOWS\system32\libmng.dll

2008-06-09 13:01:34 872448 --a------ C:\WINDOWS\system32\libgfl211.dll <Not Verified; XnView; GFL SDK>

2008-05-27 10:59:14 0 d-------- C:\Program Files\WinAVI FLV Converter

2008-05-26 11:46:35 0 d-------- C:\Program Files\WinAVI Video Converter

2008-05-26 11:32:38 0 d-------- C:\Program Files\VideoConverter

2008-05-25 17:44:37 0 d-------- D:\Documents and Settings\philippe\Application Data\WinAVI

2008-05-25 16:08:46 348160 --a------ C:\WINDOWS\system32\WMAFile.dll <Not Verified; NCT Company Ltd.; NCTWMAFile2 ActiveX DLL>

2008-05-25 16:08:46 458752 --a------ C:\WINDOWS\system32\AudPlayer.dll <Not Verified; NCT Company Ltd.; NCTAudioPlayer2 ActiveX DLL>

2008-05-25 16:08:46 479232 --a------ C:\WINDOWS\system32\AudioVisu.dll <Not Verified; NCT Company Ltd.; NCTAudioVisualization2 ActiveX DLL>

2008-05-25 16:08:46 454656 --a------ C:\WINDOWS\system32\AudioRecord.dll <Not Verified; NCT Company Ltd.; NCTAudioRecord2 ActiveX DLL>

2008-05-25 16:08:46 1212416 --a------ C:\WINDOWS\system32\AudioInfos.dll <Not Verified; NCT Company Ltd.; NCTAudioInformation2 ActiveX DLL>

2008-05-25 16:08:46 1986560 --a------ C:\WINDOWS\system32\AudFile.dll <Not Verified; NCT Company Ltd.; NCTAudioFile2 ActiveX DLL>

2008-05-25 16:08:46 417792 --a------ C:\WINDOWS\system32\AudDisplay.dll <Not Verified; NCT Company Ltd.; NCTAudioDisplay2 ActiveX DLL>

2008-05-25 16:08:45 101888 --a------ C:\WINDOWS\system32\VB6STKIT.DLL <Not Verified; Microsoft Corporation; Microsoft® Visual Basic pour Windows>

2008-05-25 16:08:45 119568 --a------ C:\WINDOWS\system32\VB6FR.DLL <Not Verified; Microsoft Corporation; Environnement Visual Basic>

2008-05-25 16:08:45 21504 --a------ C:\WINDOWS\system32\TABCTFR.DLL <Not Verified; Microsoft Corporation; Bibliothèque d'objets TabCtl32>

2008-05-25 16:08:45 141312 --a------ C:\WINDOWS\system32\MSCMCFR.DLL <Not Verified; Microsoft Corporation; COMCTL>

2008-05-25 16:08:45 59904 --a------ C:\WINDOWS\system32\Mscc2fr.dll <Not Verified; Microsoft Corporation; Bibliothèque d'objets de Microsoft Common Controls 2>

2008-05-25 16:08:45 15360 --a------ C:\WINDOWS\system32\inetfr.DLL <Not Verified; Microsoft Corporation; DLL du contrôle Microsoft Internet Transfer>

2008-05-25 16:08:45 32768 --a------ C:\WINDOWS\system32\CMDLGFR.DLL <Not Verified; Microsoft Corporation; CMDIALOG>

2008-05-25 16:08:45 2084864 --a------ C:\WINDOWS\system32\AudDesign.dll <Not Verified; NCT Company Ltd.; NCTAudioDesign2 ActiveX DLL>

2008-05-25 12:13:05 0 d------c- D:\Documents and Settings\All Users\Application Data\Intenium

 

 

-- Find3M Report ---------------------------------------------------------------

 

2008-06-25 07:39:53 0 d-------- D:\Documents and Settings\philippe\Application Data\OpenOffice.org2

2008-06-24 23:20:14 0 d-------- D:\Documents and Settings\philippe\Application Data\Macromedia

2008-06-22 15:01:27 0 d-------- C:\Program Files\Glary Utilities

2008-06-22 14:43:56 0 d-------- C:\Program Files\Java

2008-06-21 09:24:56 0 d-------- D:\Documents and Settings\philippe\Application Data\cerasus.media

2008-06-21 08:42:31 0 d-------- C:\Program Files\MSN Games

2008-06-19 07:34:29 0 d-------- D:\Documents and Settings\philippe\Application Data\LimeWire

2008-06-04 16:45:32 0 d--h----- C:\Program Files\InstallShield Installation Information

2008-06-03 11:09:18 0 d-------- C:\Program Files\Zylom Games

2008-05-30 16:06:29 0 d-------- D:\Documents and Settings\philippe\Application Data\Zylom

2008-05-30 16:06:29 0 d-------- D:\Documents and Settings\philippe\Application Data\Identities

2008-05-28 20:04:43 0 d-------- C:\Program Files\BoontyGames

2008-05-28 11:30:57 0 d-------- D:\Documents and Settings\philippe\Application Data\EPSON

2008-05-25 17:38:59 0 d-------- C:\Program Files\MediaCoder

2008-05-24 17:40:22 0 d-------- D:\Documents and Settings\philippe\Application Data\TaoUSign

2008-05-23 17:45:38 0 d-------- C:\Program Files\Photo Story 3 for Windows

2008-05-23 09:12:27 0 d-------- D:\Documents and Settings\philippe\Application Data\PlayFirst

2008-05-20 08:00:47 0 d-------- C:\Program Files\Microsoft Silverlight

2008-05-13 15:22:15 0 d-------- C:\Program Files\Fichiers communs

2008-05-13 15:22:15 0 d-------- C:\Program Files\Fichiers communs\Oberon Media

2008-05-12 11:19:48 0 d-------- C:\Program Files\Radio Fr Solo

2008-05-11 07:45:44 4212 ---h----- C:\WINDOWS\system32\zllictbl.dat

2008-05-10 15:04:19 0 d-------- C:\Program Files\MP3Gain

2008-05-09 14:52:01 0 d-------- C:\Program Files\Windows Live

2008-05-09 14:36:33 0 d-------- C:\Program Files\Microsoft SQL Server Compact Edition

2008-05-09 14:33:22 0 d--hs--c- C:\Program Files\Fichiers communs\WindowsLiveInstaller

2008-05-09 08:27:37 511154 --a------ C:\WINDOWS\system32\perfh00C.dat

2008-05-09 08:27:37 85058 --a------ C:\WINDOWS\system32\perfc00C.dat

2008-05-09 08:21:30 0 d-------- C:\Program Files\Messenger

2008-05-09 08:21:16 0 d-------- C:\Program Files\Movie Maker

2008-05-09 08:19:07 0 d-------- C:\Program Files\Windows NT

2008-05-09 07:56:15 0 d-------- C:\Program Files\Microsoft Baseline Security Analyzer 2

2008-04-16 08:41:21 66716 --ah----- C:\WINDOWS\system32\mlfcache.dat

2008-04-15 18:53:27 43520 --a------ C:\WINDOWS\system32\CmdLineExt03.dll

2008-04-04 22:14:51 34304 --a------ C:\WINDOWS\system32\startbss.exe

2008-04-04 22:14:51 862798 --a------ C:\WINDOWS\system32\anniversaire[1].scr <Not Verified; Frank Reinecke Datentechnik und Softwareentwicklung; SSAVER Application>

2008-03-29 16:21:40 664 --a------ C:\WINDOWS\system32\d3d9caps.dat

 

 

-- Registry Dump ---------------------------------------------------------------

 

*Note* empty entries & legit default entries are not shown

 

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [05/08/2004 14:00]

"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [05/08/2004 14:00]

"SNPSTD2"="C:\WINDOWS\vsnpstd2.exe" [30/08/2004 16:37]

"SoundMan"="SOUNDMAN.EXE" [17/05/2005 18:48 C:\WINDOWS\SOUNDMAN.EXE]

"ATIPTA"="C:\ATI Technologies\ATI Control Panel\atiptaxx.exe" [22/03/2005 21:05]

"Ulead AutoDetector v2"="C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe" [26/11/2004 11:43]

"ACTIVBOARD"="c:\apps\ABoard\ABoard.exe" [02/05/2003 11:31]

"AliceSAV"="C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe" [14/09/2005 17:15]

"EPSON Stylus DX6000 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBIE.exe" [13/02/2006 06:00]

"ISUSPM"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" [16/05/2006 17:58]

"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [16/04/2008 23:23]

"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [25/03/2008 04:28]

"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [02/04/2008 21:07]

"PCMService"="c:\Apps\Powercinema\PCMService.exe" [11/05/2005 13:48]

"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [09/03/2007 12:09]

"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [27/05/2008 10:50]

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [14/04/2008 04:33]

"IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe" [09/10/2007 13:02]

 

D:\Documents and Settings\philippe\Menu D‚marrer\Programmes\D‚marrage\

OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe [21/01/2008 15:41:28]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]

C:\WINDOWS\System32\dimsntfy.dll

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]

@="Service"

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

@="Volume shadow copy"

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]

"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"

"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

"IS CfgWiz"=C:\Program Files\Norton Internet Security\cfgwiz.exe /GUID {257BBC47-1B26-432e-9F84-188603799DD3} /MODE CfgWiz /CMDLINE "REBOOT"

"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

eapsvcs eaphost

dot3svc dot3svc

 

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

napagent

hkmsvc

 

 

 

 

-- End of Deckard's System Scanner: finished at 2008-06-25 07:45:16 ------------

-rapport extra.txt:

Deckard's System Scanner v20071014.68

Extra logfile - please post this as an attachment with your post.

--------------------------------------------------------------------------------

 

-- System Information ----------------------------------------------------------

 

Microsoft Windows XP Édition familiale (build 2600) SP 3.0

Architecture: X86; Language: French

 

CPU 0: AMD Athlon 64 Processor 3400+

Percentage of Memory in Use: 40%

Physical Memory (total/avail): 1023.36 MiB / 610.4 MiB

Pagefile Memory (total/avail): 2458.99 MiB / 2120.47 MiB

Virtual Memory (total/avail): 2047.88 MiB / 1906.75 MiB

 

A: is Removable (No Media)

C: is Fixed (NTFS) - 29.99 GiB total, 9.39 GiB free.

D: is Fixed (NTFS) - 6.01 GiB total, 2.33 GiB free.

E: is Fixed (NTFS) - 150.3 GiB total, 72.79 GiB free.

F: is CDROM (Unformatted)

G: is Removable (No Media)

H: is Removable (No Media)

I: is Removable (No Media)

J: is Removable (No Media)

 

\\.\PHYSICALDRIVE0 - ST320082 6AS SCSI Disk Device - 186.31 GiB - 3 partitions

\PARTITION0 (bootable) - Système de fichiers installable - 29.99 GiB - C:

\PARTITION1 - Système de fichiers installable - 6.01 GiB - D:

\PARTITION2 - Système de fichiers installable - 150.3 GiB - E:

 

\\.\PHYSICALDRIVE2 - Generic USB CF Reader USB Device

 

\\.\PHYSICALDRIVE4 - Generic USB MS Reader USB Device

 

\\.\PHYSICALDRIVE1 - Generic USB SD Reader USB Device

 

\\.\PHYSICALDRIVE3 - Generic USB SM Reader USB Device

 

 

 

-- Security Center -------------------------------------------------------------

 

AUOptions is scheduled to auto-install.

 

 

-- Environment Variables -------------------------------------------------------

 

ALLUSERSPROFILE=D:\Documents and Settings\All Users

APPDATA=D:\Documents and Settings\philippe\Application Data

CLASSPATH=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip

CLIENTNAME=Console

CommonProgramFiles=C:\Program Files\Fichiers communs

COMPUTERNAME=SN049141620136

ComSpec=C:\WINDOWS\system32\cmd.exe

FP_NO_HOST_CHECK=NO

HOMEDRIVE=D:

HOMEPATH=\Documents and Settings\philippe

LOGONSERVER=\\SN049141620136

NUMBER_OF_PROCESSORS=1

OS=Windows_NT

Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\ATI Technologies\ATI Control Panel;C:\Program Files\Fichiers communs\Ulead Systems\MPEG;C:\PROGRA~1\FICHIE~1\SONICS~1\;C:\Program Files\QuickTime\QTSystem\

PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

PROCESSOR_ARCHITECTURE=x86

PROCESSOR_IDENTIFIER=x86 Family 15 Model 47 Stepping 2, AuthenticAMD

PROCESSOR_LEVEL=15

PROCESSOR_REVISION=2f02

ProgramFiles=C:\Program Files

PROMPT=$P$G

QTJAVA=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip

SESSIONNAME=Console

SystemDrive=C:

SystemRoot=C:\WINDOWS

TEMP=D:\DOCUME~1\philippe\LOCALS~1\Temp

TMP=D:\DOCUME~1\philippe\LOCALS~1\Temp

tvdumpflags=8

USERDOMAIN=SN049141620136

USERNAME=philippe

USERPROFILE=D:\Documents and Settings\philippe

windir=C:\WINDOWS

 

 

-- User Profiles ---------------------------------------------------------------

 

philippe (admin)

Administrateur (admin)

 

 

-- Add/Remove Programs ---------------------------------------------------------

 

--> "c:\apps\skype\phone\unins000.exe"

--> "C:\Program Files\Fichiers communs\aolshare\Coach\AolCInUn.exe" -lang="fr-fr"

--> C:\PROGRA~1\FICHIE~1\AOL\ACS\AcsUninstall.exe /c

--> C:\Program Files\Fichiers communs\AOL\Screensaver\uninst_ygpss.exe

--> C:\Program Files\Fichiers communs\aolshare\Aolunins_fr.exe

--> C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

--> C:\Program Files\Learn2.com\StRunner\stuninst.exe

--> C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u

--> C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu

--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}

--> msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}

--> MsiExec.exe /I{8B543A39-9401-44F4-B572-069E64C15189}

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\Setup.EXE" -uninstall

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F9CFBD8-8F77-4DCD-8CB5-CDD5F653C872}\setup.exe" -l0x40c

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4F1DA6BF-3614-48A1-9970-9E90F646789E}\setup.exe" -l0x40c

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5A065EA0-0EEC-4E94-A2A0-40812576C122}\setup.exe" -l0x40c

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5AFA4872-16B2-419E-ADCA-8E96E739115D}\setup.exe" -l0x40c

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0x40c

--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0A32C786-85DE-48F8-9E54-848B3E34A90C}\setup.exe" -l0x40c -removeonly

--> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean

--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

7 Wonders of the Ancient World --> C:\Program Files\MumboJumbo\7 Wonders\uninst.exe

ABBYY FineReader 6.0 Sprint --> MsiExec.exe /I{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}

Adobe AIR --> C:\Program Files\Fichiers communs\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall

Adobe AIR --> MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}

Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe

Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe

Adobe Reader 8.1.2 - Français --> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}

Adobe Shockwave Player --> C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log

Adobe® Photoshop® Album Starter Edition 3.2 --> MsiExec.exe /I{A654A805-41D9-40C7-AA46-4AF04F044D61}

Alice Auto-diagnostic --> C:\Program Files\TechCity Solutions\AliceSAV\uninstall.exe

Apple Mobile Device Support --> MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}

Apple Software Update --> MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}

Assistant de connexion Windows Live --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}

Avira AntiVir Personal – Free Antivirus --> C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE

Barbie au Bal des 12 princesses --> C:\Program Files\InstallShield Installation Information\{77FA0593-9D54-4CB0-9FE0-18D6EC218841}\setup.exe -runfromtemp -l0x040c -removeonly

Barre d'outils Outlook de Windows Live (Windows Live Toolbar) --> MsiExec.exe /X{6E15BEDF-7EB5-4010-998E-B430DB4EFE45}

Big Fish Games Client --> C:\Program Files\bfgclient\Uninstall.exe

Bloqueur de fenêtres pop-up (Windows Live Toolbar) --> MsiExec.exe /X{A425C250-A0E1-4D78-B1C1-A5CBC7385E7C}

BoontyBox 2.3 --> "C:\Program Files\Boonty\BoontyBox\unins000.exe"

Bricks Of Atlantis Deluxe --> "C:\Program Files\Zylom Games\Bricks Of Atlantis Deluxe\GameInstlr.exe" --uninstall UnInstall.log

CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"

CDBurnerXP --> "C:\Program Files\CDBurnerXP\unins000.exe"

Codeur Windows Media Série 9 --> MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}

Correctif pour Lecteur Windows Media 11 (KB939683) --> "C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"

Disney Donald Couak Attak --> C:\WINDOWS\IsUn040c.exe -fC:\PROGRA~1\DISNEY~1\DISNEY~2\DeIsL1.isu

Disney Panique à Mickeyville --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{70935E1F-215D-11D7-8944-0002A5E32BEF}\setup.exe" Disney Panique à Mickeyville

Détecteur de flux Windows Live Toolbar (Windows Live Toolbar) --> MsiExec.exe /X{EFFCB0F1-CFEC-48D4-B793-EBFCAE852976}

DVD Shrink 3.2 --> "E:\Program Files\DVD Shrink\unins000.exe"

EPSON Attach To Email --> C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{20C45B32-5AB6-46A4-94EF-58950CAF05E5} /l1033 ADDREMOVEDLG

EPSON Copy Utility 3 --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\SETUP.EXE" -l0x40c -UnInstall

EPSON Easy Photo Print --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BC69DDB8-4840-4D9B-BB31-0D4DB2BA1312}\SETUP.EXE" -l0x40c UNINST

EPSON File Manager --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E86BC406-944E-41F6-ADE6-2C136734C96B}\Setup.exe" -l0x40c UNINST

EPSON Logiciel imprimante --> C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R

EPSON Scan --> C:\Program Files\epson\escndv\setup\setup.exe /r

EPSON Scan Assistant --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}\Setup.exe" -l0x40c -u

EPSON Web-To-Page --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}\SETUP.EXE" -l0x40c -anything

ESDX6000_CX5900 Guide util. --> C:\Program Files\EPSON\TPMANUAL\ESDX6000_CX5900\USE_G\DOCUNINS.EXE

Extension de Windows Live Toolbar (Windows Live Toolbar) --> MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C52BA20C2D}

Galerie de photos Windows Live --> MsiExec.exe /X{A70FA218-6598-4AC9-813D-63597C5DD068}

Glary Utilities 2.5.3 --> "C:\Program Files\Glary Utilities\unins000.exe"

Google Earth --> MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}

HijackThis 2.0.2 --> "D:\Documents and Settings\philippe\Bureau\HijackThis.exe" /uninstall

Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"

Image Transfer --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{564A8DD3-70BC-4018-A5C3-7CEB10BBB6E9}\Setup.exe" UNINSTALL

ImageMixer for Sony --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1B4AA674-F5CA-4BB5-831A-CD37B4021959}\setup.exe"

IncrediMail Xe --> C:\PROGRA~1\INCRED~1\bin\imsetup.exe /remove /addon:IncrediMail /log:IncMail.log

iTunes --> MsiExec.exe /I{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}

Java DB 10.3.1.4 --> MsiExec.exe /X{CD49361E-3FE6-457E-90A1-9C59E29B5D02}

Java 6 Update 4 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040}

Java 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}

Java 6 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}

Java SE Development Kit 6 Update 4 --> MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0160040}

Jewel Quest Deluxe --> "C:\Program Files\Zylom Games\Jewel Quest Deluxe\GameInstlr.exe" --uninstall UnInstall.log

Jouer à Disney Winnie l’Ourson La Chasse au Miel de Tigrou --> C:\WINDOWS\IsUn040c.exe -fC:\PROGRA~1\DISNEY~1\DISNEY~3\DeIsL1.isu

Kit de Connexion Alice ADSL --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3A0221AD-D30B-4320-8F9B-1D0F0E6C6843}\setup.exe" -l0x40c ControlPanel

L'Age de Glace 2 --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{47F0F784-96DD-4213-A0AB-85AF5C4A2E60}\setup.exe" -l0x40c -removeonly

La savane en folie --> C:\PROGRA~1\Brossard\LASAVA~1\UNWISE.EXE C:\PROGRA~1\Brossard\LASAVA~1\INSTALL.LOG

LimeWire 4.16.7 --> "C:\LimeWire\uninstall.exe"

Ma-Config.com plugin --> MsiExec.exe /I{BC2D90DE-8D75-4DEB-8865-B4F710CD4ABA}

Macromedia Shockwave Player --> MsiExec.exe /X{7D1D6A24-65D4-454C-8815-4F08A5FFF12C}

Magic Academy Deluxe --> "C:\Program Files\Zylom Games\Magic Academy Deluxe\GameInstlr.exe" --uninstall UnInstall.log

Mah Jong Quest Deluxe --> "C:\Program Files\Zylom Games\Mah Jong Quest Deluxe\GameInstlr.exe" --uninstall UnInstall.log

Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"

Menus intelligents (Windows Live Toolbar) --> MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}

Messenger Plus! Live --> "C:\Program Files\Messenger Plus! Live\Uninstall.exe"

Microsoft Baseline Security Analyzer 2.1 --> MsiExec.exe /I{6AF5CAB9-FD0A-494F-8AA6-784D4B5D06C5}

Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"

Microsoft Office Excel Viewer 2003 --> MsiExec.exe /I{9084040C-6000-11D3-8CFE-0150048383C9}

Microsoft Office PowerPoint Viewer 2007 (French) --> MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}

Microsoft Silverlight --> MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

Microsoft SQL Server 2005 Compact Edition [ENU] --> MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"

Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}

Microsoft Word 2002 --> MsiExec.exe /I{911B040C-6000-11D3-8CFE-0050048383C9}

Microsoft Works 7.0 --> MsiExec.exe /I{64D114CE-4234-45C2-B60A-2B07D5A48F72}

MicroStaff WINASPI --> C:\MWASPI\uninst.exe

Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782) --> "C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782) --> "C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Step by Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB941569) --> "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB950760) --> "C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB950762) --> "C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB951376-v2) --> "C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB951376) --> "C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB951698) --> "C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"

MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}

neroxml --> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}

OneCare Advisor (Windows Live Toolbar) --> MsiExec.exe /X{F242B06B-517F-4D62-B654-16B11564A912}

OpenOffice.org 2.4 --> MsiExec.exe /I{2A1AA9CF-2E7D-4235-BDAB-8FA4291DD5D8}

PhotoFiltre --> "C:\Program Files\PhotoFiltre\Uninst.exe"

Photorécit 3 pour Windows --> MsiExec.exe /I{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}

PIF DESIGNER --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B90450DF-E781-46FD-B1F1-0C86DA40E443}\SETUP.EXE" -l0x40c anything

QuickTime --> MsiExec.exe /I{08CA9554-B5FE-4313-938F-D4A417B81175}

Radio Fr Solo 2.1 --> C:\Program Files\Radio Fr Solo\Uninstall.exe

RealArcade --> C:\Program Files\Real\RealArcade\Update\rnuninst.exe RealNetworks|RealArcade|1.2

RealPlayer --> C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

Realtek AC'97 Audio --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\Setup.exe" -l0x40c REMOVE -removeonly

Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

Sonic MyDVD --> MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}

Sonic RecordNow! --> MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}

Sony USB Driver --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}\Setup.exe" UNINSTALL

Spelling Dictionaries Support For Adobe Reader 8 --> MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003}

Titeuf Méga-Compet' --> "C:\Program Files\Atari\Titeuf\unins000.exe"

VCRedistSetup --> MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}

VideoLAN VLC media player 0.8.6h --> C:\Program Files\VideoLAN\VLC\uninstall.exe

VirtualDub 1.6.9 Fr --> C:\Program Files\VirtualDub\UnInstall_VirtualDub.exe

WinAVI FLV Converter --> "C:\Program Files\WinAVI FLV Converter\unins000.exe"

WinAVI Video Converter 8.0 --> "C:\Program Files\WinAVI Video Converter\unins000.exe"

Windows Imaging Component --> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"

Windows Live Favorites pour Windows Live Toolbar --> MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}

Windows Live installer --> MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}

Windows Live Mail --> MsiExec.exe /I{C514C594-23AA-4F13-A070-DB8BDB27594F}

Windows Live Messenger --> MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}

Windows Live Toolbar --> "C:\Program Files\Windows Live Toolbar\UnInstall.exe" {0A8C97AD-DEED-4894-B446-3ABA95A77D0D}

Windows Live Toolbar --> MsiExec.exe /X{0A8C97AD-DEED-4894-B446-3ABA95A77D0D}

Windows Live Writer --> MsiExec.exe /X{3DFF4274-EBB0-4356-9692-972965018954}

Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"

Windows Presentation Foundation --> MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}

Windows Presentation Foundation Language Pack (FRA) --> MsiExec.exe /X{6901DD22-527A-41EF-9059-E81FEDE9E494}

Windows Workflow Foundation FR Language Pack --> MsiExec.exe /I{B84C141C-9A13-44BE-9A69-301D7B11D836}

Windows XP Service Pack 3 --> "C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"

XML Paper Specification Shared Components Language Pack 1.0 --> "C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"

XML Paper Specification Shared Components Pack 1.0 -->

ZebHelpProcess 2.23 --> "C:\Program Files\ZebHelpProcess 2\unins000.exe"

ZoneAlarm --> C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe

 

 

-- Application Event Log -------------------------------------------------------

 

Event Record #/Type7018 / Error

Event Submitted/Written: 06/25/2008 07:28:46 AM

Event ID/Source: 2001 / Microsoft Office 10

Event Description:

Rejected Safe Mode action : Microsoft Word.

 

Event Record #/Type7013 / Error

Event Submitted/Written: 06/24/2008 01:28:53 PM

Event ID/Source: 1002 / Application Hang

Event Description:

Application bloquée mmc.exe, version 5.2.3790.4136, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

 

Event Record #/Type7012 / Error

Event Submitted/Written: 06/24/2008 01:27:54 PM

Event ID/Source: 1002 / Application Hang

Event Description:

Application bloquée mmc.exe, version 5.2.3790.4136, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

 

Event Record #/Type7011 / Error

Event Submitted/Written: 06/24/2008 01:23:24 PM

Event ID/Source: 1002 / Application Hang

Event Description:

Application bloquée mmc.exe, version 5.2.3790.4136, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

 

Event Record #/Type7010 / Error

Event Submitted/Written: 06/24/2008 00:21:15 PM

Event ID/Source: 1002 / Application Hang

Event Description:

Application bloquée mmc.exe, version 5.2.3790.4136, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

 

 

 

-- Security Event Log ----------------------------------------------------------

 

No Errors/Warnings found.

 

 

-- System Event Log ------------------------------------------------------------

 

Event Record #/Type125360 / Error

Event Submitted/Written: 06/25/2008 07:45:15 AM

Event ID/Source: 7 / Cdrom

Event Description:

Le périphérique \Device\CdRom0 comporte un bloc défectueux.

 

Event Record #/Type125359 / Error

Event Submitted/Written: 06/25/2008 07:45:15 AM

Event ID/Source: 7 / Cdrom

Event Description:

Le périphérique \Device\CdRom0 comporte un bloc défectueux.

 

Event Record #/Type125358 / Error

Event Submitted/Written: 06/25/2008 07:45:11 AM

Event ID/Source: 7 / Cdrom

Event Description:

Le périphérique \Device\CdRom0 comporte un bloc défectueux.

 

Event Record #/Type125357 / Error

Event Submitted/Written: 06/25/2008 07:45:05 AM

Event ID/Source: 7 / Cdrom

Event Description:

Le périphérique \Device\CdRom0 comporte un bloc défectueux.

 

Event Record #/Type125356 / Error

Event Submitted/Written: 06/25/2008 07:45:04 AM

Event ID/Source: 7 / Cdrom

Event Description:

Le périphérique \Device\CdRom0 comporte un bloc défectueux.

 

 

 

-- End of Deckard's System Scanner: finished at 2008-06-25 07:45:16 ------------

[Falkra]

Il n'y a rien de particullièrement problématique.

 

Désinstalle BoontyBox 2.3, ce service collecte trop de stats sur les utilisateurs.

Avais-tu fait de gros nettoyages avec Glary et Ccleaner ?

 

Ton problème semble plus logiciel qu'infectieux.

[bibifricotin]

Bountybox désinstallé.Je nettoye tous les jours avec CCleaner et Glary(j'aurais pas du?).

Dois-je garder OTMoveIt2,DSS et Mawarebytes' Anti-Malwares?

Ai-je un conflit de logiciel?Y-a-t-il un moyen de trouver lequel?

J'arrete les questions..

[Falkra]

Ce qui démarre ici devrait faire bon ménage avec le reste.

Parfois les nettoyeurs nettoient un coup de trop, mais pour savoir ce que c'est, difficile.

 

Tu peux virer OtMoveIT et DSS, garde MBAM, il peut remplacer windows defender (en tant que scanneur donc, car le module résident est payant).

 

Les erreurs nous disent que certains CD ont du mal à être lus, ça peu être tout ç fait normal sur des cd originaux mais protégés, ou bine un lecteur cd fatigué, mais ça ne ralentit pas autant le système normalement. Tu n'as pas laissé de cd dans le lecteur ?

L'autre pour MMC n'est pas problématique.

[bibifricotin]

Effectivement il y avait un cd dans le lecteur.

Comment un cd peut planter un pc?

[Falkra]

Ca ne plante pas le PC, ça enregistre un message d'erreur (caché) dans windows.

rien de dangereux, mais essaie de redémarrer sans le cd, on ne sait jamais (cas rares).

[bibifricotin]

Impec!tout est ok!

c'est quoi le probleme,le lecteur cd ou le cd(à graver d'ailleurs)?

Des investissements en perspective?

[Falkra]

Non non, ce n'est pas un problème, juste un test.

 

Impec!tout est ok!

Super.

 

Vire DSS, OTMoveIt et les outils utilisés.

 

Un "vrai" pare-feu est une nécessité, je te conseille Comodo v3, simple à utiliser, gratuit et efficace, un très bon compromis : http://www.personalfirewall.comodo.com/

Tu peux garder MBAM comme antispyware. Antivir aussi comme Antivirus.

 

N'hésite pas à poser des questions, cette partie est aussi importante que la désinfection.

 

Tu peux marquer résolu dans le titre, (en éditant le premier post, le titre devient modifiable).

[bibifricotin]

ZoneAlarm n'est pas fiable d'aprés toi?

[Falkra]

A part dans sa version pro, il est correct, sans plus. Tu as la versino gratuite, ou une des payantes (si oui, laquelle) ?