Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

liens détournés + plantage Combofix

bobbybob

Par bobbybob
dans Analyses et éradication malwares

 Partager

Messages recommandés

Falkra Devil Member !

Falkra

Posté(e)
Posté(e)

Ok, pas grave.

 

Télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.

  • Double-clique sur RSIT.exe afin de lancer RSIT.
  • Clique Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (<<qui sera affiché) ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
  • NB : Les rapports sont sauvegardés dans le dossier C:\rsit
    Ca fait deux rapports donc. :P

bobbybob Junior Member

bobbybob

Posté(e)
  • Auteur
Posté(e)

Bonjour !

 

Voici le rapport log.txt :

 

Logfile of random's system information tool 1.05 (written by random/random)
Run by Marco at 2009-01-11 12:19:48
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 28 GB (69%) free of 40 GB
Total RAM: 2046 MB (76% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:20, on 2009-01-11
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\stsystra.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Marco\Bureau\RSIT.exe
C:\Program Files\trend micro\Marco.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CamserviceDP] C:\Program Files\Hercules\DualPix Exchange\Camservice.exe /startup
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6662.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1225563610500
O17 - HKLM\System\CCS\Services\Tcpip\..\{83F9E90E-659B-4415-88F5-41C2F42541A5}: NameServer = 10.0.1.1
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
O23 - Service: E-MU Audio Service (emaudsv) - E-MU Systems - C:\WINDOWS\system32\emaudsv.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe
O23 - Service: V2i Protector - PowerQuest Corporation - C:\Program Files\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe

--
End of file - 6054 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}]
HelperObject Class - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll [2006-05-10 49152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-11-03 54248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2008-07-07 1562448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-10 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-10 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-10 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - SnagIt - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll [2006-05-10 131072]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SigmatelSysTrayApp"=C:\WINDOWS\stsystra.exe [2007-02-19 303104]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-10-26 1024000]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2006-01-12 155648]
"CamserviceDP"=C:\Program Files\Hercules\DualPix Exchange\Camservice.exe [2007-08-10 81920]
"vptray"=C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe [2002-09-02 77824]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-10 136600]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-12-18 8523776]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-12-18 81920]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
C:\WINDOWS\system32\NavLogon.dll [2002-07-30 45056]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSEXESVC]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Hercules\DualPix Exchange\Station2.exe"="C:\Program Files\Hercules\DualPix Exchange\Station2.exe:*:Enabled:Hercules Webcam Station Evolution SE"
"C:\WINDOWS\system32\ftp.exe"="C:\WINDOWS\system32\ftp.exe:*:Enabled:Logiciel de transfert de fichiers"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

======List of files/folders created in the last 1 months======

2009-01-11 12:19:49 ----D---- C:\Program Files\trend micro
2009-01-11 12:19:48 ----D---- C:\rsit
2009-01-10 23:30:27 ----D---- C:\Documents and Settings\Marco\Application Data\Malwarebytes
2009-01-10 23:27:18 ----D---- C:\plop
2009-01-10 23:27:17 ----A---- C:\WINDOWS\system32\CF29412.exe
2009-01-10 22:16:35 ----A---- C:\WINDOWS\zip.exe
2009-01-10 22:16:35 ----A---- C:\WINDOWS\VFIND.exe
2009-01-10 22:16:35 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-01-10 22:16:35 ----A---- C:\WINDOWS\SWSC.exe
2009-01-10 22:16:35 ----A---- C:\WINDOWS\SWREG.exe
2009-01-10 22:16:35 ----A---- C:\WINDOWS\sed.exe
2009-01-10 22:16:35 ----A---- C:\WINDOWS\NIRCMD.exe
2009-01-10 22:16:35 ----A---- C:\WINDOWS\grep.exe
2009-01-10 22:16:35 ----A---- C:\WINDOWS\fdsv.exe
2009-01-10 22:16:30 ----D---- C:\WINDOWS\ERDNT
2009-01-10 22:16:30 ----D---- C:\Qoobox
2009-01-10 22:16:29 ----A---- C:\WINDOWS\system32\CF15547.exe
2009-01-10 21:54:28 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-01-10 21:54:27 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-01-10 21:33:19 ----D---- C:\Program Files\Windows Live Safety Center
2009-01-10 20:36:04 ----D---- C:\Program Files\Lavasoft
2009-01-10 20:36:03 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2009-01-10 20:08:33 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-01-10 20:08:33 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-01-09 22:42:32 ----D---- C:\Documents and Settings\Marco\Application Data\FileZilla
2009-01-09 22:42:26 ----D---- C:\Program Files\FileZilla FTP Client
2009-01-06 08:39:37 ----A---- C:\WINDOWS\system32\nwiz.exe
2009-01-06 08:39:37 ----A---- C:\WINDOWS\system32\nvmccsrs.dll
2009-01-06 08:39:37 ----A---- C:\WINDOWS\system32\nvexpbar.dll
2009-01-06 08:39:37 ----A---- C:\WINDOWS\system32\nvcplui.exe
2009-01-06 08:39:36 ----A---- C:\WINDOWS\system32\nvwimg.dll
2009-01-06 08:39:36 ----A---- C:\WINDOWS\system32\nvwdmcpl.dll
2009-01-06 08:39:36 ----A---- C:\WINDOWS\system32\nvshell.dll
2009-01-06 08:39:36 ----A---- C:\WINDOWS\system32\nview.dll
2009-01-06 08:39:36 ----A---- C:\WINDOWS\system32\nvdspsch.exe
2009-01-06 08:39:36 ----A---- C:\WINDOWS\system32\nvcolor.exe
2009-01-06 08:39:36 ----A---- C:\WINDOWS\system32\nvappbar.exe
2009-01-06 08:39:36 ----A---- C:\WINDOWS\system32\keystone.exe
2009-01-06 08:39:35 ----A---- C:\WINDOWS\system32\nvudisp.exe
2009-01-06 08:39:11 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2008-12-23 13:06:03 ----D---- C:\Program Files\HD Tach

======List of files/folders modified in the last 1 months======

2009-01-11 12:19:49 ----D---- C:\Program Files
2009-01-11 12:16:54 ----D---- C:\Program Files\Mozilla Firefox
2009-01-11 12:16:30 ----D---- C:\WINDOWS\Temp
2009-01-11 12:13:27 ----D---- C:\WINDOWS\Registration
2009-01-11 11:35:16 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-01-11 11:35:11 ----D---- C:\WINDOWS\system32\CatRoot2
2009-01-10 23:28:50 ----D---- C:\WINDOWS\system32\drivers
2009-01-10 23:28:50 ----D---- C:\WINDOWS\system32
2009-01-10 23:28:49 ----D---- C:\WINDOWS\AppPatch
2009-01-10 23:28:49 ----D---- C:\WINDOWS
2009-01-10 23:28:49 ----D---- C:\Program Files\Fichiers communs
2009-01-10 22:19:43 ----SHD---- C:\System Volume Information
2009-01-10 22:19:43 ----D---- C:\WINDOWS\system32\Restore
2009-01-10 22:18:18 ----A---- C:\WINDOWS\ntbtlog.txt
2009-01-10 21:36:23 ----HD---- C:\WINDOWS\inf
2009-01-10 21:33:21 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-01-10 21:24:39 ----D---- C:\Program Files\hijackthis
2009-01-10 20:36:23 ----SHD---- C:\WINDOWS\Installer
2009-01-10 20:35:37 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2009-01-09 23:38:53 ----A---- C:\WINDOWS\NeroDigital.ini
2009-01-07 11:21:54 ----D---- C:\WINDOWS\security
2009-01-06 08:40:18 ----D---- C:\WINDOWS\nview
2009-01-06 08:39:33 ----D---- C:\WINDOWS\Help
2008-12-13 14:30:38 ----D---- C:\Documents and Settings\Marco\Application Data\.purple

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 40576]
R1 PQIMount;PQIMount; C:\WINDOWS\system32\drivers\PQIMount.sys [2003-06-03 46900]
R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 NAVAPEL;NAVAPEL; \??\C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\NAVAPEL.SYS []
R2 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2006-11-15 32256]
R2 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2006-11-14 43520]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2006-11-14 37376]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2006-11-21 45568]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 GearAspiWDM;GearAspiWDM; C:\WINDOWS\system32\drivers\GearAspiWDM.sys [2008-01-29 16168]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 NAVAP;NAVAP; \??\C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\NAVAP.sys []
R3 NAVENG;NAVENG; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20090102.006\NAVENG.sys []
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20090102.006\NAVEX15.sys []
R3 NETw4x32;Pilote de carte Intel(R) Wireless WiFi Link pour Windows XP 32 bits; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2007-09-26 2236032]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-12-18 7435136]
R3 OEM02Afx;Provides a software interface to control audio effects of M08 Internal webcam.; \??\C:\WINDOWS\system32\Drivers\OEM02Afx.sys []
R3 OEM02Dev;Creative Camera OEM002 Driver; C:\WINDOWS\system32\DRIVERS\OEM02Dev.sys [2007-03-20 234496]
R3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver; C:\WINDOWS\system32\DRIVERS\OEM02Vfx.sys [2007-03-05 7424]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2007-02-19 1228296]
R3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2007-10-26 216800]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 61883;Pilote d'unité 61883; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128]
S3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 Avc;Périphérique AVC; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912]
S3 camfilt2;camfilt2; C:\WINDOWS\System32\Drivers\camfilt2.sys [2007-05-29 94208]
S3 catchme;catchme; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 emusba10;E-MU USB-Audio 1.0 Driver; C:\WINDOWS\system32\DRIVERS\emusba10.sys [2006-11-20 142208]
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-13 51200]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 s117bus;Sony Ericsson Device 117 driver (WDM); C:\WINDOWS\system32\DRIVERS\s117bus.sys [2007-06-25 82984]
S3 s117mdfl;Sony Ericsson Device 117 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s117mdfl.sys [2007-06-25 14888]
S3 s117mdm;Sony Ericsson Device 117 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s117mdm.sys [2007-06-25 108456]
S3 s117mgmt;Sony Ericsson Device 117 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s117mgmt.sys [2007-06-25 100264]
S3 s117nd5;Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (NDIS); C:\WINDOWS\system32\DRIVERS\s117nd5.sys [2007-06-25 22952]
S3 s117obex;Sony Ericsson Device 117 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s117obex.sys [2007-06-25 98344]
S3 s117unic;Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (WDM); C:\WINDOWS\system32\DRIVERS\s117unic.sys [2007-06-25 98856]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2007-05-16 9602944]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SYMIDSCO;SYMIDSCO; \??\C:\WINDOWS\system32\Drivers\SYMIDSCO.SYS []
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-05-12 611664]
R2 DefWatch;DefWatch; C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe [2002-09-02 32768]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-11-10 152984]
R2 Norton AntiVirus Server;Symantec AntiVirus Client; C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe [2002-09-03 581632]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-12-18 155716]
R2 STacSV;SigmaTel Audio Service; C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe [2007-02-19 90112]
R2 V2i Protector;V2i Protector; C:\Program Files\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe [2003-06-03 1200128]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 emaudsv;E-MU Audio Service; C:\WINDOWS\system32\emaudsv.exe [2006-11-20 10240]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-07-20 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S4 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]

-----------------EOF-----------------

 

et le rapport info.txt :

 

info.txt logfile of random's system information tool 1.05 2009-01-11 12:20:13

======Uninstall list======

-->"C:\Program Files\Creative Professional\E-MU USB Audio\Program\SETUP.EXE" /S /U /W /L:FRN
-->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2CE8719B-0EA4-4911-A1EF-D9AAC800C53A}\setup.exe" -l0x40c 
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2CE8719B-0EA4-4911-A1EF-D9AAC800C53A}\setup.exe" -l0x40c  /remove
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe BridgeTalk Plugin CS3-->MsiExec.exe /I{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Recommended Settings-->MsiExec.exe /I{73B5D990-04EA-4751-B10F-5534770B91F2}
Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Extra Settings-->MsiExec.exe /I{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}
Adobe Creative Suite 3 Web Premium-->MsiExec.exe /I{69B6B4A5-1C4D-4F16-BB11-A4EB9A439116}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
Adobe Extension Manager CS3-->MsiExec.exe /I{BE5F3842-8309-4754-92D5-83E02E6077A3}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player 9 ActiveX-->MsiExec.exe /X{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe MotionPicture Color Files-->MsiExec.exe /I{6B708481-748A-4EB4-97C1-CD386244FF77}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3-->MsiExec.exe /I{C1FA4B3B-1625-4922-9C9D-780E8FCE161A}
Adobe Reader 6.0.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7646-A00000000001}
Adobe Setup-->MsiExec.exe /I{BE136F60-5D0F-4663-8B32-938A3EFD3FCB}
Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WAS CS3-->MsiExec.exe /I{C5BD220A-EFE8-48A5-B70E-9503D535FACE}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
AHV content for Acrobat and Flash-->MsiExec.exe /I{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}
Ajouter ou supprimer Adobe Creative Suite 3 Web Premium-->C:\Program Files\Fichiers communs\Adobe\Installers\e7f691c6f2bf7b70c25ea19f3d73b6e\Setup.exe
Apple Software Update-->MsiExec.exe /I{74EC78BC-B379-4E29-9006-8F161DCAABA6}
ASIO4ALL-->C:\Program Files\ASIO4ALL v2\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Avanquest update-->C:\Program Files\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\setup.exe -runfromtemp -l0x0c0c -removeonly
AVS DVD Player version 2.4-->"C:\Program Files\AVSMedia\DVDPlayer\unins000.exe"
Bibliothèques GTK+ 2.12.8 rev a (supprimer uniquement)-->C:\Program Files\Fichiers communs\GTK\2.0\uninst.exe
Bonjour-->MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}
Broadcom 440x 10/100 Integrated Controller-->MsiExec.exe /X{612B9183-67A9-4B44-9877-2F059E35B86A}
Dell Touchpad-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Drive Image 7.0-->MsiExec.exe /X{8D538DFC-1E7A-45F0-9C7B-D8B6629CC2DC}
Dropbox-->"C:\Program Files\Dropbox\uninstall.exe"
E-MU USB Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1C99893D-BC98-4456-AA3E-B67AB42301A6}\SETUP.EXE" -l0x40c  /remove
Enigma-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1F145099-1224-4C5B-84F2-7AE6DC699F1A}\setup.exe" -l0x9  -removeonly
FileZilla Client 3.2.0-->C:\Program Files\FileZilla FTP Client\uninstall.exe
GMediaMusic - Oddity VST2-->C:\WINDOWS\unvise32.exe C:\Program Files\Steinberg\Vstplugins\GMediaMusic\Oddity VST2\uninstal.log
HD Tach version 3-->"C:\Program Files\HD Tach\unins000.exe"
Hercules DualPix Exchange Webcam-->C:\Program Files\InstallShield Installation Information\{04BEFF7A-DF5D-4E49-AB46-BA3D3BE49FCB}\setup.exe -runfromtemp -l0x040c -removeonly
High Definition Audio Driver Package - KB835221-->C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
Java(TM) 6 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
K-Lite Mega Codec Pack 1.49-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Laptop Integrated Webcam Driver (1.00.10.0320)  -->C:\WINDOWS\CtDrvIns.exe -uninstall -script OEM002.uns -plugin OEM02Pin.dll -pluginres OEM02Pin.crl -nodisconprompt
Linplug Albino VSTi v2.01-->C:\PROGRA~1\STEINB~1\VSTPLU~1\Albino2\Albino\UNINST~1\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\Albino2\Albino\UNINST~1\INSTALL.LOG
LiveUpdate 1.7 (Symantec Corporation)-->C:\Program Files\\Symantec\LiveUpdate\LSETUP.EXE /U
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Media Player Classic fr-->"C:\Program Files\Media Player Classic\uninstall.exe"
Microsoft .NET Framework (French) v1.0.3705-->C:\WINDOWS\Microsoft.NET\Framework\Install.exe /u /p Microsoft .NET Framework Full v1.0.3705 (1036)
Microsoft .NET Framework (French)-->MsiExec.exe /X{6B908BF7-A583-4962-B068-69657D87CD56}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft .NET Framework 3.0-->C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setup.exe
Microsoft .NET Framework 3.0-->MsiExec.exe /X{15095BF3-A3D7-4DDF-B193-3A496881E003}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mozilla Firefox (3.0.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mpeg Layer3 Codec FHG-Radium v1.263-->C:\WINDOWS\UNWISE.EXE C:\audio\L3CODE~1\INSTALL.LOG
MSXML 6.0 Parser (KB925673)-->MsiExec.exe /I{FE9126DB-5F84-495A-BB46-3C724F1C2D08}
Native Instruments FM7 VSTi DXI RTAS v1.1.3.4-->C:\PROGRA~1\NATIVE~1\FM7\UNWISE.EXE C:\PROGRA~1\NATIVE~1\FM7\INSTALL.LOG
Native.Instruments.Kontakt.v2.0.2.007-->C:\PROGRA~1\NATIVE~1\KONTAK~1\UNWISE.EXE C:\PROGRA~1\NATIVE~1\KONTAK~1\INSTALL.LOG
Nero 7 Demo-->MsiExec.exe /I{E653C735-0D84-AD30-7C75-91C8DC421036}
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
OpenOffice.org 3.0-->MsiExec.exe /I{6860B340-530D-46B3-91F8-1AE1F70F7C33}
Package de pilotes Windows - Ricoh Company (rimsptsk) hdc  (11/14/2006 6.00.01.04)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /us C:\PROGRA~1\DIFX\UninstallScripts\4569969E1360D2854474C661EF9B4D54F143EB16
PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
Pidgin-->C:\Program Files\Pidgin\pidgin-uninst.exe
Series II MIDI-->C:\Program Files\InstallShield Installation Information\{379BD39E-F13E-458F-96D8-56BD7F2CC516}\setup.exe -runfromtemp -l0x0009 -removeonly
SigmaTel Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\setup.exe" -l0x40c -remove -removeonly
SnagIt 8-->MsiExec.exe /I{93699C3E-005E-4294-87CA-F5B7DE2CD687}
SnagIt 8-->MsiExec.exe /I{A900E37C-AAE3-44FB-8EE7-7E61F7087CE7}
Sony CD Architect 5.2-->MsiExec.exe /X{9B10CE2B-4450-46C5-95F7-CBA0C5D4BE73}
Sony Ericsson PC Suite 3.209.00-->C:\Program Files\InstallShield Installation Information\{2FFE93F0-BB72-4E52-8761-354D1AAA9387}\Setup.exe -runfromtemp -l0x0c0c -removeonly
Sony Vegas Pro 8.0-->MsiExec.exe /X{0F31532A-16F1-4812-8B7B-D321A4CE91A6}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Steinberg Cubase SX v2.2.0.33-->C:\PROGRA~1\STEINB~1\CUBASE~1\UNWISE.EXE C:\PROGRA~1\STEINB~1\CUBASE~1\INSTALL.LOG
Suppress plus 1.8-->"C:\Program Files\splus\unins000.exe"
Symantec AntiVirus Client-->MsiExec.exe /X{0EFC6259-3AD8-4CD2-BC57-D4937AF5CC0E}
Trillian-->C:\Program Files\Trillian\trillian.exe /uninstall
VideoLAN VLC media player 0.8.6h-->C:\Program Files\VideoLAN\VLC\uninstall.exe
VirtualDubMOD 1.5.10.2 b2540 Fr-->C:\Program Files\VirtualDubMOD\UnInstall_VDMOD.exe
Waves Diamond Bundle v5.0-->C:\PROGRA~1\Waves\UNINST~1\UNWISE.EXE C:\PROGRA~1\Waves\UNINST~1\INSTALL.LOG
Windows Communication Foundation-->MsiExec.exe /X{491DD792-AD81-429C-9EB4-86DD3D22E333}
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Live OneCare safety scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Workflow Foundation-->MsiExec.exe /I{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe

System event log

Computer Name: VOSTRO
Event Code: 1003
Message: Votre ordinateur n'a pas pu renouveler son adresse à partir du réseau (à partir
du serveur DHCP) pour la carte réseau dont l'adresse réseau est 001CBF73608A. Il s'est
produit l'erreur suivante : 
Le délai de temporisation de sémaphore a expiré.
.
Votre ordinateur va continuer à essayer d'obtenir sa propre adresse auprès du
serveur d'adresse réseau (DHCP).

Record Number: 6939
Source Name: Dhcp
Time Written: 20081117185029.000000+060
Event Type: Avertissement
User: 

Computer Name: VOSTRO
Event Code: 4201
Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{6750E412-1520-4617-B663-7B0E847034CA} était connectée au réseau,
et a lancé une opération normale sur la carte réseau.

Record Number: 6938
Source Name: Tcpip
Time Written: 20081117185000.000000+060
Event Type: Informations
User: 

Computer Name: VOSTRO
Event Code: 7036
Message: Le service Acquisition d'image Windows (WIA) est entré dans l'état : en cours d'exécution.

Record Number: 6937
Source Name: Service Control Manager
Time Written: 20081117184957.000000+060
Event Type: Informations
User: 

Computer Name: VOSTRO
Event Code: 7036
Message: Le service Carte de performance WMI est entré dans l'état : arrêté.

Record Number: 6936
Source Name: Service Control Manager
Time Written: 20081117170501.000000+060
Event Type: Informations
User: 

Computer Name: VOSTRO
Event Code: 7036
Message: Le service Service COM de gravage de CD IMAPI est entré dans l'état : arrêté.

Record Number: 6935
Source Name: Service Control Manager
Time Written: 20081117170302.000000+060
Event Type: Informations
User: 

Application event log

Computer Name: VOSTRO
Event Code: 7
Message: 


Nouveau fichier de définitions virales chargé. Version : 100815g.

Record Number: 991
Source Name: Norton AntiVirus
Time Written: 20080815221411.000000+120
Event Type: Informations
User: 

Computer Name: VOSTRO
Event Code: 14
Message: 


Le démarrage des services Symantec AntiVirus a réussi.

Record Number: 990
Source Name: Norton AntiVirus
Time Written: 20080815221317.000000+120
Event Type: Informations
User: 

Computer Name: VOSTRO
Event Code: 23
Message: 


Protection temps réel Symantec AntiVirus chargée.

Record Number: 989
Source Name: Norton AntiVirus
Time Written: 20080815221315.000000+120
Event Type: Informations
User: 

Computer Name: VOSTRO
Event Code: 0
Message: 
Record Number: 988
Source Name: iPod Service
Time Written: 20080815221311.000000+120
Event Type: Informations
User: 

Computer Name: VOSTRO
Event Code: 100
Message: Description : Le service V2i Protector a été démarré.
Détails : 
Source : Drive Image 7.0

Record Number: 987
Source Name: Drive Image 7.0
Time Written: 20080815221307.000000+120
Event Type: Informations
User: 

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------

 

merci !

Falkra Devil Member !

Falkra

Posté(e)
Posté(e)

Ca, tu peux le régler, va dans les propriétés système (touche Win+Pause), onglet "avancé", bouton "paramètres", de "démarrage et récupération", voici une config par défaut :

 

image1jg6.th.gif

Falkra Devil Member !

Falkra

Posté(e)
Posté(e)

Bien.

 

As-tu un fichier bug.txt à la racine de c:\, ou dans c:\plop ou c:\qoobox ? (ou encore c:\combofix, mais logiquement tu n'as pas ce dossier).

Si oui, poste ce fichier stp.

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...