Problèmes sur DELL XPS M1710 Vista Pro

beuzz69 · le 24 juillet 2008

En tout cas, mon PC ne reconnait toujours pas mon micro, je viens d'essayer...

Pour la lenteur, c'est difficile à juger sans recul...

Pour le message d'erreur sur les styles visuels... Je l'ai encore eu quand le PC a redémarré pendant l'éxécution de Toolbar S&D...

Alors que faire selon toi ?

Falkra · le 24 juillet 2008

Il y a une grosse suite de sécurité (mcafee) sur la machine. Tu as combien de ram ? (mémoire vive)

Tu peux voir la quantité en faisant clic droit sur le poste de travail, puis "propriétés" ça te dira ça en bas à droite.

Désactive TeaTimer dans spybot dès maintenant, ça peut empêcher les désinfections et ça ne sert pas à grand chose.

A faire en passant par les options de Spybot: il faut aller dans le menu "Mode"=> coche "Mode avancé" => "Outils"(en bas de page)=> "Résident" => et tu décoches cette case: "Résident Teatimer" .

Le son, rien à voir avec les toolbars, c'est un autre problème.

Windows est à jour ?

beuzz69 · le 24 juillet 2008

Mes mises à jour se lancent automatiquement et je ne crois pas en avoir "manqué"...

Comme indiqué sur mon profil, j'ai 2048Mo de RAM, ce qui est déjà pas mal...

Il est vrai que McAfee est conséquent en taille...

Mais quel lien avec le reste ?

Sachant qu'auparavant, je n'avais aucun souci de son, de micro, de lenteur, de messages d'erreurs des styles visuels, etc...

beuzz69 · le 24 juillet 2008

Je viens de constater que Toolbar S&D m'a supprimé Windows Live Messenger Plus...

MSN est du coup moins pratique... Ce "plug-in" est-il nocif ? ou gênant ?

Ou c'est juste une erreur de l'avoir supprimé ?

Falkra · le 24 juillet 2008

Lop S&D supprime une infection liée au sponsor de WLM/MSN Plus, mais pas Toolbar S&D.

Il y a des "sponsors" ou barres d'outils, des choses qu'on installe avec les programmes, et ce sont des infections parfois, dans le cas de WLMPlus, c'en est une.

Exemple pour MSN Plus :

Ne jamais installer ce sponsor. Mais WLMPlus sans le sponsor : ça va.

beuzz69 · le 24 juillet 2008

Je ne l'ai jamais installé car je sais le mal que font ces sponsors, ne t'en fais pas...

Pour le reste, aucune idée ?

Merci pour le début, mais mes soucis ne sont pas encore résolus...

Falkra · le 24 juillet 2008

Cela ne relève pas forcément de la partie désinfection, mais on va faire un gros diagnostic pour voir de plus près au cas où.

2048 de ram, impec.

Télécharge Deckard's System Scanner (DSS) (ou DSS) sur ton Bureau.

NB : Tu dois être connecté avec des droits d'Administrateur.

ferme toutes les applications et fenêtres
double-clique sur dss.exe pour le lancer et suis les instructions ci-dessous
Attention, il est conseillé de stopper temporairement les logiciels résidents de protection (pare-feu, antivirus, etc.)
s'il s'agit d'une première utilisation ou d'une nouvelle version de DSS :
- tu devras cliquer 2 fois sur le OK des boîtes de dialogue
  Attention, si tu tardes trop, la réponse Abandon sera automatiquement validée
- quand le traitement est terminé (clique sur OK), deux fichiers texte s'affichent :
  main.txt <- ouvert en premier plan et en plein écran
  extra.txt <- ouvert en second plan et en fenêtré (regarde la barre des taches)

S'il s'agit d'une utilisation supplémentaire de DSS :

tu n'auras pas de boîte de dialogue (pas de OK)
quand le traitement est terminé, un fichier texte s'affiche :
main.txt <- ouvert en premier plan et en plein écran

[*] copie (Ctrl+A puis Ctrl+C) et colle (Ctrl+V) le contenu de main.txt dans ton prochain post

[*] Copie de même le contenu de extra.txt dans ton prochain post, si tu as ce fichier (première utilisation)

[*] Si tu ne vois pas le rapport, tu le trouvera dans le dossier suivant > C:\Deckard\System Scanner

[*] n'oublie pas de réactiver les protections si elles ont été stoppées.

Ce que fait DSS :

crée un point de restauration dans Windows XP et Vista
nettoie les fichiers temporaires, DPF-Downloaded Program Files et le Cache Internet, vide la Corbeille de tous les lecteurs
vérifie quelques zones importantes de ton système et établit un rapport pour examen par ton conseiller en sécurité. DSS lance automatiquement HijackThis pour toi; il va aussi créer un raccourci HijackThis sur ton Bureau si tu n'as pas déjà HijackThis d'installé.

beuzz69 · le 24 juillet 2008

Mon fichier "main.txt" :

Deckard's System Scanner v20071014.68

Run by Vincent on 2008-07-24 23:39:32

Computer is in Normal Mode.

--------------------------------------------------------------------------------

-- Last 5 Restore Point(s) --

13: 2008-07-23 18:16:28 UTC - RP264 - Windows Update

12: 2008-07-15 22:51:24 UTC - RP263 - Installation du package de pilote logiciel : Apple, Inc. Contrôleurs de bus USB

11: 2008-07-15 18:36:49 UTC - RP262 - Windows Update

10: 2008-07-14 20:55:24 UTC - RP261 - Installé iPod for Windows 2006-03-23

9: 2008-07-11 15:37:35 UTC - RP259 - Windows Update

-- First Restore Point --

1: 2008-07-04 17:12:28 UTC - RP250 - Windows Update

Backed up registry hives.

Performed disk cleanup.

System Drive C: has 11.5 GiB (less than 15%) free.

-- HijackThis (run as Vincent.exe) ---------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 23:52:46, on 24/07/2008

Platform: Windows Vista (WinNT 6.00.1904)

MSIE: Internet Explorer v7.00 (7.00.6000.16681)

Boot mode: Normal

Running processes:

C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

c:\PROGRA~1\mcafee.com\agent\mcagent.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Java\jre1.6.0\bin\jusched.exe

C:\Windows\System32\ico.exe

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\Windows\System32\Pmxmiced.exe

C:\Program Files\Dell\MediaDirect\PCMService.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe

C:\Program Files\Logitech\QuickCam\Quickcam.exe

C:\Program Files\Unlocker\UnlockerAssistant.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Dell Support Center\bin\sprtcmd.exe

C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe

C:\Windows\sttray.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files\Digital Line Detect\DLG.exe

C:\Program Files\Dell\QuickSet\quickset.exe

C:\Program Files\Mozilla Firefox\firefox.exe

c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe

C:\Program Files\Skype\Plugin Manager\skypePM.exe

C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe

C:\Program Files\FileZilla Client\filezilla.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\Users\Vincent\Documents\Utilitaires - Programmes\Zebulon\dss.exe

C:\PROGRA~1\mcafee\msc\mcshell.exe

C:\Windows\system32\conime.exe

C:\Program Files\PhotoFiltre Studio\pf-studio.exe

C:\Windows\system32\SearchFilterHost.exe

C:\PROGRA~1\TRENDM~1\HIJACK~1\Vincent.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.em-lyon.net/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.01net.com/telecharger/

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 10.23.16.20:80

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)

O1 - Hosts: ::1 localhost

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [sunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"

O4 - HKLM\..\Run: [PMX Daemon] ICO.EXE

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"

O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe

O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"

O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [MSConfig] "C:\Windows\System32\msconfig.exe" /auto

O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"

O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"

O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide

O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey

O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"

O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\RunOnce: [DelayShred] "c:\program files\mcafee\mshr\ShrCL.EXE" /P7 /q C:\Users\Vincent\AppData\Local\Temp\~DFD8CA.tmp C:\Users\Vincent\AppData\Local\Temp\~DFD8BF.tmp C:\Users\Vincent\AppData\Local\Temp\~DFB38F.tmp C:\Users\Vincent\AppData\Local\Temp\~DFB37F.tmp C:\Users\Vincent\AppData\Local\Temp\~DF52C8.tmp C:\Users\Vincent\AppData\Local\Temp\~DF526D.tmp C:\Users\Vincent\AppData\Local\Temp\Patcher\PAAFA2~1\PBSLOC~1\PBSLOC~1.SH! C:\Users\Vincent\AppData\Local\Temp\Low\~DF7430.tmp C:\Users\Vincent\AppData\Local\Temp\Low\~DF7423.tmp C:\Users\Vincent\AppData\Local\Temp\Low\HSPERF~1.SH! C:\Users\Vincent\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\MCSMYR2E\EXIT_1~1.SH! C:\Users\Vincent\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\4JXIM1LK\DYNAMI~1.SH! C:\Users\Vincent\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\3QIIN735\I500_1~1.SH! (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [DelayShred] "c:\program files\mcafee\mshr\ShrCL.EXE" /P7 /q C:\Users\Vincent\AppData\Local\Temp\~DFD8CA.tmp C:\Users\Vincent\AppData\Local\Temp\~DFD8BF.tmp C:\Users\Vincent\AppData\Local\Temp\~DFB38F.tmp C:\Users\Vincent\AppData\Local\Temp\~DFB37F.tmp C:\Users\Vincent\AppData\Local\Temp\~DF52C8.tmp C:\Users\Vincent\AppData\Local\Temp\~DF526D.tmp C:\Users\Vincent\AppData\Local\Temp\Patcher\PAAFA2~1\PBSLOC~1\PBSLOC~1.SH! C:\Users\Vincent\AppData\Local\Temp\Low\~DF7430.tmp C:\Users\Vincent\AppData\Local\Temp\Low\~DF7423.tmp C:\Users\Vincent\AppData\Local\Temp\Low\HSPERF~1.SH! C:\Users\Vincent\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\MCSMYR2E\EXIT_1~1.SH! C:\Users\Vincent\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\4JXIM1LK\DYNAMI~1.SH! C:\Users\Vincent\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\3QIIN735\I500_1~1.SH! (User 'Default user')

O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Global Startup: BTTray.lnk = ?

O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe

O4 - Global Startup: QuickSet.lnk = ?

O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll

O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O13 - Gopher Prefix:

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe

O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe

O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe

O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe

O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe

O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe

O23 - Service: Gestion de l'alimentation de l'adaptateur réseau interne Dell (nicconfigsvc) - Dell Inc. - C:\Program Files\Dell\QuickSet\NicConfigSvc.exe

O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe

O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--

End of file - 16195 bytes

-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------

backup-20080109-024025-284 O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

backup-20080109-024025-664 O4 - HKLM\..\Run: [searchSettings] C:\Program Files\Search Settings\SearchSettings.exe

backup-20080109-024025-824 O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb125\SearchSettings.dll

-- File Associations -----------------------------------------------------------

.js - jsfile - DefaultIcon - "C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe",7

.js - jsfile - shell\open\command - "C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe","%1"

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

S3 DSproct - \??\c:\program files\dellsupport\gtaction\triggers\dsproct.sys

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Bonjour Service (Service Bonjour) - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Inc.; Bonjour>

R2 sprtsvc_dellsupportcenter (SupportSoft Sprocket Service (dellsupportcenter)) - c:\program files\dell support center\bin\sprtsvc.exe /service /p dellsupportcenter

R2 STacSV (SigmaTel Audio Service) - c:\program files\sigmatel\c-major audio\wdm\stacsv.exe <Not Verified; SigmaTel, Inc.; C-Major Audio>

R3 FLEXnet Licensing Service - "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)>

S3 DSBrokerService - "c:\program files\dellsupport\brkrsvc.exe" <Not Verified; ; Gteko BrkrSvc Application>

S3 stllssvr - "c:\program files\common files\surething shared\stllssvr.exe" <Not Verified; MicroVision Development, Inc.; SureThing CD Labeler>

-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.

-- Scheduled Tasks -------------------------------------------------------------

2008-07-15 01:00:00 380 --a------ C:\Windows\Tasks\McDefragTask.job

2008-05-01 01:00:00 370 --a------ C:\Windows\Tasks\McQcTask.job

-- Files created between 2008-06-24 and 2008-07-24 -----------------------------

2008-07-24 23:20:57 45 ---h----- C:\Windows\dos13473.dat

2008-07-24 01:18:55 56 --ah----- C:\Windows\system32\ezsidmv.dat

2008-07-24 01:11:08 0 d-------- C:\Toolbar SD

2008-07-16 01:01:55 0 d-------- C:\Program Files\iTunes

2008-07-15 22:40:30 0 d-------- C:\Program Files\Apple Software Update

2008-07-14 23:00:59 38229 -----n--- C:\Windows\system32\drivers\StMp3Rec.sys <Not Verified; Generic; Generic MP3 Player>

2008-07-13 14:08:28 0 d-------- C:\Users\Vincent\Eurocalypse

2008-06-24 20:23:00 0 d-------- C:\Program Files\Skype

2008-06-24 20:23:00 0 d-------- C:\Program Files\Common Files\Skype

2008-06-24 20:22:49 0 d-------- C:\Users\All Users\Skype

-- Find3M Report ---------------------------------------------------------------

2008-07-24 23:32:47 0 d-------- C:\Users\Vincent\AppData\Roaming\Skype

2008-07-24 23:01:33 690832 --a------ C:\Windows\system32\perfh00C.dat

2008-07-24 23:01:33 117572 --a------ C:\Windows\system32\perfc00C.dat

2008-07-24 22:49:23 35541 --a------ C:\Users\Vincent\AppData\Roaming\nvModes.001

2008-07-24 22:16:39 0 d-------- C:\Users\Vincent\AppData\Roaming\FileZilla

2008-07-24 22:06:30 0 d-------- C:\Program Files\MSN Messenger

2008-07-24 22:01:54 0 d-------- C:\Users\Vincent\AppData\Roaming\skypePM

2008-07-24 21:58:11 0 d-------- C:\Program Files\McAfee

2008-07-24 21:57:09 12 --a------ C:\Windows\bthservsdp.dat

2008-07-24 21:51:35 35541 --a------ C:\Users\Vincent\AppData\Roaming\nvModes.dat

2008-07-16 01:02:04 0 d-------- C:\Program Files\iPod

2008-07-16 00:59:58 0 d-------- C:\Program Files\Bonjour

2008-07-16 00:58:50 0 d-------- C:\Program Files\QuickTime

2008-07-14 23:01:19 0 d--h----- C:\Program Files\InstallShield Installation Information

2008-07-10 01:11:04 0 d-------- C:\Program Files\Windows Mail

2008-07-09 19:23:25 174 --ahs---- C:\Program Files\desktop.ini

2008-06-24 20:23:00 0 d-------- C:\Program Files\Common Files

2008-06-23 18:39:34 0 d-------- C:\Program Files\Windows Installer Clean Up

2008-06-23 18:38:59 0 d-------- C:\Program Files\MSECACHE

2008-06-23 12:35:58 0 d-------- C:\Program Files\THQ

2008-06-15 19:48:11 0 d-------- C:\Users\Vincent\AppData\Roaming\Adobe

2008-06-11 20:13:25 0 d-------- C:\Program Files\Adobe CS3

2008-06-09 13:26:16 0 d-------- C:\Users\Vincent\AppData\Roaming\U3

2008-05-26 23:23:44 0 d-------- C:\Program Files\K-Lite Codec Pack

2008-05-26 23:14:53 0 d-------- C:\Users\Vincent\AppData\Roaming\Media Player Classic

2008-05-26 09:58:22 0 d-------- C:\Program Files\Google

2008-05-24 20:40:37 0 d-------- C:\Program Files\VideoLAN

2008-05-24 19:14:39 0 d-------- C:\Program Files\ChangeWallpaper

2008-05-24 19:14:07 0 d-------- C:\Program Files\AviSynth 2.5

-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{377C180E-6F0E-4D4C-980F-F45BD3D40CF4}]

26/11/2007 10:46 324936 --a------ c:\PROGRA~1\mcafee\msk\mcapbho.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [20/11/2006 19:51]

"NvSvc"="C:\Windows\system32\nvsvc.dll" [14/12/2006 01:16]

"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [14/12/2006 01:16]

"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [14/12/2006 01:16]

"SunJavaUpdateSched"="c:\Program Files\Java\jre1.6.0\bin\jusched.exe" [11/09/2007 13:56]

"PMX Daemon"="ICO.EXE" [08/11/2006 16:01 C:\Windows\System32\ico.exe]

"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [16/02/2005 17:15]

"dscactivate"="C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" [15/11/2007 10:24]

"ECenter"="c:\dell\E-Center\EULALauncher.exe" [16/03/2007 12:50]

"PCMService"="C:\Program Files\Dell\MediaDirect\PCMService.exe" [02/05/2007 19:16]

"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [16/02/2005 17:15]

"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [27/10/2006 01:47]

"MSConfig"="C:\Windows\System32\msconfig.exe" [02/11/2006 11:45]

"@"="" []

"RoxWatchTray"="C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [05/11/2006 12:22]

"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [25/07/2007 17:02]

"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [25/07/2007 17:06]

"UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe" [07/09/2006 19:19]

"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [11/01/2008 23:16]

"mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [03/08/2007 23:33]

"DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [15/11/2007 10:23]

"Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [11/01/2008 19:54]

"SigmatelSysTrayApp"="sttray.exe" [12/01/2007 10:51 C:\Windows\sttray.exe]

"AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [10/07/2008 09:47]

"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [27/05/2008 10:50]

"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [10/07/2008 10:51]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [16/02/2005 17:15]

"DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [15/11/2007 10:23]

"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [02/11/2006 14:36]

"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [03/06/2008 15:08]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]

"DelayShred"="c:\program files\mcafee\mshr\ShrCL.EXE" /P7 /q C:\Users\Vincent\AppData\Local\Temp\~DFD8CA.tmp C:\Users\Vincent\AppData\Local\Temp\~DFD8BF.tmp C:\Users\Vincent\AppData\Local\Temp\~DFB38F.tmp C:\Users\Vincent\AppData\Local\Temp\~DFB37F.tmp C:\Users\Vincent\AppData\Local\Temp\~DF52C8.tmp C:\Users\Vincent\AppData\Local\Temp\~DF526D.tmp C:\Users\Vincent\AppData\Local\Temp\Patcher\PAAFA2~1\PBSLOC~1\PBSLOC~1.SH! C:\Users\Vincent\AppData\Local\Temp\Low\~DF7430.tmp C:\Users\Vincent\AppData\Local\Temp\Low\~DF7423.tmp C:\Users\Vincent\AppData\Local\Temp\Low\HSPERF~1.SH! C:\Users\Vincent\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\MCSMYR2E\EXIT_1~1.SH! C:\Users\Vincent\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\4JXIM1LK\DYNAMI~1.SH! C:\Users\Vincent\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\3QIIN735\I500_1~1.SH!

C:\Users\Vincent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [16/03/2005 21:16:50]

OneNote 2007 - Capture d'‚cran et lancement.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [26/10/2006 21:24:54]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\

BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [03/11/2006 18:55:50]

Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [11/09/2007 14:01:54]

QuickSet.lnk - C:\Windows\Installer\{7F0C4457-8E64-491B-8D7B-991504365D1E}\NewShortcut2_53A01CC614B04512A2E710D39BF83DC4.exe [11/09/2007 13:58:41]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"=2 (0x2)

"ValidateAdminCodeSignatures"=1 (0x1)

"FilterAdministratorToken"=1 (0x1)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]

@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]

@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

@="IEEE 1394 Bus host controllers"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

@="SBP2 IEEE 1394 Devices"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

@="SecurityDevices"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Vincent^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MSN Pictures Displayer.lnk]

backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]

"C:\Program Files\DellSupport\DSAgnt.exe" /startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DNS7reminder]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Flashget]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]

"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]

%ProgramFiles%\Windows Defender\MSASCui.exe -hide

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsWelcomeCenter]

rundll32.exe oobefldr.dll,ShowWelcomeCenter

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalService nsi lltdsvc SSDPSRV upnphost SCardSvr w32time EventSystem RemoteRegistry WinHttpAutoProxySvc lanmanworkstation TBS SLUINotify THREADORDER fdrespub netprofm fdphost wcncsvc QWAVE WebClient

LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc CscService TabletInputService UmRdpService wlansvc WPDBusEnum EMDMgmt

LocalServiceNoNetwork PLA DPS BFE mpssvc

LocalServiceNetworkRestricted DHCP eventlog AudioSrv LmHosts wscsvc p2pimsvc PNRPSvc p2psvc PnrpAutoReg

bthsvcs BthServ

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H]

AutoRun\command- H:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1cee23ff-f0a3-11dc-b0b4-001c26f41dad}]

Auto\command- wscript "esta ig.vbs"

AutoRun\command- C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript "esta ig.vbs"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3a15e58c-e530-11dc-b21d-001c26f41dad}]

Auto\command- wscript "esta ig.vbs"

AutoRun\command- C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript "esta ig.vbs"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{557587cb-74dc-11dc-8710-001c26f41dad}]

Auto\command- wscript "esta ig.vbs"

AutoRun\command- C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript "esta ig.vbs"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{786e714d-da93-11dc-9beb-001c26f41dad}]

AutoRun\command- I:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{91fe4d52-f1b6-11dc-accd-001c26f41dad}]

Auto\command- wscript "esta ig.vbs"

AutoRun\command- C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript "esta ig.vbs"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b1f5d00d-70ed-11dc-9835-001c26f41dad}]

Auto\command- AdobeR.exe e

AutoRun\command- C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ba6228ea-8c47-11dc-b2d1-001c26f41dad}]

AutoRun\command- G:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ee6cd63a-6451-11dc-b1fb-001c26f41dad}]

Auto\command- AdobeR.exe e

AutoRun\command- C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f86d8c57-24d0-11dd-8b49-001c26f41dad}]

AutoRun\command- F:\AutoRun.exe

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]

C:\Windows\system32\unregmp2.exe /ShowWMP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]

%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI

-- End of Deckard's System Scanner: finished at 2008-07-25 00:02:36 ------------

Mon fichier "extra.txt" :

Deckard's System Scanner v20071014.68

Extra logfile - please post this as an attachment with your post.

--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft® Windows Vista™ Professionnel (build 6000)

Architecture: X86; Language: French

CPU 0: Intel® Core2 CPU T7200 @ 2.00GHz

Percentage of Memory in Use: 54%

Physical Memory (total/avail): 2045.85 MiB / 922.75 MiB

Pagefile Memory (total/avail): 4304.74 MiB / 2712.26 MiB

Virtual Memory (total/avail): 2047.88 MiB / 1922.96 MiB

C: is Fixed (NTFS) - 99.7 GiB total, 11.5 GiB free.

D: is Fixed (NTFS) - 10 GiB total, 6.62 GiB free.

E: is CDROM (No Media)

F: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - TOSHIBA MK1237GSX ATA Device - 111.79 GiB - 4 partitions

\PARTITION0 - Unknown - 94.1 MiB

\PARTITION1 - Système de fichiers installable - 10 GiB - D:

\PARTITION2 (bootable) - Système de fichiers installable - 99.7 GiB - C:

\PARTITION3 - Étendu avec Inter. 13 étendue - 2048 MiB

-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.

Windows Internal Firewall is disabled.

FW: McAfee Personal Firewall v (McAfee)

AV: McAfee VirusScan v (McAfee)

AS: McAfee VirusScan v (McAfee)

AS: Spybot - Search and Destroy v1.0.0.4 (Safer Networking Ltd.) Disabled Outdated

AS: Windows Defender v1.1.1505.0 (Microsoft Corporation)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\ProgramData

APPDATA=C:\Users\Vincent\AppData\Roaming

CLASSPATH=.;C:\Program Files\Java\jre1.6.0\lib\ext\QTJava.zip

CommonProgramFiles=C:\Program Files\Common Files

COMPUTERNAME=PC-EM-LYON

ComSpec=C:\Windows\system32\cmd.exe

FP_NO_HOST_CHECK=NO

HOMEDRIVE=C:

HOMEPATH=\Users\Vincent

LOCALAPPDATA=C:\Users\Vincent\AppData\Local

LOGONSERVER=\\PC-EM-LYON

NUMBER_OF_PROCESSORS=2

OS=Windows_NT

Path=C:\Program Files\Mozilla Firefox;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\Program Files\Common Files\Adobe\AGL;C:\Program Files\QuickTime\QTSystem\

PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC

PROCESSOR_ARCHITECTURE=x86

PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 6, GenuineIntel

PROCESSOR_LEVEL=6

PROCESSOR_REVISION=0f06

ProgramData=C:\ProgramData

ProgramFiles=C:\Program Files

PROMPT=$P$G

PUBLIC=C:\Users\Public

QTJAVA=C:\Program Files\Java\jre1.6.0\lib\ext\QTJava.zip

RoxioCentral=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\

SESSIONNAME=Console

SystemDrive=C:

SystemRoot=C:\Windows

TEMP=C:\Users\Vincent\AppData\Local\Temp

TMP=C:\Users\Vincent\AppData\Local\Temp

USERDOMAIN=PC-EM-Lyon

USERNAME=Vincent

USERPROFILE=C:\Users\Vincent

windir=C:\Windows

-- User Profiles ---------------------------------------------------------------

Vincent (admin)

-- Add/Remove Programs ---------------------------------------------------------

Adobe Acrobat 8.1.0 Professional --> msiexec /I {AC76BA86-1033-F400-7760-000000000003}

Adobe After Effects 7.0 --> msiexec /I {DD362256-A7A2-4524-9457-213DDC2AFC2A}

Adobe Anchor Service CS3 --> MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}

Adobe Asset Services CS3 --> MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}

Adobe Bridge 1.0 --> MsiExec.exe /I{AE3D38A6-13B1-40B3-9423-D1FA9982FB6A}

Adobe Bridge CS3 --> MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}

Adobe Bridge Start Meeting --> MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}

Adobe Camera Raw 4.0 --> MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}

Adobe CMaps --> MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}

Adobe Color - Photoshop Specific --> MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}

Adobe Color Common Settings --> C:\Program Files\Common Files\Adobe\Installers\6c8e2cb4fd241c55406016127a6ab2e\Setup.exe

Adobe Color Common Settings --> MsiExec.exe /I{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}

Adobe Color EU Extra Settings --> MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}

Adobe Color EU Recommended Settings --> MsiExec.exe /I{73B5D990-04EA-4751-B10F-5534770B91F2}

Adobe Color JA Extra Settings --> MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}

Adobe Color NA Extra Settings --> MsiExec.exe /I{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}

Adobe Color NA Recommended Settings --> MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}

Adobe Common File Installer --> MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5102}

Adobe Default Language CS3 --> MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}

Adobe Device Central CS3 --> MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}

Adobe Dreamweaver CS3 --> C:\Program Files\Common Files\Adobe\Installers\ad19d2ae8332572b119cf35fd0a30d8\Setup.exe

Adobe Dreamweaver CS3 --> MsiExec.exe /I{4BDB76C6-902E-41D5-9064-68768E02886B}

Adobe ExtendScript Toolkit 2 --> C:\Program Files\Common Files\Adobe\Installers\3e054d2218e7aa282c2369d939e58ff\Setup.exe

Adobe ExtendScript Toolkit 2 --> MsiExec.exe /I{77D2A9D3-5800-43E3-B274-87841BC87DB2}

Adobe Extension Manager CS3 --> MsiExec.exe /I{BE5F3842-8309-4754-92D5-83E02E6077A3}

Adobe Flash CS3 --> MsiExec.exe /I{80FD3971-8482-49C8-BA8C-B6464A15882F}

Adobe Flash CS3 Professional --> C:\Program Files\Common Files\Adobe\Installers\b2b4b1546e74314f8131ded43e4bd9d\Setup.exe

Adobe Flash Player Plugin --> C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe

Adobe Flash Video Encoder --> MsiExec.exe /I{1B0BCA28-1F11-4D60-8A2F-DEBE04B5341E}

Adobe Fonts All --> MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}

Adobe Help Center 2.0 --> MsiExec.exe /I{8FFC924C-ED06-44CB-8867-3CA778ECE903}

Adobe Help Viewer CS3 --> MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}

Adobe Illustrator CS2 --> msiexec /I {B2F5D08C-7E79-4FCD-AAF4-57AD35FF0601}

Adobe InDesign CS2 --> msiexec /I{7F4C8163-F259-49A0-A018-2857A90578BC}

Adobe Linguistics CS3 --> MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}

Adobe PDF Library Files --> MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}

Adobe Photoshop CS3 --> C:\Program Files\Common Files\Adobe\Installers\719d6f144d0c086a0dfa7ff76bb9ac1\Setup.exe

Adobe Photoshop CS3 --> MsiExec.exe /I{3D7E3EC9-46CF-4359-9289-39CE01DFB82F}

Adobe Premiere Pro 2.0 --> msiexec /I {FA17A726-B229-4116-B793-A2AB1A4EAE2E}

Adobe Reader 8.1.2 - Français --> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}

Adobe Setup --> MsiExec.exe /I{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}

Adobe Setup --> MsiExec.exe /I{82503EA7-7E08-4AA8-90E9-BE4D0A6D453F}

Adobe Setup --> MsiExec.exe /I{8AE03988-8C8C-40EE-BDC7-76781BEF1B1D}

Adobe Setup --> MsiExec.exe /I{D2E18162-47FB-4216-8AB3-F420C1AF75A4}

Adobe Setup --> MsiExec.exe /I{FF11004C-F42A-4A31-9BCF-7F5C8FDBE53C}

Adobe Stock Photos 1.0 --> MsiExec.exe /I{786C5747-1437-443D-B06E-79A00FE45110}

Adobe Stock Photos CS3 --> MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}

Adobe Type Support --> MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}

Adobe Update Manager CS3 --> MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}

Adobe Version Cue CS3 Client --> MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}

Adobe WinSoft Linguistics Plugin --> MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}

Adobe XMP Panels CS3 --> MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}

Apple Mobile Device Support --> MsiExec.exe /I{35B91753-5789-4517-9CF1-2CCE3A8CF4F1}

Apple Software Update --> MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}

Archiveur WinRAR --> C:\Program Files\WinRAR\uninstall.exe

Assistant Personnalisation du systéme Dell --> MsiExec.exe /I{9954484F-6EE4-4040-94E3-4B380646F867}

AusLogics Disk Defrag --> "C:\Program Files\AusLogics Disk Defrag\unins000.exe"

AVI/MPEG/RM/WMV Joiner 4.81 --> "C:\Program Files\AVI MPEG RM WMV Joiner\unins000.exe"

BitSpirit v3.3.1.150 Stable --> "C:\Program Files\BitSpirit\unins000.exe"

Bonjour --> MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}

Broadcom Management Programs --> MsiExec.exe /X{D6771E19-1BB6-43B1-811E-ECC5A4613579}

Business-Plan Cap Alpha 2.2 --> C:\Windows\unin040c.exe -f"C:\Program Files\CapAlpha\BPCA22\DeIsL1.isu" -c"C:\Program Files\CapAlpha\BPCA22\_ISREG32.DLL"

Canon MP160 --> "C:\Windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP160\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP160 /L0x000c

Company of Heroes --> MsiExec.exe /X{51D718D1-DA81-4FAD-919F-5C1CE3C33379}

Conexant HDA D110 MDC V.92 Modem --> C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3\HXFSETUP.EXE -U -IDellHDAz.inf

CopyRightLeft 0.4 Beta --> "C:\Program Files\CopyRightLeft\unins000.exe"

CorelDRAW Graphics Suite 12 --> MsiExec.exe /I{505AFDC0-5E72-4928-8368-5DEA385E3647}

CutePDF Writer 2.7 --> C:\Program Files\Acro Software\CutePDF Writer\uninscpw.exe /uninstall

Dell Support Center --> MsiExec.exe /X{E3BFEE55-39E2-4BE0-B966-89FE583822C1}

DellSupport --> MsiExec.exe /X{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}

Digital Line Detect --> C:\Program Files\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x040c -removeonly

Express Burn --> C:\Program Files\NCH Swift Sound\ExpressBurn\uninst.exe

FileZilla Client 3.0.9.2 --> C:\Program Files\FileZilla Client\uninstall.exe

Google Earth Pro --> MsiExec.exe /X{9578C0CD-8108-4379-9026-4601F59859A0}

Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}

Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"

Guide de l'utilisateur --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}\setup.exe"

HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall

iPod for Windows 2006-03-23 --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{2070F79D-46BC-4EEA-8F02-9B4DCABAE7CB} /l1036

iTunes --> MsiExec.exe /I{EF6C4600-306D-4F6A-A119-C2A877D25B4A}

JAlbum 7.0 --> C:\Program Files\JAlbum7.0\Uninstall.exe

Java SE Runtime Environment 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}

K-Lite Codec Pack 3.9.0 Full --> "C:\Program Files\K-Lite Codec Pack\unins000.exe"

Logitech QuickCam --> MsiExec.exe /X{364EC092-93CF-4DDC-9D7A-7278452028E0}

McAfee SecurityCenter --> C:\Program Files\McAfee\MSC\mcuninst.exe

MediaDirect --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}\Setup.exe" -l0x40c -cluninstall

Messenger Plus! Live --> "C:\Program Files\Messenger Plus! Live\Uninstall.exe"

Microsoft Office Access MUI (French) 2007 --> MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}

Microsoft Office Enterprise 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL

Microsoft Office Enterprise 2007 --> MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}

Microsoft Office Excel MUI (French) 2007 --> MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}

Microsoft Office Groove MUI (French) 2007 --> MsiExec.exe /X{90120000-00BA-040C-0000-0000000FF1CE}

Microsoft Office InfoPath MUI (French) 2007 --> MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}

Microsoft Office OneNote MUI (French) 2007 --> MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}

Microsoft Office Outlook MUI (French) 2007 --> MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (French) 2007 --> MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}

Microsoft Office Proof (Arabic) 2007 --> MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}

Microsoft Office Proof (Dutch) 2007 --> MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}

Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}

Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}

Microsoft Office Proof (German) 2007 --> MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}

Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}

Microsoft Office Proofing (French) 2007 --> MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}

Microsoft Office Publisher MUI (French) 2007 --> MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}

Microsoft Office Shared MUI (French) 2007 --> MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}

Microsoft Office Word MUI (French) 2007 --> MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}

Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}

Microsoft Works --> MsiExec.exe /I{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}

Minesweeper Clone 0.97 beta --> "C:\Program Files\Minesweeper Clone\unins000.exe"

Mouse Suite for Laptop Computers --> C:\Program Files\InstallShield Installation Information\{BF13AA9D-E4CE-4015-9778-ECC1D4FB06E4}\setup.exe -runfromtemp -l0x040c -removeonly

Mozilla Firefox (2.0.0.16) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe

MSN Pictures Displayer 4.5 --> "C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe" /U

MSXML 4.0 SP2 (KB927978) --> MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}

MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}

MSXML 4.0 SP2 (KB941833) --> MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}

NetWaiting --> C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x040c -removeonly

Notepad++ --> C:\Program Files\Notepad++\uninstall.exe

NVIDIA Drivers --> C:\Windows\system32\NVUNINST.EXE UninstallGUI

Outil de diagnostic de modem --> MsiExec.exe /I{F63A3748-B93D-4360-9AD4-B064481A5C7B}

OutlookAddinSetup --> MsiExec.exe /I{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}

PDF Settings --> MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}

PhotoFiltre Studio --> "C:\Program Files\PhotoFiltre Studio\Uninst.exe"

QuickSet --> MsiExec.exe /I{7F0C4457-8E64-491B-8D7B-991504365D1E}

QuickTime --> MsiExec.exe /I{08CA9554-B5FE-4313-938F-D4A417B81175}

Riva FLV Encoder 2.0 --> "C:\Program Files\Riva\Riva FLV Encoder 2.0\unins000.exe"

Roxio Creator Audio --> MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82}

Roxio Creator Copy --> MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}

Roxio Creator Data --> MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87}

Roxio Creator DE --> MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}

Roxio Creator Tools --> MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF}

Roxio Drag-to-Disc --> MsiExec.exe /I{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}

Roxio Express Labeler --> MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}

Roxio MyDVD DE --> MsiExec.exe /I{D639085F-4B6E-4105-9F37-A0DBB023E2FB}

Roxio Update Manager --> MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}

Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

Security Update for Excel 2007 (KB946974) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {85E83E2E-AF9B-439B-B4F9-EB9B7EF6A00E}

Security Update for Microsoft Office Publisher 2007 (KB950114) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}

Security Update for Microsoft Office system 2007 (KB951808) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}

Security Update for Microsoft Office Word 2007 (KB950113) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}

Security Update for Office 2007 (KB934062) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {305D509B-F194-4638-9F0F-D9E4C05F9D33}

Security Update for Office 2007 (KB947801) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {02B5A17B-01BE-4BA6-95F1-1CBB46EBC76E}

Security Update for the 2007 Microsoft Office System (KB936960) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5E5BD655-7AA9-47F9-BB6D-A1D8CE29AC86}

Security Update for Visio 2007 (KB947590) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6BAD036C-261F-4BEF-96CF-C20678D07A41}

SigmaTel Audio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\setup.exe" -l0x40c -remove -removeonly

Skype™ 3.8 --> MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}

Sonic Activation Module --> MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}

Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"

Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall

TOEIC Mastery version 1.2 --> "C:\Program Files\ALA\TCM\unins000.exe"

ToolBar S&D --> C:\Toolbar SD\Uninstal.exe

Unlocker 1.8.5 --> C:\Program Files\Unlocker\uninst.exe

Update for Microsoft Office Outlook 2007 (KB952142) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}

Update for Office 2007 (KB932080) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {EDC9CA29-6BC1-471C-828C-7A36109005D7}

Update for Office 2007 (KB934391) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B3091818-7C56-4C45-BE7D-CA23027A5EA5}

Update for Office 2007 (KB946691) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}

Update for Outlook 2007 Junk Email Filter (kb953463) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1B78D541-9FF1-4330-ADD8-CED14F0C1E8E}

URL Assistant --> regsvr32 /u /s "C:\Program Files\BAE\BAE.dll"

WIDCOMM Bluetooth Software 6.0.1.3100 --> MsiExec.exe /X{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}

Winamp --> "C:\Program Files\Winamp\UninstWA.exe"

Windows Installer Clean Up --> MsiExec.exe /X{121634B0-2F4B-11D3-ADA3-00C04F52DD52}

Windows Live Messenger --> MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}

Windows Live OneCare safety scanner --> "C:\Program Files\Windows Live Safety Center\UnInstall.exe"

Windows Live OneCare safety scanner --> MsiExec.exe /X{FE0646A7-19D0-41B4-A2BB-2C35D644270D}

-- Application Event Log -------------------------------------------------------

Event Record #/Type223599 / Error

Event Submitted/Written: 07/24/2008 11:36:18 PM

Event ID/Source: 1002 / Application Hang

Event Description:

Le programme pf-studio.exe version 9.0.0.0 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans l’application Rapports et solutions aux problèmes du Panneau de configuration.

ID de processus : 1bd4

Heure de début : 01c8edd321d68b50

Heure de fin : 182

Event Record #/Type223524 / Success

Event Submitted/Written: 07/24/2008 10:28:19 PM

Event ID/Source: 12001 / usnjsvc

Event Description:

The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type223491 / Error

Event Submitted/Written: 07/24/2008 09:58:50 PM

Event ID/Source: 5007 / WerSvc

Event Description:

Impossible d’analyser le fichier cible de la plateforme de signalement de problèmes Windows (fichier DLL contenant la liste des problèmes de l’ordinateur et nécessitant la collecte de données supplémentaires à des fins de diagnostic). Le code d’erreur était : 8014FFF9.

Event Record #/Type223477 / Success

Event Submitted/Written: 07/24/2008 09:58:26 PM

Event ID/Source: 5617 / WinMgmt

Event Description:

Event Record #/Type223475 / Success

Event Submitted/Written: 07/24/2008 09:58:22 PM

Event ID/Source: 5615 / WinMgmt

Event Description:

-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.

-- System Event Log ------------------------------------------------------------

Event Record #/Type141103 / Warning

Event Submitted/Written: 07/24/2008 11:02:14 PM

Event ID/Source: 4226 / Tcpip

Event Description:

TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées.

Event Record #/Type141094 / Warning

Event Submitted/Written: 07/24/2008 10:05:16 PM

Event ID/Source: 4 / Client Side Rendering Spooler

Event Description:

Le spouleur d’impression n’a pas pu rouvrir une connexion d’imprimante existante car il n’a pas pu lire les informations de configuration dans la clé de Registre S-1-5-18\Printers\Connections. Le spouleur d’impression n’a pas pu ouvrir la clé de Registre. Ceci peut se produire si la clé de Registre est endommagée ou absente, ou si le Registre est momentanément indisponible.

Event Record #/Type141093 / Warning

Event Submitted/Written: 07/24/2008 10:05:16 PM

Event ID/Source: 4 / Client Side Rendering Spooler

Event Description:

Le spouleur d’impression n’a pas pu rouvrir une connexion d’imprimante existante car il n’a pas pu lire les informations de configuration dans la clé de Registre S-1-5-18\Printers\Connections. Le spouleur d’impression n’a pas pu ouvrir la clé de Registre. Ceci peut se produire si la clé de Registre est endommagée ou absente, ou si le Registre est momentanément indisponible.

Event Record #/Type141092 / Warning

Event Submitted/Written: 07/24/2008 10:04:20 PM

Event ID/Source: 4 / Client Side Rendering Spooler

Event Description:

Le spouleur d’impression n’a pas pu rouvrir une connexion d’imprimante existante car il n’a pas pu lire les informations de configuration dans la clé de Registre S-1-5-18\Printers\Connections. Le spouleur d’impression n’a pas pu ouvrir la clé de Registre. Ceci peut se produire si la clé de Registre est endommagée ou absente, ou si le Registre est momentanément indisponible.

Event Record #/Type141091 / Warning

Event Submitted/Written: 07/24/2008 10:04:20 PM

Event ID/Source: 4 / Client Side Rendering Spooler

Event Description:

Le spouleur d’impression n’a pas pu rouvrir une connexion d’imprimante existante car il n’a pas pu lire les informations de configuration dans la clé de Registre S-1-5-18\Printers\Connections. Le spouleur d’impression n’a pas pu ouvrir la clé de Registre. Ceci peut se produire si la clé de Registre est endommagée ou absente, ou si le Registre est momentanément indisponible.

-- End of Deckard's System Scanner: finished at 2008-07-25 00:02:36 ------------

Falkra · le 25 juillet 2008

Le système est ok, quelques traces de restes d'infections, mais rien de dangereux ni d'actif.

Télécharge Malwarebytes' Anti-Malware (MBAM)

Double clique sur le fichier téléchargé pour lancer le processus d'installation.
Dans l'onglet "Mise à jour", clique sur le bouton "Recherche de mise à jour": si le pare-feu demande l'autorisation à MBAM de se connecter, accepte.
Une fois la mise à jour terminée, rends-toi dans l'onglet "Recherche".
Sélectionne "Exécuter un examen rapide"
Clique sur "Rechercher"
L'analyse démarre, le scan est relativement long, c'est normal.
A la fin de l'analyse, un message s'affiche :
L'examen s'est terminé normalement. Clique sur 'Afficher les résultats' pour afficher tous les objets trouvés.
Clique sur "Ok" pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
Ferme tes navigateurs.
Si des malwares ont été détectés, clique sur Afficher les résultats.
Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport et poste-le dans ta prochaine réponse.

beuzz69 · le 25 juillet 2008

Voila mon rapport Malwarebytes' Anti-Malwares :

Malwarebytes' Anti-Malware 1.23

Version de la base de données: 992

Windows 6.0.6000

20:23:37 25/07/2008

mbam-log-7-25-2008 (20-22-33).txt

Type de recherche: Examen rapide

Eléments examinés: 37635

Temps écoulé: 16 minute(s), 37 second(s)

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 1

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 0

Processus mémoire infecté(s):