pc tres lent et probleme avec Ie

[florent67]

le dernier rapport apres modif

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 19:24 HH:mm tt, on 28/02/2009

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v8.00 (8.00.6001.18372)

Boot mode: Normal

 

Running processes:

E:\Windows\system32\Dwm.exe

E:\Windows\Explorer.EXE

E:\Windows\system32\taskeng.exe

E:\Program Files\Orange HSS\Systray\SystrayApp.exe

E:\Program Files\Analog Devices\Core\smax4pnp.exe

E:\Program Files\Java\jre6\bin\jusched.exe

E:\Program Files\Windows Media Player\wmpnscfg.exe

E:\Program Files\Orange HSS\Launcher\Launcher.exe

E:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\1\AlertModule.exe

E:\Program Files\Orange HSS\connectivity\connectivitymanager.exe

E:\Program Files\Orange HSS\connectivity\CoreCom\CoreCom.exe

E:\Program Files\Orange HSS\connectivity\CoreCom\OraConfigRecover.exe

E:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTCOMModule\1\FTCOMModule.exe

E:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe

E:\Windows\system32\conime.exe

E:\Program Files\Adobe\Adobe Illustrator CS3\Support Files\Contents\Windows\Illustrator.exe

E:\Windows\system32\SearchFilterHost.exe

E:\Users\florent\Desktop\HiJackThis\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://orange.fr/

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - E:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - E:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - E:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - E:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O4 - HKLM\..\Run: [JMB36X IDE Setup] E:\Windows\JM\JMInsIDE.exe

O4 - HKLM\..\Run: [ORAHSSSessionManager] E:\Program Files\Orange HSS\SessionManager\SessionManager.exe

O4 - HKLM\..\Run: [systrayORAHSS] "E:\Program Files\Orange HSS\Systray\SystrayApp.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [AsusStartupHelp] E:\Program Files\ASUS\AASP\1.00.15\AsRunHelp.exe

O4 - HKLM\..\Run: [soundMAXPnP] E:\Program Files\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [avgnt] "E:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre6\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre6\bin\ssv.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL

O15 - Trusted Zone: http://www.orange.fr

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - E:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

O23 - Service: Adobe LM Service - Adobe Systems - E:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - E:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - E:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - E:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - E:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - E:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe

O23 - Service: Google Updater Service (gusvc) - Google - E:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - E:\Windows\system32\nvvsvc.exe

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - E:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

 

--

End of file - 5913 bytes

[florent67]

re bonjour,

 

me revoila car le pc rame de plus en plus et pas moyen de l'arreter en passant par windows.

 

de plus IE nen fait qu'a ça tete,un coup il s'ouvre, un coup plus.

[florent67]

le dernier rappot:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 17:45:02, on 03/03/2009

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v8.00 (8.00.6001.18372)

Boot mode: Normal

 

Running processes:

E:\Windows\system32\Dwm.exe

E:\Windows\Explorer.EXE

E:\Windows\system32\taskeng.exe

E:\Program Files\Orange HSS\Systray\SystrayApp.exe

E:\Program Files\Analog Devices\Core\smax4pnp.exe

E:\Windows\System32\mobsync.exe

E:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe

E:\Program Files\Orange HSS\Launcher\Launcher.exe

E:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\1\AlertModule.exe

E:\Program Files\Orange HSS\connectivity\connectivitymanager.exe

E:\Program Files\Orange HSS\connectivity\CoreCom\CoreCom.exe

E:\Program Files\Orange HSS\connectivity\CoreCom\OraConfigRecover.exe

E:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTCOMModule\1\FTCOMModule.exe

E:\Program Files\Windows Media Player\wmpnscfg.exe

E:\Users\florent\Desktop\HiJackThis\HijackThis.exe

E:\Windows\system32\SearchFilterHost.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://orange.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - E:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - E:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - E:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll

O4 - HKLM\..\Run: [JMB36X IDE Setup] E:\Windows\JM\JMInsIDE.exe

O4 - HKLM\..\Run: [ORAHSSSessionManager] E:\Program Files\Orange HSS\SessionManager\SessionManager.exe

O4 - HKLM\..\Run: [systrayORAHSS] "E:\Program Files\Orange HSS\Systray\SystrayApp.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [AsusStartupHelp] E:\Program Files\ASUS\AASP\1.00.15\AsRunHelp.exe

O4 - HKLM\..\Run: [soundMAXPnP] E:\Program Files\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [avgnt] "E:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre6\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre6\bin\ssv.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL

O15 - Trusted Zone: http://www.orange.fr

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - E:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

O23 - Service: Adobe LM Service - Adobe Systems - E:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - E:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - E:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - E:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - E:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - E:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe

O23 - Service: Google Updater Service (gusvc) - Google - E:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - E:\Windows\system32\nvvsvc.exe

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - E:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

 

--

End of file - 5720 bytes

[pear]

Bonsoir,

 

Aviez vous mis en pratique ce que vous appeliez mes astuces du 27 fevrier ?

 

Le dernier rapport Hijackthis était bon.

On va chercher plus loin:

 

Téléchargezrandom's system information tool (RSIT) par random/random et sauvegardez-le sur le Bureau.

 

Double-cliquez sur RSIT.exe afin de lancer RSIT.

* Cliquez Continue à l'écran Disclaimer.

* Si l'outil HIjackThis (version à jour) n'est pas présent ou détecté sur l'ordinateur, RSIT le télécharge et vous acceptez la licence.

* L'analyse terminée, deux fichiers texte s'ouvriront.:

Poster le contenu de log.txt (qui sera affiché)

ainsi que de info.txt (qui sera réduit dans la Barre des Tâches).

* Si ces deux rapports n'apparaissent pas, vous les trouverez dans le dossier C:\rsit

Modifié le 3 mars 2009 par pear

[florent67]

donc oui,j'ai bien suivi les etapes du 27 fevrier.

 

et voiçi les deux rapport demandé.

 

merci encore.

 

Logfile of random's system information tool 1.05 (written by random/random)

Run by florent at 2009-03-04 17:31:33

Microsoft® Windows Vista™ Professionnel Service Pack 1

System drive E: has 103 GB (66%) free of 157 GB

Total RAM: 3582 MB (70% free)

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 17:31:54, on 04/03/2009

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v8.00 (8.00.6001.18372)

Boot mode: Normal

 

Running processes:

E:\Windows\system32\Dwm.exe

E:\Windows\Explorer.EXE

E:\Windows\system32\taskeng.exe

E:\Program Files\Orange HSS\Systray\SystrayApp.exe

E:\Program Files\Analog Devices\Core\smax4pnp.exe

E:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe

E:\Program Files\Orange HSS\Launcher\Launcher.exe

E:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\1\AlertModule.exe

E:\Program Files\Orange HSS\connectivity\connectivitymanager.exe

E:\Program Files\Orange HSS\connectivity\CoreCom\CoreCom.exe

E:\Program Files\Windows Media Player\wmpnscfg.exe

E:\Program Files\Orange HSS\connectivity\CoreCom\OraConfigRecover.exe

E:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTCOMModule\1\FTCOMModule.exe

E:\Program Files\Internet Explorer\iexplore.exe

E:\Program Files\Internet Explorer\iexplore.exe

E:\Windows\system32\SearchFilterHost.exe

E:\Program Files\Internet Explorer\iexplore.exe

E:\Users\florent\Desktop\RSIT.exe

E:\Users\florent\Desktop\HiJackThis\florent.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://orange.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - E:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - E:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - E:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll

O4 - HKLM\..\Run: [JMB36X IDE Setup] E:\Windows\JM\JMInsIDE.exe

O4 - HKLM\..\Run: [ORAHSSSessionManager] E:\Program Files\Orange HSS\SessionManager\SessionManager.exe

O4 - HKLM\..\Run: [systrayORAHSS] "E:\Program Files\Orange HSS\Systray\SystrayApp.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [AsusStartupHelp] E:\Program Files\ASUS\AASP\1.00.15\AsRunHelp.exe

O4 - HKLM\..\Run: [soundMAXPnP] E:\Program Files\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [avgnt] "E:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre6\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre6\bin\ssv.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL

O15 - Trusted Zone: http://www.orange.fr

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - E:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

O23 - Service: Adobe LM Service - Adobe Systems - E:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - E:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - E:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - E:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - E:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - E:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe

O23 - Service: Google Updater Service (gusvc) - Google - E:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - E:\Windows\system32\nvvsvc.exe

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - E:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

 

--

End of file - 5866 bytes

 

======Scheduled tasks folder======

 

E:\Windows\tasks\User_Feed_Synchronization-{B093F77E-40C4-449C-9923-A1C0740EB518}.job

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

SSVHelper Class - E:\Program Files\Java\jre6\bin\ssv.dll [2008-11-10 320920]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Programme d'aide de l'Assistant de connexion Windows Live - E:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - E:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-11-27 251504]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

Google Toolbar Notifier BHO - E:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2008-11-27 657904]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]

Google Dictionary Compression sdch - E:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2008-11-27 522224]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - E:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-10 34816]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

Locked

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"JMB36X IDE Setup"=E:\Windows\JM\JMInsIDE.exe [2006-10-30 36864]

"ORAHSSSessionManager"=E:\Program Files\Orange HSS\SessionManager\SessionManager.exe [2007-07-24 102400]

"SystrayORAHSS"=E:\Program Files\Orange HSS\Systray\SystrayApp.exe [2007-07-24 94208]

"NvCplDaemon"=E:\Windows\system32\NvCpl.dll [2008-09-17 13580832]

"AsusStartupHelp"=E:\Program Files\ASUS\AASP\1.00.15\AsRunHelp.exe [2006-11-14 363008]

"SoundMAXPnP"=E:\Program Files\Analog Devices\Core\smax4pnp.exe [2006-12-18 868352]

"avgnt"=E:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]

E:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2006-09-28 57344]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]

E:\Windows\system32\NvMcTray.dll [2008-09-17 92704]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

E:\Program Files\Java\jre6\bin\jusched.exe [2008-11-10 136600]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]

E:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]

E:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\E:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]

E:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [1999-11-04 113664]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

"EnableLUA"=0

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"E:\Program Files\Orange HSS\Connectivity\ConnectivityManager.exe"="E:\Program Files\Orange HSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS"

"E:\Program Files\IEPro\MiniDM.exe"="E:\Program Files\IEPro\MiniDM.exe:*:Enabled:MiniDM"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{51f8cf13-9296-11dd-af0c-001fc6e3820c}]

shell\AutoRun\command - explorer.exe

 

 

======File associations======

 

.js - edit - E:\Windows\System32\Notepad.exe %1

.js - open - E:\Windows\System32\WScript.exe "%1" %*

 

======List of files/folders created in the last 1 months======

 

2009-03-04 17:31:33 ----D---- E:\rsit

2009-03-03 16:44:18 ----A---- E:\Windows\system32\dfshim.dll

2009-03-03 16:43:51 ----A---- E:\Windows\system32\mscoree.dll

2009-03-03 16:43:45 ----A---- E:\Windows\system32\netfxperf.dll

2009-03-03 16:42:04 ----A---- E:\Windows\system32\mscorier.dll

2009-03-03 16:41:31 ----A---- E:\Windows\system32\mscories.dll

2009-02-28 00:10:49 ----D---- E:\Users\florent\AppData\Roaming\Auslogics

2009-02-28 00:10:44 ----D---- E:\Program Files\AusLogics Disk Defrag

2009-02-28 00:07:18 ----A---- E:\Windows\system32\JkDefragScreenSaver.exe

2009-02-28 00:07:17 ----D---- E:\Program Files\JkDefrag

2009-02-27 23:39:07 ----D---- E:\Program Files\Zeb-Utility

2009-02-27 21:57:15 ----D---- E:\ProgramData\WindowsSearch

2009-02-27 21:55:40 ----D---- E:\Windows\pss

2009-02-27 21:17:28 ----D---- E:\ProgramData\Avira

2009-02-27 21:17:28 ----D---- E:\Program Files\Avira

2009-02-27 19:30:26 ----A---- E:\cleannavi.txt

2009-02-27 19:05:07 ----A---- E:\fixnavi.txt

2009-02-27 19:01:37 ----D---- E:\Program Files\Navilog1

2009-02-27 17:41:56 ----D---- E:\Users\florent\AppData\Roaming\Malwarebytes

2009-02-27 17:41:48 ----D---- E:\ProgramData\Malwarebytes

2009-02-27 17:41:48 ----D---- E:\Program Files\Malwarebytes' Anti-Malware

2009-02-22 11:46:24 ----D---- E:\Users\florent\AppData\Roaming\OpenOffice.org

2009-02-22 11:38:19 ----D---- E:\Program Files\OpenOffice.org 3

2009-02-17 09:13:14 ----A---- E:\Windows\system32\mshtmled.dll

2009-02-17 09:13:13 ----A---- E:\Windows\system32\mshtmler.dll

2009-02-17 09:13:13 ----A---- E:\Windows\system32\ieui.dll

2009-02-17 09:13:13 ----A---- E:\Windows\system32\icardie.dll

2009-02-17 09:13:12 ----A---- E:\Windows\system32\msls31.dll

2009-02-17 09:13:12 ----A---- E:\Windows\system32\jsproxy.dll

2009-02-17 09:13:12 ----A---- E:\Windows\system32\admparse.dll

2009-02-17 09:13:11 ----A---- E:\Windows\system32\corpol.dll

2009-02-17 09:13:10 ----A---- E:\Windows\system32\iernonce.dll

2009-02-17 09:13:10 ----A---- E:\Windows\system32\ieakeng.dll

2009-02-17 09:13:10 ----A---- E:\Windows\system32\advpack.dll

2009-02-17 09:13:09 ----A---- E:\Windows\system32\imgutil.dll

2009-02-17 09:13:09 ----A---- E:\Windows\system32\iepeers.dll

2009-02-17 09:13:09 ----A---- E:\Windows\system32\dxtmsft.dll

2009-02-17 09:13:08 ----A---- E:\Windows\system32\dxtrans.dll

2009-02-17 09:13:07 ----A---- E:\Windows\system32\occache.dll

2009-02-17 09:13:07 ----A---- E:\Windows\system32\msfeedsbs.dll

2009-02-17 09:13:07 ----A---- E:\Windows\system32\licmgr10.dll

2009-02-17 09:13:07 ----A---- E:\Windows\system32\inseng.dll

2009-02-17 09:13:07 ----A---- E:\Windows\system32\ieaksie.dll

2009-02-17 09:13:06 ----A---- E:\Windows\system32\WinFXDocObj.exe

2009-02-17 09:13:06 ----A---- E:\Windows\system32\webcheck.dll

2009-02-17 09:13:06 ----A---- E:\Windows\system32\msrating.dll

2009-02-17 09:13:06 ----A---- E:\Windows\system32\iesetup.dll

2009-02-17 09:13:06 ----A---- E:\Windows\system32\ieakui.dll

2009-02-17 09:13:05 ----A---- E:\Windows\system32\wextract.exe

2009-02-17 09:13:05 ----A---- E:\Windows\system32\msfeedssync.exe

2009-02-17 09:13:04 ----A---- E:\Windows\system32\mstime.dll

2009-02-17 09:13:04 ----A---- E:\Windows\system32\msfeeds.dll

2009-02-17 09:13:03 ----A---- E:\Windows\system32\pngfilt.dll

2009-02-17 09:13:02 ----A---- E:\Windows\system32\ieapfltr.dll

2009-02-17 09:13:00 ----A---- E:\Windows\system32\vbscript.dll

2009-02-17 09:13:00 ----A---- E:\Windows\system32\jscript.dll

2009-02-17 09:12:59 ----A---- E:\Windows\system32\url.dll

2009-02-17 09:12:59 ----A---- E:\Windows\system32\iedkcs32.dll

2009-02-17 09:12:51 ----A---- E:\Windows\system32\mshta.exe

2009-02-17 09:12:50 ----A---- E:\Windows\system32\iexpress.exe

2009-02-17 09:12:47 ----A---- E:\Windows\system32\RegisterIEPKEYs.exe

2009-02-17 09:12:47 ----A---- E:\Windows\system32\iesysprep.dll

2009-02-17 09:12:46 ----A---- E:\Windows\system32\SetIEInstalledDate.exe

2009-02-17 09:12:46 ----A---- E:\Windows\system32\SetDepNx.exe

2009-02-17 09:12:46 ----A---- E:\Windows\system32\PDMSetup.exe

2009-02-17 09:12:46 ----A---- E:\Windows\system32\ieUnatt.exe

2009-02-17 09:12:42 ----A---- E:\Windows\system32\iertutil.dll

2009-02-17 09:12:42 ----A---- E:\Windows\system32\ie4uinit.exe

2009-02-17 09:12:40 ----A---- E:\Windows\system32\wininet.dll

2009-02-17 09:12:38 ----A---- E:\Windows\system32\urlmon.dll

2009-02-17 09:12:33 ----A---- E:\Windows\system32\ieframe.dll

2009-02-17 09:12:30 ----A---- E:\Windows\system32\mshtml.dll

2009-02-12 19:40:13 ----D---- E:\Program Files\Windows Live Safety Center

 

======List of files/folders modified in the last 1 months======

 

2009-03-04 17:31:44 ----D---- E:\Windows\Prefetch

2009-03-04 17:31:37 ----D---- E:\Windows\Temp

2009-03-04 17:22:51 ----SHD---- E:\System Volume Information

2009-03-03 17:06:17 ----D---- E:\Windows\winsxs

2009-03-03 17:05:08 ----D---- E:\Windows\System32

2009-03-03 17:02:51 ----D---- E:\Windows\system32\catroot2

2009-03-03 17:02:22 ----D---- E:\Windows\system32\catroot

2009-03-03 15:53:24 ----D---- E:\Program Files\Mozilla Firefox

2009-03-01 15:28:30 ----SHD---- E:\Windows\Installer

2009-03-01 08:51:45 ----D---- E:\Users\florent\AppData\Roaming\Adobe

2009-03-01 08:51:45 ----D---- E:\ProgramData\Adobe

2009-02-28 16:53:07 ----RSD---- E:\Windows\Fonts

2009-02-28 00:10:44 ----RD---- E:\Program Files

2009-02-28 00:01:45 ----D---- E:\ProgramData\Spybot - Search & Destroy

2009-02-28 00:01:39 ----D---- E:\Windows

2009-02-27 21:57:15 ----HD---- E:\ProgramData

2009-02-27 21:17:51 ----D---- E:\Windows\system32\drivers

2009-02-27 19:54:54 ----D---- E:\Windows\inf

2009-02-27 19:54:54 ----A---- E:\Windows\system32\PerfStringBackup.INI

2009-02-27 19:16:07 ----D---- E:\Windows\Minidump

2009-02-27 18:53:40 ----D---- E:\Windows\Debug

2009-02-27 18:38:02 ----D---- E:\Program Files\Microsoft Silverlight

2009-02-27 15:54:41 ----D---- E:\Program Files\Java

2009-02-27 15:54:41 ----D---- E:\Program Files\Common Files

2009-02-27 15:47:40 ----HD---- E:\Program Files\InstallShield Installation Information

2009-02-27 15:47:30 ----D---- E:\ProgramData\eBay

2009-02-27 15:40:48 ----D---- E:\Users\florent\AppData\Roaming\Corel

2009-02-27 15:39:01 ----D---- E:\ProgramData\Corel

2009-02-27 15:07:55 ----D---- E:\Users\florent\AppData\Roaming\gtk-2.0

2009-02-24 10:34:40 ----D---- E:\Users\florent\AppData\Roaming\FileZilla

2009-02-22 11:44:42 ----RSD---- E:\Windows\assembly

2009-02-19 19:10:18 ----D---- E:\Program Files\Internet Explorer

2009-02-17 09:59:57 ----D---- E:\Windows\rescache

2009-02-17 09:55:22 ----D---- E:\Program Files\ASUS

2009-02-17 09:46:56 ----D---- E:\Windows\system32\Tasks

2009-02-17 09:46:55 ----D---- E:\Windows\Tasks

2009-02-17 09:28:57 ----D---- E:\Windows\system32\fr-FR

2009-02-17 09:28:36 ----D---- E:\Windows\system32\migration

2009-02-17 09:28:36 ----D---- E:\Windows\PolicyDefinitions

2009-02-17 09:28:35 ----D---- E:\Windows\system32\en-US

2009-02-17 09:11:22 ----D---- E:\Windows\SoftwareDistribution

2009-02-13 03:01:52 ----D---- E:\ProgramData\Microsoft Help

2009-02-13 03:00:30 ----D---- E:\Program Files\Windows Mail

2009-02-12 05:56:17 ----A---- E:\Windows\system32\mrt.exe

2009-02-09 07:20:18 ----D---- E:\Program Files\IncrediMail

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R1 AsIO;AsIO; E:\Windows\system32\drivers\AsIO.sys [2006-10-18 12664]

R1 avgio;avgio; \??\E:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [2007-02-27 11840]

R1 avipbb;avipbb; E:\Windows\system32\DRIVERS\avipbb.sys [2008-10-30 75072]

R1 CSC;Offline Files Driver; E:\Windows\system32\drivers\csc.sys [2008-01-19 350720]

R1 ElbyCDIO;ElbyCDIO Driver; E:\Windows\System32\Drivers\ElbyCDIO.sys [2007-08-07 25160]

R1 ssmdrv;ssmdrv; E:\Windows\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248]

R2 Par1284;Par1284; \??\E:\Program Files\Cutting Master 2 for CraftROBO 1.30\Program\Par1284.sys [2005-03-02 53344]

R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; E:\Windows\system32\drivers\ADIHdAud.sys [2007-01-16 316928]

R3 avgntflt;avgntflt; \??\E:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [2008-05-20 52032]

R3 ElbyCDFL;ElbyCDFL; E:\Windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 34760]

R3 KMWDFILTER;HIDUASDesc; E:\Windows\system32\DRIVERS\KMWDFILTER.sys [2008-10-09 17408]

R3 MTsensor;ATK0110 ACPI UTILITY; E:\Windows\system32\DRIVERS\ASACPI.sys [2006-10-18 7680]

R3 NVENETFD;NVIDIA nForce Networking Controller Driver; E:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-11-18 1040544]

R3 nvlddmkm;nvlddmkm; E:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-09-17 7379872]

R3 PCASp50;PCASp50 NDIS Protocol Driver; E:\Windows\System32\Drivers\PCASp50.sys [2006-11-28 27072]

S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\E:\Windows\system32\drivers\NSDriver.sys [2008-04-29 15648]

S3 Ad-Watch Real-Time Scanner;AW Real-Time Scanner; \??\E:\Windows\system32\drivers\AWRTPD.sys [2008-04-29 12960]

S3 Ad-Watch Registry Filter;Ad-Watch Registry Kernel Filter; \??\E:\Windows\system32\drivers\AWRTRD.sys [2008-04-29 15648]

S3 aylley1i;aylley1i; E:\Windows\system32\drivers\aylley1i.sys []

S3 catchme;catchme; \??\E:\Users\florent\AppData\Local\Temp\catchme.sys []

S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); E:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]

S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; E:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]

S3 MSKSSRV;Proxy de service de répartition Microsoft; E:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]

S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; E:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]

S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; E:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]

S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; E:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]

S3 PCAMp50;PCAMp50 NDIS Protocol Driver; E:\Windows\System32\Drivers\PCAMp50.sys [2006-11-28 28224]

S4 viamraid;viamraid; E:\Windows\system32\drivers\viamraid.sys [2006-11-08 102912]

S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; E:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 aawservice;Lavasoft Ad-Aware Service; E:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2009-01-14 611664]

R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; E:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]

R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; E:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]

R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; E:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]

R2 FTRTSVC;France Telecom Routing Table Service; E:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe [2007-07-31 65536]

R2 nvsvc;NVIDIA Display Driver Service; E:\Windows\system32\nvvsvc.exe [2008-09-17 196608]

R2 SBSDWSCService;SBSD Security Center Service; E:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-07-07 809296]

R2 StarWindServiceAE;StarWind AE Service; E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]

S3 Adobe LM Service;Adobe LM Service; E:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-10-16 72704]

S3 FLEXnet Licensing Service;FLEXnet Licensing Service; E:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-11-14 654848]

S3 gusvc;Google Updater Service; E:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-27 137200]

S3 IDriverT;InstallDriver Table Manager; E:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]

S3 odserv;Microsoft Office Diagnostics Service; E:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]

S3 ose;Office Source Engine; E:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; E:\Windows\System32\svchost.exe [2008-01-19 21504]

S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; E:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]

S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; E:\Windows\system32\wbengine.exe [2008-01-19 917504]

S3 WLSetupSvc;Windows Live Setup Service; E:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

S4 AppMgmt;Gestion d'applications; E:\Windows\system32\svchost.exe [2008-01-19 21504]

S4 CscService;Fichiers hors connexion; E:\Windows\System32\svchost.exe [2008-01-19 21504]

S4 Fax;Télécopie; E:\Windows\system32\fxssvc.exe [2008-01-19 523776]

 

-----------------EOF-----------------

 

 

 

 

 

info.txt logfile of random's system information tool 1.05 2009-03-04 17:31:56

 

======Uninstall list======

 

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}

Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}

Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}

Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}

Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}

Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}

Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}

Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}

Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}

Adobe Color EU Recommended Settings-->MsiExec.exe /I{73B5D990-04EA-4751-B10F-5534770B91F2}

Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}

Adobe Color NA Extra Settings-->MsiExec.exe /I{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}

Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}

Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}

Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}

Adobe Flash Player 9 ActiveX-->E:\Windows\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete

Adobe Flash Player ActiveX-->E:\Windows\system32\Macromed\Flash\uninstall_activeX.exe

Adobe Flash Player Plugin-->E:\Windows\system32\Macromed\Flash\uninstall_plugin.exe

Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}

Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}

Adobe Illustrator CS3-->E:\Program Files\Common Files\Adobe\Installers\e21d2df5563f0bf421cf2cc5ec26c42\Setup.exe

Adobe Illustrator CS3-->MsiExec.exe /I{6E08CE13-C2AB-4749-9335-5900B958929E}

Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}

Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}

Adobe Photoshop CS-->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0x40c

Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}

Adobe Setup-->MsiExec.exe /I{CE67DBBB-2ED0-4F35-B482-0CFE4CFC1570}

Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}

Adobe SVG Viewer 3.0-->E:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fE:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Install.log

Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}

Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}

Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}

Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}

Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}

Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}

ASUSUpdate-->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{587178E7-B1DF-494E-9838-FA4DD36E873C}\Setup.exe" -l0x40c

AusLogics Disk Defrag 1.5-->"E:\Program Files\AusLogics Disk Defrag\unins000.exe"

Avira AntiVir Personal - Free Antivirus-->E:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE

Canon Inkjet Printer Driver Add-On Module-->E:\Program Files\Common Files\Canon\IJ\InboxPrnV100\SETUP.EXE -R

Canon PIXMA iP3000-->E:\Windows\system32\CNMCP61.exe "-PRINTERNAMECanon PIXMA iP3000" "-HELPERDLLE:\BJPrinter\CNMWindows\Canon PIXMA iP3000 Installer\Inst2\cnmis.dll" "-RCDLLE:\BJPrinter\CNMWindows\Canon PIXMA iP3000 Installer\Inst2\cnmi040c.dll"

CCleaner (remove only)-->"E:\Program Files\CCleaner\uninst.exe"

CD-LabelPrint-->"E:\Program Files\CD-LabelPrint\Uninstal.exe" Canon.CDLabelPrint.Application

CloneCD-->"E:\Program Files\SlySoft\CloneCD\ccd-uninst.exe" /D="E:\Program Files\SlySoft\CloneCD"

Craft ROBO Controller-->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{97D52BC9-D904-413F-A0F7-E3EE4C95B623}\setup.exe" -l0x40c -uninst -removeonly

Cutting Master 2 for CraftROBO 1.30-->"E:\Windows\IsUn040c.exe" -f"E:\Program Files\Cutting Master 2 for CraftROBO 1.30\Uninst.isu" -c"E:\Program Files\Cutting Master 2 for CraftROBO 1.30\Program\Uninstall.dll"

DHTML Editing Component-->MsiExec.exe /I{2EA870FA-585F-4187-903D-CB9FFD21E2E0}

EVEREST Ultimate Edition v4.60-->"E:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"

FontView version 3.3-->"E:\Program Files\FontView\unins000.exe"

Free&Easy Font Viewer 2.0-->"E:\Program Files\Free&Easy Font Viewer\unins000.exe"

Google Toolbar for Internet Explorer-->"E:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0531C63A913CC9D1.exe" /uninstall

Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}

HijackThis 2.0.2-->"E:\Users\florent\AppData\Local\Temp\Rar$EX00.981\HijackThis.exe" /uninstall

IncrediMail-->E:\Program Files\IncrediMail\bin\ImSetup.exe /remove /addon:IncrediMail /log:IncMail.log

Inkscape 0.46-->E:\Program Files\Inkscape\Uninstall.exe

Java 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}

JkDefrag 3.36-->"E:\Program Files\JkDefrag\unins000.exe"

JMB36X Raid Configurer-->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}\setup.exe" -l0x40c -removeonly

K-Lite Codec Pack 4.1.4 (Full)-->"E:\Program Files\K-Lite Codec Pack\unins000.exe"

livebox-->E:\Program Files\InstallShield Installation Information\{17342E3B-0818-4A6F-BFF8-99476605ADD6}\Setup.exe -runfromtemp -l0x040c -removeonly

Lphant v3.51-->"E:\Program Files\Lphant\unins000.exe"

Malwarebytes' Anti-Malware-->"E:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"

Messenger Plus! Live-->"E:\Program Files\Messenger Plus! Live\Uninstall.exe"

Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}

Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}

Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}

Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}

Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}

Microsoft Office Professional Plus 2007-->"E:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL

Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}

Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}

Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}

Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}

Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}

Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}

Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}

Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}

Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}

Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}

Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}

Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}

Mozilla Firefox (3.0.6)-->E:\Program Files\Mozilla Firefox\uninstall\helper.exe

MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

Navigateur Orange-->E:\Program Files\Orange HSS\Uninstall\Browser\Shell.exe MainUninstall.shl

Navilog1 3.7.5-->"E:\Program Files\Navilog1\unins000.exe"

neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}

NVIDIA Drivers-->E:\Windows\system32\NVUNINST.EXE UninstallGUI

OpenOffice.org 3.0-->MsiExec.exe /I{1572F66F-F9AD-4D45-B0D2-0F45A0D5A0F6}

Orange - Logiciels Internet-->E:\Program Files\Orange HSS\installation\core\Installgui.exe -u

PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}

PhotoFiltre Studio-->"E:\Program Files\PhotoFiltre Studio\Uninst.exe"

PSPad editor-->"E:\Program Files\PSPad editor\Uninst\unins000.exe"

QuickPar 0.9-->E:\Program Files\QuickPar\uninst.exe

ROBO Master-->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{44E8FA6E-931D-4755-82DA-DB93CE1F238C}\setup.exe" -l0x40c -uninst -removeonly

Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}

Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}

Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2}

Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B}

Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}

Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}

Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}

Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}

Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}

SoundMAX-->E:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe -runfromtemp -l0x040c -removeonly

Spybot - Search & Destroy-->"E:\Program Files\Spybot - Search & Destroy\unins000.exe"

Update for Microsoft Office Excel 2007 Help (KB957242)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {49E314EE-81FA-4007-8F1A-8D39BDBB4498}

Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}

Update for Microsoft Office Outlook 2007 Help (KB957246)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {80E46078-C1C5-4AE8-8744-3EAFC812E118}

Update for Office 2007 (KB946691)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}

Update for Outlook 2007 Junk Email Filter (kb959634)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {50C77E2F-5C1C-467D-9BC8-3CA07D28C9F2}

Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}

Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}

Windows Live OneCare safety scanner-->"E:\Program Files\Windows Live Safety Center\UnInstall.exe"

Windows Live OneCare safety scanner-->MsiExec.exe /X{FE0646A7-19D0-41B4-A2BB-2C35D644270D}

WinRAR archiver-->E:\Program Files\WinRAR\uninstall.exe

XnView 1.95.2-->"E:\Program Files\XnView\unins000.exe"

Zeb-Utility 1.2-->E:\Program Files\Zeb-Utility\Uninstal.exe

 

=====HijackThis Backups=====

 

O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - E:\Program Files\IEPro\iepro.dll (file missing)

O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - E:\Program Files\IEPro\iepro.dll (file missing)

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - E:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Google Updater Service (gusvc) - Google - E:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O9 - Extra 'Tools' menuitem: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - E:\Program Files\IEPro\iepro.dll (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - E:\Windows\system32\nvvsvc.exe

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

 

======Hosts File======

 

127.0.0.1 www.newsleecher.com

127.0.0.1 www.007guard.com

127.0.0.1 007guard.com

127.0.0.1 008i.com

127.0.0.1 www.008k.com

127.0.0.1 008k.com

127.0.0.1 www.00hq.com

127.0.0.1 00hq.com

127.0.0.1 010402.com

127.0.0.1 www.032439.com

 

======Security center information======

 

AS: Spybot - Search and Destroy (disabled) (outdated)

AS: Windows Defender

 

System event log

 

Computer Name: fixe

Event Code: 7036

Message: Le service Service KtmRm pour Distributed Transaction Coordinator est entré dans l'état : en cours d'exécution.

Record Number: 60336

Source Name: Service Control Manager

Time Written: 20090304162959.000000-000

Event Type: Information

User:

 

Computer Name: fixe

Event Code: 7036

Message: Le service Windows Update est entré dans l'état : en cours d'exécution.

Record Number: 60337

Source Name: Service Control Manager

Time Written: 20090304163005.000000-000

Event Type: Information

User:

 

Computer Name: fixe

Event Code: 10029

Message: DCOM a démarré le service TrustedInstaller avec les arguments «  » de façon à exécuter le serveur :

{752073A1-23F2-4396-85F0-8FDB879ED0ED}

Record Number: 60338

Source Name: Microsoft-Windows-DistributedCOM

Time Written: 20090304163122.000000-000

Event Type: Information

User:

 

Computer Name: fixe

Event Code: 7036

Message: Le service Programme d’installation de modules Windows est entré dans l'état : en cours d'exécution.

Record Number: 60339

Source Name: Service Control Manager

Time Written: 20090304163122.000000-000

Event Type: Information

User:

 

Computer Name: fixe

Event Code: 7036

Message: Le service Service de l’Assistant Compatibilité des programmes est entré dans l'état : en cours d'exécution.

Record Number: 60340

Source Name: Service Control Manager

Time Written: 20090304163127.000000-000

Event Type: Information

User:

 

Application event log

 

Computer Name: fixe

Event Code: 1

Message: Le service Centre de sécurité Windows a démarré.

Record Number: 11088

Source Name: SecurityCenter

Time Written: 20090304162748.000000-000

Event Type: Information

User:

 

Computer Name: fixe

Event Code: 1

Message: Le client des services de certification a démarré correctement.

Record Number: 11089

Source Name: Microsoft-Windows-CertificateServicesClient

Time Written: 20090304162807.329793-000

Event Type: Information

User: fixe\florent

 

Computer Name: fixe

Event Code: 1003

Message: Le service Windows Search a été démarré.

 

Record Number: 11090

Source Name: Microsoft-Windows-Search

Time Written: 20090304162813.000000-000

Event Type: Information

User:

 

Computer Name: fixe

Event Code: 1

Message: Le client des services de certification a démarré correctement.

Record Number: 11091

Source Name: Microsoft-Windows-CertificateServicesClient

Time Written: 20090304162816.344793-000

Event Type: Information

User: AUTORITE NT\SYSTEM

 

Computer Name: fixe

Event Code: 1001

Message: Récipient d’erreurs 8, type 5

Événement : MSHTMLLAYOUTHARDASSERT

Réponse : Aucun

ID de CAB : 0

 

Signature du problème :

P1 :

P2 :

P3 :

P4 :

P5 :

P6 :

P7 :

P8 :

P9 :

P10 :

 

Fichiers joints :

 

Ces fichiers sont peut-être disponibles ici :

E:\Users\florent\AppData\Local\Microsoft\Windows\WER\ReportArchive\Report0fc8e5fa

Record Number: 11092

Source Name: Windows Error Reporting

Time Written: 20090304163021.000000-000

Event Type: Information

User:

 

Security event log

 

Computer Name: fixe

Event Code: 5038

Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.

 

Nom du fichier : \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys

Record Number: 20973

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20090304163153.187793-000

Event Type: Échec de l'audit

User:

 

Computer Name: fixe

Event Code: 5038

Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.

 

Nom du fichier : \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys

Record Number: 20974

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20090304163153.206793-000

Event Type: Échec de l'audit

User:

 

Computer Name: fixe

Event Code: 5038

Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.

 

Nom du fichier : \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys

Record Number: 20975

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20090304163153.226793-000

Event Type: Échec de l'audit

User:

 

Computer Name: fixe

Event Code: 5038

Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.

 

Nom du fichier : \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys

Record Number: 20976

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20090304163153.245793-000

Event Type: Échec de l'audit

User:

 

Computer Name: fixe

Event Code: 5038

Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.

 

Nom du fichier : \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys

Record Number: 20977

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20090304163153.264793-000

Event Type: Échec de l'audit

User:

 

======Environment variables======

 

"ComSpec"=%SystemRoot%\system32\cmd.exe

"FP_NO_HOST_CHECK"=NO

"NUMBER_OF_PROCESSORS"=2

"OS"=Windows_NT

"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC

"PROCESSOR_ARCHITECTURE"=x86

"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 67 Stepping 3, AuthenticAMD

"PROCESSOR_LEVEL"=15

"PROCESSOR_REVISION"=4303

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"USERNAME"=SYSTEM

"windir"=%SystemRoot%

 

-----------------EOF-----------------

[pear]

Bonsoir,

 

 

 

 

Télécharger sur le bureauOTMoveIt3 by OldTimer .

Double-clic sur OTMoveIt3.exe pour le lancer.

Sous Vista,Clic droit sur le fichier ->Choisir Exécuter en tant qu' Administrateur

Vérifier que Unregister Dll's and Ocx's soit coché.

* Copiez /Collez les lignes ci dessous):

 

:Processes

explorer.exe

 

:Reg

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{51f8cf13-9296-11dd-af0c-001fc6e3820c}]

 

:Commands

[purity]

[emptytemp]

[start explorer]

[Reboot]

Revenez dans OTMoveIt3,

Clic droit sur la fenêtre "Paste Instructions for Items to be Moved" sous la barre jaune et choisir Coller(Paste).

* Click le bouton rouge Moveit!

* Fermez OTMoveIt3

Votre Pc va redémarrer.

Rendez vous dans le dossier C:\_OTMoveIt\MovedFiles ,

ouvrez le dernier fichier .log

Copiez/collez en le contenu dans votre prochaine réponse

 

[florent67]

le rapport:

 

========== PROCESSES ==========

Process explorer.exe killed successfully.

========== REGISTRY ==========

Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{51f8cf13-9296-11dd-af0c-001fc6e3820c}\\ deleted successfully.

========== COMMANDS ==========

User's Temp folder emptied.

User's Temporary Internet Files folder emptied.

User's Internet Explorer cache folder emptied.

Local Service Temp folder emptied.

Local Service Temporary Internet Files folder emptied.

Windows Temp folder emptied.

FireFox cache emptied.

Temp folders emptied.

Explorer started successfully

 

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 03042009_180921

[pear]

Il y a du mieux ?

 

Parce que , concernant les malwares , on a tout fait .

[florent67]

j'ai fait un peu le tour du net et pas de plantage de IE.

mais sur certain site et forum,je n'est plus l'affichage des images.

[pear]

Tentez ceci:

 

IE s'ouvre sur une page blanche ou les liens ne s'ouvrent pas

fermer Internet Explorer

 

Copier/coller ce qui suit dans le bloc notes,

sans ligne blanche au début.

Enregistrez sur le bureau sous regis.reg.

Cliquez droit sur le fichier ->fusionner

Acceptez la modification du Régistre:

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\http\shell]

@="open"

[HKEY_CLASSES_ROOT\http\shell\open]

[HKEY_CLASSES_ROOT\http\shell\open\command]

@="\"C:\\Program Files\\Internet Explorer\\iexplore.exe\" -nohome"

[HKEY_CLASSES_ROOT\http\shell\open\ddeexec]

@="\"%1\",,-1,0,,,,"

"NoActivateHandler"=""

[HKEY_CLASSES_ROOT\http\shell\open\ddeexec\Application]

@="IExplore"

[HKEY_CLASSES_ROOT\http\shell\open\ddeexec\Topic]

@="WWW_OpenURL"

 

Copiez collez ce qui suit dans le bloc notes.

Enregistrez sur le bureau sous ie.bat.

Double cliquez sur le fichier pour le lancer.

@echo off

start /wait regsvr32 urlmon.dll /s

start /wait regsvr32 Actxprxy.dll /s

start /wait regSvr32 Browseui.dll

start /wait regsvr32 iuengine.dll /s

start /wait regSvr32 Mshtml.dll

start /wait regsvr32 msxml.dll /s

start /wait regsvr32 msxml2.dll /s

start /wait regsvr32 msxml3.dll /s

start /wait regSvr32 Shell32.dll

start /wait regsvr32 Shdocvw.dll /s

start /wait regsvr32 Oleaut32.dll /s

 

echo Termine !

pause

exit