PC qui ralentit après nettoyage avec CCclean etc

[sebiii]

Bonjour à tous,

 

Depuis 2 3 semaines mon pc ralenti, ralenti et ralenti.

J'ai donc suivi un peu toutes les procédures.

J'ai fait un nettoyage avec Ccleaner et aussi Easy cleaner (Nettoyage base de registre etc...)

Malgré ca rien n'y fait...

 

Je vous poste donc mon Rapport Hijackthis car sincèrement je n'y comprend rien du tout.

 

Merci d'avance de votre aide.

 

Voici le rapport:

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 20:33:24, on 23/03/2010

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18882)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files\Windows Defender\MSASCui.exe

C:\hp\support\hpsysdrv.exe

C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe

C:\WINDOWS\RtHDVCpl.exe

C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

C:\WINDOWS\System32\rundll32.exe

C:\WINDOWS\System32\rundll32.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe

C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\hp\kbd\kbd.exe

C:\Windows\system32\conime.exe

C:\Program Files\Windows Live\Mail\wlmail.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe

C:\Program Files\Sony\PMB\PMBBrowser.exe

C:\Program Files\Sony\PMB\PMBMPThumb.exe

C:\Program Files\Sony\PMB\PMBMPThumb.exe

C:\Program Files\Sony\PMB\PMBMPThumb.exe

C:\Program Files\Sony\PMB\PMBMPThumb.exe

C:\Program Files\QuickTime\QuickTimePlayer.exe

C:\Windows\explorer.exe

C:\Users\Sébastien\Downloads\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll

O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll

O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe

O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE

O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [CCUTRAYICON] FactoryMode

O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"

O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"

O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE

O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe

O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')

O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Ajouter à l'Anti-bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm

O8 - Extra context menu item: Ajouter à un fichier PDF existant - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convertir au format Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll

O13 - Gopher Prefix:

O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll

O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe

O23 - Service: Intel® Alert Service (AlertService) - Intel® Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe

O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Intel® Software Services Manager (ISSM) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: Intel® Viiv Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe

O23 - Service: Intel® Application Tracker (MCLServiceATL) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe

O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe

O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)

O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe

O23 - Service: Intel® Remoting Service (Remote UI Service) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe

O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

 

--

End of file - 10752 bytes

[sebiii]

Personne pour m'aidé?

[Thanos]

salut

 

Rien de mauvais sur ce rapport. J'aimerai en voir plus grace à ce scan =>

 

Télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.

• Double-clique sur RSIT.exe afin de lancer RSIT.
  
• Clique Continue à l'écran Disclaimer.
  
• Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
  
• Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (<<qui sera affiché)
  ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
  
• Si tu ne vois pas ces deux rapports, tu les trouveras dans le dossier C:\rsit
  

[sebiii]

Bonjour Thanos,

 

voici le log.txt:

 

Logfile of random's system information tool 1.06 (written by random/random)

Run by Sébastien at 2010-04-02 16:46:57

Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2

System drive C: has 279 GB (60%) free of 469 GB

Total RAM: 3071 MB (58% free)

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 16:47:04, on 02/04/2010

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18904)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files\Windows Defender\MSASCui.exe

C:\hp\support\hpsysdrv.exe

C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe

C:\WINDOWS\RtHDVCpl.exe

C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

C:\WINDOWS\System32\rundll32.exe

C:\WINDOWS\System32\rundll32.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe

C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe

C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe

C:\hp\kbd\kbd.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\conime.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\Sébastien\Downloads\RSIT.exe

C:\Users\Sébastien\Downloads\Sébastien.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: Setuprog Toolbar - {f4ef4468-9bbb-45a1-a2ce-f0c430a9a7e5} - C:\Program Files\Setuprog\tbSetu.dll

O1 - Hosts: ::1 localhost

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll

O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll

O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O2 - BHO: Setuprog Toolbar - {f4ef4468-9bbb-45a1-a2ce-f0c430a9a7e5} - C:\Program Files\Setuprog\tbSetu.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll

O3 - Toolbar: Setuprog Toolbar - {f4ef4468-9bbb-45a1-a2ce-f0c430a9a7e5} - C:\Program Files\Setuprog\tbSetu.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe

O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE

O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [CCUTRAYICON] FactoryMode

O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"

O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"

O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE

O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe

O4 - HKLM\..\Run: [uSBToolTip] C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')

O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Ajouter à l'Anti-bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm

O8 - Extra context menu item: Ajouter à un fichier PDF existant - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convertir au format Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll

O13 - Gopher Prefix:

O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll

O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe

O23 - Service: Intel® Alert Service (AlertService) - Intel® Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe

O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Intel® Software Services Manager (ISSM) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: Intel® Viiv Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe

O23 - Service: Intel® Application Tracker (MCLServiceATL) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe

O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe

O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)

O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe

O23 - Service: Intel® Remoting Service (Remote UI Service) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe

O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

 

--

End of file - 10978 bytes

 

======Scheduled tasks folder======

 

C:\Windows\tasks\Norton Internet Security - Analyse système complète - Sébastien.job

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2008-06-11 61816]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}]

ContributeBHO Class - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll [2008-08-28 136560]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]

IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll [2009-05-25 68112]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]

Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf00e119-21a3-4fd1-b178-3b8537e75c92}]

IeMonitorBho Class - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll [2009-12-01 108544]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]

FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [2010-03-07 264720]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]

SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f4ef4468-9bbb-45a1-a2ce-f0c430a9a7e5}]

Setuprog Toolbar - C:\Program Files\Setuprog\tbSetu.dll [2010-02-22 2353176]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - Contribute Toolbar - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll [2008-08-28 136560]

{f4ef4468-9bbb-45a1-a2ce-f0c430a9a7e5} - Setuprog Toolbar - C:\Program Files\Setuprog\tbSetu.dll [2010-02-22 2353176]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]

"hpsysdrv"=c:\hp\support\hpsysdrv.exe [2006-09-28 65536]

"KBD"=C:\HP\KBD\KbdStub.EXE [2006-12-08 65536]

"OsdMaestro"=C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe [2007-02-15 118784]

"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-03-01 4390912]

"CCUTRAYICON"=FactoryMode []

"HP Software Update"=c:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-02-16 49152]

"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-01-07 1394000]

"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-04-20 86016]

"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-04-20 8429568]

"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-04-20 81920]

"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-02-15 141608]

"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-05-25 303376]

"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]

"Adobe Acrobat Speed Launcher"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2008-06-12 37232]

""= []

"Acrobat Assistant 8.0"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2008-06-11 640376]

"Adobe_ID0ENQBO"=C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [2008-08-15 378224]

"PMBVolumeWatcher"=C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe [2009-11-04 597792]

"USBToolTip"=C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe [2007-02-20 199752]

"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-02-15 417792]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"Launcher"=C:\Windows\SMINST\launcher.exe [2007-03-07 44168]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]

"WindowsWelcomeCenter"=oobefldr.dll,ShowWelcomeCenter []

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLS"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll"

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]

C:\Windows\system32\klogon.dll [2009-05-25 219664]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"BindDirectlyToPropertySetStorage"=

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{36ff4059-1b43-11df-a607-001bfcf945a6}]

shell\AutoRun\command - K:\wd_windows_tools\WDSetup.exe

 

 

======File associations======

 

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - "C:\Program Files\Adobe\Adobe Dreamweaver CS4\Dreamweaver.exe","%1"

 

======List of files/folders created in the last 1 months======

 

2010-04-02 16:46:57 ----D---- C:\rsit

2010-03-30 20:17:43 ----A---- C:\Windows\system32\mshtml.dll

2010-03-30 20:17:42 ----A---- C:\Windows\system32\ieframe.dll

2010-03-30 20:17:41 ----A---- C:\Windows\system32\iertutil.dll

2010-03-30 20:17:40 ----A---- C:\Windows\system32\wininet.dll

2010-03-30 20:17:40 ----A---- C:\Windows\system32\urlmon.dll

2010-03-30 20:17:40 ----A---- C:\Windows\system32\occache.dll

2010-03-30 20:17:40 ----A---- C:\Windows\system32\mstime.dll

2010-03-30 20:17:40 ----A---- C:\Windows\system32\msfeeds.dll

2010-03-30 20:17:40 ----A---- C:\Windows\system32\iedkcs32.dll

2010-03-30 20:17:39 ----A---- C:\Windows\system32\msfeedssync.exe

2010-03-30 20:17:39 ----A---- C:\Windows\system32\msfeedsbs.dll

2010-03-30 20:17:39 ----A---- C:\Windows\system32\jsproxy.dll

2010-03-30 20:17:39 ----A---- C:\Windows\system32\ieUnatt.exe

2010-03-30 20:17:39 ----A---- C:\Windows\system32\ieui.dll

2010-03-30 20:17:39 ----A---- C:\Windows\system32\iesysprep.dll

2010-03-30 20:17:39 ----A---- C:\Windows\system32\iesetup.dll

2010-03-30 20:17:39 ----A---- C:\Windows\system32\iernonce.dll

2010-03-30 20:17:39 ----A---- C:\Windows\system32\iepeers.dll

2010-03-30 20:17:39 ----A---- C:\Windows\system32\ie4uinit.exe

2010-03-29 23:11:30 ----A---- C:\Windows\system32\devil.dll

2010-03-29 23:11:30 ----A---- C:\Windows\system32\avisynth.dll

2010-03-29 23:11:29 ----D---- C:\Program Files\AviSynth 2.5

2010-03-29 23:11:29 ----A---- C:\Windows\system32\i420vfw.dll

2010-03-29 23:11:29 ----A---- C:\Windows\system32\AVSredirect.dll

2010-03-29 22:57:18 ----D---- C:\Program Files\Common Files\SWF Studio

2010-03-29 22:57:11 ----D---- C:\Program Files\Riva

2010-03-29 21:43:26 ----D---- C:\Program Files\QuickTime

2010-03-29 21:42:10 ----D---- C:\Program Files\Setuprog

2010-03-29 21:42:10 ----D---- C:\Program Files\Conduit

2010-03-29 20:24:24 ----D---- C:\Program Files\FileZilla FTP Client

2010-03-29 20:21:20 ----D---- C:\Users\Sébastien\AppData\Roaming\FileZilla

2010-03-28 16:54:09 ----D---- C:\ProgramData\Pinnacle Studio Ultimate Collection

2010-03-28 16:52:58 ----D---- C:\Users\Sébastien\AppData\Roaming\DivX

2010-03-28 16:49:05 ----D---- C:\Program Files\Common Files\Pinnacle

2010-03-28 16:47:58 ----D---- C:\ProgramData\Pinnacle Studio Ultimate

2010-03-28 16:42:47 ----D---- C:\Program Files\Common Files\Pegasus Imaging

2010-03-28 16:42:46 ----D---- C:\Program Files\Common Files\Yahoo!

2010-03-28 16:42:45 ----D---- C:\ProgramData\Studio 14

2010-03-28 16:42:45 ----D---- C:\ProgramData\Pinnacle Studio Plus

2010-03-28 16:42:45 ----D---- C:\Program Files\Pinnacle

2010-03-28 16:39:38 ----D---- C:\ProgramData\Pinnacle

2010-03-28 16:35:28 ----D---- C:\ProgramData\WindowsSearch

2010-03-28 15:57:11 ----D---- C:\Users\Sébastien\AppData\Roaming\Publish Providers

2010-03-28 15:49:55 ----D---- C:\Users\Sébastien\AppData\Roaming\Sony

2010-03-28 15:48:08 ----D---- C:\ProgramData\Sony

2010-03-23 21:26:41 ----D---- C:\Users\Sébastien\AppData\Roaming\dvdcss

2010-03-23 21:26:29 ----D---- C:\Users\Sébastien\AppData\Roaming\vlc

2010-03-23 21:25:41 ----D---- C:\Program Files\VideoLAN

2010-03-18 23:37:14 ----D---- C:\Program Files\CCleaner

2010-03-18 23:36:40 ----D---- C:\Program Files\ToniArts

2010-03-18 22:55:32 ----D---- C:\Users\Sébastien\AppData\Roaming\Sony Corporation

2010-03-18 22:49:24 ----A---- C:\Windows\system32\d3dx9_35.dll

2010-03-18 22:46:33 ----D---- C:\Program Files\Sony

2010-03-18 22:46:32 ----D---- C:\ProgramData\Sony Corporation

2010-03-17 10:36:44 ----A---- C:\Windows\system32\browserchoice.exe

2010-03-16 20:16:45 ----D---- C:\Program Files\VirtualDJ

2010-03-15 22:35:24 ----D---- C:\Users\Sébastien\AppData\Roaming\ImgBurn

2010-03-15 19:47:42 ----D---- C:\Program Files\ImgBurn

2010-03-13 00:36:08 ----A---- C:\Windows\PMS.INI

2010-03-13 00:36:05 ----D---- C:\PMSSAARI

2010-03-13 00:34:15 ----A---- C:\Windows\IsUn040c.exe

2010-03-12 22:29:56 ----D---- C:\Program Files\GecoMaes

2010-03-12 21:44:22 ----A---- C:\Windows\system32\cdintf251.dll

2010-03-12 21:44:21 ----D---- C:\Program Files\Maestria

2010-03-12 21:44:20 ----D---- C:\Program Files\Common Files\SAGE

2010-03-12 21:44:20 ----A---- C:\Windows\system32\SAGEPERS.DLL

2010-03-12 21:44:20 ----A---- C:\Windows\system32\mlcorert.dll

2010-03-12 21:44:20 ----A---- C:\Windows\system32\crun500.dll

2010-03-12 21:44:20 ----A---- C:\Windows\system32\cbaselocal.dll

2010-03-12 21:44:20 ----A---- C:\Windows\system32\cbaseintf.dll

2010-03-12 21:28:17 ----D---- C:\Users\Sébastien\AppData\Roaming\uTorrent

2010-03-12 19:41:16 ----D---- C:\ProgramData\Sage

2010-03-12 19:28:40 ----D---- C:\Users\Sébastien\AppData\Roaming\Sage

2010-03-10 22:28:10 ----D---- C:\ProgramData\ALM

2010-03-10 22:15:00 ----RA---- C:\Windows\system32\AdobePDFUI.dll

2010-03-10 22:15:00 ----RA---- C:\Windows\system32\AdobePDF.dll

2010-03-10 21:56:56 ----D---- C:\Program Files\Common Files\Macrovision Shared

2010-03-10 12:18:46 ----A---- C:\Windows\system32\nshhttp.dll

2010-03-10 12:18:45 ----A---- C:\Windows\system32\httpapi.dll

2010-03-07 20:06:15 ----D---- C:\ProgramData\Kaspersky Lab

2010-03-07 20:06:15 ----D---- C:\Program Files\Kaspersky Lab

2010-03-07 19:59:10 ----D---- C:\ProgramData\Kaspersky Lab Setup Files

2010-03-07 14:51:12 ----D---- C:\Program Files\Windows Portable Devices

2010-03-07 12:37:16 ----A---- C:\Windows\system32\UIAnimation.dll

2010-03-07 12:37:15 ----A---- C:\Windows\system32\UIRibbonRes.dll

2010-03-07 12:37:15 ----A---- C:\Windows\system32\UIRibbon.dll

2010-03-07 12:36:32 ----A---- C:\Windows\system32\WMPhoto.dll

2010-03-07 12:36:31 ----A---- C:\Windows\system32\cdd.dll

2010-03-07 12:36:28 ----A---- C:\Windows\system32\xpsservices.dll

2010-03-07 12:36:28 ----A---- C:\Windows\system32\XpsRasterService.dll

2010-03-07 12:36:28 ----A---- C:\Windows\system32\XpsPrint.dll

2010-03-07 12:36:28 ----A---- C:\Windows\system32\XpsGdiConverter.dll

2010-03-07 12:36:28 ----A---- C:\Windows\system32\WindowsCodecsExt.dll

2010-03-07 12:36:28 ----A---- C:\Windows\system32\WindowsCodecs.dll

2010-03-07 12:36:28 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe

2010-03-07 12:36:28 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll

2010-03-07 12:36:28 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll

2010-03-07 12:36:28 ----A---- C:\Windows\system32\OpcServices.dll

2010-03-07 12:36:28 ----A---- C:\Windows\system32\FntCache.dll

2010-03-07 12:36:28 ----A---- C:\Windows\system32\dxdiagn.dll

2010-03-07 12:36:28 ----A---- C:\Windows\system32\dxdiag.exe

2010-03-07 12:36:28 ----A---- C:\Windows\system32\DWrite.dll

2010-03-07 12:36:28 ----A---- C:\Windows\system32\d3d11.dll

2010-03-07 12:36:28 ----A---- C:\Windows\system32\d3d10warp.dll

2010-03-07 12:36:28 ----A---- C:\Windows\system32\d3d10level9.dll

2010-03-07 12:36:28 ----A---- C:\Windows\system32\d3d10core.dll

2010-03-07 12:36:28 ----A---- C:\Windows\system32\d3d10_1core.dll

2010-03-07 12:36:28 ----A---- C:\Windows\system32\d2d1.dll

2010-03-07 12:36:27 ----A---- C:\Windows\system32\dxgi.dll

2010-03-07 12:36:27 ----A---- C:\Windows\system32\d3d10_1.dll

2010-03-07 12:36:27 ----A---- C:\Windows\system32\d3d10.dll

2010-03-07 12:35:56 ----A---- C:\Windows\system32\WPDShextAutoplay.exe

2010-03-07 12:35:56 ----A---- C:\Windows\system32\wpdbusenum.dll

2010-03-07 12:35:56 ----A---- C:\Windows\system32\BthMtpContextHandler.dll

2010-03-07 12:35:53 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll

2010-03-07 12:35:52 ----A---- C:\Windows\system32\WpdMtpUS.dll

2010-03-07 12:35:52 ----A---- C:\Windows\system32\WpdConns.dll

2010-03-07 12:35:51 ----A---- C:\Windows\system32\WPDSp.dll

2010-03-07 12:35:51 ----A---- C:\Windows\system32\WPDShServiceObj.dll

2010-03-07 12:35:51 ----A---- C:\Windows\system32\wpdshext.dll

2010-03-07 12:35:51 ----A---- C:\Windows\system32\WpdMtp.dll

2010-03-07 12:35:51 ----A---- C:\Windows\system32\wpd_ci.dll

2010-03-07 12:35:51 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll

2010-03-07 12:35:51 ----A---- C:\Windows\system32\PortableDeviceTypes.dll

2010-03-07 12:35:51 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll

2010-03-07 12:35:51 ----A---- C:\Windows\system32\PortableDeviceApi.dll

2010-03-07 12:34:23 ----A---- C:\Windows\system32\UIAutomationCore.dll

2010-03-07 12:34:23 ----A---- C:\Windows\system32\oleaccrc.dll

2010-03-07 12:34:23 ----A---- C:\Windows\system32\oleacc.dll

 

======List of files/folders modified in the last 1 months======

 

2010-04-02 16:47:03 ----D---- C:\Windows\Temp

2010-04-02 16:46:17 ----D---- C:\Windows\System32

2010-04-02 16:46:17 ----D---- C:\Windows\inf

2010-04-02 16:46:17 ----A---- C:\Windows\system32\PerfStringBackup.INI

2010-04-02 16:40:34 ----D---- C:\Windows\SMINST

2010-04-01 19:52:18 ----SHD---- C:\System Volume Information

2010-03-31 21:16:18 ----RSD---- C:\Windows\Fonts

2010-03-31 11:38:41 ----D---- C:\Windows\Prefetch

2010-03-31 10:48:53 ----D---- C:\Windows\system32\migration

2010-03-31 10:48:53 ----D---- C:\Program Files\Internet Explorer

2010-03-31 10:33:46 ----D---- C:\Windows\winsxs

2010-03-30 20:16:06 ----D---- C:\Windows\system32\catroot

2010-03-30 20:16:03 ----D---- C:\Windows\system32\catroot2

2010-03-30 20:13:54 ----D---- C:\Program Files

2010-03-29 23:14:20 ----D---- C:\WINDOWS

2010-03-29 22:57:18 ----D---- C:\Program Files\Common Files

2010-03-29 22:52:46 ----D---- C:\Users\Sébastien\AppData\Roaming\Real

2010-03-29 21:47:33 ----D---- C:\ProgramData\Apple Computer

2010-03-29 21:44:06 ----SHD---- C:\Windows\Installer

2010-03-28 21:12:41 ----D---- C:\Users\Sébastien\AppData\Roaming\Adobe

2010-03-28 16:54:09 ----D---- C:\ProgramData

2010-03-28 16:49:31 ----D---- C:\Windows\system32\drivers

2010-03-28 15:49:22 ----RSD---- C:\Windows\assembly

2010-03-24 21:15:28 ----D---- C:\ProgramData\Microsoft Help

2010-03-23 23:29:39 ----D---- C:\ProgramData\FLEXnet

2010-03-23 23:21:07 ----D---- C:\Program Files\Mozilla Firefox

2010-03-18 23:39:32 ----D---- C:\Windows\Debug

2010-03-18 23:36:40 ----HD---- C:\Program Files\InstallShield Installation Information

2010-03-18 22:48:07 ----D---- C:\Windows\Logs

2010-03-15 20:54:49 ----D---- C:\Windows\system32\WDI

2010-03-12 22:30:14 ----D---- C:\Windows\Help

2010-03-12 22:21:00 ----SD---- C:\Users\Sébastien\AppData\Roaming\Microsoft

2010-03-10 22:31:18 ----D---- C:\Program Files\Common Files\Adobe

2010-03-10 22:30:41 ----D---- C:\Program Files\Adobe

2010-03-10 22:24:16 ----D---- C:\Program Files\Common Files\PX Storage Engine

2010-03-10 22:06:24 ----D---- C:\ProgramData\Adobe

2010-03-10 22:05:11 ----D---- C:\Windows\system32\Tasks

2010-03-10 12:37:18 ----D---- C:\Program Files\Windows Mail

2010-03-10 12:37:18 ----D---- C:\Program Files\Movie Maker

2010-03-09 22:56:43 ----D---- C:\Users\Sébastien\AppData\Roaming\Apple Computer

2010-03-07 19:57:08 ----D---- C:\ProgramData\Norton

2010-03-07 19:55:00 ----D---- C:\Program Files\Common Files\Symantec Shared

2010-03-07 15:44:35 ----D---- C:\Windows\Microsoft.NET

2010-03-07 15:10:51 ----D---- C:\Windows\rescache

2010-03-07 14:51:14 ----D---- C:\Windows\system32\fr-FR

2010-03-07 14:51:12 ----D---- C:\Windows\system32\wbem

2010-03-07 14:51:10 ----D---- C:\Windows\system32\zh-TW

2010-03-07 14:51:10 ----D---- C:\Windows\system32\zh-HK

2010-03-07 14:51:10 ----D---- C:\Windows\system32\zh-CN

2010-03-07 14:51:10 ----D---- C:\Windows\system32\uk-UA

2010-03-07 14:51:10 ----D---- C:\Windows\system32\tr-TR

2010-03-07 14:51:10 ----D---- C:\Windows\system32\th-TH

2010-03-07 14:51:10 ----D---- C:\Windows\system32\sv-SE

2010-03-07 14:51:10 ----D---- C:\Windows\system32\sr-Latn-CS

2010-03-07 14:51:10 ----D---- C:\Windows\system32\sl-SI

2010-03-07 14:51:10 ----D---- C:\Windows\system32\sk-SK

2010-03-07 14:51:10 ----D---- C:\Windows\system32\pt-PT

2010-03-07 14:51:10 ----D---- C:\Windows\system32\pt-BR

2010-03-07 14:51:10 ----D---- C:\Windows\system32\pl-PL

2010-03-07 14:51:10 ----D---- C:\Windows\system32\nl-NL

2010-03-07 14:51:10 ----D---- C:\Windows\system32\lv-LV

2010-03-07 14:51:10 ----D---- C:\Windows\system32\lt-LT

2010-03-07 14:51:10 ----D---- C:\Windows\system32\ko-KR

2010-03-07 14:51:10 ----D---- C:\Windows\system32\it-IT

2010-03-07 14:51:10 ----D---- C:\Windows\system32\hu-HU

2010-03-07 14:51:10 ----D---- C:\Windows\system32\hr-HR

2010-03-07 14:51:10 ----D---- C:\Windows\system32\he-IL

2010-03-07 14:51:10 ----D---- C:\Windows\system32\fi-FI

2010-03-07 14:51:10 ----D---- C:\Windows\system32\et-EE

2010-03-07 14:51:10 ----D---- C:\Windows\system32\es-ES

2010-03-07 14:51:10 ----D---- C:\Windows\system32\el-GR

2010-03-07 14:51:10 ----D---- C:\Windows\system32\de-DE

2010-03-07 14:51:10 ----D---- C:\Windows\system32\cs-CZ

2010-03-07 14:51:10 ----D---- C:\Windows\system32\bg-BG

2010-03-07 14:51:09 ----D---- C:\Windows\system32\ru-RU

2010-03-07 14:51:09 ----D---- C:\Windows\system32\ro-RO

2010-03-07 14:51:09 ----D---- C:\Windows\system32\nb-NO

2010-03-07 14:51:09 ----D---- C:\Windows\system32\ja-JP

2010-03-07 14:51:09 ----D---- C:\Windows\system32\en-US

2010-03-07 14:51:09 ----D---- C:\Windows\system32\da-DK

2010-03-07 14:51:09 ----D---- C:\Windows\system32\ar-SA

2010-03-07 14:51:08 ----D---- C:\Windows\AppPatch

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2010-03-07 128016]

R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2010-03-07 280592]

R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2009-05-15 21008]

R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]

R3 e1express;Intel® PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2007-04-13 228224]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-03-01 1744928]

R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2009-05-16 19472]

R3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]

R3 netr73;USB Wireless 802.11 b/g Adaptor Driver for Vista; C:\Windows\system32\DRIVERS\netr73.sys [2008-02-26 493568]

R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-04-20 7478432]

R3 Ps2;PS2; C:\Windows\system32\DRIVERS\PS2.sys [2005-12-12 19072]

R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]

S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]

S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]

S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]

S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]

S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]

S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]

S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-08-28 40448]

S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]

S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]

S4 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iastor.sys [2007-03-21 304920]

S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]

R2 AVP;Kaspersky Internet Security; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-05-25 303376]

R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]

R2 DQLWinService;DQLWinService; C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [2006-09-03 208896]

R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]

R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-24 935208]

R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]

R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2010-02-15 545576]

S2 IntelDHSvcConf;Intel DH Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe [2006-05-10 29696]

S2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe []

S3 Adobe Version Cue CS4;Adobe Version Cue CS4; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]

S3 AlertService;Intel® Alert Service; C:\Program Files\Intel\IntelDH\CCU\AlertService.exe [2006-09-11 188416]

S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]

S3 IDriverT;InstallDriver Table Manager; c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]

S3 ISSM;Intel® Software Services Manager; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe [2006-09-11 75264]

S3 M1 Server;Intel® Viiv Media Server; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe [2006-08-31 26624]

S3 MCLServiceATL;Intel® Application Tracker; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe [2006-09-11 167936]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 Remote UI Service;Intel® Remoting Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe [2006-09-11 544256]

S3 RoxMediaDB9;RoxMediaDB9; c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-03-26 887544]

S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-03-08 74656]

S4 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-03-10 655624]

 

-----------------EOF-----------------

 

 

 

 

 

 

et voila le info.txt

 

 

 

 

 

info.txt logfile of random's system information tool 1.06 2010-04-02 16:47:06

 

======Uninstall list======

 

-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe

Acrobat.com-->msiexec /qb /x {C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}

Acrobat.com-->MsiExec.exe /I{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}

Adobe After Effects CS4 Presets-->MsiExec.exe /I{44E240EC-2224-4078-A88B-2CEE0D3016EF}

Adobe After Effects CS4 Third Party Content-->MsiExec.exe /I{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}

Adobe After Effects CS4-->MsiExec.exe /I{45EC816C-0771-4C14-AE6D-72D1B578F4C8}

Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall

Adobe AIR-->MsiExec.exe /I{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}

Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8}

Adobe Asset Services CS4-->MsiExec.exe /I{B9F4561A-924D-4510-A85A-BB0960C338CB}

Adobe Bridge CS4-->MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0}

Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}

Adobe Color - Photoshop Specific CS4-->MsiExec.exe /I{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}

Adobe Color EU Extra Settings CS4-->MsiExec.exe /I{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}

Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F}

Adobe Color NA Recommended Settings CS4-->MsiExec.exe /I{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}

Adobe Color Video Profiles AE CS4-->MsiExec.exe /I{B15381DD-FF97-4FCD-A881-ED4DB0975500}

Adobe Color Video Profiles CS CS4-->MsiExec.exe /I{63C24A08-70F3-4C8E-B9FB-9F21A903801D}

Adobe Contribute CS4-->MsiExec.exe /I{C6278B75-82EF-44E0-AD7B-AF3604CED064}

Adobe Creative Suite 4 Master Collection-->C:\Program Files\Common Files\Adobe\Installers\b2b1c7c62c4ae0a954789ed71d36a7a\Setup.exe --uninstall=1

Adobe Creative Suite 4 Master Collection-->MsiExec.exe /I{D0EE7809-8F5E-46EF-95DC-B30DCE22653F}

Adobe CS4 American English Speech Analysis Models-->MsiExec.exe /I{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}

Adobe CSI CS4-->MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF}

Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}

Adobe Device Central CS4-->MsiExec.exe /I{67F0E67A-8E93-4C2C-B29D-47C48262738A}

Adobe Dreamweaver CS4-->MsiExec.exe /I{11C2292E-65CB-4533-ABFC-24E39C4211CD}

Adobe Drive CS4-->MsiExec.exe /I{16E16F01-2E2D-4248-A42F-76261C147B6C}

Adobe Dynamiclink Support-->MsiExec.exe /I{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}

Adobe Encore CS4 Codecs-->MsiExec.exe /I{FB2A5FCC-B81B-48C2-A009-7804694D83E9}

Adobe Encore CS4-->MsiExec.exe /I{5EAD5443-7194-46CC-A055-428E6ABB1BAF}

Adobe ExtendScript Toolkit CS4-->MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}

Adobe Extension Manager CS4-->MsiExec.exe /I{054EFA56-2AC1-48F4-A883-0AB89874B972}

Adobe Fireworks CS4-->MsiExec.exe /I{29CFB851-0D00-4EDF-A8F8-35E56469B64D}

Adobe Flash CS4 Extension - Flash Lite STI fr-->MsiExec.exe /I{690DFF6B-82E9-41B0-9794-71BCEED98F09}

Adobe Flash CS4 STI-fr-->MsiExec.exe /I{F1DF9BCC-C974-4339-A628-7F6418931F2F}

Adobe Flash CS4-->MsiExec.exe /I{C17F6CF7-6C7D-4A45-B75E-C3E33A24E773}

Adobe Flash Player 10 ActiveX-->MsiExec.exe /X{3A6829EF-0791-4FDD-9382-C690DD0821B9}

Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe

Adobe Flash Player 9 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete

Adobe Fonts All-->MsiExec.exe /I{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}

Adobe Illustrator CS4-->MsiExec.exe /I{05C677A1-A161-447E-92ED-2D5B38AA0740}

Adobe InDesign CS4 Application Feature Set Files (Roman)-->MsiExec.exe /I{C950299F-BCAB-4695-B077-FC3B2748C25D}

Adobe InDesign CS4 Common Base Files-->MsiExec.exe /I{26F72DC3-DDBE-424F-B9F0-94E5D0E5A12B}

Adobe InDesign CS4 Icon Handler-->MsiExec.exe /I{2BA4F7B0-F38E-4AE8-80A2-E9C5956C6D6D}

Adobe InDesign CS4-->MsiExec.exe /I{A2160D84-F2D0-47A3-AA59-CCB3CA21D558}

Adobe Linguistics CS4-->MsiExec.exe /I{931AB7EA-3656-4BB7-864D-022B09E3DD67}

Adobe Media Encoder CS4 Additional Exporter-->MsiExec.exe /I{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}

Adobe Media Encoder CS4 Dolby-->MsiExec.exe /I{EE353798-E875-42E0-B58D-7E6696182EA8}

Adobe Media Encoder CS4 Exporter-->MsiExec.exe /I{561968FD-56A1-49FD-9ED0-F55482C7C5BC}

Adobe Media Encoder CS4 Importer-->MsiExec.exe /I{8186FF34-D389-4B7E-9A2F-C197585BCFBD}

Adobe Media Encoder CS4-->MsiExec.exe /I{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}

Adobe Media Player-->msiexec /qb /x {39F6E2B4-CFE8-C30A-66E8-489651F0F34C}

Adobe Media Player-->MsiExec.exe /I{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}

Adobe MotionPicture Color Files CS4-->MsiExec.exe /I{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}

Adobe OnLocation CS4-->MsiExec.exe /I{7406DF60-016D-476B-A2C7-55D997592047}

Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A}

Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353}

Adobe Photoshop CS4 Support-->MsiExec.exe /I{73E17122-EC84-45B4-943B-735257B5CBDC}

Adobe Photoshop CS4-->MsiExec.exe /I{E2E01E91-2314-42BC-B5E3-1715DAE84F98}

Adobe Premiere Pro CS4 Functional Content-->MsiExec.exe /I{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}

Adobe Premiere Pro CS4 Third Party Content-->MsiExec.exe /I{E1951CF4-91CE-46F0-A1BD-3A4A67069097}

Adobe Premiere Pro CS4-->MsiExec.exe /I{FD7C2DB6-892A-4CCA-8AE3-AA605DBDB138}

Adobe Reader 8 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A80000000002}

Adobe Search for Help-->MsiExec.exe /I{F0E64E2E-3A60-40D8-A55D-92F6831875DA}

Adobe Service Manager Extension-->MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}

Adobe Setup-->MsiExec.exe /I{6577657B-A10C-47A1-A50D-512C7748CB2C}

Adobe SGM CS4-->MsiExec.exe /I{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}

Adobe SING CS4-->MsiExec.exe /I{8CB16C77-9D75-4966-91E8-D785B87EC078}

Adobe Soundbooth CS4 Codecs-->MsiExec.exe /I{52232EF4-CC12-4C21-ABCF-ADB79618302D}

Adobe Soundbooth CS4-->MsiExec.exe /I{14F70205-1940-4000-88C7-BE799A6B2CAD}

Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}

Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755}

Adobe Version Cue CS4 Server-->MsiExec.exe /I{1B7C06E1-4888-47A6-992A-0990B9683486}

Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}

Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}

AdobeColorCommonSetCMYK-->MsiExec.exe /I{E5FCED12-3E77-4C0E-A305-5AEB38A52A70}

AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}

Apple Application Support-->MsiExec.exe /I{3FA365DF-2D68-45ED-8F83-8C8A33E65143}

Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}

Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}

Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}

Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}

CCleaner-->"C:\Program Files\CCleaner\uninst.exe"

Connect-->MsiExec.exe /I{B29AD377-CC12-490A-A480-1452337C618D}

EasyCleaner-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F5346614-B7C4-4E94-826A-E2363155233D}\setup.exe" -l0x9 -removeonly

EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r

FileZilla Client 3.3.2.1-->C:\Program Files\FileZilla FTP Client\uninstall.exe

HijackThis 2.0.2-->"C:\Users\Sébastien\Downloads\HijackThis.exe" /uninstall

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""

HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB5E289E-76BF-4251-9F3F-9B763F681AE0}\setup.exe" -l0x9 -removeonly

HP Customer Feedback-->MsiExec.exe /I{9DBA770F-BF73-4D39-B1DF-6035D95268FC}

HP Easy Setup - Frontend-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40F7AED3-0C7D-4582-99F6-484A515C73F2}\setup.exe" -l0x9 -removeonly

HP On-Screen Cap/Num/Scroll Lock Indicator-->C:\Windows\system32\OsdRemove.exe

HP Photosmart Essential 2.0-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat

HP Picasso Media Center Add-In-->MsiExec.exe /I{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}

HP Update-->MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134}

ImgBurn 2.3.2.0 Fr-->"C:\Program Files\ImgBurn\unins000.exe"

Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe

Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}

Intel® PRO Network Connections Drivers-->Prounstl.exe

iTunes-->MsiExec.exe /I{81063354-9060-42B2-A000-1EBE96778AA9}

Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}

Kaspersky Internet Security 2010-->MsiExec.exe /I{9D8B0949-7C47-476F-9F06-F900D3B078EA}

Kaspersky Internet Security 2010-->MsiExec.exe /I{9D8B0949-7C47-476F-9F06-F900D3B078EA}

K-Lite Mega Codec Pack 5.7.0-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"

kuler-->MsiExec.exe /I{098727E1-775A-4450-B573-3F441F1CA243}

LightScribe System Software 1.14.17.1-->MsiExec.exe /X{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}

Logiciel d'archivage WinRAR-->C:\Program Files\WinRAR\uninstall.exe

Logiciel Intel® Viiv™-->MsiExec.exe /X{6E7BF6EC-C3E7-43A7-8A03-0D204E3EC01B} /qb!

Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"

Mega Manager-->"C:\Program Files\InstallShield Installation Information\{3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}\setup.exe" -runfromtemp -l0x0409 -removeonly

Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}

Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe

Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}

Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}

Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}

Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}

Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}

Microsoft Office Professional Plus 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL

Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}

Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}

Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}

Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}

Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}

Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}

Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}

Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}

Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}

Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}

Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}

Microsoft Works-->MsiExec.exe /I{6B1CB38D-E2E4-4A30-933D-EFDEBA76AD9C}

Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}

Mise à jour Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {51EFB347-1F3D-4BAC-8B79-F056B904FE21}

Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3}

Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223}

Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe

Mozilla Firefox (3.6.2pre)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe

MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

Nero 9-->C:\Program Files\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="9M03-01A1-PCX7-K31A-8A94-98PT-KT2E-522A"

neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}

NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI

Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}

Outils de diagnostic du matériel-->C:\Program Files\PC-Doctor 5 for Windows\uninst.exe

PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}

Photoshop Camera Raw-->MsiExec.exe /I{CC75AB5C-2110-4A7F-AF52-708680D22FE8}

Pilote vidéo Pinnacle-->MsiExec.exe /X{6DE721A5-5E89-4D74-994C-652BB3C0672E}

Pinnacle Studio 14-->MsiExec.exe /I{AADD1C8F-D59F-4D55-A726-768C71A205A8}

Pixel Bender Toolkit-->MsiExec.exe /I{43509E18-076E-40FE-AF38-CA5ED400A5A9}

PMB-->MsiExec.exe /X{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}

Python 2.4.3-->MsiExec.exe /I{75E71ADD-042C-4F30-BFAC-A9EC42351313}

QuickTime-->MsiExec.exe /I{8B7917E0-AF55-4E8A-9473-017F0AA03AC8}

Realtek High Definition Audio Driver-->RtlUpd.exe -r -m

Roxio Activation Module-->MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}

Roxio Creator Audio-->MsiExec.exe /X{83FFCFC7-88C6-41c6-8752-958A45325C82}

Roxio Creator Basic v9-->MsiExec.exe /X{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}

Roxio Creator Copy-->MsiExec.exe /X{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}

Roxio Creator Data-->MsiExec.exe /X{0D397393-9B50-4c52-84D5-77E344289F87}

Roxio Creator EasyArchive-->MsiExec.exe /X{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}

Roxio Creator Tools-->MsiExec.exe /X{0394CDC8-FABD-4ed8-B104-03393876DFDF}

Roxio Express Labeler 3-->MsiExec.exe /X{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}

Roxio MyDVD Basic v9-->MsiExec.exe /X{938B1CD7-7C60-491E-AA90-1F1888168240}

Sage 100 Comptabilité-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{93A837CB-5919-4BBA-B1AE-2E42F0E00794}\setup.exe" -l0x40c

Sage 100 Gestion commerciale-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{52270BD3-1B06-42B6-B76A-3E6B95D3F218}\setup.exe" -l0x40c

Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}

Security Update for 2007 Microsoft Office System (KB978380)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {667A88D1-0369-4070-A62A-70672D68A9BF}

Security Update for Microsoft Office Excel 2007 (KB978382)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6DE3DABF-0203-426B-B330-7287D1003E86}

Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0}

Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}

Security Update for Microsoft Office Publisher 2007 (KB969693)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E}

Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}

Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}

Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}

Setuprog Toolbar-->C:\PROGRA~1\Setuprog\UNWISE.EXE /U C:\PROGRA~1\Setuprog\INSTALL.LOG

Solution de clavier multimédia amélioré-->C:\HP\KBD\Install.exe /u

Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434}

Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}

Update for 2007 Microsoft Office System (KB977724)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {CC0E469C-5006-48B9-BBDC-D11B562499B4}

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""

Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7}

Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40C635331}

Update for Outlook 2007 Junk Email Filter (kb979895)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {D45674C6-9127-4C84-8826-93FBC552DF53}

Vegas Pro 9.0-->MsiExec.exe /X{56415658-366E-4E28-A6BD-68EC63E560E0}

Virtual DJ - Atomix Productions-->C:\PROGRA~1\VIRTUA~1\UNWISE.EXE C:\PROGRA~1\VIRTUA~1\INSTALL.LOG

VLC media player 1.0.5-->C:\Program Files\VideoLAN\VLC\uninstall.exe

Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}

Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}

Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}

Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}

 

======Security center information======

 

AS: Windows Defender

 

======System event log======

 

Computer Name: PC-de-Sébastien

Event Code: 4386

Message: Windows Servicing a requis un redémarrage pour terminer la modification de la mise à jour WUClient-SelfUpdate-Aux-et-ee-LP-Toplevel du package KBWUClient-SelfUpdate-Aux(Feature Pack) à l’état Génération(Staging)

Record Number: 15421

Source Name: Microsoft-Windows-Servicing

Time Written: 20100217212701.000000-000

Event Type: Avertissement

User: PC-de-Sébastien\Sébastien

 

Computer Name: PC-de-Sébastien

Event Code: 4386

Message: Windows Servicing a requis un redémarrage pour terminer la modification de la mise à jour WUClient-SelfUpdate-Aux-hr-hr-LP-Toplevel du package KBWUClient-SelfUpdate-Aux(Feature Pack) à l’état Génération(Staging)

Record Number: 15420

Source Name: Microsoft-Windows-Servicing

Time Written: 20100217212701.000000-000

Event Type: Avertissement

User: PC-de-Sébastien\Sébastien

 

Computer Name: PC-de-Sébastien

Event Code: 4386

Message: Windows Servicing a requis un redémarrage pour terminer la modification de la mise à jour WUClient-SelfUpdate-Aux-bg-bg-LP-Toplevel du package KBWUClient-SelfUpdate-Aux(Feature Pack) à l’état Génération(Staging)

Record Number: 15419

Source Name: Microsoft-Windows-Servicing

Time Written: 20100217212701.000000-000

Event Type: Avertissement

User: PC-de-Sébastien\Sébastien

 

Computer Name: PC-de-Sébastien

Event Code: 4386

Message: Windows Servicing a requis un redémarrage pour terminer la modification de la mise à jour WUClient-SelfUpdate-Aux-tr-tr-LP-Toplevel du package KBWUClient-SelfUpdate-Aux(Feature Pack) à l’état Génération(Staging)

Record Number: 15418

Source Name: Microsoft-Windows-Servicing

Time Written: 20100217212701.000000-000

Event Type: Avertissement

User: PC-de-Sébastien\Sébastien

 

Computer Name: PC-de-Sébastien

Event Code: 4386

Message: Windows Servicing a requis un redémarrage pour terminer la modification de la mise à jour WUClient-SelfUpdate-Aux-sv-se-LP-Toplevel du package KBWUClient-SelfUpdate-Aux(Feature Pack) à l’état Génération(Staging)

Record Number: 15417

Source Name: Microsoft-Windows-Servicing

Time Written: 20100217212701.000000-000

Event Type: Avertissement

User: PC-de-Sébastien\Sébastien

 

=====Application event log=====

 

Computer Name: PC-de-Sébastien

Event Code: 8194

Message: Erreur du service de cliché instantané des volumes : erreur lors de l’interrogation de l’interface IVssWriterCallback. hr = 0x80070005. Cette erreur est souvent due à des paramètres de sécurité incorrects dans le processus du rédacteur ou du demandeur.

 

Opération :

Données du rédacteur en cours de collecte

 

Contexte :

ID de classe du rédacteur: {e8132975-6f93-4464-a53e-1050253ae220}

Nom du rédacteur: System Writer

ID d’instance du rédacteur: {ddb85079-6993-4a02-bf20-96c842b2805e}

Record Number: 489

Source Name: VSS

Time Written: 20100216210315.000000-000

Event Type: Erreur

User:

 

Computer Name: PC-de-Sébastien

Event Code: 5007

Message: Impossible d’analyser le fichier cible de la plateforme de signalement de problèmes Windows (fichier DLL contenant la liste des problèmes de l’ordinateur et nécessitant la collecte de données supplémentaires à des fins de diagnostic). Le code d’erreur était : 8014FFF9.

Record Number: 442

Source Name: WerSvc

Time Written: 20100216203728.000000-000

Event Type: Erreur

User:

 

Computer Name: PC-de-Sébastien

Event Code: 1008

Message: Le service Windows Search tente de supprimer l’ancien catalogue.

 

Record Number: 435

Source Name: Microsoft-Windows-Search

Time Written: 20100216203707.000000-000

Event Type: Avertissement

User:

 

Computer Name: LH-C6TSXSMRE3UO

Event Code: 1036

Message: Échec de InitializePrintProvider pour le fournisseur inetpp.dll. Cela peut se produire à la suite d’une instabilité du système ou d’une insuffisance des ressources système.

Record Number: 403

Source Name: Microsoft-Windows-SpoolerSpoolss

Time Written: 20100216203152.000000-000

Event Type: Avertissement

User: AUTORITE NT\SYSTEM

 

Computer Name: LH-C6TSXSMRE3UO

Event Code: 5007

Message: Impossible d’analyser le fichier cible de la plateforme de signalement de problèmes Windows (fichier DLL contenant la liste des problèmes de l’ordinateur et nécessitant la collecte de données supplémentaires à des fins de diagnostic). Le code d’erreur était : 8014FFF9.

Record Number: 397

Source Name: WerSvc

Time Written: 20100216203128.000000-000

Event Type: Erreur

User:

 

=====Security event log=====

 

Computer Name: LH-C6TSXSMRE3UO

Event Code: 4647

Message: Fermeture de session initiée par l’utilisateur :

 

Sujet :

ID de sécurité : S-1-5-21-1512463831-2528666980-3922220044-500

Nom du compte : Administrator

Domaine du compte : LH-C6TSXSMRE3UO

ID d’ouverture de session : 0x45a24

 

Cet événement est généré lorsqu’une fermeture de session est initiée, mais que le nombre de références du jeton n’étant pas zéro, la session ouverte ne peut pas être supprimée. Aucune autre activité initiée par l’utilisateur ne peut se produire. Cet événement peut être interprété comme un événement de fermeture de session.

Record Number: 338

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20070627171424.194400-000

Event Type: Succès de l'audit

User:

 

Computer Name: LH-C6TSXSMRE3UO

Event Code: 4634

Message: Fermeture de session d’un compte.

 

Sujet :

ID de sécurité : S-1-5-7

Nom du compte : ANONYMOUS LOGON

Domaine du compte : AUTORITE NT

ID du compte : 0x2a2ff

 

Type d’ouverture de session : 3

 

Cet événement est généré lorsqu’une session ouverte est supprimée. Il peut être associé à un événement d’ouverture de session en utilisant la valeur ID d’ouverture de session. Les ID d’ouverture de session ne sont uniques qu’entre les redémarrages sur un même ordinateur.

Record Number: 337

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20070627171422.572000-000

Event Type: Succès de l'audit

User:

 

Computer Name: LH-C6TSXSMRE3UO

Event Code: 4616

Message: L’heure du système a été modifiée.

 

Sujet :

ID de sécurité : S-1-5-19

Nom du compte : SERVICE LOCAL

Domaine du compte : AUTORITE NT

ID d’ouverture de session : 0x3e5

 

Informations sur le processus :

ID du processus : 0x458

Nom : C:\Windows\System32\svchost.exe

 

Heure précédente : 19:14:22 27/06/2007

Nouvelle heure : 19:14:22 27/06/2007

 

Cet événement est généré lorsque l’heure du système est modifiée. Le changement régulier de l’heure du système est une opération normale de la part du service de temps Windows qui s’exécute avec des privilèges système. Mais, d’autres modifications de l’heure du système peuvent indiquer des tentatives de falsification de l’ordinateur.

Record Number: 336

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20070627171422.353600-000

Event Type: Succès de l'audit

User:

 

Computer Name: LH-C6TSXSMRE3UO

Event Code: 1100

Message: Le service d’enregistrement des événements a été arrêté.

Record Number: 335

Source Name: Microsoft-Windows-Eventlog

Time Written: 20070627171422.447200-000

Event Type: Succès de l'audit

User:

 

Computer Name: LH-C6TSXSMRE3UO

Event Code: 1102

Message: Le journal d’audit a été effacé.

Objet :

ID de sécurité : S-1-5-21-1512463831-2528666980-3922220044-500

Nom de compte : Administrator

Nom de domaine : LH-C6TSXSMRE3UO

ID de connexion : 0x45a24

Record Number: 334

Source Name: Microsoft-Windows-Eventlog

Time Written: 20070627171349.086112-000

Event Type: Succès de l'audit

User:

 

======Environment variables======

 

"ComSpec"=%SystemRoot%\system32\cmd.exe

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\hp\bin\Python;c:\Program Files\Common Files\Roxio Shared\DLLShared\;c:\Program Files\Common Files\Roxio Shared\DLLShared\;c:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\Program Files\Smart Projects\IsoBuster;C:\Program Files\Pinnacle\Shared Files\;C:\Program Files\QuickTime\QTSystem\

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC

"PROCESSOR_ARCHITECTURE"=x86

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"USERNAME"=SYSTEM

"windir"=%SystemRoot%

"PROCESSOR_LEVEL"=6

"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 11, GenuineIntel

"PROCESSOR_REVISION"=0f0b

"NUMBER_OF_PROCESSORS"=4

"RoxioCentral"=c:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\

"PLATFORM"=HPD

"PCBRAND"=Pavilion

"OnlineServices"=Services en ligne

"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip

"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip

 

-----------------EOF-----------------

 

 

 

Merci d'avance

[Thanos]

salut

 

* J'aimerai stp que tu fasses analyser un fichier pour lequel je n'ai aucune info >

 

Rend toi à cette adresse => http://www.virustotal.com/

 

Tu as une case nommée "Parcourir": tu cliques dessus et une fenêtre s'ouvre=> copie/colle ceci dans le champs à droite de "Nom du Fichier" en bas de page >> C:\Program Files\Setuprog\tbSetu.dll

 

Clique maintenant sur "ouvrir" en bas de la fenêtre puis sur "Envoyer le fichier". Le scan de ce fichier va débuter. Tu n'as plus qu'à sélectionner puis copier /coller l'analyse dans ton prochain message.

Note: les fichiers uploadés sont mis en attente, car le virusscan est sollicité! patiente (un message t'indique le temps que ca prendra pour faire analyser)

 

Note: il arrive parfois que le fichier ait déjà été analysé. Si c'est le cas, clique sur le bouton Reanalyse file now

 

* On voit un reste de Norton sur ton pc . Ce programme est particulièrement difficile à supprimer entièrement! Ceci dit, un petit programme proposé par l'éditeur de l'antivirus (Symantec) se charge de le faire automatiquement >>

 

Télécharge Norton_Removal_Tool sur ton bureau.

 

Fais un clic droit sur l'icône de Norton Removal tool puis choisis Exécuter en tant qu'administrateur pour lancer l'utilitaire. Suis les indications à l'écran : il est possible que tu doives redémarrer plusieurs fois.

 

Attention: ce programme désinstalle aussi d'autres produits Symantec! Si tu as installé Ghost sur ce pc par exemple, ne lance pas cet utilitaire!

[sebiii]

Bonsoir,

voici le résultat du scan avec virustotal

 

Antivirus Version Dernière mise à jour Résultat

a-squared 4.5.0.50 2010.04.06 -

AhnLab-V3 5.0.0.2 2010.04.06 -

AntiVir 7.10.6.31 2010.04.06 -

Antiy-AVL 2.0.3.7 2010.04.06 -

Authentium 5.2.0.5 2010.04.06 -

Avast 4.8.1351.0 2010.04.06 -

Avast5 5.0.332.0 2010.04.06 -

AVG 9.0.0.787 2010.04.06 -

BitDefender 7.2 2010.04.06 -

CAT-QuickHeal 10.00 2010.04.06 -

ClamAV 0.96.0.3-git 2010.04.06 -

Comodo 4520 2010.04.06 -

DrWeb 5.0.2.03300 2010.04.06 -

eSafe 7.0.17.0 2010.04.06 -

eTrust-Vet 35.2.7411 2010.04.06 -

F-Prot 4.5.1.85 2010.04.06 -

F-Secure 9.0.15370.0 2010.04.06 -

Fortinet 4.0.14.0 2010.04.06 -

GData 19 2010.04.06 -

Ikarus T3.1.1.80.0 2010.04.06 -

Jiangmin 13.0.900 2010.04.06 -

Kaspersky 7.0.0.125 2010.04.06 -

McAfee-GW-Edition 6.8.5 2010.04.06 -

Microsoft 1.5605 2010.04.06 -

NOD32 5005 2010.04.06 -

Norman 6.04.11 2010.04.06 -

nProtect 2009.1.8.0 2010.04.06 -

Panda 10.0.2.2 2010.04.06 -

PCTools 7.0.3.5 2010.04.06 -

Prevx 3.0 2010.04.06 -

Rising 22.42.01.04 2010.04.06 -

Sophos 4.52.0 2010.04.06 -

Sunbelt 6143 2010.04.06 -

Symantec 20091.2.0.41 2010.04.06 -

TheHacker 6.5.2.0.256 2010.04.06 -

TrendMicro 9.120.0.1004 2010.04.06 -

VBA32 3.12.12.4 2010.04.05 -

ViRobot 2010.4.6.2263 2010.04.06 -

VirusBuster 5.0.27.0 2010.04.06 -

Information additionnelle

File size: 2353176 bytes

MD5...: 1fecf655218fdf7329bea67f519c8642

SHA1..: 4fcc97779d94929758888a954e0806ce5f71afbd

SHA256: 0a008ab53e38a5bd5a5947e380e503480cebb686ce957f6f06ecbdb4df8524d9

ssdeep: 49152:OXbKYvZowp1yeVGOPgKcvNoqTrsRa32R952mxiZRkvzVQv21YXtFCYQ:OX

e90gOoFTrsU32R3/p

PEiD..: -

PEInfo: PE Structure information

 

( base data )

entrypointaddress.: 0x117cb0

timedatestamp.....: 0x4b8256cb (Mon Feb 22 10:04:59 2010)

machinetype.......: 0x14c (I386)

 

( 5 sections )

name viradd virsiz rawdsiz ntrpy md5

.text 0x1000 0x147f01 0x148000 6.60 a302ceb764a12a16795967eca7fe1442

.rdata 0x149000 0x74d67 0x74e00 4.53 6a2109ecbbd12d716c4e810e4e864169

.data 0x1be000 0x8584 0x6400 4.96 a63d07e68b55f8fb3ee16e1e1ebe6af2

.rsrc 0x1c7000 0x5d258 0x5d400 5.97 90ef0b48ac317eff2680b78e64f5e639

.reloc 0x225000 0x1d04c 0x1d200 5.94 db0c92aa8a1253bc3059acb788243b2d

 

( 20 imports )

> COMCTL32.dll: ImageList_Create, InitCommonControlsEx, CreateToolbarEx, PropertySheetW, CreatePropertySheetPageW, ImageList_ReplaceIcon, _TrackMouseEvent, -

> WININET.dll: DeleteUrlCacheEntry, FindNextUrlCacheEntryA, FindFirstUrlCacheEntryA, InternetCanonicalizeUrlW, InternetCrackUrlW, InternetCloseHandle, InternetSetOptionA, HttpOpenRequestA, FindCloseUrlCache, InternetConnectA, InternetGetLastResponseInfoA, HttpSendRequestA, HttpQueryInfoA, InternetOpenA, InternetCrackUrlA, InternetOpenW, InternetSetOptionW, InternetOpenUrlW, InternetReadFile, InternetSetOptionExA, InternetQueryOptionA, GetUrlCacheEntryInfoW, InternetCanonicalizeUrlA, InternetGetConnectedState

> SHLWAPI.dll: SHDeleteKeyA, PathFileExistsW

> WSOCK32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -

> VERSION.dll: GetFileVersionInfoW, VerQueryValueW, GetFileVersionInfoSizeW

> MSIMG32.dll: GradientFill

> RPCRT4.dll: UuidToStringW

> urlmon.dll: ObtainUserAgentString, URLDownloadToFileW

> CRYPT32.dll: CryptProtectData, CryptUnprotectData, CryptQueryObject, CryptMsgGetParam, CertFindCertificateInStore, CertGetNameStringA, CertGetNameStringW, CertFreeCertificateContext, CertCloseStore, CryptMsgClose

> WINMM.dll: sndPlaySoundW, PlaySoundW, PlaySoundA, timeGetTime

> KERNEL32.dll: OutputDebugStringW, GetTickCount, GetModuleHandleW, GetShortPathNameW, GetLongPathNameW, LocalFree, GetCurrentThreadId, GetCurrentProcessId, CloseHandle, ReleaseMutex, InterlockedDecrement, SetEndOfFile, CreateFileA, WriteConsoleW, GetConsoleOutputCP, WriteConsoleA, SetStdHandle, GetLocaleInfoA, InterlockedExchange, InitializeCriticalSectionAndSpinCount, SetFilePointer, FlushFileBuffers, GetConsoleMode, GetConsoleCP, LCMapStringA, GetStringTypeW, GetStringTypeA, QueryPerformanceCounter, GetEnvironmentStringsW, FreeEnvironmentStringsW, GetEnvironmentStrings, FreeEnvironmentStringsA, GetStartupInfoA, GetFileType, SetHandleCount, HeapSize, LCMapStringW, IsValidCodePage, GetOEMCP, GetACP, GetCPInfo, GetStdHandle, WriteFile, ExitProcess, VirtualAlloc, VirtualFree, HeapDestroy, HeapCreate, InterlockedIncrement, TlsFree, TlsSetValue, TlsAlloc, TlsGetValue, MoveFileW, GetCommandLineA, ResumeThread, ExitThread, RaiseException, IsDebuggerPresent, SetUnhandledExceptionFilter, UnhandledExceptionFilter, HeapReAlloc, HeapAlloc, RtlUnwind, GetProcessHeap, HeapFree, MapViewOfFile, UnmapViewOfFile, OpenFileMappingW, CreateFileMappingW, ReleaseSemaphore, CreateSemaphoreW, SetEvent, GetCurrentThread, SetThreadPriority, TerminateProcess, CreateToolhelp32Snapshot, Thread32First, Thread32Next, OpenProcess, LocalAlloc, lstrcpyA, GetComputerNameW, GetSystemTimeAsFileTime, RemoveDirectoryW, GetFileTime, LeaveCriticalSection, EnterCriticalSection, DeleteCriticalSection, InitializeCriticalSection, SizeofResource, CreateFileW, GetFileSize, GlobalAlloc, GlobalLock, ReadFile, MulDiv, LoadLibraryA, GlobalUnlock, GlobalFree, GetLastError, GetProcAddress, GetModuleHandleA, GetModuleFileNameW, WaitForSingleObject, CreateEventW, lstrlenW, MoveFileExW, GetModuleFileNameA, WideCharToMultiByte, FreeLibrary, LoadLibraryW, lstrcpyW, CopyFileW, FindClose, FindNextFileW, DeleteFileW, FindFirstFileW, CreateThread, SetLastError, OpenMutexW, GetCurrentProcess, FlushInstructionCache, VirtualProtect, Sleep, ExpandEnvironmentStringsW, CreateProcessW, GetLocaleInfoW, CreateMutexW, Beep, MultiByteToWideChar, GetLocalTime, GetDateFormatW, GetTimeFormatW, FindResourceW, LoadResource, LockResource, FreeResource, GetFileAttributesW, GetVersionExA

> USER32.dll: SetCursor, GetWindowLongW, GetParent, SetDlgItemTextW, ClientToScreen, SetWindowTextA, SetWindowTextW, GetClientRect, GetDlgCtrlID, CallWindowProcA, InvalidateRect, IsWindow, GetWindowRgn, MessageBeep, LoadCursorA, SendMessageA, wsprintfW, PostMessageA, ShowWindow, SetWindowLongW, ReleaseDC, GetWindow, UpdateWindow, GetClassInfoExW, RegisterClassExW, CopyRect, InflateRect, DrawFocusRect, CharUpperW, SetRect, GetLastInputInfo, IsIconic, LoadImageW, SystemParametersInfoW, MoveWindow, DrawTextW, GetDC, GetWindowRect, RegisterWindowMessageW, GetActiveWindow, IsDialogMessageA, IsDialogMessageW, MessageBoxA, DialogBoxParamW, DialogBoxParamA, CreateDialogParamA, CreateDialogParamW, SetRectEmpty, GetKeyState, SetDlgItemInt, GetDlgItemTextA, FrameRect, DrawFrameControl, AllowSetForegroundWindow, CharLowerBuffA, DrawEdge, MsgWaitForMultipleObjects, PostThreadMessageA, SetParent, GetDlgItemTextW, GetScrollInfo, GetMenuItemRect, InsertMenuItemA, InsertMenuItemW, IsMenu, GetMenuInfo, SetMenuInfo, GetMenuItemID, GetMenuState, SetMenuItemInfoW, CheckMenuItem, EnableMenuItem, DeleteMenu, TrackPopupMenu, PostMessageW, GetMonitorInfoW, GetMenuItemCount, GetMenuItemInfoW, CreatePopupMenu, DestroyMenu, SetClassLongA, SetLayeredWindowAttributes, SetForegroundWindow, EnableWindow, IsDlgButtonChecked, CheckDlgButton, SetActiveWindow, TranslateMessage, GetMessageA, ReleaseCapture, GetCapture, DispatchMessageW, DispatchMessageA, SetCapture, GetUpdateRect, BeginPaint, EndPaint, SetWindowRgn, GetDlgItem, OffsetRect, DrawIconEx, GetIconInfo, DestroyIcon, GetSystemMetrics, FillRect, GetSysColor, PeekMessageA, MessageBoxW, DefWindowProcW, GetAsyncKeyState, SendMessageW, GetWindowTextLengthW, EndDialog, GetWindowTextW, FindWindowW, GetMenuItemInfoA, SetWindowsHookExA, UnhookWindowsHookEx, CallNextHookEx, CreateWindowExW, UnregisterClassA, GetClassNameW, DefWindowProcA, GetWindowLongA, SetWindowLongA, GetFocus, IsChild, KillTimer, IsWindowUnicode, CallWindowProcW, FindWindowExW, GetWindowThreadProcessId, SetWindowPos, MonitorFromRect, GetMonitorInfoA, GetClassInfoW, RegisterClassW, DestroyWindow, SetTimer, GetDesktopWindow, SetFocus, GetCursorPos, ScreenToClient, PtInRect, IsWindowVisible

> GDI32.dll: GetDeviceCaps, RealizePalette, SelectPalette, PlgBlt, SetLayout, PtInRegion, GetTextColor, GetBkColor, GetBkMode, ExcludeClipRect, SetRectRgn, OffsetRgn, FrameRgn, SetTextAlign, TextOutW, RoundRect, CombineRgn, GetPixel, CreateCompatibleBitmap, BitBlt, CreateRectRgn, Polygon, GdiFlush, SetPixel, GetObjectA, GetTextAlign, GetTextExtentPoint32W, GetLayout, Rectangle, SetBkColor, CreateCompatibleDC, DeleteDC, CreateSolidBrush, CreateFontIndirectW, CreatePen, SelectObject, MoveToEx, LineTo, DeleteObject, GetWindowOrgEx, SetWindowOrgEx, SetBkMode, SetTextColor, GetStockObject

> COMDLG32.dll: GetOpenFileNameW

> ADVAPI32.dll: OpenProcessToken, RegCreateKeyExA, RegSetValueExA, RegCreateKeyExW, RegSetValueExW, RegDeleteKeyW, CryptCreateHash, CryptHashData, CryptGetHashParam, CryptDestroyHash, CryptAcquireContextA, CryptReleaseContext, RegEnumValueW, RegEnumKeyExW, RegDeleteValueW, RegOpenKeyW, RegEnumKeyW, RegCreateKeyW, RegQueryInfoKeyW, RegOpenKeyExW, RegQueryValueExW, RegOpenKeyExA, GetTokenInformation, GetSidSubAuthorityCount, GetSidSubAuthority, InitializeSecurityDescriptor, SetSecurityDescriptorDacl, ConvertStringSecurityDescriptorToSecurityDescriptorA, GetSecurityDescriptorSacl, SetSecurityDescriptorSacl, RegCloseKey, RegDeleteKeyA

> SHELL32.dll: SHCreateDirectoryExW, ShellExecuteW, ShellExecuteExW, SHGetFolderPathW

> ole32.dll: IIDFromString, CoCreateInstance, CoCreateGuid, StringFromGUID2, CLSIDFromString, CoUninitialize, CoInitialize, CreateStreamOnHGlobal, CoGetMalloc, StringFromIID

> OLEAUT32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -

> PSAPI.DLL: EnumProcessModules, GetModuleFileNameExW, EnumProcesses, GetModuleBaseNameW, GetProcessMemoryInfo

> DNSAPI.dll: DnsQuery_A

 

( 14 exports )

DllCanUnloadNow, DllConnectToIE, DllConnectionProc, DllGetClassObject, DllGetInstallFileNameExt, DllOnUninstall, DllOnUpdateFinish, DllOpenUninstallPage, DllRegisterServer, DllShowTB, DllShowToolbar, DllShowToolbarWithIE, DllUnregisterServer, DllUpdate

RDS...: NSRL Reference Data Set

-

pdfid.: -

sigcheck:

publisher....: Conduit Ltd.

copyright....: Copyright © Conduit Ltd. 2008

product......: Conduit Toolbar

description..: Conduit Toolbar

original name: n/a

internal name: Conduit Toolbar

file version.: 5, 3, 5, 4

comments.....: Conduit Toolbar ver 1.0

signers......: -

signing date.: -

verified.....: Unsigned

trid..: Windows OCX File (71.0%)

Win32 Executable MS Visual C++ (generic) (21.6%)

Win32 Executable Generic (4.9%)

Generic Win/DOS Executable (1.1%)

DOS Executable Generic (1.1%)

 

 

Pour Norton comment savoir si j'ai installé Ghost?

A quoi cela sert?

 

Merci d'avance.

[Thanos]

salut

 

Le scan du fiichier ne montre rien de mauvais. Ceci dit, si tu n'as pas besoin de la toolbar Setuprog (le fichier scanné lui appartient), désinstalle la.

Pour Norton comment savoir si j'ai installé Ghost?

à la lecture de ton rapport info.txt, le programme Ghost n'est pas installé: tu peux donc utiliser Norton_Removal_Tool pour nettoyer les restes de l'antivirus.

A quoi cela sert?

à quoi sert Ghost ? à créer une image de ton système pour pouvoir la restaurer en cas de souci (je te posterai un lien vers un programme gratos qui fait la même chose si ca t'intéresse )

 

Mis à part un certain nombre d'applications qui se lancent inutilement au démarrage de Windows, je ne voit rien de mauvais... As tu défragmenté ton disque dur ?

 

On peux fixer quelques lignes sur ce rapport hijackthis, la conséquence c'est que certaines applications ne se lanceront plus au démarrage de Windows: ce sont évidemment des applications inutiles au bon fonctionnement du pc et que tu pourras lancer manuellement si tu en a besoin (ca liberera des ressources!) Dis moi ce que tu en penses

[sebiii]

Oui Je voudrais bien.

Comment puis-je avoir la liste des applications qui ce lance au démarrage? pour faire le tri...

 

Je vais aussi désinstaller proprement norton

 

Pour le défragmentation oui je l'ai fait il y a environ 2 mois.

 

Merci encore de ton aide !!!

[Thanos]

Comment puis-je avoir la liste des applications qui ce lance au démarrage? pour faire le tri...

Il y a au mois deux manières de l'obtenir:

 

- la plus simple est d'utiliser l'Utilitaire de configuration système (msconfig): cela te permet entre autres de visualiser et de choisir les éléments de démarrage. Des détails sur son utilisation ici => http://www.zebulon.fr/dossiers/41-msconfig.html

- utiliser un programme tel qu'hijackthis qui dresse une liste de ces éléments (entre autres). Ces éléments correspondent aux lignes O4 du rapport. Des détails de l'utilisation d'hiajckthis ici => http://www.bleepingcomputer.com/tutorials/tutorial123.html

 

Par contre il faut savoir quelles application laisser et quelles applications retirer du démarrage (certaines sont nécéssaires dont le parefu, l'antivirus etc..)

Oui Je voudrais bien.

 

Démarre Hijackthis, clique sur "Do a system scan only", et coche les lignes suivantes :

R3 - URLSearchHook: Setuprog Toolbar - {f4ef4468-9bbb-45a1-a2ce-f0c430a9a7e5} - C:\Program Files\Setuprog\tbSetu.dll

 

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Setuprog Toolbar - {f4ef4468-9bbb-45a1-a2ce-f0c430a9a7e5} - C:\Program Files\Setuprog\tbSetu.dll

 

O3 - Toolbar: Setuprog Toolbar - {f4ef4468-9bbb-45a1-a2ce-f0c430a9a7e5} - C:\Program Files\Setuprog\tbSetu.dll

 

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe

O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE

O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"

O4 - HKLM\..\Run: [CCUTRAYICON] FactoryMode

O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"

O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE

O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe

O4 - HKLM\..\Run: [uSBToolTip] C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe

O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')

-Ferme tous les programmes et clique sur "Fix Checked"

 

Chose importante: je ne connait pas tes préférences aussi il est possible que certains des éléments cochés correspondent à des applications que tu utilises au démarrage. Si c'est le cas, saches que tu peux revenir en arrière grace aux sauvegardes d'hijackthis.

 

Redémarre le pc après ca et constate s'il y a du changement.