Scan d'un fichier System32 impossible

halfalaize · le 31 juillet 2010

Bonjour à tous, je suis un petit nouveau par ici donc j'espère que je ne ferai pas d'erreur dans l'énoncé de mon problème. J'ai, vraisemblablement mon pc (sous Vista) infecté. Les fichier .exe ne peuvent pas se lancer correctement (ou ne se lance pas), des erreurs apparaissent, mon antivirus (Antivir) est totalement impuissant (sa mise à jour ne se fait plus....je pense que c'est lié à mon problème mais j'en ai pas la preuve). Je réalise de multiple scan en ligne avec Panda activeScan 2.0, il détecté des trucs bénins , je fais des scans aussi avec Emisoft Web Malware aussi (il ne trouve rien). Puis, je fais un scan avec Avast Free! ou il ne trouve rien de nouveau mais, et c'est là où je veux en venir, il me laisse son rapport d'analyse ou il indique qu'il n'a pas pu analyser un fichier

C:\Windows\system32\drivers\GIITYSS.sys - échec de l'analyse

--> HKLM\System\ControlSet002\Enum\Root\LEGACY_GIITYSS

J'ai tenté avec des produits d'analyse spécifique (Virus Chief, VirusTotal) de contrôler ce fichier douteux...Impossible. A chaque fois, j'ai le message suivant : "un périphérique attaché au système ne fonctionne pas".

A noter que je fais tout ce que je viens de décrire en mode sans échec car en démarrage standard, c'est instable et ça plante (écran bleu d'erreur et rédémarrage).

Voilà, j'espère qu'il est possible de m'aider, j'ai essayé beaucoup de chose avant de poster ceci. Merci d'avance.

Thanos · le 31 juillet 2010

Salut et bienvenue sur le forum

Quelques liens pour t'aider à commencer :

On va voir ensemble ce qui se passe sur ton PC ; comme tous les intervenants ici, nous aidons bénévolement en fonction de nos activités personnelles. On va essayer d'aller au plus vite, mais il faudra peut-être parfois être patient pour attendre une réponse, pas d'affolement

Pour répondre ou ajouter un post, un rapport, etc, utilise le bouton Ajouter une réponse

*********

Je soupçonne la présence d'un rootkit sur ton pc.

Je te conseille de faire une sauvegarde des données qui ont de l'importance pour toi avant de faire ce qui suit =>

Désactive ton antivirus avant de lancer le scan.

Fais un clic sur le bouton droit de ta souris ICI
Choisis Enregistrer la cible (du lien) sous > une fenêtre s'ouvre >>
Dans le champs à droite de "Nom du Fichier" en bas de page, modifie le nom présent (ComboFix.exe) et met ceci >> halfalaize.exe
Enregistre-le fichier sur le Bureau: pour cela clique sur le bouton Enregistrer.
Assure toi que tous les programmes soient fermés avant de lancer le fix!
Fait un double clique sur halfalaize.exe.
Note: Ne ferme pas la fenêtre qui vient de s'ouvrir , tu te retrouverais avec un bureau vide !
Tape sur la touche Y (Yes) pour démarrer le scan.
Lorsque le scan est terminé, un rapport sera généré : poste en le contenu dans ton prochain message.
Si le rapport est trop long, poste le en deux fois.
Si tu ne vois pas le rapport, tu le trouveras ici > C:\ComboFix.txt

halfalaize · le 1 août 2010

J'ai fais la marche à suivre mais ComboFix, alors qu'il est à peine lancé, me dit "Cd-emulation drivers are running on this machine. ComboFix needs to temporarily disable them". Je clic sur "OK". Le pc se redémarre (au passage il est impossible d'accéder à mon pc en marche normal, j'ai à chaque fois un écran bleu et ça redémarre). Je retourne en mode sans échec, je refais ComboFix. Même résultat. Que faire?

PS : A chaque fois, j'ai fermé les programmes en cours d'exécution comme demandé, rien dans les lecteurs.

pear · le 1 août 2010

Bonjour,

Rétablir les extensions:

Télécharger System Repair Engineer - SREng (par Smallfrogs) sur le Bureau :

clic droit sur le fichier .zip -> "Extraire tout..."

double-cliquer sur SREngPS.exe ou SREngLdr.exe afin de lancer l'outil

S'il ne se lance pas, remplacez l'extension.exe par.com ou .scr

Cliquer sur Smart Scan

Cliquer sur le boutonScan.

L'analyse durera quelques instants, surtout si le fichier Hosts est important.

Patientez

Cliquer sur le bouton Save Reports pour Sauvegarder le rapport sur le Bureau

Copier/coller le contenu du fichier SREnglLOG.log dans la prochaine réponse.

Téléchargez cet outil de diagnostic.

Téléchargez Random's system information tool (RSIT) par random/random et sauvegardez-le sur le Bureau.

Sous Xp

Double-cliquez sur RSIT.exe pour le lancer.

Sous Vista

Clic droit sur l'icône et "Exécuter en tant qu'administrateur"

Sous Sept

Sur le bureau, faire un clic droit sur le fichier RSIT.exe

Dans Propriétés->onglet Compatibilité-> cocher Exécuter ce programme en mode compatibilité pour

et dans le menu choisir Vista SP2 et la case dans Niveau de privilège.

Valider par Appliquer.

* Cliquez Continue à l'écran Disclaimer.

* Si l'outil HIjackThis (version à jour) n'est pas présent ou détecté sur l'ordinateur, RSIT le télécharge et vous acceptez la licence.

* L'analyse terminée, deux fichiers texte s'ouvriront.:

Poster le contenu de log.txt (qui sera affiché)

ainsi que de info.txt (qui sera réduit dans la Barre des Tâches).

* Si ces deux rapports n'apparaissent pas, vous les trouverez dans le dossier C:\rsit

Si les rapports sont trop lourds, postez les en plusieurs fois

Pour cela , vous copiez/collez tout ou partie des rapports dans un ou plusieurs messages.

Rsit, comme Hijackthis, ne connait pas les OS 64 bits, d'où les "File Missing"

Si vous êtes dans ce cas Lancez plutôt cet outil de diagnostic:

Téléchargez ZhpDiag de Coolman

Il ne nécessite aucune installation.

- Il peut être lancé depuis n'importe quelle unité de disque.

- Il peut être lancé d'une clé USB.

Cliquez sur le tournevis

Dans la fenêtre qui s'ouvre, cochez tout.

Clic sur la Loupe pour lancer le scan

Au bout d'un moment ,vous pouvez avoir à Accepter Sysinternal->I agree

Postez en le rapport qui apparait en cliquant l'appareil photo.

Télécharger gmer

- Cliquer sur le bouton "Download EXE"

- Sauvegardez sur le Bureau.

- Collez et sauvegardez ces instructions dans un fichier texte ou imprimez-les, car il faudra fermer le navigateur.

Avant toute utilisation de GMER, veuillez désactiver votre antivirus, antispyware sous peine de crash.

- Fermez les fenêtres de navigateur ouvertes.

- Lancez le fichier téléchargé par double clic(le nom comporte 8 chiffres/lettres aléatoires) ;

- Si l'outil lance un warning d'activité de rootkit et demande de faire un scan ; cliquez "NO"

- Dans la section de droite de la fenêtre de l'outil, Vérifiez que soient décochées les options suivantes :

IAT/EAT

Drives/Partition other than System drive (typically C:\)

Show All

Cliquez sur le bouton "Scan" et patientez (cela peut prendre 10 minutes ou +)

Lorsque l'analyse sera terminée, cliquer sur le bouton "Save..." (au bas à droite) ;

Nommer le fichier"Gm.txt" , par exemple et sauvegardez-le sur le Bureau

pour le poster.

Il peut arriver que GMER plante sans raison apparente.

Vous pouvez essayer ceci : décocher "Devices" dans un premier temps et repasser l'outil ;

si ça coince toujours, décocher en plus "Files" et ré-essayez un scan.

Lorsque les informations sur le scan s'affichent , les éléments détectés comme rootkit apparaissent en rouge dans chaque section.

halfalaize · le 2 août 2010

rapport SREngLOG


2010-08-01,16:50:47

System Repair Engineer 2.8.2.1321
Smallfrogs (http://www.KZTechs.com)

Windows Vista Home Basic Edition Service Pack 2 (Build 6002) - Administrative User - Completed Functions Allowed

Follow item(s) have been selected:
   All Boot Items (Including Registry, Startup Folders, Services and so on)
   Browser Add-ons
   Running Processes (Including process model information)
   File Associations
   Winsock Provider
   Autorun.Inf
   HOSTS File
   Process Privileges Scan
   Scheduled Tasks
   Windows Security Update Check
   API HOOK
   Hidden Process


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
   <Sidebar><C:\Program Files\Windows Sidebar\sidebar.exe /autoRun>  [(Verified)Microsoft Windows]
   <Acer Tour Reminder><C:\Acer\AcerTour\Reminder.exe>  [File is missing]
   <MsnMsgr><"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background>  [(Verified)Microsoft Corporation]
   <BitTorrent DNA><"C:\Users\Florian\Program Files\DNA\btdna.exe">  [(Verified)BitTorrent Inc]
   <Google Update><"C:\Users\Florian\AppData\Local\Google\Update\GoogleUpdate.exe" /c>  [(Verified)Google Inc]
   <DAEMON Tools Lite><"C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun>  [(Verified)DAEMON Tools Code Signing Services]
   <nlnbckas><C:\Users\Florian\AppData\Local\blvxxhlug\dllldgxtssd.exe>  [File is missing]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
   <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
   <Windows Defender><%ProgramFiles%\Windows Defender\MSASCui.exe -hide>  [(Verified)Microsoft Windows]
   <RtHDVCpl><RtHDVCpl.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
   <Acer Tour><>  [N/A]
   <Acer Empowering Technology Monitor><C:\Acer\Empowering Technology\SysMonitor.exe>  []
   <eDataSecurity Loader><C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe>  [(Verified)HiTRUST Inc.]
   <PCMService><"C:\Acer\Empowering Technology\eMode\PCM\PCMService.exe">  [CyberLink Corp.]
   <WarReg_PopUp><C:\Acer\WR_PopUp\WarReg_PopUp.exe>  [Acer Inc.]
   <eRecoveryService><>  [N/A]
   <Acer Tour Reminder><C:\Acer\AcerTour\Reminder.exe>  [File is missing]
   <Apanel><C:\ACERSW\config\NewSetApanel.cmd>  [File is missing]
   <SunJavaUpdateSched><"C:\Program Files\Java\jre6\bin\jusched.exe">  [(Verified)Sun Microsystems, Inc.]
   <Skytel><Skytel.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
   <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [(Verified)RealNetworks, Inc.]
   <SweetIM><C:\Program Files\SweetIM\Messenger\SweetIM.exe>  [(Verified)SweetIM Technologies Ltd]
   <Malwarebytes Anti-Malware (reboot)><"C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript>  [(Verified)Malwarebytes Corporation]
   <QuickTime Task><"C:\Program Files\QuickTime\QTTask.exe" -atboottime>  [Apple Inc.]
   <iTunesHelper><"C:\Program Files\iTunes\iTunesHelper.exe">  [(Verified)Apple Inc.]
   <DivXUpdate><"C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW>  [(Verified)DivX, Inc.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
   <GrpConv><grpconv -o>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
   <shell><explorer.exe>  [(Verified)Microsoft Windows]
   <Userinit><C:\Windows\system32\userinit.exe,>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
   <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
   <WebCheck><C:\Windows\system32\webcheck.dll>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
   <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
   <Microsoft Windows Media Player><C:\Windows\system32\unregmp2.exe /ShowWMP>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
   <Internet Explorer><C:\Windows\system32\ie4uinit.exe -UserIconConfig>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
   <Browser Customizations><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
   <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
   <Microsoft Windows Mail 7><"%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
   <Microsoft Windows Media Player><%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
   <Windows Desktop Update><regsvr32.exe /s /n /i:U shell32.dll>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
   <Internet Explorer><C:\Windows\system32\ie4uinit.exe -BaseSettings>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
   <N/A><C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install>  [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Control Panel\Desktop]
   <SCRNSAVE.EXE><C:\Windows\ACER(N~1.SCR>  []

==================================
Startup Folders
[Empowering Technology Launcher]
 <C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Empowering Technology Launcher.lnk --> C:\Acer\EMPOWE~1\EAPLAU~1.EXE [Acer Inc.]><N>
[Lancement rapide d'Adobe Reader]
 <C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Lancement rapide d'Adobe Reader.lnk --> C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [Adobe Systems Incorporated]><N>
[OpenOffice.org 3.1]
 <C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk --> C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [N/A]><N>
[OpenOffice.org 3.1]
 <C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk --> C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [N/A]><N>
[Empowering Technology Launcher]
 <C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Empowering Technology Launcher.lnk --> C:\Acer\EMPOWE~1\EAPLAU~1.EXE [Acer Inc.]><N>
[Lancement rapide d'Adobe Reader]
 <C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Lancement rapide d'Adobe Reader.lnk --> C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [Adobe Systems Incorporated]><N>

==================================
Services
[ePerformance Service / AcerMemUsageCheckService][stopped/Auto Start]
 <C:\Acer\Empowering Technology\ePerformance\MemCheck.exe><>
[Adobe LM Service / Adobe LM Service][stopped/Manual Start]
 <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[Apple Mobile Device / Apple Mobile Device][stopped/Auto Start]
 <"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"><Apple Inc.>
[Ati External Event Utility / Ati External Event Utility][stopped/Auto Start]
 <C:\Windows\system32\Ati2evxx.exe><ATI Technologies Inc.>
[avast! Antivirus / avast! Antivirus][stopped/Auto Start]
 <"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"><AVAST Software>
[avast! Mail Scanner / avast! Mail Scanner][stopped/Manual Start]
 <"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"><AVAST Software>
[avast! Web Scanner / avast! Web Scanner][stopped/Manual Start]
 <"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"><AVAST Software>
[service Bonjour / Bonjour Service][stopped/Auto Start]
 <"C:\Program Files\Bonjour\mDNSResponder.exe"><Apple Inc.>
[CyberLink Background Capture Service (CBCS) / CLCapSvc][stopped/Auto Start]
 <"C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLCapSvc.exe"><>
[CyberLink Task Scheduler (CTS) / CLSched][stopped/Auto Start]
 <"C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLSched.exe"><>
[symantec Lic NetConnect service / CLTNetCnService][stopped/Auto Start]
 <"c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon><(File is missing)>
[eDSService.exe / eDataSecurity Service][stopped/Auto Start]
 <"C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe"><HiTRSUT>
[eRecovery Service / eRecoveryService][stopped/Auto Start]
 <C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe><Acer Inc.>
[FLEXnet Licensing Service / FLEXnet Licensing Service][stopped/Manual Start]
 <"C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"><Acresso Software Inc.>
[service Google Update (gupdate) / gupdate][stopped/Auto Start]
 <"C:\Program Files\Google\Update\GoogleUpdate.exe" /svc><Google Inc.>
[service de l’iPod / iPod Service][stopped/Manual Start]
 <"C:\Program Files\iPod\bin\iPodService.exe"><Apple Inc.>
[LightScribeService Direct Disc Labeling Service / LightScribeService][stopped/Auto Start]
 <"C:\Program Files\Common Files\LightScribe\LSSrvc.exe"><Hewlett-Packard Company>
[ProtexisLicensing / ProtexisLicensing][stopped/Auto Start]
 <C:\Windows\system32\PSIService.exe><>
[Cyberlink RichVideo Service(CRVS) / RichVideo][stopped/Auto Start]
 <"C:\Program Files\Cyberlink\Shared files\RichVideo.exe"><>
[TabletServiceWacom / TabletServiceWacom][stopped/Auto Start]
 <C:\Windows\system32\Wacom_Tablet.exe><Wacom Technology, Corp.>
==================================
Drivers
[adp94xx / adp94xx][stopped/Disabled]
 <\SystemRoot\system32\drivers\adp94xx.sys><Adaptec, Inc.>
[adpahci / adpahci][stopped/Disabled]
 <\SystemRoot\system32\drivers\adpahci.sys><Adaptec, Inc.>
[adpu160m / adpu160m][stopped/Disabled]
 <\SystemRoot\system32\drivers\adpu160m.sys><Adaptec, Inc.>
[adpu320 / adpu320][stopped/Disabled]
 <\SystemRoot\system32\drivers\adpu320.sys><Adaptec, Inc.>
[aic78xx / aic78xx][stopped/Disabled]
 <\SystemRoot\system32\drivers\djsvs.sys><Adaptec, Inc.>
[aliide / aliide][stopped/Disabled]
 <\SystemRoot\system32\drivers\aliide.sys><Acer Laboratories Inc.>
[arc / arc][stopped/Disabled]
 <\SystemRoot\system32\drivers\arc.sys><Adaptec, Inc.>
[arcsas / arcsas][stopped/Disabled]
 <\SystemRoot\system32\drivers\arcsas.sys><Adaptec, Inc.>
[aswMonFlt / aswMonFlt][stopped/Auto Start]
 <\??\C:\Windows\system32\drivers\aswMonFlt.sys><ALWIL Software>
[atikmdag / atikmdag][stopped/Manual Start]
 <system32\DRIVERS\atikmdag.sys><ATI Technologies Inc.>
[ATI PCI Express (3GIO) Filter / AtiPcie][Running/Boot Start]
 <\SystemRoot\system32\DRIVERS\AtiPcie.sys><ATI Technologies Inc.>
[blbdrive / blbdrive][stopped/Disabled]
 <\SystemRoot\system32\drivers\blbdrive.sys><N/A>
[brother USB Mass-Storage Lower Filter Driver / BrFiltLo][stopped/Manual Start]
 <\SystemRoot\system32\drivers\brfiltlo.sys><Brother Industries, Ltd.>
[brother USB Mass-Storage Upper Filter Driver / BrFiltUp][stopped/Manual Start]
 <\SystemRoot\system32\drivers\brfiltup.sys><Brother Industries, Ltd.>
[brother MFC Serial Port Interface Driver (WDM) / Brserid][stopped/Disabled]
 <\SystemRoot\system32\drivers\brserid.sys><Brother Industries Ltd.>
[brother WDM Serial driver / BrSerWdm][stopped/Disabled]
 <\SystemRoot\system32\drivers\brserwdm.sys><Brother Industries Ltd.>
[brother MFC USB Fax Only Modem / BrUsbMdm][stopped/Disabled]
 <\SystemRoot\system32\drivers\brusbmdm.sys><Brother Industries Ltd.>
[brother MFC USB Serial WDM Driver / BrUsbSer][stopped/Manual Start]
 <\SystemRoot\system32\drivers\brusbser.sys><Brother Industries Ltd.>
[cmdide / cmdide][stopped/Disabled]
 <\SystemRoot\system32\drivers\cmdide.sys><CMD Technology, Inc.>
[intel(R) PRO/1000 NDIS 6 Adapter Driver / E1G60][stopped/Manual Start]
 <system32\DRIVERS\E1G60I32.sys><Intel Corporation>
[elxstor / elxstor][stopped/Disabled]
 <\SystemRoot\system32\drivers\elxstor.sys><Emulex>
[GEAR ASPI Filter Driver / GEARAspiWDM][Running/Manual Start]
 <system32\DRIVERS\GEARAspiWDM.sys><GEAR Software Inc.>
[HpCISSs / HpCISSs][stopped/Disabled]
 <\SystemRoot\system32\drivers\hpcisss.sys><Hewlett-Packard Company>
[intel RAID Controller Vista / iaStorV][stopped/Disabled]
 <\SystemRoot\system32\drivers\iastorv.sys><Intel Corporation>
[iirsp / iirsp][stopped/Disabled]
 <\SystemRoot\system32\drivers\iirsp.sys><Intel Corp./ICP vortex GmbH>
[int15 / int15][stopped/Auto Start]
 <\??\C:\Acer\Empowering Technology\eRecovery\int15.sys><N/A>
[service for Realtek HD Audio (WDM) / IntcAzAudAddService][stopped/Manual Start]
 <system32\drivers\RTKVHDA.sys><Realtek Semiconductor Corp.>
[iP in IP Tunnel Driver / IpInIp][stopped/Manual Start]
 <system32\DRIVERS\ipinip.sys><N/A>
[iTEATAPI_Service_Install / iteatapi][stopped/Disabled]
 <\SystemRoot\system32\drivers\iteatapi.sys><Integrated Technology Express, Inc.>
[iTERAID_Service_Install / iteraid][stopped/Disabled]
 <\SystemRoot\system32\drivers\iteraid.sys><Integrated Technology Express, Inc.>
[LSI_FC / LSI_FC][stopped/Disabled]
 <\SystemRoot\system32\drivers\lsi_fc.sys><LSI Logic>
[LSI_SAS / LSI_SAS][stopped/Disabled]
 <\SystemRoot\system32\drivers\lsi_sas.sys><LSI Logic>
[LSI_SCSI / LSI_SCSI][stopped/Disabled]
 <\SystemRoot\system32\drivers\lsi_scsi.sys><LSI Logic>
[megasas / megasas][stopped/Disabled]
 <\SystemRoot\system32\drivers\megasas.sys><LSI Logic Corporation>
[Mraid35x / Mraid35x][stopped/Disabled]
 <\SystemRoot\system32\drivers\mraid35x.sys><LSI Logic Corporation>
[nfrd960 / nfrd960][stopped/Disabled]
 <\SystemRoot\system32\drivers\nfrd960.sys><IBM Corporation>
[upper Class Filter Driver / NTIDrvr][Running/Manual Start]
 <system32\DRIVERS\NTIDrvr.sys><NewTech Infosystems, Inc.>
[N-trig HID Tablet Driver / ntrigdigi][stopped/Disabled]
 <\SystemRoot\system32\drivers\ntrigdigi.sys><N-trig Innovative Technologies>
[nvraid / nvraid][stopped/Disabled]
 <\SystemRoot\system32\drivers\nvraid.sys><NVIDIA Corporation>
[nvstor / nvstor][stopped/Disabled]
 <\SystemRoot\system32\drivers\nvstor.sys><NVIDIA Corporation>
[iPX Traffic Filter Driver / NwlnkFlt][stopped/Manual Start]
 <system32\DRIVERS\nwlnkflt.sys><N/A>
[iPX Traffic Forwarder Driver / NwlnkFwd][stopped/Manual Start]
 <system32\DRIVERS\nwlnkfwd.sys><N/A>
[pavboot / pavboot][stopped/Boot Start]
 <\SystemRoot\system32\drivers\pavboot.sys><Panda Security, S.L.>
[PSDFilter / PSDFilter][Running/Boot Start]
 <\SystemRoot\system32\DRIVERS\psdfilter.sys><HiTRUST>
[PSDNSERVER / PSDNServ][Running/Boot Start]
 <\SystemRoot\system32\drivers\PSDNServ.sys><HiTRUST>
[psdvdisk / psdvdisk][Running/Boot Start]
 <\SystemRoot\system32\drivers\psdvdisk.sys><HiTRUST>
[QLogic Fibre Channel Miniport Driver / ql2300][stopped/Disabled]
 <\SystemRoot\system32\drivers\ql2300.sys><QLogic Corporation>
[QLogic iSCSI Miniport Driver / ql40xx][stopped/Disabled]
 <\SystemRoot\system32\drivers\ql40xx.sys><QLogic Corporation>
[siSRaid2 / SiSRaid2][stopped/Disabled]
 <\SystemRoot\system32\drivers\sisraid2.sys><Silicon Integrated Systems Corp.>
[siSRaid4 / SiSRaid4][stopped/Disabled]
 <\SystemRoot\system32\drivers\sisraid4.sys><Silicon Integrated Systems>
[sMCWUSB-G 802.11g Wireless USB 2.0 Adapter(SMC) / SMCWGU(SMC)][Running/Manual Start]
 <system32\DRIVERS\SMCWGU.sys><SMC Corporation>
[sptd / sptd][Running/Boot Start]
 <\SystemRoot\System32\Drivers\sptd.sys><N/A>
[symc8xx / Symc8xx][stopped/Disabled]
 <\SystemRoot\system32\drivers\symc8xx.sys><LSI Logic>
[sym_hi / Sym_hi][stopped/Disabled]
 <\SystemRoot\system32\drivers\sym_hi.sys><LSI Logic>
[sym_u3 / Sym_u3][stopped/Disabled]
 <\SystemRoot\system32\drivers\sym_u3.sys><LSI Logic>
[uliahci / uliahci][stopped/Disabled]
 <\SystemRoot\system32\drivers\uliahci.sys><ULi Electronics Inc.>
[ulSata / UlSata][stopped/Disabled]
 <\SystemRoot\system32\drivers\ulsata.sys><Promise Technology, Inc.>
[ulsata2 / ulsata2][stopped/Disabled]
 <\SystemRoot\system32\drivers\ulsata2.sys><Promise Technology, Inc.>
[Apple Mobile USB Driver / USBAAPL][stopped/Manual Start]
 <System32\Drivers\usbaapl.sys><Apple, Inc.>
[viaide / viaide][stopped/Disabled]
 <\SystemRoot\system32\drivers\viaide.sys><VIA Technologies, Inc.>
[vsmraid / vsmraid][stopped/Disabled]
 <\SystemRoot\system32\drivers\vsmraid.sys><VIA Technologies Inc.,Ltd>
[Wacom Mouse Filter Driver / wacommousefilter][Running/Manual Start]
 <system32\DRIVERS\wacommousefilter.sys><Wacom Technology>
[Wacom Virtual Hid Driver / wacomvhid][Running/Manual Start]
 <system32\DRIVERS\wacomvhid.sys><Wacom Technology>
[Virtual Keyboard Driver / WacomVKHid][Running/Manual Start]
 <system32\DRIVERS\WacomVKHid.sys><Wacom Technology>
[NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller / yukonwlh][Running/Manual Start]
 <system32\DRIVERS\yk60x86.sys><Marvell>

Suite du rapport SREngLOG

Browser Add-ons
[Adobe PDF Reader Link Helper]
 {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, (Signed) Adobe Systems Incorporated>
[]
 {5C255C8A-E604-49b4-9D64-90988571CECB} <, >
[Programme d'aide de l'Assistant de connexion Windows Live]
 {9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, (Signed) Microsoft Corporation>
[Java(tm) Plug-In 2 SSV Helper]
 {DBC80044-A445-435b-BC74-9C25C1C588A9} <C:\Program Files\Java\jre6\bin\jp2ssv.dll, (Signed) Sun Microsystems, Inc.>
[sweetIM Toolbar Helper]
 {EEE6C35C-6118-11DC-9C72-001320C79847} <C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll, (Signed) SweetIM Technologies Ltd.>
[Acer eDataSecurity Management]
 {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} <C:\Windows\system32\eDStoolbar.dll, HiTRUST>
[sweetIM Toolbar for Internet Explorer]
 {EEE6C35B-6118-11DC-9C72-001320C79847} <C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll, (Signed) SweetIM Technologies Ltd.>
[QuickTime Object]
 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} <C:\Program Files\QuickTime\QTPlugin.ocx, (Signed) Apple Inc.>
[Java Plug-in 1.6.0_16]
 {8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, (Signed) >
[MessengerStatsClient Class]
 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} <C:\Windows\Downloaded Program Files\MessengerStatsPAClient.dll, (Signed) Microsoft Corporation>
[Java Plug-in 1.6.0_03]
 {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, (Signed) >
[Java Plug-in 1.6.0_05]
 {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, (Signed) >
[Java Plug-in 1.6.0_07]
 {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, (Signed) >
[Java Plug-in 1.6.0_16]
 {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, (Signed) >
[Java Plug-in 1.6.0_16]
 {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\npjpi160_16.dll, (Signed) Sun Microsystems, Inc.>
[Yahoo! Toolbar Helper]
 {02478D38-C3F9-4EFB-9B51-7695ECA05670} <, >
[QuickTime Object]
 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} <C:\Program Files\QuickTime\QTPlugin.ocx, (Signed) Apple Inc.>
[Adobe PDF Reader Link Helper]
 {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, (Signed) Adobe Systems Incorporated>
[]
 {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <, >
[PeerDraw Class]
 {10072CEC-8CC1-11D1-986E-00A0C955B42E} <%CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll, (Signed) N/A>
[]
 {1E8A6170-7264-4D0F-BEAE-D42A53123C75} <, >
[Windows Media Player]
 {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\Windows\System32\wmpdxm.dll, (Signed) Microsoft Corporation>
[html Document]
 {25336920-03F9-11CF-8FD0-00AA00686F13} <C:\Windows\system32\mshtml.dll, (Signed) Microsoft Corporation>
[]
 {2670000A-7350-4F3C-8081-5663EE0C6C49} <, >
[xml DOM Document]
 {2933BF90-7B36-11D2-B20E-00C04F983E60} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[HtmlDlgSafeHelper Class]
 {3050F819-98B5-11CF-BB82-00AA00BDCE0B} <C:\Windows\system32\mshtmled.dll, (Signed) Microsoft Corporation>
[QuickTime Object]
 {4063BE15-3B08-470D-A0D5-B37161CFFD69} <C:\Program Files\QuickTime\QTPlugin.ocx, (Signed) Apple Inc.>
[xml Document]
 {48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[]
 {5C255C8A-E604-49B4-9D64-90988571CECB} <, >
[Acer eDataSecurity Management]
 {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} <C:\Windows\system32\eDStoolbar.dll, HiTRUST>
[Windows Media Player]
 {6BF52A52-394A-11D3-B153-00C04F79FAA6} <%SystemRoot%\system32\wmp.dll, (Signed) N/A>
[]
 {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <, >
[]
 {7E853D72-626A-48EC-A868-BA8D5E23E045} <, >
[]
 {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} <, >
[Microsoft Web Browser]
 {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\Windows\system32\ieframe.dll, (Signed) Microsoft Corporation>
[xml HTTP 4.0]
 {88D969C5-F192-11D4-A65F-0040963251E5} <C:\Windows\system32\msxml4.dll, (Signed) Microsoft Corporation>
[xml DOM Document 6.0]
 {88D96A05-F192-11D4-A65F-0040963251E5} <%SystemRoot%\System32\msxml6.dll, (Signed) N/A>
[Free Threaded XML DOM Document 6.0]
 {88D96A06-F192-11D4-A65F-0040963251E5} <%SystemRoot%\System32\msxml6.dll, (Signed) N/A>
[XSL Template 6.0]
 {88D96A08-F192-11D4-A65F-0040963251E5} <%SystemRoot%\System32\msxml6.dll, (Signed) N/A>
[xml HTTP 6.0]
 {88D96A0A-F192-11D4-A65F-0040963251E5} <%SystemRoot%\System32\msxml6.dll, (Signed) N/A>
[Java Plug-in 1.6.0_16]
 {8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, (Signed) >
[]
 {90222687-F593-4738-B738-FBEE9C7B26DF} <, >
[Programme d'aide de l'Assistant de connexion Windows Live]
 {9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, (Signed) Microsoft Corporation>
[]
 {92780B25-18CC-41C8-B9BE-3C9C571A8263} <, >
[RDS.DataSpace]
 {BD96C556-65A3-11D0-983A-00C04FC29E36} <%CommonProgramFiles%\System\msadc\msadco.dll, (Signed) N/A>
[MessengerStatsClient Class]
 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} <C:\Windows\Downloaded Program Files\MessengerStatsPAClient.dll, (Signed) Microsoft Corporation>
[Adobe PDF Reader]
 {CA8A9780-280D-11CF-A24D-444553540000} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll, (Signed) Adobe Systems, Inc.>
[AUDIO__MP3 Moniker Class]
 {CD3AFA76-B84F-48F0-9393-7EDC34128127} <%SystemRoot%\system32\wmp.dll, (Signed) N/A>
[VIDEO__MPEG Moniker Class]
 {CD3AFA89-B84F-48F0-9393-7EDC34128127} <%SystemRoot%\system32\wmp.dll, (Signed) N/A>
[VIDEO__X_MS_ASF Moniker Class]
 {CD3AFA8F-B84F-48F0-9393-7EDC34128127} <%SystemRoot%\system32\wmp.dll, (Signed) N/A>
[VIDEO__X_MS_WM Moniker Class]
 {CD3AFA92-B84F-48F0-9393-7EDC34128127} <%SystemRoot%\system32\wmp.dll, (Signed) N/A>
[VIDEO__X_MS_WMV Moniker Class]
 {CD3AFA94-B84F-48F0-9393-7EDC34128127} <%SystemRoot%\system32\wmp.dll, (Signed) N/A>
[RealPlayer G2 Control]
 {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\Windows\system32\rmoc3260.dll, (Signed) RealNetworks, Inc.>
[CBPCtl Object]
 {D09C464F-07DE-4C04-ABB4-88C30329C02D} <C:\Users\Florian\AppData\Local\Yahoo!\BrowserPlus\2.5.1\Plugins\YBPAddon_2.5.1.dll, Yahoo! Inc.>
[shockwave Flash Object]
 {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\Windows\system32\Macromed\Flash\Flash9f.ocx, (Signed) Adobe Systems, Inc.>
[Java(tm) Plug-In 2 SSV Helper]
 {DBC80044-A445-435B-BC74-9C25C1C588A9} <C:\Program Files\Java\jre6\bin\jp2ssv.dll, (Signed) Sun Microsystems, Inc.>
[QuickTimeCheck Class]
 {DE4AF3B0-F4D4-11D3-B41A-0050DA2E6C21} <C:\Program Files\QuickTime\QTSystem\QuickTimeCheck.ocx, (Signed) Apple Inc.>
[]
 {E1771B7F-98BE-407F-BA67-AA16ADA5D0C5} <C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGSC1~1.DLL, (Signed) Microsoft Corporation>
[Google Update Plugin]
 {E9DA06F1-632C-462F-98B3-AF74B47DA727} <C:\Users\Florian\AppData\Local\Google\Update\1.2.183.29\npGoogleOneClick8.dll, (Signed) Google Inc.>
[xml HTTP Request]
 {ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[sweetIM Toolbar for Internet Explorer]
 {EEE6C35B-6118-11DC-9C72-001320C79847} <C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll, (Signed) SweetIM Technologies Ltd.>
[sweetIM Toolbar Helper]
 {EEE6C35C-6118-11DC-9C72-001320C79847} <C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll, (Signed) SweetIM Technologies Ltd.>
[Yahoo! Toolbar avec bloqueur de fenêtres pop-up]
 {EF99BD32-C1FB-11D2-892F-0090271D4F88} <, >
[xml DOM Document 3.0]
 {F5078F32-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[xml HTTP 3.0]
 {F5078F35-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[xml DOM Document]
 {F6D90F11-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[xml HTTP]
 {F6D90F16-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[E&xporter vers Microsoft Excel]
 <res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000, N/A>

==================================
Running Processes
[PID: 368 / SYSTEM][\SystemRoot\System32\smss.exe]  [(Verified) Microsoft Corporation, 6.0.6002.18005 (lh_sp2rtm.090410-1830)]
[PID: 440 / SYSTEM][C:\Windows\system32\csrss.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 476 / SYSTEM][C:\Windows\system32\csrss.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 484 / SYSTEM][C:\Windows\system32\wininit.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 512 / SYSTEM][C:\Windows\system32\winlogon.exe]  [(Verified) Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[PID: 556 / SYSTEM][C:\Windows\system32\services.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
   [C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Inc., 2.0.0.34]
[PID: 572 / SYSTEM][C:\Windows\system32\lsass.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 580 / SYSTEM][C:\Windows\system32\lsm.exe]  [(Verified) Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[PID: 736 / SYSTEM][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 792 / SERVICE RÉSEAU][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 828 / SYSTEM][C:\Windows\System32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 932 / SERVICE LOCAL][C:\Windows\System32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 960 / SYSTEM][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1032 / SYSTEM][C:\Windows\System32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1084 / SYSTEM][C:\Windows\SYSTEM32\WISPTIS.EXE]  [(Verified) Microsoft Corporation, 6.0.6002.18005 (lh_sp2rtm.090410-1830)]
[PID: 1096 / SERVICE RÉSEAU][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
   [C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Inc., 2.0.0.34]
[PID: 1120 / SERVICE LOCAL][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1260 / SERVICE LOCAL][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1356 / SERVICE RÉSEAU][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1672 / Florian][C:\Windows\SYSTEM32\WISPTIS.EXE]  [(Verified) Microsoft Corporation, 6.0.6002.18005 (lh_sp2rtm.090410-1830)]
[PID: 1712 / Florian][C:\Windows\Explorer.EXE]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
   [C:\Windows\system32\CryptoAPI.dll]  [HiTRUST, 2, 2, 0, 34]
   [C:\Program Files\7-Zip\7-zip.dll]  [igor Pavlov, 4.57]
   [C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll]  [Malwarebytes Corporation, 1, 3, 0, 0]
   [C:\Windows\system32\eDSshellExt.dll]  [HiTRUST, 2, 5, 3024, 20]
   [C:\Program Files\Alwil Software\Avast5\ashShell.dll]  [AVAST Software, 5, 0, 594, 0]
[PID: 292 / Florian][C:\Program Files\Windows Media Player\wmpnscfg.exe]  [Microsoft Corporation, 11.0.6000.6324 (vista_rtm.061101-2205)]
[PID: 1976 / Florian][C:\Program Files\Mozilla Firefox\firefox.exe]  [Mozilla Corporation, 1.9.0.19]
   [C:\Program Files\Mozilla Firefox\xul.dll]  [Mozilla Foundation, 1.9.0.19]
   [C:\Program Files\Mozilla Firefox\sqlite3.dll]  [sqlite.org, 3.6.10]
   [C:\Program Files\Mozilla Firefox\MOZCRT19.dll]  [Mozilla Foundation, 8.00.0000]
   [C:\Program Files\Mozilla Firefox\js3250.dll]  [Netscape Communications Corporation, 4.0]
   [C:\Program Files\Mozilla Firefox\nspr4.dll]  [Mozilla Foundation, 4.7.6]
   [C:\Program Files\Mozilla Firefox\smime3.dll]  [Mozilla Foundation, 3.12.3.1 Basic ECC]
   [C:\Program Files\Mozilla Firefox\nss3.dll]  [Mozilla Foundation, 3.12.3.1 Basic ECC]
   [C:\Program Files\Mozilla Firefox\nssutil3.dll]  [Mozilla Foundation, 3.12.3.1]
   [C:\Program Files\Mozilla Firefox\plc4.dll]  [Mozilla Foundation, 4.7.6]
   [C:\Program Files\Mozilla Firefox\plds4.dll]  [Mozilla Foundation, 4.7.6]
   [C:\Program Files\Mozilla Firefox\ssl3.dll]  [Mozilla Foundation, 3.12.3.1 Basic ECC]
   [C:\Program Files\Mozilla Firefox\xpcom.dll]  [Mozilla Foundation, 1.9.0.19]
   [C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll]  [Mozilla Foundation, 1.9.0.19]
   [C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Inc., 2.0.0.34]
   [C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll]  [Mozilla Foundation, 1.9.0.19]
   [C:\Program Files\Mozilla Firefox\softokn3.dll]  [Mozilla Foundation, 3.12.3.1 Basic ECC]
   [C:\Program Files\Mozilla Firefox\nssdbm3.dll]  [Mozilla Foundation, 3.12.3.1 Basic ECC]
   [C:\Program Files\Mozilla Firefox\freebl3.dll]  [Mozilla Foundation, 3.12.3.1 Basic ECC]
   [C:\Program Files\Mozilla Firefox\nssckbi.dll]  [Mozilla Foundation, 1.75]
   [C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\3ft3k91t.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll]  [bitDefender, 0, 9, 9, 23]
   [C:\Windows\system32\Macromed\Flash\NPSWF32.dll]  [, ]
[PID: 1904 / Florian][C:\Program Files\DivX\DivX Update\DivXUpdate.exe]  [, 1.0.1.10]
   [C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll]  [, 1.0.1.10]
   [C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Inc., 2.0.0.34]
[PID: 2016 / Florian][C:\Windows\system32\DllHost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
   [C:\Windows\system32\icm32.dll]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
   [C:\Windows\system32\RealMediaDX.ax]  [Gabest, 1, 0, 1, 1]
   [C:\Windows\system32\MatroskaDX.ax]  [Gabest, 1, 0, 2, 9]
   [C:\Program Files\DivX\DivX Plus DirectShow Filters\DivXDecH264.ax]  [DivX, Inc., 9.0.1.21]
   [C:\Program Files\DivX\DivX Codec\DivXDec.ax]  [DivX, Inc., 7.1.1.14]
   [C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll]  [, 1.0.1.10]
[PID: 2024 / Florian][C:\Users\Florian\Desktop\SREngLdr.EXE]  [smallfrogs Studio, 2.8.2.1321]
[PID: 1228 / Florian][C:\Users\Florian\Desktop\SREf8f43d17.EXE]  [smallfrogs Studio, 2.8.2.1321]
   [C:\Users\Florian\Desktop\Upload\3rdUpd.DLL]  [smallfrogs Studio, 2, 1, 0, 15]

==================================
File Associations
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["%SystemRoot%\hh.exe" %1]
.HLP  OK. [%SystemRoot%\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. ["%SystemRoot%\System32\WScript.exe" "%1" %*]
.JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
N/A

==================================
Autorun.Inf
N/A

==================================
HOSTS File
127.0.0.1       localhost
::1             localhost

==================================
Process Privileges Scan
N/A

==================================
Scheduled Tasks
N/A

==================================
Windows Security Update Check
N/A

==================================
API HOOK
N/A

==================================
Hidden Process
N/A

==================================

halfalaize · le 2 août 2010

Rapport RSIT

Logfile of random's system information tool 1.08 (written by random/random)

Run by Florian at 2010-08-01 16:53:22

Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 2

System drive C: has 6 GB (5%) free of 114 GB

Total RAM: 3071 MB (81% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-856682543-167769634-2456260671-1000Core.job

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-856682543-167769634-2456260671-1000UA.job

C:\Windows\tasks\User_Feed_Synchronization-{0FF8B9BF-EE54-4606-B4D2-6D6C903B0EAF}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-15 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]

SweetIM Toolbar Helper - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2009-10-19 1345336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Windows\system32\eDStoolbar.dll [2007-02-06 151552]

{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetIM Toolbar for Internet Explorer - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2009-10-19 1345336]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]

"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-03-23 4423680]

"Acer Tour"= []

"Acer Empowering Technology Monitor"=C:\Acer\Empowering Technology\SysMonitor.exe [2007-01-24 319488]

"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2007-02-07 464168]

"PCMService"=C:\Acer\Empowering Technology\eMode\PCM\PCMService.exe [2007-01-12 151552]

"WarReg_PopUp"=C:\Acer\WR_PopUp\WarReg_PopUp.exe [2006-11-05 57344]

"eRecoveryService"= []

"Acer Tour Reminder"=C:\Acer\AcerTour\Reminder.exe []

"Apanel"=C:\ACERSW\config\NewSetApanel.cmd []

"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-15 149280]

"Skytel"=C:\Windows\Skytel.exe [2007-03-16 1822720]

"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2008-09-09 185896]

"SweetIM"=C:\Program Files\SweetIM\Messenger\SweetIM.exe [2010-02-01 111928]

"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-01-07 1394000]

"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-03-17 421888]

"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-03-26 142120]

"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-06-03 1144104]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]

""= []

"GrpConv"=grpconv -o []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]

"Acer Tour Reminder"=C:\Acer\AcerTour\Reminder.exe []

"MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]

"BitTorrent DNA"=C:\Users\Florian\Program Files\DNA\btdna.exe [2009-10-15 323392]

"Google Update"=C:\Users\Florian\AppData\Local\Google\Update\GoogleUpdate.exe [2009-06-12 133104]

"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-04-01 486856]

"nlnbckas"=C:\Users\Florian\AppData\Local\blvxxhlug\dllldgxtssd.exe []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe

Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

OpenOffice.org 3.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe"="C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe:*:Enabled:eDSfsu"

"C:\Acer\Empowering Technology\eDataSecurity\encryption.exe"="C:\Acer\Empowering Technology\eDataSecurity\encryption.exe:*:Enabled:encryption"

"C:\Acer\Empowering Technology\eDataSecurity\decryption.exe"="C:\Acer\Empowering Technology\eDataSecurity\decryption.exe:*:Enabled:decryption"

"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2010-08-01 16:53:23 ----D---- C:\Program Files\trend micro

2010-08-01 16:53:22 ----D---- C:\rsit

2010-08-01 09:27:04 ----D---- C:\halfalaize6510h

2010-08-01 09:18:49 ----D---- C:\halfalaize

2010-07-31 17:23:04 ----A---- C:\Windows\ntbtlog.txt

2010-07-31 16:39:48 ----A---- C:\Windows\system32\drivers\aswSP.sys

2010-07-31 16:39:48 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys

2010-07-31 16:39:46 ----A---- C:\Windows\system32\drivers\aswRdr.sys

2010-07-31 16:39:45 ----A---- C:\Windows\system32\drivers\aswTdi.sys

2010-07-31 16:39:43 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys

2010-07-31 16:38:37 ----A---- C:\Windows\system32\aswBoot.exe

2010-07-31 16:38:25 ----D---- C:\ProgramData\Alwil Software

2010-07-31 16:38:25 ----D---- C:\Program Files\Alwil Software

2010-07-28 20:54:27 ----ASH---- C:\pagefile.sys

2010-07-28 18:12:43 ----D---- C:\Users\Florian\AppData\Roaming\QuickScan

2010-07-27 12:10:12 ----A---- C:\Windows\system32\drivers\giityss.sys

2010-07-06 15:24:59 ----D---- C:\Program Files\Windows Portable Devices

2010-07-06 11:07:05 ----A---- C:\Windows\system32\UIAnimation.dll

2010-07-06 11:07:03 ----A---- C:\Windows\system32\UIRibbonRes.dll

2010-07-06 11:07:03 ----A---- C:\Windows\system32\UIRibbon.dll

2010-07-06 11:06:21 ----A---- C:\Windows\system32\WMPhoto.dll

2010-07-06 11:06:20 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys

2010-07-06 11:06:20 ----A---- C:\Windows\system32\cdd.dll

2010-07-06 11:06:19 ----A---- C:\Windows\system32\XpsRasterService.dll

2010-07-06 11:06:19 ----A---- C:\Windows\system32\XpsGdiConverter.dll

2010-07-06 11:06:19 ----A---- C:\Windows\system32\WindowsCodecsExt.dll

2010-07-06 11:06:19 ----A---- C:\Windows\system32\WindowsCodecs.dll

2010-07-06 11:06:19 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe

2010-07-06 11:06:19 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll

2010-07-06 11:06:19 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll

2010-07-06 11:06:19 ----A---- C:\Windows\system32\dxdiagn.dll

2010-07-06 11:06:19 ----A---- C:\Windows\system32\dxdiag.exe

2010-07-06 11:06:19 ----A---- C:\Windows\system32\d3d10warp.dll

2010-07-06 11:06:19 ----A---- C:\Windows\system32\d2d1.dll

2010-07-06 11:06:18 ----A---- C:\Windows\system32\xpsservices.dll

2010-07-06 11:06:18 ----A---- C:\Windows\system32\XpsPrint.dll

2010-07-06 11:06:18 ----A---- C:\Windows\system32\OpcServices.dll

2010-07-06 11:06:18 ----A---- C:\Windows\system32\FntCache.dll

2010-07-06 11:06:18 ----A---- C:\Windows\system32\dxgi.dll

2010-07-06 11:06:18 ----A---- C:\Windows\system32\DWrite.dll

2010-07-06 11:06:18 ----A---- C:\Windows\system32\d3d11.dll

2010-07-06 11:06:18 ----A---- C:\Windows\system32\d3d10level9.dll

2010-07-06 11:06:18 ----A---- C:\Windows\system32\d3d10core.dll

2010-07-06 11:06:18 ----A---- C:\Windows\system32\d3d10_1core.dll

2010-07-06 11:06:18 ----A---- C:\Windows\system32\d3d10_1.dll

2010-07-06 11:06:18 ----A---- C:\Windows\system32\d3d10.dll

2010-07-06 11:05:32 ----A---- C:\Windows\system32\WPDShextAutoplay.exe

2010-07-06 11:05:32 ----A---- C:\Windows\system32\wpdbusenum.dll

2010-07-06 11:05:32 ----A---- C:\Windows\system32\BthMtpContextHandler.dll

2010-07-06 11:05:28 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll

2010-07-06 11:05:27 ----A---- C:\Windows\system32\WpdConns.dll

2010-07-06 11:05:26 ----A---- C:\Windows\system32\WPDSp.dll

2010-07-06 11:05:26 ----A---- C:\Windows\system32\WPDShServiceObj.dll

2010-07-06 11:05:26 ----A---- C:\Windows\system32\wpdshext.dll

2010-07-06 11:05:26 ----A---- C:\Windows\system32\WpdMtpUS.dll

2010-07-06 11:05:26 ----A---- C:\Windows\system32\WpdMtp.dll

2010-07-06 11:05:26 ----A---- C:\Windows\system32\wpd_ci.dll

2010-07-06 11:05:26 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll

2010-07-06 11:05:26 ----A---- C:\Windows\system32\PortableDeviceTypes.dll

2010-07-06 11:05:26 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll

2010-07-06 11:05:26 ----A---- C:\Windows\system32\PortableDeviceApi.dll

2010-07-06 11:05:26 ----A---- C:\Windows\system32\drivers\WpdUsb.sys

2010-07-06 11:04:18 ----A---- C:\Windows\system32\oleaccrc.dll

2010-07-06 11:04:18 ----A---- C:\Windows\system32\oleacc.dll

2010-07-06 11:04:17 ----A---- C:\Windows\system32\UIAutomationCore.dll

2010-07-05 02:10:06 ----D---- C:\Windows\system32\eu-ES

2010-07-05 02:10:06 ----D---- C:\Windows\system32\ca-ES

2010-07-05 02:10:04 ----D---- C:\Windows\system32\vi-VN

2010-07-04 09:52:17 ----D---- C:\Windows\system32\EventProviders

2010-07-02 19:28:24 ----A---- C:\Windows\system32\audcon.sys

2010-07-02 19:28:23 ----D---- C:\ProgramData\Syncrosoft

2010-07-02 19:26:29 ----D---- C:\ProgramData\eLicenser

2010-07-02 19:26:29 ----D---- C:\Program Files\Syncrosoft

2010-07-02 19:26:29 ----D---- C:\Program Files\eLicenser

2010-07-02 19:26:22 ----A---- C:\Windows\system32\SYNSOPOS.exe.cfg

2010-07-02 19:26:20 ----A---- C:\Windows\system32\SYNSOPOS.exe

2010-07-02 19:26:20 ----A---- C:\Windows\system32\SYNSOACC.dll

======List of files/folders modified in the last 1 months======

2010-08-01 16:53:23 ----RD---- C:\Program Files

2010-08-01 11:38:14 ----D---- C:\Program Files\Mozilla Firefox

2010-08-01 11:01:04 ----D---- C:\Windows\System32

2010-08-01 11:01:04 ----D---- C:\Windows\inf

2010-08-01 11:01:04 ----A---- C:\Windows\system32\PerfStringBackup.INI

2010-08-01 09:38:00 ----D---- C:\Windows\Temp

2010-07-31 21:55:57 ----D---- C:\Windows\system32\drivers

2010-07-31 17:23:04 ----D---- C:\Windows

2010-07-31 17:19:45 ----SHD---- C:\Windows\Installer

2010-07-31 17:19:08 ----SHD---- C:\System Volume Information

2010-07-31 17:15:46 ----D---- C:\Users\Florian\AppData\Roaming\DNA

2010-07-31 17:08:58 ----D---- C:\Program Files\Arturia

2010-07-31 17:08:57 ----HD---- C:\ProgramData

2010-07-31 17:08:57 ----D---- C:\Program Files\Common Files

2010-07-31 16:43:38 ----D---- C:\Users\Florian\AppData\Roaming\WTablet

2010-07-31 16:42:51 ----D---- C:\Windows\Minidump

2010-07-31 16:39:38 ----D---- C:\Windows\winsxs

2010-07-31 15:51:59 ----D---- C:\Windows\Debug

2010-07-31 15:51:36 ----D---- C:\Program Files\CCleaner

2010-07-31 10:02:38 ----D---- C:\Users\Florian\AppData\Roaming\D7E5F203D613FF44C4132371E33660EC

2010-07-28 20:45:29 ----D---- C:\Windows\Prefetch

2010-07-28 12:43:24 ----D---- C:\Windows\system32\catroot2

2010-07-27 12:20:08 ----D---- C:\Users\Florian\AppData\Roaming\BitTorrent

2010-07-15 08:33:17 ----D---- C:\Windows\system32\catroot

2010-07-15 08:33:10 ----D---- C:\Program Files\Windows Mail

2010-07-06 15:45:07 ----D---- C:\Windows\rescache

2010-07-06 15:44:32 ----D---- C:\Windows\Microsoft.NET

2010-07-06 15:44:12 ----RSD---- C:\Windows\assembly

2010-07-06 15:29:43 ----D---- C:\Windows\system32\Tasks

2010-07-06 15:26:59 ----D---- C:\Windows\system32\drivers\UMDF

2010-07-06 15:25:04 ----D---- C:\Windows\system32\fr-FR

2010-07-06 15:25:02 ----D---- C:\Windows\system32\drivers\fr-FR

2010-07-06 15:24:58 ----D---- C:\Windows\system32\wbem

2010-07-06 15:24:39 ----D---- C:\Windows\system32\pt-BR

2010-07-06 15:24:39 ----D---- C:\Windows\system32\it-IT

2010-07-06 15:24:39 ----D---- C:\Windows\system32\he-IL

2010-07-06 15:24:39 ----D---- C:\Windows\system32\bg-BG

2010-07-06 15:24:38 ----D---- C:\Windows\system32\zh-HK

2010-07-06 15:24:38 ----D---- C:\Windows\system32\uk-UA

2010-07-06 15:24:38 ----D---- C:\Windows\system32\sl-SI

2010-07-06 15:24:38 ----D---- C:\Windows\system32\pt-PT

2010-07-06 15:24:38 ----D---- C:\Windows\system32\pl-PL

2010-07-06 15:24:38 ----D---- C:\Windows\system32\ko-KR

2010-07-06 15:24:38 ----D---- C:\Windows\system32\hu-HU

2010-07-06 15:24:38 ----D---- C:\Windows\system32\hr-HR

2010-07-06 15:24:38 ----D---- C:\Windows\system32\el-GR

2010-07-06 15:24:37 ----D---- C:\Windows\system32\sr-Latn-CS

2010-07-06 15:24:37 ----D---- C:\Windows\system32\nl-NL

2010-07-06 15:24:37 ----D---- C:\Windows\system32\fi-FI

2010-07-06 15:24:36 ----D---- C:\Windows\system32\zh-TW

2010-07-06 15:24:36 ----D---- C:\Windows\system32\tr-TR

2010-07-06 15:24:36 ----D---- C:\Windows\system32\th-TH

2010-07-06 15:24:36 ----D---- C:\Windows\system32\sv-SE

2010-07-06 15:24:36 ----D---- C:\Windows\system32\sk-SK

2010-07-06 15:24:36 ----D---- C:\Windows\system32\lv-LV

2010-07-06 15:24:36 ----D---- C:\Windows\system32\lt-LT

2010-07-06 15:24:36 ----D---- C:\Windows\system32\et-EE

2010-07-06 15:24:36 ----D---- C:\Windows\system32\es-ES

2010-07-06 15:24:35 ----D---- C:\Windows\system32\zh-CN

2010-07-06 15:24:35 ----D---- C:\Windows\system32\ru-RU

2010-07-06 15:24:35 ----D---- C:\Windows\system32\ro-RO

2010-07-06 15:24:35 ----D---- C:\Windows\system32\nb-NO

2010-07-06 15:24:35 ----D---- C:\Windows\system32\ja-JP

2010-07-06 15:24:35 ----D---- C:\Windows\system32\de-DE

2010-07-06 15:24:35 ----D---- C:\Windows\system32\cs-CZ

2010-07-06 15:24:35 ----D---- C:\Windows\system32\ar-SA

2010-07-06 15:24:34 ----D---- C:\Windows\system32\en-US

2010-07-06 15:24:34 ----D---- C:\Windows\system32\da-DK

2010-07-05 11:38:16 ----SHD---- C:\Boot

2010-07-05 02:11:39 ----D---- C:\Program Files\Windows Calendar

2010-07-05 02:11:39 ----D---- C:\Program Files\Movie Maker

2010-07-05 02:11:37 ----D---- C:\Program Files\Windows Sidebar

2010-07-05 02:11:37 ----D---- C:\Program Files\Windows Media Player

2010-07-05 02:11:37 ----D---- C:\Program Files\Internet Explorer

2010-07-05 02:11:36 ----D---- C:\Program Files\Windows Collaboration

2010-07-05 02:11:35 ----D---- C:\Program Files\Windows Photo Gallery

2010-07-05 02:11:35 ----D---- C:\Program Files\Common Files\System

2010-07-05 02:11:29 ----D---- C:\Windows\servicing

2010-07-05 02:11:29 ----D---- C:\Program Files\Windows Defender

2010-07-05 02:11:10 ----D---- C:\Windows\IME

2010-07-05 02:11:09 ----D---- C:\Windows\system32\XPSViewer

2010-07-05 02:11:09 ----D---- C:\Windows\system32\oobe

2010-07-05 02:11:08 ----D---- C:\Windows\system32\migration

2010-07-05 02:11:08 ----D---- C:\Windows\system32\fr

2010-07-05 02:11:04 ----D---- C:\Windows\system32\AdvancedInstallers

2010-07-05 02:10:59 ----D---- C:\Windows\system32\SLUI

2010-07-05 02:10:59 ----D---- C:\Windows\system32\setup

2010-07-05 02:10:59 ----D---- C:\Windows\system32\manifeststore

2010-07-05 02:10:53 ----D---- C:\Windows\system32\migwiz

2010-07-05 02:10:12 ----RSD---- C:\Windows\Fonts

2010-07-05 02:10:12 ----D---- C:\Windows\AppPatch

2010-07-05 02:10:04 ----D---- C:\Windows\system32\Boot

2010-07-05 02:08:39 ----D---- C:\Windows\system32\RTCOM

2010-07-04 10:09:25 ----A---- C:\Windows\fonts\GlobalUserInterface.CompositeFont

2010-07-02 21:39:05 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;ATI PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2006-10-30 8192]

R0 PSDFilter;PSDFilter; C:\Windows\system32\DRIVERS\psdfilter.sys [2007-02-07 20264]

R0 PSDNServ;PSDNSERVER; C:\Windows\system32\drivers\PSDNServ.sys [2007-02-07 16680]

R0 psdvdisk;psdvdisk; C:\Windows\system32\drivers\psdvdisk.sys [2007-02-07 60712]

R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-10-15 721904]

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-06-28 23376]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]

R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2007-05-06 6144]

R3 SMCWGU(SMC);SMCWUSB-G 802.11g Wireless USB 2.0 Adapter(SMC); C:\Windows\system32\DRIVERS\SMCWGU.sys [2005-12-16 408064]

R3 wacommousefilter;Wacom Mouse Filter Driver; C:\Windows\system32\DRIVERS\wacommousefilter.sys [2007-02-16 11312]

R3 wacomvhid;Wacom Virtual Hid Driver; C:\Windows\system32\DRIVERS\wacomvhid.sys [2007-02-16 12848]

R3 WacomVKHid;Virtual Keyboard Driver; C:\Windows\system32\DRIVERS\WacomVKHid.sys [2007-02-15 11440]

R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2007-03-23 240128]

S0 pavboot;pavboot; C:\Windows\system32\drivers\pavboot.sys [2009-06-30 28552]

S1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-06-28 165456]

S1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-06-28 46672]

S2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-06-28 17744]

S2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-06-28 50256]

S2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [2006-12-07 76584]

S3 61883;Pilote d'unité 61883; C:\Windows\system32\DRIVERS\61883.sys [2008-01-19 45696]

S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-03-14 2427392]

S3 avbmpjfn;avbmpjfn; C:\Windows\system32\drivers\avbmpjfn.sys []

S3 Avc;Périphérique AVC; C:\Windows\system32\DRIVERS\avc.sys [2008-01-19 40448]

S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]

S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]

S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-03-26 1761696]

S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2008-01-19 52608]

S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]

S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]

S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]

S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]

S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-10-16 41472]

S3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]

S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]

S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 AcerMemUsageCheckService;ePerformance Service; C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [2006-12-29 28672]

S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-03-19 144672]

S2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-03-14 569344]

S2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]

S2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2010-02-12 345376]

S2 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLCapSvc.exe [2007-01-12 274520]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 CLSched;CyberLink Task Scheduler (CTS); C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLSched.exe [2007-01-12 118870]

S2 CLTNetCnService;Symantec Lic NetConnect service; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []

S2 eDataSecurity Service;eDSService.exe; C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe [2007-02-07 457512]

S2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2007-01-31 53248]

S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-21 136176]

S2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]

S2 ProtexisLicensing;ProtexisLicensing; C:\Windows\system32\PSIService.exe [2006-11-02 174656]

S2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\Cyberlink\Shared files\RichVideo.exe [2007-01-12 262247]

S2 TabletServiceWacom;TabletServiceWacom; C:\Windows\system32\Wacom_Tablet.exe [2007-09-07 1373480]

S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-06-18 72704]

S3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]

S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]

S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-05-09 655624]

S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]

S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2010-03-26 545576]

S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------

info.txt logfile of random's system information tool 1.08 2010-08-01 16:53:26

======Uninstall list======

-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FC4F90EC-B1DA-11D9-9D77-000129760D75}\setup.exe" -uninstall

7-Zip 4.57-->"C:\Program Files\7-Zip\Uninstall.exe"

Acer eDataSecurity Management-->C:\Acer\Empowering Technology\eDataSecurity\eDSnstHelper.exe -Operation UNINSTALL

Acer eMode Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\setup.exe" -uninstall

Acer Empowering Technology-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB6097D9-D722-4987-BD9E-A076E2848EE2}\setup.exe" -l0x40c -removeonly

Acer ePerformance Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D462BF9E-0C35-4705-BF9B-3DF9F3816643}\setup.exe" -l0x40c -removeonly

Acer ScreenSaver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}\setup.exe" -l0x9 -removeonly

Acer Tour-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94389919-B0AA-4882-9BE8-9F0B004ECA35}\setup.exe" -l0x40c -removeonly

Adobe After Effects CS4 Presets-->MsiExec.exe /I{44E240EC-2224-4078-A88B-2CEE0D3016EF}

Adobe After Effects CS4-->C:\Program Files\Common Files\Adobe\Installers\3dcb365ab9e01871fb8c6f27b0ea079\Setup.exe --uninstall=1

Adobe After Effects CS4-->MsiExec.exe /I{45EC816C-0771-4C14-AE6D-72D1B578F4C8}

Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8}

Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000103}

Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}

Adobe Color Video Profiles AE CS4-->MsiExec.exe /I{B15381DD-FF97-4FCD-A881-ED4DB0975500}

Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5101}

Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}

Adobe Dynamiclink Support-->MsiExec.exe /I{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}

Adobe ExtendScript Toolkit CS4-->MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}

Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe

Adobe Flash Player 9 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete

Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe

Adobe Fonts All-->MsiExec.exe /I{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}

Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-119F-4D52-B551-6739B2B22101}

Adobe MotionPicture Color Files CS4-->MsiExec.exe /I{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}

Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A}

Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353}

Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-040C-1E257A25E34D}

Adobe Reader 7.1.0 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A71000000002}

Adobe Setup-->MsiExec.exe /I{411F3ABA-2AB5-4799-AA19-6ADF0A8F7424}

Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-0C40-4930-9AFE-113BCE553101}

Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}

Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755}

Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}

AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}

Apple Application Support-->MsiExec.exe /I{553255F3-78FD-40F1-A6F8-6882140265FE}

Apple Mobile Device Support-->MsiExec.exe /I{B5C3B892-0849-476C-9F46-B12F84819D57}

Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}

Applian FLV Player-->"C:\Windows\Applian FLV Player\uninstall.exe" "/U:C:\Program Files\FLV Player\Uninstall\uninstall.xml"

ArtRage Studio Pro Demo-->MsiExec.exe /X{29C5AA95-4E2F-4563-BBFE-50A79F16C0C3}

Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}

ATI Uninstaller-->C:\Program Files\ATI\CIM\Bin\Atisetup.exe -uninstall all

Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"

avast! Free Antivirus-->C:\Program Files\Alwil Software\Avast5\aswRunDll.exe "C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll" RunSetup

Blender (remove only)-->"C:\Program Files\Blender Foundation\Blender\uninstall.exe"

Bonjour-->MsiExec.exe /X{76BC2442-0002-47FA-9617-43BAD82BEF4C}

BookSmart® 2.5.1 2.5.1-->C:\Program Files\BookSmart\uninstall.exe

CCleaner-->"C:\Program Files\CCleaner\uninst.exe"

Configuration DivX-->C:\ProgramData\DivX\Setup\DivXSetup.exe /uninstall /bundleGroupId divx.com

Corel Painter X-->C:\Program Files\Corel\Corel Painter X\MSILauncher {05D60953-9012-44DF-A1A6-9DD97AD6580A} C:\Users\Florian\AppData\Local\Temp\PainterX.log

Corel Painter X-->MsiExec.exe /I{05D60953-9012-44DF-A1A6-9DD97AD6580A}

EasyBCD 1.7.2-->C:\Program Files\NeoSmart Technologies\EasyBCD\uninstall.exe

eLicenser Control-->C:\PROGRA~1\ELICEN~1\UNWISE.EXE C:\PROGRA~1\ELICEN~1\INSTALL.LOG

eMule-->"C:\Program Files\eMule\Uninstall.exe"

Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}

Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

Google Earth-->MsiExec.exe /X{F7B0939E-58DF-11DF-B3A6-005056806466}

Guide routier France-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DC828A42-3901-4178-81AF-712A55AC5A65}\SETUP.exe" -l0x40c -removeonly

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""

Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe

Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}

iTunes-->MsiExec.exe /I{996A2FAA-7514-4628-9D12-A8FC34A0016E}

Java 6 Update 16-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF}

Java 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}

Java 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}

Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}

Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"

Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"

Micro Application - Conduite 3D-->C:\Program Files\Micro Application\Conduite 3D\Desinst.exe

Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}

Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe

Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

Microsoft .NET Framework 4 Client Profile FRA Language Pack-->MsiExec.exe /X{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}

Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client

Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}

Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}

Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{8FB1B528-E260-451E-9B55-E9152F94B80B}

Microsoft Games for Windows - LIVE-->MsiExec.exe /X{F97E3841-CA9D-4964-9D64-26066241D26F}

Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}

Microsoft Works-->MsiExec.exe /I{6B1CB38D-E2E4-4A30-933D-EFDEBA76AD9C}

Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe

Module linguistique Microsoft .NET Framework 4 Client Profile FRA-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1036 /parameterfolder ClientLP

Mozilla Firefox (3.0.19)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe

MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}

MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}

MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

Musicnotes Software Suite 1.4.6-->"C:\Program Files\Musicnotes\unins000.exe"

NFS Underground-->C:\Program Files\EA GAMES\NFS Underground\EAUninstall.exe

NTI Backup NOW! 4.7-->"C:\Program Files\InstallShield Installation Information\{67ADE9AF-5CD9-4089-8825-55DE4B366799}\setup.exe" -removeonly

NTI CD & DVD-Maker-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} /l1036 CDM7

OpenOffice.org 3.1-->MsiExec.exe /I{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}

Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}

Panda ActiveScan 2.0-->C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe

Photoshop Camera Raw-->MsiExec.exe /I{CC75AB5C-2110-4A7F-AF52-708680D22FE8}

PowerProducer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.exe" -uninstall

QuickTime-->MsiExec.exe /I{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}

RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

Realtek High Definition Audio Driver-->RtlUpd.exe -r -m

Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

STREET FIGHTER IV-->MsiExec.exe /X{59ABBDF0-E1E5-48AF-85FB-F523A08C3490}

Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434}

SweetIM for Messenger 2.9-->MsiExec.exe /X{9E4444A9-EC85-4433-8C69-A07504E4E501}

SweetIM Toolbar for Internet Explorer 3.6-->MsiExec.exe /X{31CF6C0E-51F0-41D2-B088-A6A143C4303C}

Tablette Wacom-->C:\Program Files\Tablet\Wacom\Remove.exe /u

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""

VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}

VideoLAN VLC media player 0.8.6d-->C:\Program Files\VideoLAN\VLC\uninstall.exe

VoiceOver Kit-->MsiExec.exe /I{FB26A501-6BA6-459B-89AA-9736730752FB}

Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}

Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}

Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA}

Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}

Windows Live Movie Maker-->MsiExec.exe /X{53B20C18-D8D4-4588-8737-9BBFE303C354}

Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}

======Security center information======

AS: Windows Defender

======System event log======

Computer Name: PC-de-Florian

Event Code: 10005

Message: DCOM a reçu l'erreur "1068" lors de la mise en route du service netman avec les arguments "" pour démarrer le serveur :

{BA126AD1-2166-11D1-B1D0-00805FC1270E}

Record Number: 362084

Source Name: Microsoft-Windows-DistributedCOM

Time Written: 20100606073917.000000-000

Event Type: Erreur

User:

Computer Name: PC-de-Florian

Event Code: 10005

Message: DCOM a reçu l'erreur "1084" lors de la mise en route du service EventSystem avec les arguments "" pour démarrer le serveur :

{1BE1F766-5536-11D1-B726-00C04FB926AF}

Record Number: 362083

Source Name: Microsoft-Windows-DistributedCOM

Time Written: 20100606073915.000000-000

Event Type: Erreur

User:

Computer Name: PC-de-Florian

Event Code: 10005

Message: DCOM a reçu l'erreur "1084" lors de la mise en route du service ShellHWDetection avec les arguments "" pour démarrer le serveur :

{DD522ACC-F821-461A-A407-50B198B896DC}

Record Number: 362082

Source Name: Microsoft-Windows-DistributedCOM

Time Written: 20100606073908.000000-000

Event Type: Erreur

User:

Computer Name: PC-de-Florian

Event Code: 15016

Message: Impossible d’initialiser le package de sécurité Kerberos pour l’authentification côté serveur. Le champ de données contient le numéro de l’erreur.

Record Number: 359399

Source Name: Microsoft-Windows-HttpEvent

Time Written: 20100605065727.459316-000

Event Type: Erreur

User:

Computer Name: PC-de-Florian

Event Code: 4001

Message: Le Service d’autoconfiguration WLAN s’est arrêté correctement.

Record Number: 359392

Source Name: Microsoft-Windows-WLAN-AutoConfig

Time Written: 20100604213834.670000-000

Event Type: Avertissement

User: AUTORITE NT\SYSTEM

=====Application event log=====

Computer Name: PC-de-Florian

Event Code: 4621

Message: Le système d'événements de COM+ n'a pas pu supprimer l'objet EventSystem.EventSubscription {CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}. HRESULT : 80070005.

Record Number: 7907

Source Name: Microsoft-Windows-EventSystem

Time Written: 20080305202719.000000-000

Event Type: Erreur

User:

Computer Name: PC-de-Florian

Event Code: 4621

Message: Le système d'événements de COM+ n'a pas pu supprimer l'objet EventSystem.EventSubscription {CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}. HRESULT : 80070005.

Record Number: 7744

Source Name: Microsoft-Windows-EventSystem

Time Written: 20080304215840.000000-000

Event Type: Erreur

User:

Computer Name: PC-de-Florian

Event Code: 1032

Message: Une erreur s’est produite lors de l’actualisation des variables d’environnement mises à jour pendant l’installation de ‘’. Certains utilisateurs devront fermer puis ouvrir à nouveau leur session pour voir ces modifications.

Record Number: 7679

Source Name: MsiInstaller

Time Written: 20080304164056.000000-000

Event Type: Avertissement

User: PC-de-Florian\Florian

Computer Name: PC-de-Florian

Event Code: 4621

Message: Le système d'événements de COM+ n'a pas pu supprimer l'objet EventSystem.EventSubscription {CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}. HRESULT : 80070005.

Record Number: 7540

Source Name: Microsoft-Windows-EventSystem

Time Written: 20080303143046.000000-000

Event Type: Erreur

User:

Computer Name: PC-de-Florian

Event Code: 1000

Message: Application défaillante wmplayer.exe, version 11.0.6000.6324, horodatage 0x4549b52a, module défaillant ntdll.dll, version 6.0.6000.16386, horodatage 0x4549bdc9, code d’exception 0xc0000374, décalage d’erreur 0x000af1c9, ID du processus 0xd50, heure de début de l’application 0x01c87cad744d19ea.

Record Number: 7496

Source Name: Application Error

Time Written: 20080302214710.000000-000

Event Type: Erreur

User:

=====Security event log=====

Computer Name: PC-de-Florian

Event Code: 5032

Message: Le Pare-feu Windows n’a pas pu notifier l’utilisateur qu’il a empêché une application d’accepter des connexions entrantes sur le réseau.

Code d’erreur : 2

Record Number: 60858

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20091117101539.796170-000

Event Type: Échec de l'audit

User:

Computer Name: PC-de-Florian

Event Code: 5032

Message: Le Pare-feu Windows n’a pas pu notifier l’utilisateur qu’il a empêché une application d’accepter des connexions entrantes sur le réseau.

Code d’erreur : 2

Record Number: 60857

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20091117101539.796170-000

Event Type: Échec de l'audit

User:

Computer Name: PC-de-Florian

Event Code: 5032

Message: Le Pare-feu Windows n’a pas pu notifier l’utilisateur qu’il a empêché une application d’accepter des connexions entrantes sur le réseau.

Code d’erreur : 2

Record Number: 60856

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20091117100904.307170-000

Event Type: Échec de l'audit

User:

Computer Name: PC-de-Florian

Event Code: 5032

Message: Le Pare-feu Windows n’a pas pu notifier l’utilisateur qu’il a empêché une application d’accepter des connexions entrantes sur le réseau.

Code d’erreur : 2

Record Number: 60855

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20091117100904.307170-000

Event Type: Échec de l'audit

User:

Computer Name: PC-de-Florian

Event Code: 5032

Message: Le Pare-feu Windows n’a pas pu notifier l’utilisateur qu’il a empêché une application d’accepter des connexions entrantes sur le réseau.

Code d’erreur : 2

Record Number: 60854

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20091117100904.307170-000

Event Type: Échec de l'audit

User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Common Files\GIS\Tools;C:\Program Files\Common Files\Adobe\AGL;C:\Program Files\QuickTime\QTSystem\

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC

"PROCESSOR_ARCHITECTURE"=x86

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"USERNAME"=SYSTEM

"windir"=%SystemRoot%

"PROCESSOR_LEVEL"=15

"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 79 Stepping 2, AuthenticAMD

"PROCESSOR_REVISION"=4f02

"NUMBER_OF_PROCESSORS"=1

"asl.log"=Destination=file;OnFirstLog=command,environment

"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip

"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

"SAFEBOOT_OPTION"=NETWORK

-----------------EOF-----------------

pear · le 2 août 2010

Bonjour,

revenez sur le message de Thanos qui voudra bien excuser mon intervention: je ne l'avais vu.

Connexion

Pas encore inscrit ?

Scan d'un fichier System32 impossible

Messages recommandés

halfalaize

Thanos

halfalaize

pear

halfalaize

halfalaize

pear

Rejoindre la conversation

En ligne récemment 0 membre est en ligne

Zebulon

Outils en ligne

Naviguer