Demande d'analyse

[Solisius]

Bonjour à tous,

 

Voilà, j'ai eu des petit soucis de fichiers détecté comme virusé par Eset Smart Security, il dit que c'est "une variente probable de Win32/Spy.Agent". J'ai suprimé le fichier en question mais certain programme ne veulent plus s'exécuter, comme par exemple Age Of Mythology qui fonctionnait avant parfaitement...

 

Je vous joins le rapport de Hijackthis :

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 18:19:33, on 19/02/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16791)

Boot mode: Normal

 

Running processes:

G:\WINDOWS\System32\smss.exe

G:\WINDOWS\system32\winlogon.exe

G:\WINDOWS\system32\services.exe

G:\WINDOWS\system32\lsass.exe

G:\WINDOWS\system32\svchost.exe

G:\WINDOWS\System32\svchost.exe

G:\WINDOWS\system32\spoolsv.exe

D:\Installations Windows XP\ESET Smart Security\ekrn.exe

G:\WINDOWS\system32\nvsvc32.exe

G:\WINDOWS\system32\HPZipm12.exe

G:\WINDOWS\system32\svchost.exe

G:\WINDOWS\System32\StkCSrv.exe

G:\WINDOWS\Explorer.EXE

G:\WINDOWS\RTHDCPL.EXE

G:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe

G:\Program Files\Wireless Console 2\wcourier.exe

G:\WINDOWS\system32\RUNDLL32.EXE

G:\Program Files\Synaptics\SynTP\SynTPEnh.exe

G:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe

G:\Program Files\ASUS\ATK Hotkey\HControlUser.exe

G:\Program Files\ASUS\ATK Hotkey\HControl.exe

G:\Program Files\ASUS\ATK Media\DMEDIA.EXE

G:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe

G:\Program Files\ASUS\ChkMail\ChkMail.exe

D:\Installations Windows XP\ESET Smart Security\egui.exe

D:\Installations Windows XP\PowerDVD\PDVDServ.exe

G:\WINDOWS\system32\ctfmon.exe

G:\Program Files\Windows Live\Messenger\MsnMsgr.Exe

G:\Program Files\Messenger\msmsgs.exe

D:\Installations Windows XP\Nokia\Nokia PC Suite 6\PCSync2.exe

G:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe

D:\Installations Windows XP\Nokia\Nokia PC Suite 6\PCSuite.exe

G:\Program Files\ASUS\ATK Hotkey\WDC.exe

G:\Program Files\PC Connectivity Solution\ServiceLayer.exe

G:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe

G:\Program Files\Fichiers communs\Nokia\MPAPI\MPAPI3s.exe

G:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe

G:\WINDOWS\System32\svchost.exe

G:\Program Files\Windows Live\Messenger\usnsvc.exe

D:\Installations Windows XP\Firefox\firefox.exe

G:\Documents and Settings\Kopec Kron Wazaa\Bureau\HiJackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [sMSERIAL] G:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe

O4 - HKLM\..\Run: [JMB36X IDE Setup] G:\WINDOWS\RaidTool\xInsIDE.exe

O4 - HKLM\..\Run: [Wireless Console 2] "G:\Program Files\Wireless Console 2\wcourier.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE G:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE G:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [synTPEnh] G:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [MsgTranAgt] G:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe

O4 - HKLM\..\Run: [HControlUser] G:\Program Files\ASUS\ATK Hotkey\HControlUser.exe

O4 - HKLM\..\Run: [ATKHOTKEY] G:\Program Files\ASUS\ATK Hotkey\HControl.exe

O4 - HKLM\..\Run: [ATKMEDIA] G:\Program Files\ASUS\ATK Media\DMEDIA.EXE

O4 - HKLM\..\Run: [ATKOSD2] G:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe

O4 - HKLM\..\Run: [ChkMail] G:\Program Files\ASUS\ChkMail\ChkMail.exe

O4 - HKLM\..\Run: [egui] "D:\Installations Windows XP\ESET Smart Security\egui.exe" /hide /waitservice

O4 - HKLM\..\Run: [RemoteControl] "D:\Installations Windows XP\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] G:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [QuickTime Task] "D:\Installations Windows XP\Quick Time\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "G:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] D:\Installations Windows XP\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

O4 - HKCU\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MsnMsgr] "G:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [MSMSGS] "G:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [Nokia.PCSync] "D:\Installations Windows XP\Nokia\Nokia PC Suite 6\PCSync2.exe" /NoDialog

O4 - HKCU\..\Run: [PC Suite Tray] "D:\Installations Windows XP\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\INSTAL~2\MICROS~1\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\INSTAL~2\MICROS~1\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - G:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - G:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1224011968281

O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - D:\Installations Windows XP\ESET Smart Security\EHttpSrv.exe

O23 - Service: Eset Service (ekrn) - ESET - D:\Installations Windows XP\ESET Smart Security\ekrn.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - G:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - G:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: NBService - Nero AG - G:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - G:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - G:\WINDOWS\system32\HPZipm12.exe

O23 - Service: ServiceLayer - Nokia. - G:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - G:\WINDOWS\System32\StkCSrv.exe

 

--

End of file - 7290 bytes

 

 

Merci beaucoup d'avance.

Modifié le 19 février 2009 par Solisius

[Solisius]

Personne n'a une idée ?

[Falkra]

Bonsoir,

 

ton rapport est propre. Nod32 a fait son boulot a priori, sauf si l'alerte de détection de virus revient après des redémarrages.

[Solisius]

D'accord, merci, le problème, c'est que subitement, Age Of Mythology (qui marchait avant très bien) s'est mis à ne plus vouloir fonctionner, c'est étrange, mais ça n'est peut être pas causé par un malware...

 

Merci beaucoup pour ton aide !

[Falkra]

As-tu de nouvelles alertes de nod32 après redémarrage ?

 

A priori, le jeu ne devrait pas être lié à ce problème.

[Solisius]

Non, il n'y a plus de problèmes de ce coté là, plus d'alertes... Pour ce qui est du jeux, je vais être obligé de le réinstaller...

 

Merci beaucoup pour ton aide !!!

[Falkra]

Tiens moi au courant, après la réinstallation du jeu. On fera un petit test pour vérifier 2-3 trucs.

[Solisius]

Ok, merci beaucoup, je ne vais pas pouvoir le faire avant un certain temps (Je n'ai plus les CDs...)

 

Je te tiens au courent !

[Falkra]

En attendant alors, tu peux toujours poster ça.

 

Télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.

• Double-clique sur RSIT.exe afin de lancer RSIT.
  
• Clique Continue à l'écran Disclaimer.
  
• Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  
• Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (<<qui sera affiché) ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
  
• NB : Les rapports sont sauvegardés dans le dossier C:\rsit
  Ca fait deux rapports donc.
  

[Solisius]

Ok, merci beaucoup pour ton aide, voilà le rapport :

 

Logfile of random's system information tool 1.05 (written by random/random)

Run by Kopec Kron Wazaa at 2009-02-20 16:36:43

Microsoft Windows XP Édition familiale Service Pack 3

System drive G: has 4 GB (28%) free of 16 GB

Total RAM: 3071 MB (79% free)

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 16:36:47, on 20/02/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16791)

Boot mode: Normal

 

Running processes:

G:\WINDOWS\System32\smss.exe

G:\WINDOWS\system32\winlogon.exe

G:\WINDOWS\system32\services.exe

G:\WINDOWS\system32\lsass.exe

G:\WINDOWS\system32\svchost.exe

G:\WINDOWS\System32\svchost.exe

G:\WINDOWS\system32\spoolsv.exe

D:\Installations Windows XP\ESET Smart Security\ekrn.exe

G:\Program Files\Java\jre6\bin\jqs.exe

G:\WINDOWS\system32\nvsvc32.exe

G:\WINDOWS\system32\HPZipm12.exe

G:\WINDOWS\system32\svchost.exe

G:\WINDOWS\System32\StkCSrv.exe

G:\WINDOWS\Explorer.EXE

G:\WINDOWS\RTHDCPL.EXE

G:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe

G:\Program Files\Wireless Console 2\wcourier.exe

G:\WINDOWS\system32\RUNDLL32.EXE

G:\Program Files\Synaptics\SynTP\SynTPEnh.exe

G:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe

G:\Program Files\ASUS\ATK Hotkey\HControlUser.exe

G:\Program Files\ASUS\ATK Hotkey\HControl.exe

G:\Program Files\ASUS\ATK Media\DMEDIA.EXE

G:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe

G:\Program Files\ASUS\ChkMail\ChkMail.exe

D:\Installations Windows XP\ESET Smart Security\egui.exe

D:\Installations Windows XP\PowerDVD\PDVDServ.exe

G:\Program Files\Java\jre6\bin\jusched.exe

G:\WINDOWS\system32\ctfmon.exe

G:\Program Files\Windows Live\Messenger\MsnMsgr.Exe

G:\Program Files\Messenger\msmsgs.exe

D:\Installations Windows XP\Nokia\Nokia PC Suite 6\PCSync2.exe

D:\Installations Windows XP\Nokia\Nokia PC Suite 6\PCSuite.exe

G:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe

G:\Program Files\ASUS\ATK Hotkey\WDC.exe

G:\WINDOWS\system32\wbem\wmiapsrv.exe

G:\Program Files\PC Connectivity Solution\ServiceLayer.exe

G:\Program Files\Fichiers communs\Nokia\MPAPI\MPAPI3s.exe

G:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe

G:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe

G:\WINDOWS\System32\svchost.exe

G:\Program Files\Windows Live\Messenger\usnsvc.exe

D:\Installations Windows XP\Firefox\firefox.exe

G:\Documents and Settings\Kopec Kron Wazaa\Bureau\RSIT.exe

G:\Documents and Settings\Kopec Kron Wazaa\Bureau\Kopec Kron Wazaa.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - G:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - G:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [sMSERIAL] G:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe

O4 - HKLM\..\Run: [JMB36X IDE Setup] G:\WINDOWS\RaidTool\xInsIDE.exe

O4 - HKLM\..\Run: [Wireless Console 2] "G:\Program Files\Wireless Console 2\wcourier.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE G:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE G:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [synTPEnh] G:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [MsgTranAgt] G:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe

O4 - HKLM\..\Run: [HControlUser] G:\Program Files\ASUS\ATK Hotkey\HControlUser.exe

O4 - HKLM\..\Run: [ATKHOTKEY] G:\Program Files\ASUS\ATK Hotkey\HControl.exe

O4 - HKLM\..\Run: [ATKMEDIA] G:\Program Files\ASUS\ATK Media\DMEDIA.EXE

O4 - HKLM\..\Run: [ATKOSD2] G:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe

O4 - HKLM\..\Run: [ChkMail] G:\Program Files\ASUS\ChkMail\ChkMail.exe

O4 - HKLM\..\Run: [egui] "D:\Installations Windows XP\ESET Smart Security\egui.exe" /hide /waitservice

O4 - HKLM\..\Run: [RemoteControl] "D:\Installations Windows XP\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] G:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [QuickTime Task] "D:\Installations Windows XP\Quick Time\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "G:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [sunJavaUpdateSched] "G:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MsnMsgr] "G:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [MSMSGS] "G:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [Nokia.PCSync] "D:\Installations Windows XP\Nokia\Nokia PC Suite 6\PCSync2.exe" /NoDialog

O4 - HKCU\..\Run: [PC Suite Tray] "D:\Installations Windows XP\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\INSTAL~2\MICROS~1\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\INSTAL~2\MICROS~1\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - G:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - G:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1224011968281

O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - D:\Installations Windows XP\ESET Smart Security\EHttpSrv.exe

O23 - Service: Eset Service (ekrn) - ESET - D:\Installations Windows XP\ESET Smart Security\ekrn.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - G:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - G:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - G:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: NBService - Nero AG - G:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - G:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - G:\WINDOWS\system32\HPZipm12.exe

O23 - Service: ServiceLayer - Nokia. - G:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - G:\WINDOWS\System32\StkCSrv.exe

 

--

End of file - 7818 bytes

 

======Scheduled tasks folder======

 

G:\WINDOWS\tasks\AppleSoftwareUpdate.job

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - G:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-02-19 35840]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]

JQSIEStartDetectorImpl Class - G:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-02-19 73728]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"RTHDCPL"=G:\WINDOWS\RTHDCPL.EXE [2008-09-30 16864768]

"Alcmtr"=G:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]

"SMSERIAL"=G:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2007-08-28 655360]

"JMB36X IDE Setup"=G:\WINDOWS\RaidTool\xInsIDE.exe [2007-03-20 36864]

"Wireless Console 2"=G:\Program Files\Wireless Console 2\wcourier.exe [2007-07-05 1040384]

"NvCplDaemon"=G:\WINDOWS\system32\NvCpl.dll [2008-08-24 13574144]

"nwiz"=nwiz.exe /install []

"NvMediaCenter"=G:\WINDOWS\system32\NvMcTray.dll [2008-08-24 86016]

"SynTPEnh"=G:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-08-13 1343488]

"MsgTranAgt"=G:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe [2008-08-18 117304]

"HControlUser"=G:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [2008-08-18 98304]

"ATKHOTKEY"=G:\Program Files\ASUS\ATK Hotkey\HControl.exe [2008-10-06 162360]

"ATKMEDIA"=G:\Program Files\ASUS\ATK Media\DMEDIA.EXE [2006-11-02 61440]

"ATKOSD2"=G:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe [2008-09-02 8105984]

"ChkMail"=G:\Program Files\ASUS\ChkMail\ChkMail.exe [2007-07-13 741376]

"egui"=D:\Installations Windows XP\ESET Smart Security\egui.exe [2008-07-01 1447168]

"RemoteControl"=D:\Installations Windows XP\PowerDVD\PDVDServ.exe [2004-11-02 32768]

"NeroFilterCheck"=G:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]

"QuickTime Task"=D:\Installations Windows XP\Quick Time\QTTask.exe [2009-01-05 413696]

"AdobeCS4ServiceManager"=G:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]

"SunJavaUpdateSched"=G:\Program Files\Java\jre6\bin\jusched.exe [2009-02-19 148888]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"=G:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

"MsnMsgr"=G:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]

"MSMSGS"=G:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

"Nokia.PCSync"=D:\Installations Windows XP\Nokia\Nokia PC Suite 6\PCSync2.exe [2008-03-26 1232896]

"PC Suite Tray"=D:\Installations Windows XP\Nokia\Nokia PC Suite 6\PCSuite.exe [2008-04-16 1079808]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"G:\Program Files\Windows Live\Messenger\msnmsgr.exe"="G:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"G:\Program Files\Windows Live\Messenger\livecall.exe"="G:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

"G:\Documents and Settings\Kopec Kron Wazaa\Bureau\utorrent.exe"="G:\Documents and Settings\Kopec Kron Wazaa\Bureau\utorrent.exe:*:Enabled:µTorrent"

"D:\Installations Windows XP\Jeux\Sins of a Solar Empire\Sins of a Solar Empire.exe"="D:\Installations Windows XP\Jeux\Sins of a Solar Empire\Sins of a Solar Empire.exe:*:Enabled:Sins of a Solar Empire"

"D:\Installations Windows XP\Jeux\Sacred\system\s2gs.exe"="D:\Installations Windows XP\Jeux\Sacred\system\s2gs.exe:*:Enabled:Sacred 2 Game Server"

"D:\Installations Windows XP\Jeux\Sacred\system\sacred2.exe"="D:\Installations Windows XP\Jeux\Sacred\system\sacred2.exe:*:Enabled:Sacred 2"

"D:\Installations Windows XP\Jeux\Anno 1701\Anno1701.exe"="D:\Installations Windows XP\Jeux\Anno 1701\Anno1701.exe:*:Enabled:Anno 1701"

"D:\Installations Windows XP\Assassin's Creed\AssassinsCreed_Dx9.exe"="D:\Installations Windows XP\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"

"D:\Installations Windows XP\Assassin's Creed\AssassinsCreed_Dx10.exe"="D:\Installations Windows XP\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"

"D:\Installations Windows XP\Assassin's Creed\AssassinsCreed_Launcher.exe"="D:\Installations Windows XP\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"

"G:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="G:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"

"G:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="G:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"

"G:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="G:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"G:\Program Files\Windows Live\Messenger\msnmsgr.exe"="G:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"G:\Program Files\Windows Live\Messenger\livecall.exe"="G:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H]

shell\AutoRun\command - H:\LaunchU3.exe -a

 

 

======List of files/folders created in the last 1 months======

 

2009-02-19 20:09:48 ----D---- G:\WINDOWS\Sun

2009-02-19 20:07:58 ----A---- G:\WINDOWS\system32\javaws.exe

2009-02-19 20:07:58 ----A---- G:\WINDOWS\system32\javaw.exe

2009-02-19 20:07:58 ----A---- G:\WINDOWS\system32\java.exe

2009-02-19 20:07:58 ----A---- G:\WINDOWS\system32\deploytk.dll

2009-02-19 20:07:44 ----D---- G:\Program Files\Java

2009-02-19 20:01:45 ----D---- G:\Documents and Settings\Kopec Kron Wazaa\Application Data\Sun

2009-02-19 18:49:17 ----D---- G:\rsit

2009-02-19 17:59:20 ----D---- G:\Documents and Settings\Kopec Kron Wazaa\Application Data\Malwarebytes

2009-02-19 17:59:10 ----D---- G:\Documents and Settings\All Users\Application Data\Malwarebytes

2009-02-18 19:46:31 ----A---- G:\WINDOWS\system32\ptpusb.dll

2009-02-18 19:46:30 ----A---- G:\WINDOWS\system32\ptpusd.dll

2009-02-18 15:00:19 ----D---- G:\Documents and Settings\All Users\Application Data\DVD Shrink

2009-02-16 17:04:32 ----D---- G:\Documents and Settings\All Users\Application Data\FLEXnet

2009-02-16 17:02:09 ----D---- G:\Documents and Settings\All Users\Application Data\ALM

2009-02-16 16:57:45 ----D---- G:\Documents and Settings\All Users\Application Data\Adobe

2009-02-16 16:57:27 ----D---- G:\Program Files\Adobe

2009-02-16 16:54:44 ----D---- G:\Program Files\Fichiers communs\Macrovision Shared

2009-02-16 12:55:53 ----D---- G:\Program Files\Fichiers communs\Hewlett-Packard

2009-02-16 12:53:36 ----A---- G:\WINDOWS\system32\HPZinw12.exe

2009-02-16 12:53:35 ----A---- G:\WINDOWS\system32\HPZisn12.dll

2009-02-16 12:53:35 ----A---- G:\WINDOWS\system32\HPZipt12.dll

2009-02-16 12:53:35 ----A---- G:\WINDOWS\system32\HPZipr12.dll

2009-02-16 12:53:35 ----A---- G:\WINDOWS\system32\HPZipm12.exe

2009-02-16 12:53:35 ----A---- G:\WINDOWS\system32\HPZidr12.dll

2009-02-16 12:53:28 ----A---- G:\WINDOWS\IsUninst.exe

2009-02-16 12:53:02 ----D---- G:\Program Files\HP

2009-02-16 12:52:49 ----HD---- G:\Config.Msi

2009-02-16 12:46:39 ----D---- G:\Documents and Settings\All Users\Application Data\Apple Computer

2009-02-16 12:46:28 ----D---- G:\Program Files\Apple Software Update

2009-02-16 12:46:28 ----D---- G:\Documents and Settings\All Users\Application Data\Apple

2009-02-16 12:28:07 ----A---- G:\WINDOWS\system32\FileOps.exe

2009-02-16 12:28:06 ----D---- G:\WINDOWS\system32\Adobe

2009-02-16 12:28:06 ----D---- G:\Program Files\Fichiers communs\Adobe

2009-02-10 22:30:31 ----HDC---- G:\WINDOWS\$NtUninstallKB960715$

2009-02-05 16:15:29 ----D---- G:\Documents and Settings\Kopec Kron Wazaa\Application Data\Ubisoft

2009-02-04 20:13:33 ----D---- G:\Documents and Settings\All Users\Application Data\Ubisoft

2009-02-01 22:04:40 ----A---- G:\WINDOWS\IfoEdit.INI

2009-01-29 13:56:35 ----D---- G:\Documents and Settings\Kopec Kron Wazaa\Application Data\Vso

2009-01-29 13:56:35 ----A---- G:\Documents and Settings\Kopec Kron Wazaa\Application Data\ezpinst.exe

2009-01-29 13:56:30 ----A---- G:\WINDOWS\system32\devil.dll

2009-01-29 13:56:29 ----A---- G:\WINDOWS\system32\avisynth.dll

2009-01-29 11:05:09 ----A---- G:\WINDOWS\dvdtoaviconverter.ini

2009-01-29 11:00:49 ----A---- G:\WINDOWS\system32\auth.dll

2009-01-29 11:00:48 ----A---- G:\WINDOWS\system32\lame_enc.dll

2009-01-29 11:00:48 ----A---- G:\WINDOWS\system32\advd.dll

2009-01-28 17:59:02 ----D---- G:\Program Files\DVD Decrypter

2009-01-28 17:36:48 ----D---- G:\Program Files\DVDReaper

 

======List of files/folders modified in the last 1 months======

 

2009-02-20 16:36:25 ----D---- G:\WINDOWS\Temp

2009-02-20 13:10:29 ----D---- G:\WINDOWS\Prefetch

2009-02-20 02:04:20 ----A---- G:\WINDOWS\SchedLgU.Txt

2009-02-19 20:53:00 ----A---- G:\WINDOWS\NeroDigital.ini

2009-02-19 20:09:48 ----D---- G:\WINDOWS

2009-02-19 20:08:09 ----SHD---- G:\WINDOWS\Installer

2009-02-19 20:07:58 ----D---- G:\WINDOWS\system32

2009-02-19 20:07:44 ----RD---- G:\Program Files

2009-02-19 19:47:58 ----D---- G:\WINDOWS\system32\CatRoot2

2009-02-19 17:59:15 ----D---- G:\WINDOWS\system32\drivers

2009-02-17 20:39:20 ----A---- G:\WINDOWS\LODERUNN.INI

2009-02-16 17:05:49 ----D---- G:\Documents and Settings\Kopec Kron Wazaa\Application Data\Adobe

2009-02-16 16:59:15 ----RSD---- G:\WINDOWS\Fonts

2009-02-16 16:54:44 ----D---- G:\Program Files\Fichiers communs

2009-02-16 16:24:53 ----D---- G:\Documents and Settings\Kopec Kron Wazaa\Application Data\uTorrent

2009-02-16 12:55:58 ----D---- G:\WINDOWS\twain_32

2009-02-16 12:55:07 ----HD---- G:\WINDOWS\inf

2009-02-16 12:47:05 ----D---- G:\Program Files\Internet Explorer

2009-02-16 12:46:30 ----SD---- G:\WINDOWS\Tasks

2009-02-11 23:05:04 ----D---- G:\Program Files\Messenger Plus! Live

2009-02-10 22:30:31 ----HD---- G:\WINDOWS\$hf_mig$

2009-02-10 22:30:29 ----A---- G:\WINDOWS\imsins.BAK

2009-02-10 22:30:22 ----RSHDC---- G:\WINDOWS\system32\dllcache

2009-02-04 20:10:44 ----D---- G:\WINDOWS\system32\DirectX

2009-02-04 20:10:10 ----RSD---- G:\WINDOWS\assembly

2009-02-04 19:56:51 ----HD---- G:\Program Files\InstallShield Installation Information

2009-02-04 00:21:12 ----A---- G:\WINDOWS\system32\MRT.exe

2009-02-01 17:52:59 ----D---- G:\Documents and Settings\Kopec Kron Wazaa\Application Data\foobar2000

2009-01-24 16:30:01 ----D---- G:\WINDOWS\ACI

2009-01-24 16:30:01 ----A---- G:\WINDOWS\win.ini

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R1 easdrv;easdrv; G:\WINDOWS\system32\DRIVERS\easdrv.sys [2008-07-01 53256]

R1 epfwtdi;epfwtdi; G:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2008-07-01 54280]

R1 intelppm;Pilote de processeur Intel; G:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]

R2 atksgt;atksgt; G:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-11-16 271360]

R2 eamon;EAMON; G:\WINDOWS\system32\DRIVERS\eamon.sys [2008-07-01 39944]

R2 epfw;epfw; G:\WINDOWS\system32\DRIVERS\epfw.sys [2008-07-01 71688]

R2 lirsgt;lirsgt; G:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-11-16 18048]

R2 rimmptsk;rimmptsk; G:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936]

R2 rimsptsk;rimsptsk; G:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496]

R2 rismxdp;Ricoh xD-Picture Card Driver; G:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2007-03-21 37376]

R3 Arp1394;Protocole client ARP 1394; G:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]

R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller; G:\WINDOWS\system32\DRIVERS\l151x86.sys [2007-11-01 36864]

R3 CmBatt;Pilote d'adaptateur secteur Microsoft; G:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]

R3 Epfwndis;Eset Personal Firewall; G:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2008-07-01 30728]

R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; G:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]

R3 hidusb;Pilote de classe HID Microsoft; G:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); G:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-10-02 4878336]

R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; G:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]

R3 mouhid;Pilote HID de souris; G:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12288]

R3 MTsensor;ATK0100 ACPI UTILITY; G:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2008-10-14 7680]

R3 NETw5x32;Pilote de carte Intel® Wireless WiFi Link pour Windows XP 32 bits ; G:\WINDOWS\system32\DRIVERS\NETw5x32.sys [2008-06-03 3631616]

R3 NIC1394;Pilote réseau 1394; G:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]

R3 nv;nv; G:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-08-24 6128352]

R3 pcouffin;VSO Software pcouffin; G:\WINDOWS\System32\Drivers\pcouffin.sys [2009-01-29 47360]

R3 sdbus;sdbus; G:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]

R3 smserial;smserial; G:\WINDOWS\system32\DRIVERS\smserial.sys [2007-08-28 1019136]

R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam; G:\WINDOWS\System32\Drivers\StkCMini.sys [2007-02-13 1245056]

R3 SynTP;Synaptics TouchPad Driver; G:\WINDOWS\system32\DRIVERS\SynTP.sys [2008-08-13 231424]

R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; G:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]

R3 usbhub;Concentrateur USB2; G:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]

R3 USBSTOR;Pilote de stockage de masse USB; G:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; G:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]

S3 CCDECODE;Décodeur sous-titre fermé; G:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]

S3 HPZid412;IEEE-1284.4 Driver HPZid412; G:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-08 51120]

S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; G:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496]

S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; G:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-08 21744]

S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; G:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]

S3 NABTSFEC;Codec NABTS/FEC VBI; G:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]

S3 NdisIP;Connection TV/vidéo Microsoft; G:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]

S3 nmwcd;Nokia USB Phone Parent; G:\WINDOWS\system32\drivers\ccdcmb.sys [2007-11-29 16896]

S3 nmwcdc;Nokia USB Generic; G:\WINDOWS\system32\drivers\ccdcmbo.sys [2007-11-29 19328]

S3 pccsmcfd;PCCS Mode Change Filter Driver; G:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]

S3 SLIP;Détrameur décalage BDA; G:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]

S3 streamip;BDA IPSink; G:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]

S3 upperdev;upperdev; G:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2007-11-29 8064]

S3 usbccgp;Pilote parent générique USB Microsoft; G:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]

S3 usbprint;Classe d'imprimantes USB Microsoft; G:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]

S3 usbscan;Pilote de scanneur USB; G:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]

S3 usbser;Nokia USB Serial Port; G:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-13 26112]

S3 UsbserFilt;UsbserFilt; G:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2007-11-29 8064]

S3 Wdf01000;Wdf01000; G:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]

S3 WpdUsb;WpdUsb; G:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]

S3 WSTCODEC;Codec Teletext standard; G:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

S4 IntelIde;IntelIde; G:\WINDOWS\system32\drivers\IntelIde.sys []

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 ekrn;Eset Service; D:\Installations Windows XP\ESET Smart Security\ekrn.exe [2008-07-01 468224]

R2 JavaQuickStarterService;Java Quick Starter; G:\Program Files\Java\jre6\bin\jqs.exe [2009-02-19 152984]

R2 NVSvc;NVIDIA Display Driver Service; G:\WINDOWS\system32\nvsvc32.exe [2008-08-24 163908]

R2 Pml Driver HPZ12;Pml Driver HPZ12; G:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632]

R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service; G:\WINDOWS\System32\StkCSrv.exe [2007-02-07 24576]

R2 UMWdf;Windows User Mode Driver Framework; G:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]

R3 ServiceLayer;ServiceLayer; G:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]

R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; G:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]

S3 aspnet_state;ASP.NET State Service; G:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; G:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]

S3 EhttpSrv;Eset HTTP Server; D:\Installations Windows XP\ESET Smart Security\EHttpSrv.exe [2008-07-01 19200]

S3 FLEXnet Licensing Service;FLEXnet Licensing Service; G:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-02-16 655624]

S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; G:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]

S3 IDriverT;InstallDriver Table Manager; G:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]

S3 idsvc;Windows CardSpace; G:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]

S3 NBService;NBService; G:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-06-08 208896]

S3 ose;Office Source Engine; G:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

S3 WLSetupSvc;Windows Live Setup Service; G:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; G:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]

 

-----------------EOF-----------------

 

 

Le deuxième fichier log :

 

info.txt logfile of random's system information tool 1.05 2009-02-19 18:49:24

 

======Uninstall list======

 

-->G:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL

-->G:\WINDOWS\UNIN040C.EXE -y -f"d:\installations windows xp\jeux\lba2\DeIsL1.isu" -c"d:\installations windows xp\jeux\lba2\uninst.dll"

-->G:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL

-->G:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL

-->G:\WINDOWS\UNNeroShowTime.exe /UNINSTALL

-->G:\WINDOWS\UNNeroVision.exe /UNINSTALL

-->G:\WINDOWS\UNRecode.exe /UNINSTALL

-->MsiExec /X{95FC26FB-19FD-4A96-BBB1-B1062E8648F5}

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 G:\WINDOWS\INF\PCHealth.inf

Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8}

Adobe Bridge CS4-->MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0}

Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}

Adobe Color EU Extra Settings CS4-->MsiExec.exe /I{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}

Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F}

Adobe Color NA Recommended Settings CS4-->MsiExec.exe /I{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}

Adobe CSI CS4-->MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF}

Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}

Adobe ExtendScript Toolkit CS4-->MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}

Adobe Extension Manager CS4-->MsiExec.exe /I{054EFA56-2AC1-48F4-A883-0AB89874B972}

Adobe Flash Player 10 Plugin-->G:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe

Adobe Fonts All-->MsiExec.exe /I{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}

Adobe Illustrator CS4-->G:\Program Files\Fichiers communs\Adobe\Installers\2a31ae7a5c43ff52d8577782dd34e04\Setup.exe --uninstall=1

Adobe Illustrator CS4-->MsiExec.exe /I{87532CAB-7932-4F84-8937-823337622807}

Adobe Linguistics CS4-->MsiExec.exe /I{931AB7EA-3656-4BB7-864D-022B09E3DD67}

Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A}

Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353}

Adobe Search for Help-->MsiExec.exe /I{F0E64E2E-3A60-40D8-A55D-92F6831875DA}

Adobe Service Manager Extension-->MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}

Adobe Setup-->MsiExec.exe /I{8CE08C3C-8FF4-45D9-925E-4F3CE2D7FA7D}

Adobe SVG Viewer 3.0-->G:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fG:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Install.log

Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}

Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755}

Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}

Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}

AdobeColorCommonSetCMYK-->MsiExec.exe /I{68243FF8-83CA-466B-B2B8-9F99DA5479C4}

AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}

Age of Mythology - The Titans Expansion-->"D:\Installations Windows XP\Jeux\Age of Mythology\UNINSTXP.EXE" /runtemp /addremove

Age of Mythology-->"D:\Installations Windows XP\Jeux\Age of Mythology\UNINSTAL.EXE" /runtemp /addremove

AGEIA PhysX v7.11.13-->MsiExec.exe /X{95FC26FB-19FD-4A96-BBB1-B1062E8648F5}

Anno 1701-->RunDll32 G:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{A2433A63-5F5D-40E5-B529-9123C2B3E734}\setup.exe" -l0x40c -removeonly

Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}

Assassin's Creed-->G:\Program Files\InstallShield Installation Information\{8CFA9151-6404-409A-AF22-4632D04582FD}\setup.exe -runfromtemp -l0x040c -removeonly

Atheros Communications Inc.® L1 Gigabit Ethernet Driver-->RunDll32 G:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{6E19F210-3813-4002-B561-94D66AA182B6}\setup.exe" -l0x9 -removeonly

ATK Hotkey-->MsiExec.exe /I{7C05592D-424B-46CB-B505-E0013E8E75C9}

ATK Media-->RunDll32 G:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}\Setup.exe" -l0x9

ATKOSD2-->MsiExec.exe /I{3B05F2FB-745B-4012-ADF2-439F36B2E70B}

ChkMail-->G:\Program Files\InstallShield Installation Information\{250F0996-1830-40C8-9B1D-6874D808DD95}\Setup.exe -runfromtemp -l0x0009 -removeonly

Combined Community Codec Pack 2008-09-21 16:18-->"D:\Installations Windows XP\Combined Community Codec Pack\unins000.exe"

Connect-->MsiExec.exe /I{B29AD377-CC12-490A-A480-1452337C618D}

Correctif pour Windows XP (KB952287)-->"G:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"

DVD Decrypter (Remove Only)-->"G:\Program Files\DVD Decrypter\uninstall.exe"

DVD Shrink 3.2-->"D:\Installations Windows XP\DVD Shrink\unins000.exe"

DVD To AVI Converter 1.00-->"D:\Installations Windows XP\DVD To AVI Converter\unins000.exe"

Empire Earth-->RunDll32 G:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{2447500B-22D7-47BD-9B13-1A927F43A267}\Setup.exe" -l0x40c

ESET Smart Security-->MsiExec.exe /I{1930504B-5236-4B43-B8FA-DB4CCFD73C0E}

foobar2000 v0.9.5.6-->"D:\Installations Windows XP\foobar2000\uninstall.exe"

Foxit Reader-->D:\Installations Windows XP\Foxit Reader\Uninstall.exe

GoldWave v5.10-->"D:\Installations Windows XP\GoldWave\unstall.exe" "GoldWave v5.10" "D:\Installations Windows XP\GoldWave\unstall.log"

High Definition Audio Driver Package - KB888111-->"G:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"

HijackThis 2.0.2-->"G:\Documents and Settings\Kopec Kron Wazaa\Bureau\HijackThis.exe" /uninstall

HP PSC & OfficeJet 5.3.B-->"G:\Program Files\HP\Digital Imaging\{49FB31C1-26EC-44c6-AB47-73C66E2BC41E}\setup\hpzscr01.exe" -datfile hposcr07.dat

IFOEdit 0.971 Fr-->D:\Installations Windows XP\IfoEdit\UnInstall_IfoEdit.exe

Ivalice Launcher Version 11-->"D:\Installations Windows XP\Jeux\World of Warcraft\unins000.exe"

IZArc 3.81-->"D:\Installations Windows XP\IZArc\unins000.exe"

Jasc Paint Shop Pro 8-->MsiExec.exe /I{81A34902-9D0B-4920-A25C-4CDC5D14B328}

JMB36X Raid Configurer-->RunDll32 G:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}\setup.exe" -l0x40c -removeonly

kuler-->MsiExec.exe /I{098727E1-775A-4450-B573-3F441F1CA243}

Le jeu des Petits Chevaux 1.1.2.e-->"D:\Installations Windows XP\Jeux\Le Jeu des Petits Chevaux\unins000.exe"

Lecteur Windows Media 10-->"G:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall

Lemmings for Windows 95-->G:\Program Files\WinLemm\wlvsun10.exe uninstall

LifeFrame2-->MsiExec.exe /I{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}

Malwarebytes' Anti-Malware-->"D:\Installations Windows XP\Malwarebytes' Anti-Malware\unins000.exe"

MapInfo Professional 8.5 Evaluation-->MsiExec.exe /I{A5FC1423-8739-45CB-9C46-27BF79A0BD8A}

Messenger Plus! Live-->"G:\Program Files\Messenger Plus! Live\Uninstall.exe"

Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA-->MsiExec.exe /I{3F7924B9-D148-3141-87B1-68F36043A940}

Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}

Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - FRA-->MsiExec.exe /I{511DF669-2930-30C0-8EB6-552887E29EC8}

Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}

Microsoft .NET Framework 3.5 Language Pack - fra-->MsiExec.exe /I{5B76AEA2-D4E5-3B55-B965-ACC36AE0EAFC}

Microsoft .NET Framework 3.5-->G:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setup.exe

Microsoft .NET Framework 3.5-->MsiExec.exe /I{2FC099BD-AC9B-33EB-809C-D332E1B27C40}

Microsoft Internationalized Domain Names Mitigation APIs-->"G:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"

Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"G:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"

Microsoft National Language Support Downlevel APIs-->"G:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"

Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}

Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"G:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"G:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"G:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"G:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"G:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"G:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"G:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"G:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB923689)-->"G:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB923789)-->G:\WINDOWS\system32\MacroMed\Flash\genuinst.exe G:\WINDOWS\system32\MacroMed\Flash\KB923789.inf

Mise à jour de sécurité pour Windows XP (KB938464)-->"G:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB941569)-->"G:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB946648)-->"G:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB950762)-->"G:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB950974)-->"G:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB951066)-->"G:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"G:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB951698)-->"G:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB951748)-->"G:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB952954)-->"G:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB954211)-->"G:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB954459)-->"G:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB954600)-->"G:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB955069)-->"G:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB956391)-->"G:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB956802)-->"G:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB956803)-->"G:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB956841)-->"G:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB957095)-->"G:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB957097)-->"G:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB958644)-->"G:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB958687)-->"G:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB960715)-->"G:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"

Mise à jour pour Windows XP (KB951072-v2)-->"G:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"

Mise à jour pour Windows XP (KB951978)-->"G:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"

Mise à jour pour Windows XP (KB955839)-->"G:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"

Module linguistique Microsoft .NET Framework 3.5 - fra-->G:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - fra\setup.exe

Motorola SM56 Speakerphone Modem-->rundll32.exe sm56co76.dll,SM56UnInstaller

Mozilla Firefox (3.0.6)-->D:\Installations Windows XP\Firefox\uninstall\helper.exe

Mozilla Thunderbird (2.0.0.19)-->D:\Installations Windows XP\Thunderbird\uninstall\helper.exe

MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}

MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

MSXML4 Parser-->MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13}

Nero 7 Ultra Edition-->MsiExec.exe /I{5C4620E8-D754-43F5-8F8D-54BF58611036}

Nokia Connectivity Cable Driver-->MsiExec.exe /X{4F1DCA42-2030-437C-A94E-736692A499C1}

Nokia PC Suite-->G:\Documents and Settings\All Users\Application Data\Installations\{9C05FA75-0337-4523-AA57-9D3511018887}\Nokia_PC_Suite_rel_6_86_9_3_EA.exe

Nokia PC Suite-->MsiExec.exe /I{9C05FA75-0337-4523-AA57-9D3511018887}

NVIDIA Drivers-->G:\WINDOWS\system32\nvuninst.exe UninstallGUI

Package de pilotes Windows - Nokia Modem (03/05/2008 3.7)-->G:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u G:\WINDOWS\system32\DRVSTORE\nokia_blue_635B28EFCFA9395123BB1C251595CB16129E2560\nokia_bluetooth.inf

Package de pilotes Windows - Nokia Modem (03/13/2008 6.86.0.1)-->G:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u G:\WINDOWS\system32\DRVSTORE\nokbtmdm_28F2EAC406838DA65AFF6C6886FE9FE96AEF5186\nokbtmdm.inf

Package de pilotes Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0)-->G:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u G:\WINDOWS\system32\DRVSTORE\pccsmcfd_4A1E30386F4D0DEC8F5DF262CFBD8845EEBAB175\pccsmcfd.inf

PC Connectivity Solution-->MsiExec.exe /I{AC599724-5755-48C1-ABE7-ABB857652930}

PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}

Photoshop Camera Raw-->MsiExec.exe /I{CC75AB5C-2110-4A7F-AF52-708680D22FE8}

PowerDVD-->RunDll32 G:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall

Prince of Persia T2T-->RunDll32 G:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{DFFE2B1F-07E0-45A9-8801-CD8514CAA876}\setup.exe" -l0x40c -removeonly

QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}

Realtek High Definition Audio Driver-->RunDll32 G:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly

RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01-->RunDll32 G:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{59F6A514-9813-47A3-948C-8A155460CC2A}\setup.exe" -l0x40c anything

RUNAWAY 2 - The dream of the turtle-->RunDll32 G:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{79DE0CE4-F38A-4DA7-81DF-949E615EA0AB}\setup.exe"

Sacred 2-->MsiExec.exe /I{1023383E-D9F6-478C-A965-23A4657B3C9A}

Sins of a Solar Empire-->"G:\Documents and Settings\All Users\Application Data\{3ADC3395-6379-4C95-9292-30A373AC55BC}\setup.exe" REMOVE=TRUE MODIFY=FALSE

Sins of a Solar Empire-->G:\Documents and Settings\All Users\Application Data\{3ADC3395-6379-4C95-9292-30A373AC55BC}\setup.exe

SPORE™-->"G:\Program Files\InstallShield Installation Information\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}\setup.exe" -runfromtemp -l0x040c -removeonly

Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434}

Synaptics Pointing Device Driver-->rundll32.exe "G:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall

USB2.0 1.3M WebCam-->G:\WINDOWS\StkUnist.exe

Video Convert Master 8.0.10.31-->"D:\Installations Windows XP\Video Convert Master\unins000.exe"

VistaBootPRO 3.3-->MsiExec.exe /I{6C9FA746-8759-4040-A436-42922CB3492E}

VLC media player 0.9.4-->D:\Installations Windows XP\VLC\uninstall.exe

Windows Internet Explorer 7-->"G:\WINDOWS\ie7\spuninst\spuninst.exe"

Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}

Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}

Windows Media Format Runtime-->"G:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll

Windows XP Service Pack 3-->"G:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"

Wireless Console 2-->G:\Program Files\InstallShield Installation Information\{83F73CB1-7705-49D1-9852-84D839CA2A45}\setup.exe -runfromtemp -l0x040c -removeonly

World of Warcraft-->G:\Program Files\Fichiers communs\Blizzard Entertainment\World of Warcraft\Uninstall.exe

Wow Cartographe 1.08b-->D:\Installations Windows XP\Jeux\WowCartographe\uninst.exe

XML Paper Specification Shared Components Language Pack 1.0-->"G:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"

 

======Hosts File======

 

======Security center information======

 

AV: ESET Smart Security 3.0

FW: Pare-feu personnel d'ESET

 

System event log

 

Computer Name: GOGRON

Event Code: 4201

Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{8DA1023A-136A-4C60-B56A-C5036C9FE23B} était connectée au réseau,

et a lancé une opération normale sur la carte réseau.

 

Record Number: 8869

Source Name: Tcpip

Time Written: 20090114162546.000000+060

Event Type: Informations

User:

 

Computer Name: GOGRON

Event Code: 8033

Message: L'explorateur a forcé une élection sur le réseau \Device\NetBT_Tcpip_{8DA1023A-136A-4C60-B56A-C5036C9FE23B} car un maître explorateur a été arrêté.

 

Record Number: 8868

Source Name: BROWSER

Time Written: 20090114162544.000000+060

Event Type: Informations

User:

 

Computer Name: GOGRON

Event Code: 7036

Message: Le service est entré dans l'état : Intel® Wireless WiFi Link 4965AGN.

 

Record Number: 8867

Source Name: NETw5x32

Time Written: 20090114162541.000000+060

Event Type: Informations

User:

 

Computer Name: GOGRON

Event Code: 26

Message: Application popup : Batterie critique : Vous devriez immédiatement changer votre batterie ou bien vous brancher sur une source d'alimentation électrique afin de ne pas perdre votre travail.

 

Record Number: 8866

Source Name: Application Popup

Time Written: 20090114161647.000000+060

Event Type: Informations

User:

 

Computer Name: GOGRON

Event Code: 26

Message: Application popup : Batterie faible : Vous devriez immédiatement changer votre batterie ou bien vous brancher sur une source d'alimentation électrique afin de ne pas perdre votre travail.

 

Record Number: 8865

Source Name: Application Popup

Time Written: 20090114161047.000000+060

Event Type: Informations

User:

 

Application event log

 

Computer Name: GOGRON

Event Code: 700

Message: MsnMsgr (480) La défragmentation en ligne commence un passage complet dans la base de données '\\.\G:\Documents and Settings\Kopec Kron Wazaa\Local Settings\Application Data\Microsoft\Messenger\[email protected]\SharingMetadata\Working\database_5A08_1A73_81A_4DFF\dfsr.db'.

 

Record Number: 1551

Source Name: ESENT

Time Written: 20081226000001.000000+060

Event Type: Informations

User:

 

Computer Name: GOGRON

Event Code: 102

Message: MsnMsgr (480) \\.\G:\Documents and Settings\Kopec Kron Wazaa\Local Settings\Application Data\Microsoft\Messenger\[email protected]\SharingMetadata\Working\database_5A08_1A73_81A_4DFF\dfsr.db: Le moteur de base de données a démarré une nouvelle instance (0).

 

Record Number: 1550

Source Name: ESENT

Time Written: 20081225214725.000000+060

Event Type: Informations

User:

 

Computer Name: GOGRON

Event Code: 100

Message: MsnMsgr (480) Le moteur de base de données 5.01.2600.5512 est démarré.

 

Record Number: 1549

Source Name: ESENT

Time Written: 20081225214725.000000+060

Event Type: Informations

User:

 

Computer Name: GOGRON

Event Code: 101

Message: MsnMsgr (480) Le moteur de base de données est arrêté.

 

Record Number: 1548

Source Name: ESENT

Time Written: 20081225214348.000000+060

Event Type: Informations

User:

 

Computer Name: GOGRON

Event Code: 103

Message: MsnMsgr (480) \\.\G:\Documents and Settings\Kopec Kron Wazaa\Local Settings\Application Data\Microsoft\Messenger\[email protected]\SharingMetadata\Working\database_5A08_1A73_81A_4DFF\dfsr.db: Le moteur de base de données a arrêté une instance (0).

 

Record Number: 1547

Source Name: ESENT

Time Written: 20081225214348.000000+060

Event Type: Informations

User:

 

======Environment variables======

 

"ComSpec"=%SystemRoot%\system32\cmd.exe

"Path"=G:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;D:\Installations Windows XP\Quick Time\QTSystem\

"windir"=%SystemRoot%

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"PROCESSOR_ARCHITECTURE"=x86

"PROCESSOR_LEVEL"=6

"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 6, GenuineIntel

"PROCESSOR_REVISION"=1706

"NUMBER_OF_PROCESSORS"=2

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"CLASSPATH"=.;D:\Installations Windows XP\Quick Time\QTSystem\QTJava.zip

"QTJAVA"=D:\Installations Windows XP\Quick Time\QTSystem\QTJava.zip

 

-----------------EOF-----------------