Actualité informatique
Test comparatif matériel informatique
Jeux vidéo
Astuces informatique
Vidéo
Télécharger
Services en ligne
Forum informatique
01Business

|-  LOGICIELS

||-  Vista

|||-  

Explorateur windows a cessé de fonctionner

 

1 utilisateur anonyme et 92 utilisateurs inconnus
 

 
Page photos
 
     
Vider la liste des messages à citer
 
 Page :
1
Auteur
 Sujet :

Explorateur windows a cessé de fonctionner

Prévenir les modérateurs en cas d'abus 
Baptiste78​7
baptiste787
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 25/12/2008 à 12:10:25  
  1. Prévenir les modérateurs en cas d'abus
 
Bonjour !

 Je suis sous Vista et, depuis quelques temps, j'ai une erreur Microsoft Windows :

 Explorateur windows a cessé de fonctionner
 Explorateur windows redémarre

 Dans l'observateur d'événements j'ai donc constamment des erreurs, en voici quelques unes :

 



Application défaillante Explorer.exe, version 6.0.6001.18164, horodatage 0x4907e242, module défaillant ntdll.dll, version 6.0.6001.18000, horodatage 0x4791a7a6, code d’exception 0xc0000005, décalage d’erreur 0x00047dd2, ID du processus 0x658, heure de début de l’application 0x01c966803ffa3415.




 



Application défaillante Explorer.EXE, version 6.0.6001.18164, horodatage 0x4907e242, module défaillant ntdll.dll, version 6.0.6001.18000, horodatage 0x4791a7a6, code d’exception 0xc0000005, décalage d’erreur 0x00047dd2, ID du processus 0x15c, heure de début de l’application 0x01c96679af778e4d.




 



Application défaillante Explorer.exe, version 6.0.6001.18164, horodatage 0x4907e242, module défaillant ntdll.dll, version 6.0.6001.18000, horodatage 0x4791a7a6, code d’exception 0xc0000005, décalage d’erreur 0x00047dd2, ID du processus 0x1198, heure de début de l’application 0x01c965e76f43d140.




 A chaque fois c'est donc un problème avec Explorer.exe et ntdll.dll, j'ai cherché sur la toile mais sans résultat.

 Comment résoudre ce problème ? Merci d'avance pour votre aide !

 Au revoir et joyeuses fêtes.

La Mayenne-son calme -sa verdu
Profil : Equipe sécurité
  1. homepage
bernard53
Membre impliqué (de 20 000 à 29 999 messages postés) Helpeur confirmé Fan Club de Clic-Clic
  1. Posté le 25/12/2008 à 20:08:48  
  1. Prévenir les modérateurs en cas d'abus
 
:hello:


 Télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau:

 Double clique sur RSIT.exe qui se trouve sur ton bureau pour le lancer:
 http://nsm01.casimages.com/img​/2008/11/01//08110111434360772​688387.jpg

 Ensuite :

 http://nsm01.casimages.com/img​/2008/11/01//08110111445160772​688390.jpg

 [:fml:8] Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

 Le rapport va se créer.  Pour le mettre sur le forum.
 



 
 Tout sélectionner : CRTL+ A
 Tout copier :         CRTL+ C
 Tout coller :          CRTL+ V
 



 [:fml:8] Vous pouvez, une fois posté, le fermer. Ce rapport s’appelle.log.txt

 Le rapport est  sauvegardé à la racine du disque: C:\rsit\info.txt et C:\rsit\log.txt


 :salut:

(Publicité)
baptiste787
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 25/12/2008 à 21:23:27  
  1. Prévenir les modérateurs en cas d'abus
 



Logfile of random's system information tool 1.05 (written by random/random)
 Run by Baptiste at 2008-12-25 21:11:05
 Microsoft® Windows Vista™ Édition Familiale Premium  Service Pack 1
 System drive C: has 39 GB (8%) free of 466 GB
 Total RAM: 3326 MB (59% free)

 Logfile of Trend Micro HijackThis v2.0.2
 Scan saved at 21:11:07, on 25/12/2008
 Platform: Windows Vista SP1 (WinNT 6.00.1905)
 MSIE: Internet Explorer v7.00 (7.00.6001.18000)
 Boot mode: Normal

 Running processes:
 C:\Windows\system32\Dwm.exe
 C:\Windows\system32\taskeng.ex​e
 C:\Program Files\Windows Defender\MSASCui.exe
 C:\Windows\RtHDVCpl.exe
 C:\hp\support\hpsysdrv.exe
 C:\Program Files\TortoiseSVN\bin\TSVNCach​e.exe
 C:\Program Files\Hewlett-Packard\On-Scree​n OSD Indicator\OSD.exe
 C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
 C:\Windows\system32\schtasks.e​xe
 C:\Program Files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe
 C:\Program Files\Alwil Software\Avast4\ashDisp.exe
 C:\Program Files\Common Files\Real\Update_OB\realsched​.exe
 C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
 C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
 C:\Windows\System32\rundll32.e​xe
 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.​exe
 C:\Program Files\iTunes\iTunesHelper.exe
 C:\Program Files\Java\jre6\bin\jusched.ex​e
 C:\Windows\ehome\ehtray.exe
 C:\Program Files\Windows Live\Messenger\msnmsgr.exe
 C:\Program Files\Windows Sidebar\sidebar.exe
 C:\Users\Baptiste\AppData\Loca​l\Google\Update\GoogleUpdate.e​xe
 C:\Program Files\Electronic Arts\EADM\Core.exe
 C:\Users\Baptiste\AppData\Roam​ing\Microsoft\Live Search\Notification-LiveSearch​.exe
 C:\Windows\ehome\ehmsas.exe
 C:\Users\Baptiste\AppData\Roam​ing\Microsoft\Live Search\Mise-a-jour-LiveSearch.​exe
 C:\Program Files\Windows Live\Contacts\wlcomm.exe
 C:\hp\kbd\kbd.exe
 C:\Program Files\Windows Media Player\wmplayer.exe
 C:\Windows\Explorer.exe
 C:\Windows\system32\SearchFilt​erHost.exe
 C:\Users\Baptiste\Desktop\RSIT​.exe
 C:\Program Files\trend micro\Baptiste.exe

 R1 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://fr.msn.com/
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/ [...] pf=desktop
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Search_U​RL = http://go.microsoft.com/fwlink/?LinkId=54896
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/ [...] pf=desktop
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,SearchAssistan​t =
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,CustomizeSearc​h =
 R1 - HKCU\Software\Microsoft\Window​s\CurrentVersion\Internet Settings,ProxyOverride = *.local
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Toolbar,LinksFolderNa​me =
 O1 - Hosts: ::1 localhost
 O1 - Hosts: 65.54.239.80 messenger.hotmail.com
 O1 - Hosts: 65.54.239.80 dp.msnmessenger.akadns.net
 O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7​D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\Ac​roIEHelper.dll
 O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988​571CECB} - (no file)
 O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC​4DFA408} - (no file)
 O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628​F01010C} - (no file)
 O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1​D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExt​ensions.dll
 O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF​1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
 O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C​1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
 O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09​D4B49CA} - (no file)
 O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
 O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
 O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
 O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
 O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Scree​n OSD Indicator\OSD.exe"
 O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Pac​kard\HP Health Check\HPHC_Scheduler.exe
 O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe​"
 O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
 O4 - HKLM\..\Run: [D-Link D-Link Wireless G DWA-110] C:\Program Files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe
 O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\as​hDisp.exe
 O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
 O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched​.exe"  -osboot
 O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
 O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.​exe
 O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,​NvStartup
 O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.d​ll,NvTaskbarInit
 O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.​exe"
 O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\​CS4ServiceManager.exe" -launchedbylogin
 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
 O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
 O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.ex​e"
 O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
 O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
 O4 - HKCU\..\Run: [Sidebar] C:\Program Files\windows sidebar\sidebar.exe /autoRun
 O4 - HKCU\..\Run: [Google Update] "C:\Users\Baptiste\AppData\Loc​al\Google\Update\GoogleUpdate.​exe" /c
 O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
 O4 - HKCU\..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe -silent
 O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
 O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
 O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
 O4 - Startup: Outil de notification Live Search.lnk = Baptiste\AppData\Roaming\Micro​soft\Live Search\Notification-LiveSearch​.exe
 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Off​ice12\EXCEL.EXE/3000
 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663E​E0C6C49} - C:\PROGRA~1\MICROS~3\Office12\​ONBttnIE.dll
 O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663E​E0C6C49} - C:\PROGRA~1\MICROS~3\Office12\​ONBttnIE.dll
 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C5​71A8263} - C:\PROGRA~1\MICROS~3\Office12\​REFIEBAR.DLL
 O13 - Gopher Prefix:
 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46​475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/ [...] b56907.cab
 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB62​48B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemSe​rvices.dll
 O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawser​vice.exe
 O23 - Service: Apache2.2 - Apache Software Foundation - c:\xampp\apache\bin\apache.exe
 O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe
 O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
 O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
 O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
 O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
 O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
 O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.ex​e
 O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
 O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.​exe
 O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
 O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
 O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
 O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\​Intel 32\IDriverT.exe
 O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
 O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - http://libusb-win32.sourceforge.net - C:\Windows\system32\libusbd-nt​.exe
 O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
 O23 - Service: mental ray 3.6 Satellite for Autodesk 3ds Max 2008 32-bit 32-bit (mi-raysat_3dsMax2008_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2008\mentalray\satellite\raysa​t_3dsMax2008_32server.exe
 O23 - Service: mysql - Unknown owner - c:\xampp\mysql\bin\mysqld-nt.e​xe
 O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
 O23 - Service: PunkBuster (PnkBstrA) - Unknown owner - C:\Program Files\EA Games\Need for Speed Undercover\PB\PnkBstrA.exe
 O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE​.exe
 O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

 --
 End of file - 10911 bytes

 ======Scheduled tasks folder======

 C:\Windows\tasks\GoogleUpdateT​askUser.job

 ======Registry dump======

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
 Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\Ac​roIEHelper.dll [2006-10-22 62080]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
 Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExt​ensions.dll [2007-08-24 2212224]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
 Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-10 320920]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
 Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
 Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-10 34816]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Internet Explorer\Toolbar]
 {7FEBEFE3-6B19-4349-98D2-FFB09​D4B49CA}

 [HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Run]
 "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
 "RtHDVCpl"=C:\Windows\RtHDVCpl​.exe [2008-07-03 6266880]
 "hpsysdrv"=c:\hp\support\hpsys​drv.exe [2007-04-18 65536]
 "KBD"=C:\HP\KBD\KbdStub.EXE [2006-12-08 65536]
 "OsdMaestro"=C:\Program Files\Hewlett-Packard\On-Scree​n OSD Indicator\OSD.exe [2007-02-15 118784]
 "HP Health Check Scheduler"=[ProgramFilesFolder]Hewlett-Pac​kard\HP Health Check\HPHC_Scheduler.exe []
 "SunJavaUpdateReg"=C:\Windows\​system32\jureg.exe [2007-04-07 54936]
 ""= []
 "ANIWZCS2Service"=C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe [2007-01-19 49152]
 "D-Link D-Link Wireless G DWA-110"=C:\Program Files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe [2007-05-04 1662976]
 "avast!"=C:\PROGRA~1\ALWILS~1\​Avast4\ashDisp.exe [2008-11-26 81000]
 "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
 "TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched​.exe [2008-08-08 185896]
 "IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2008-06-02 178712]
 "AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.​exe [2008-10-01 111936]
 "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
 "NvCplDaemon"=C:\Windows\syste​m32\NvCpl.dll [2008-10-07 13584928]
 "NvMediaCenter"=C:\Windows\sys​tem32\NvMcTray.dll [2008-10-07 92704]
 "GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.​exe [2007-08-24 33648]
 "AdobeCS4ServiceManager"=C:\Pr​ogram Files\Common Files\Adobe\CS4ServiceManager\​CS4ServiceManager.exe [2008-08-14 611712]
 "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-11-04 413696]
 "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]
 "SunJavaUpdateSched"=C:\Progra​m Files\Java\jre6\bin\jusched.ex​e [2008-11-10 136600]

 [HKEY_CURRENT_USER\Software\Mic​rosoft\Windows\CurrentVersion\​Run]
 "ehTray.exe"=C:\Windows\ehome\​ehTray.exe [2008-01-19 125952]
 "MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2008-12-02 3882312]
 "Sidebar"=C:\Program Files\windows sidebar\sidebar.exe [2008-01-19 1233920]
 "Google Update"=C:\Users\Baptiste\AppD​ata\Local\Google\Update\Google​Update.exe [2008-09-03 133104]
 "AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2008-03-20 217544]
 "EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe [2008-07-22 2772992]

 C:\Users\Baptiste\AppData\Roam​ing\Microsoft\Windows\Start Menu\Programs\Startup
 Outil de notification Live Search.lnk - C:\Users\Baptiste\AppData\Roam​ing\Microsoft\Live Search\Notification-LiveSearch​.exe

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\ShellExecuteHooks]
 "{B5A7F190-DDA6-4420-B3BA-5245​3494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExt​ensions.dll [2007-08-24 2212224]

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\aawservice]

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\network\aawservice]

 [HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Policies\System]
 "dontdisplaylastusername"=0
 "legalnoticecaption"=
 "legalnoticetext"=
 "shutdownwithoutlogon"=1
 "undockwithoutlogon"=1
 "EnableUIADesktopToggle"=0

 [HKEY_LOCAL_MACHINE\system\curr​entcontrolset\services\shareda​ccess\parameters\firewallpolic​y\standardprofile\authorizedap​plications\list]

 [HKEY_LOCAL_MACHINE\system\curr​entcontrolset\services\shareda​ccess\parameters\firewallpolic​y\domainprofile\authorizedappl​ications\list]

 [HKEY_CURRENT_USER\software\mic​rosoft\windows\currentversion\​explorer\mountpoints2\{97c5f67​5-a1e3-11dd-8d80-001fc60f5fe1}​]
 shell\AutoRun\command - L:\start.exe
 shell\iledefrance\command - L:\start.exe


 ======File associations======

 .js - open - "C:\Program Files\Adobe\Adobe Dreamweaver CS4\Dreamweaver.exe","%1"

 ======List of files/folders created in the last 1 months======

 2008-12-25 20:42:48 ----D---- C:\rsit
 2008-12-25 20:42:48 ----D---- C:\Program Files\trend micro
 2008-12-22 14:55:19 ----D---- C:\tmp
 2008-12-22 14:30:17 ----D---- C:\Python26
 2008-12-22 14:28:41 ----D---- C:\Users\Baptiste\AppData\Roam​ing\Blender Foundation
 2008-12-22 14:28:38 ----D---- C:\Program Files\Blender Foundation
 2008-12-22 10:10:26 ----A---- C:\Windows\system32\javaws.exe
 2008-12-22 10:10:26 ----A---- C:\Windows\system32\javaw.exe
 2008-12-22 10:10:25 ----A---- C:\Windows\system32\java.exe
 2008-12-19 17:49:25 ----D---- C:\Program Files\DJ Mix Pro
 2008-12-19 11:00:40 ----A---- C:\Windows\system32\mshtml.dll
 2008-12-17 12:54:17 ----D---- C:\ProgramData\Messenger Plus!
 2008-12-17 12:37:28 ----D---- C:\Program Files\Microsoft
 2008-12-17 12:37:11 ----D---- C:\Program Files\Windows Live SkyDrive
 2008-12-16 21:58:02 ----D---- C:\Program Files\Windows Live(16)
 2008-12-16 21:51:34 ----D---- C:\Program Files\Windows Installer Clean Up
 2008-12-16 21:51:24 ----D---- C:\Program Files\MSECACHE
 2008-12-16 21:12:56 ----D---- C:\Program Files\Common Files\Windows Live
 2008-12-10 13:39:46 ----A---- C:\Windows\system32\tzres.dll
 2008-12-10 07:49:00 ----A---- C:\Windows\system32\gdi32.dll
 2008-12-10 07:48:41 ----A---- C:\Windows\system32\Apphlpdm.d​ll
 2008-12-10 07:48:40 ----A---- C:\Windows\system32\GameUXLega​cyGDFs.dll
 2008-12-10 07:48:33 ----A---- C:\Windows\system32\urlmon.dll
 2008-12-10 07:48:33 ----A---- C:\Windows\system32\ieframe.dl​l
 2008-12-10 07:48:32 ----A---- C:\Windows\system32\wininet.dl​l
 2008-12-10 07:48:32 ----A---- C:\Windows\system32\mstime.dll
 2008-12-10 07:48:31 ----A---- C:\Windows\system32\jsproxy.dl​l
 2008-12-10 07:48:31 ----A---- C:\Windows\system32\iertutil.d​ll
 2008-12-10 07:48:27 ----A---- C:\Windows\explorer.exe
 2008-12-10 07:48:23 ----A---- C:\Windows\system32\shell32.dl​l
 2008-12-10 07:48:19 ----A---- C:\Windows\system32\mf.dll
 2008-12-10 07:48:18 ----A---- C:\Windows\system32\WMVCORE.DL​L
 2008-12-10 07:48:18 ----A---- C:\Windows\system32\WMNetMgr.d​ll
 2008-12-10 07:48:18 ----A---- C:\Windows\system32\logagent.e​xe
 2008-12-08 19:20:44 ----A---- C:\Windows\system32\libusb0.dl​l
 2008-12-07 15:46:20 ----D---- C:\Program Files\Cheat Engine
 2008-12-07 15:46:20 ----A---- C:\Windows\system32\d3dx9.dll
 2008-12-07 15:46:20 ----A---- C:\Windows\system32\D3DX81ab.d​ll
 2008-12-06 00:19:57 ----D---- C:\Users\Baptiste\AppData\Roam​ing\Samsung
 2008-12-05 23:56:49 ----D---- C:\Windows\system32\Samsung_US​B_Drivers
 2008-12-05 23:56:11 ----D---- C:\Program Files\Samsung
 2008-12-04 21:54:09 ----D---- C:\Program Files\Enigma Software Group
 2008-12-04 16:52:20 ----A---- C:\Windows\system32\python26.d​ll
 2008-12-02 22:37:20 ----A---- C:\Windows\system32\sirenacm.d​ll
 2008-11-29 16:54:51 ----D---- C:\Users\Baptiste\AppData\Roam​ing\dvdcss
 2008-11-28 19:25:40 ----D---- C:\Users\Baptiste\AppData\Roam​ing\Leadertech
 2008-11-28 19:13:07 ----D---- C:\Program Files\EA Games
 2008-11-28 19:13:06 ----A---- C:\Windows\system32\XAudio2_0.​dll
 2008-11-28 19:13:06 ----A---- C:\Windows\system32\xactengine​3_0.dll
 2008-11-28 19:13:06 ----A---- C:\Windows\system32\X3DAudio1_​3.dll
 2008-11-28 19:13:05 ----A---- C:\Windows\system32\d3dx10_37.​dll
 2008-11-28 19:13:05 ----A---- C:\Windows\system32\D3DCompile​r_37.dll
 2008-11-28 19:13:04 ----A---- C:\Windows\system32\xactengine​2_10.dll
 2008-11-28 19:13:04 ----A---- C:\Windows\system32\D3DX9_37.d​ll
 2008-11-28 19:13:03 ----A---- C:\Windows\system32\d3dx10_36.​dll
 2008-11-28 19:13:03 ----A---- C:\Windows\system32\D3DCompile​r_36.dll
 2008-11-28 19:13:02 ----A---- C:\Windows\system32\d3dx9_36.d​ll
 2008-11-28 19:13:01 ----A---- C:\Windows\system32\X3DAudio1_​2.dll
 2008-11-28 13:40:04 ----D---- C:\Users\Baptiste\AppData\Roam​ing\Lunascape
 2008-11-28 13:38:23 ----D---- C:\Program Files\Lunascape
 2008-11-26 17:36:04 ----D---- C:\Program Files\iPod
 2008-11-26 17:36:02 ----D---- C:\ProgramData\{3276BE95_AF08_​429F_A64F_CA64CB79BCF6}
 2008-11-26 17:36:01 ----D---- C:\Program Files\iTunes
 2008-11-26 12:30:57 ----A---- C:\Windows\system32\PortableDe​viceApi.dll
 2008-11-26 12:30:56 ----A---- C:\Windows\system32\WindowsCod​ecsExt.dll
 2008-11-26 12:30:56 ----A---- C:\Windows\system32\PhotoMetad​ataHandler.dll
 2008-11-26 12:30:55 ----A---- C:\Windows\system32\WindowsCod​ecs.dll
 2008-11-26 12:30:55 ----A---- C:\Windows\system32\connect.dl​l

 ======List of files/folders modified in the last 1 months======

 2008-12-25 21:11:07 ----D---- C:\Windows\Temp
 2008-12-25 21:10:54 ----D---- C:\Windows\Prefetch
 2008-12-25 20:59:03 ----SHD---- C:\System Volume Information
 2008-12-25 20:42:48 ----RD---- C:\Program Files
 2008-12-25 20:39:12 ----D---- C:\Windows\system32\drivers
 2008-12-25 20:36:25 ----D---- C:\Users\Baptiste\AppData\Roam​ing\Azureus
 2008-12-25 19:07:34 ----D---- C:\Windows\System32
 2008-12-25 19:07:34 ----A---- C:\Windows\system32\PerfString​Backup.INI
 2008-12-25 19:07:33 ----D---- C:\Windows\inf
 2008-12-25 15:51:55 ----D---- C:\Windows
 2008-12-25 15:51:31 ----D---- C:\Users\Baptiste\AppData\Roam​ing\LimeWire
 2008-12-24 18:06:53 ----D---- C:\Users\Baptiste\AppData\Roam​ing\FileZilla
 2008-12-23 12:48:02 ----D---- C:\Program Files\LimeWire
 2008-12-22 14:30:59 ----SHD---- C:\Windows\Installer
 2008-12-22 10:10:24 ----D---- C:\Program Files\Java
 2008-12-20 13:00:35 ----D---- C:\ProgramData\eMule
 2008-12-19 17:53:37 ----D---- C:\Program Files\Konvertor
 2008-12-19 11:01:03 ----D---- C:\Windows\winsxs
 2008-12-19 11:00:53 ----D---- C:\Windows\system32\catroot
 2008-12-18 20:43:42 ----D---- C:\Program Files\Mozilla Firefox
 2008-12-17 21:26:52 ----SD---- C:\Windows\Downloaded Program Files
 2008-12-17 14:47:52 ----D---- C:\Windows\system32\catroot2
 2008-12-17 12:54:17 ----HD---- C:\ProgramData
 2008-12-17 12:42:14 ----D---- C:\Program Files\Messenger Plus! Live
 2008-12-17 12:37:15 ----D---- C:\Program Files\Common Files\microsoft shared
 2008-12-17 12:36:53 ----D---- C:\Program Files\Windows Live
 2008-12-17 12:33:03 ----SD---- C:\Users\Baptiste\AppData\Roam​ing\Microsoft
 2008-12-16 22:14:11 ----D---- C:\Windows\system32\wbem
 2008-12-16 22:13:26 ----D---- C:\Windows\system32\config
 2008-12-16 22:13:13 ----D---- C:\Windows\Tasks
 2008-12-16 22:13:13 ----D---- C:\Windows\system32\spool
 2008-12-16 22:13:10 ----D---- C:\Windows\registration
 2008-12-16 22:04:28 ----D---- C:\Windows\Debug
 2008-12-16 21:12:56 ----D---- C:\Program Files\Common Files
 2008-12-16 21:12:43 ----SD---- C:\ProgramData\Microsoft
 2008-12-10 18:46:57 ----D---- C:\Windows\rescache
 2008-12-10 18:27:20 ----D---- C:\Windows\system32\fr-FR
 2008-12-10 18:27:20 ----D---- C:\Windows\AppPatch
 2008-12-10 18:27:20 ----D---- C:\Program Files\Windows Mail
 2008-12-10 13:42:42 ----D---- C:\ProgramData\Microsoft Help
 2008-12-10 00:24:37 ----A---- C:\Windows\system32\mrt.exe
 2008-12-05 23:56:11 ----HD---- C:\Program Files\InstallShield Installation Information
 2008-12-04 21:54:13 ----D---- C:\Windows\system32\Tasks
 2008-11-29 10:29:57 ----D---- C:\Program Files\WinRAR
 2008-11-28 21:14:48 ----A---- C:\Windows\system32\PnkBstrB.e​xe
 2008-11-28 19:12:55 ----RSD---- C:\Windows\assembly
 2008-11-26 18:21:30 ----A---- C:\Windows\system32\aswBoot.ex​e
 2008-11-26 17:36:03 ----D---- C:\Program Files\Common Files\Apple
 2008-11-26 17:34:40 ----D---- C:\Program Files\QuickTime
 2008-11-26 17:25:32 ----D---- C:\Program Files\Safari

 ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 R1 aswRdr;aswRdr; C:\Windows\system32\drivers\as​wRdr.sys [2008-11-26 23152]
 R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\as​wSP.sys [2008-11-26 111184]
 R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\as​wTdi.sys [2008-11-26 50864]
 R1 StarOpen;StarOpen; C:\Windows\system32\drivers\St​arOpen.sys [2008-12-06 5632]
 R2 adfs;adfs; C:\Windows\system32\drivers\ad​fs.sys [2008-08-14 74720]
 R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\as​wFsBlk.sys [2008-11-26 20560]
 R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\as​wMonFlt.sys [2008-11-26 51792]
 R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GE​ARAspiWDM.sys [2008-04-17 15464]
 R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RT​KVHDA.sys [2008-07-03 2152088]
 R3 libusb0;LibUsb-Win32 - Kernel Driver 11/20/2005, 20051120; C:\Windows\system32\drivers\li​busb0.sys [2006-04-23 29184]
 R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nv​lddmkm.sys [2008-10-07 7380896]
 R3 Ps2;PS2; C:\Windows\system32\DRIVERS\PS​2.sys [2005-12-12 19072]
 R3 RT73;D-Link USB Wireless LAN Card Driver; C:\Windows\system32\DRIVERS\Dr​71WU.sys [2007-05-11 329728]
 R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rt​lh86.sys [2007-10-03 99840]
 R3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ss​cdbus.sys [2008-02-22 87936]
 R3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\ss​cdmdfl.sys [2008-02-22 14976]
 R3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\ss​cdmdm.sys [2008-02-22 114304]
 R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WU​DFRd.sys [2008-01-19 83328]
 S3 a2rqbudy;a2rqbudy; C:\Windows\system32\drivers\a2​rqbudy.sys []
 S3 an3uvpct;an3uvpct; C:\Windows\system32\drivers\an​3uvpct.sys []
 S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\dr​mkaud.sys [2008-01-19 5632]
 S3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\lv​usbsta.sys [2005-01-31 22016]
 S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MS​KSSRV.sys [2008-01-19 8192]
 S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MS​PCLOCK.sys [2008-01-19 5888]
 S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MS​PQM.sys [2008-01-19 5504]
 S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MS​TEE.sys [2008-01-19 6016]
 S3 PID_0920;Logitech QuickCam Express(PID_0920); C:\Windows\system32\DRIVERS\LV​532AV.SYS [2005-01-31 163328]
 S3 s125bus;Sony Ericsson Device 125 driver (WDM); C:\Windows\system32\DRIVERS\s1​25bus.sys [2007-04-24 83336]
 S3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\us​baudio.sys [2008-01-19 73088]
 S3 USBCamera;Icatch(IV) Still Camera Device; C:\Windows\System32\Drivers\Bu​lk533.sys [2002-07-25 10986]
 S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wp​dusb.sys [2008-01-19 39936]
 S3 XPADFL02;XPAD Filter Service 02; C:\Windows\system32\DRIVERS\xp​adfl02.sys [2006-12-24 27904]
 S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wm​iacpi.sys [2006-11-02 11264]

 ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawser​vice.exe [2008-08-04 611664]
 R2 Apache2.2;Apache2.2; c:\xampp\apache\bin\apache.exe [2007-12-21 17920]
 R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe [2008-11-07 132424]
 R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-11-26 18752]
 R2 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2008-08-04 79360]
 R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-11-26 155160]
 R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.ex​e [2008-08-29 238888]
 R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-09-19 65536]
 R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2008-06-02 354840]
 R2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1; C:\Windows\system32\libusbd-nt​.exe [2005-03-09 18944]
 R2 LightScribeService;LightScribe​Service Direct Disc Labeling Service; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-11-19 79136]
 R2 mysql;mysql; c:\xampp\mysql\bin\mysqld-nt.e​xe [2007-12-21 4653056]
 R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-10-07 203296]
 R2 PnkBstrA;PunkBuster; C:\Program Files\EA Games\Need for Speed Undercover\PB\PnkBstrA.exe [2008-10-22 63040]
 R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE​.exe [2007-05-28 275968]
 R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-11-26 254040]
 R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-11-26 352920]
 R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
 S2 mi-raysat_3dsMax2008_32;mental ray 3.6 Satellite for Autodesk 3ds Max 2008 32-bit 32-bit; C:\Program Files\Autodesk\3ds Max 2008\mentalray\satellite\raysa​t_3dsMax2008_32server.exe [2007-09-24 65536]
 S3 Boonty Games;Boonty Games; C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe [2008-07-15 69120]
 S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.​exe [2008-11-17 655624]
 S3 GameConsoleService;GameConsole​Service; C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe [2007-07-24 181800]
 S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\​Intel 32\IDriverT.exe [2005-04-03 69632]
 S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditSer​vice.exe [2007-08-24 68464]
 S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
 S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
 S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2008-09-28 92656]

 -----------------EOF----------​-------
 


La Mayenne-son calme -sa verdu
Profil : Equipe sécurité
  1. homepage
bernard53
Membre impliqué (de 20 000 à 29 999 messages postés) Helpeur confirmé Fan Club de Clic-Clic
  1. Posté le 26/12/2008 à 11:05:12  
  1. Prévenir les modérateurs en cas d'abus
 
:hello:

 Rapport ok.

 [:fml:8] Puis fait ceci pour accéder a hijackthis qui a été renommé.
 



 
 Démarrer>Exécuter  ou (Touche windows+R) puis fait un copier coller de ceci.

  C:\Program Files\trend micro

 Ensuite clique droit sur         Baptiste.exe  puis
 http://nsm01.casimages.com/img​/2008/11/02//08110202300560772​693956.jpg
 





 Relance Baptiste.exe >puis :  Do a system scan only > coche ces lignes: ensuite valides sur Fix checked

 O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988​571CECB} - (no file)
 O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC​4DFA408} - (no file)
 O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628​F01010C} - (no file)
 O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09​D4B49CA} - (no file)
 O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe​"    
 O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"    
 O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched​.exe" -osboot    
 O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe    
 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime    
 O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"    
 O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.ex​e"    
 O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe    
 O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background    
 O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')    
 O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.ex​e    
 O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe    


 ensuite::

 Télécharge >>OTMoveIt3<< (de Old_Timer) sur ton Bureau.

 [:fml:8]Pour VISTA : Clic-droit  et choisis   "Exécuter en tant qu'administrateur".

 [:fml:8] AVAST reconnait ce logiciel comme un intrus, donc le désactiver le temps des manipulations.

 Double-clique sur OTMoveIt3.exe pour le lancer.  http://nsm01.casimages.com/img​/2008/10/30//08103010210460772​683183.jpg

 Copie la liste qui se trouve en citation ci-dessous:
 



 

 :Processes
 mDNSResponder.exe
 Boonty.exe    

 :Services
 Service Bonjour (Bonjour Service)
 Boonty Games
 :Reg

 :Files
 C:\Program Files\Common Files\BOONTY Shared

 :Commands
 [purity]
 [emptytemp]
 [start explorer]
 [Reboot]
 



 et colle-la dans le cadre de gauche de OTMoveIt3 http://nsa03.casimages.com/img​/2008/10/31/081031041309719656​.png
 http://nsm01.casimages.com/img​/2008/10/30//08103010214460772​683206.jpg


 Clique sur http://nsa03.casimages.com/img​/2008/10/31/081031041550426873​.png pour lancer la suppression.
 attendre la fin du travail de l'outil puis fermer OTMoveIt3.

 Le résultat apparaitra dans le cadre Results.
 Clique sur Exit pour fermer.
 Poste le rapport situé dans C:\_OTMoveIt\MovedFiles\*******_******.log


 NB: Il te sera peut-être demandé de redémarrer le pc pour achever la suppression.
 si c'est le cas accepte par Oui/Yes.


 Ensuite pour ton alerte regarde ici a tout hasard.

 http://www.admincafe.re/forums [...] .php?p=808

 :salut:


baptiste787
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 26/12/2008 à 11:49:55  
  1. Prévenir les modérateurs en cas d'abus
 
Bonjour, je te remercies vraiment pour ton aide. Suite à ton message, j'ai donc fait le nécessaire :

 Dans le programme Baptiste.exe, je n'avais pas la case à cocher "O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')"

 Rapport :

 



========== PROCESSES ==========
 Unable to kill process: mDNSResponder.exe
 Unable to kill process: Boonty.exe
 ========== SERVICES/DRIVERS ==========
 Unable to stop service Service Bonjour (Bonjour Service) .
 Unable to stop service Boonty Games .
 ========== REGISTRY ==========
 ========== FILES ==========
 File/Folder C:\Program Files\Common Files\BOONTY Shared not found.
 ========== COMMANDS ==========
 File delete failed. C:\Users\Baptiste\AppData\Loca​l\Temp\etilqs_JLzV9FNKryUfA0M4​0b8N scheduled to be deleted on reboot.
 User's Temp folder emptied.
 User's Temporary Internet Files folder emptied.
 User's Internet Explorer cache folder emptied.
 Local Service Temp folder emptied.
 Local Service Temporary Internet Files folder emptied.
 File delete failed. C:\Windows\temp\_avast4_\Websh​lock.txt scheduled to be deleted on reboot.
 File delete failed. C:\Windows\temp\TMP0000005FA80​CFD287D8FA9F5 scheduled to be deleted on reboot.
 Windows Temp folder emptied.
 File delete failed. C:\Users\Baptiste\AppData\Loca​l\Mozilla\Firefox\Profiles\ww0​fv9tm.default\Cache\_CACHE_001​_ scheduled to be deleted on reboot.
 File delete failed. C:\Users\Baptiste\AppData\Loca​l\Mozilla\Firefox\Profiles\ww0​fv9tm.default\Cache\_CACHE_002​_ scheduled to be deleted on reboot.
 File delete failed. C:\Users\Baptiste\AppData\Loca​l\Mozilla\Firefox\Profiles\ww0​fv9tm.default\Cache\_CACHE_003​_ scheduled to be deleted on reboot.
 File delete failed. C:\Users\Baptiste\AppData\Loca​l\Mozilla\Firefox\Profiles\ww0​fv9tm.default\Cache\_CACHE_MAP​_ scheduled to be deleted on reboot.
 File delete failed. C:\Users\Baptiste\AppData\Loca​l\Mozilla\Firefox\Profiles\ww0​fv9tm.default\urlclassifier3.s​qlite scheduled to be deleted on reboot.
 File delete failed. C:\Users\Baptiste\AppData\Loca​l\Mozilla\Firefox\Profiles\ww0​fv9tm.default\XUL.mfl scheduled to be deleted on reboot.
 FireFox cache emptied.
 Temp folders emptied.
 Explorer started successfully

 OTMoveIt3 by OldTimer - Version 1.0.7.2 log created on 12262008_114607




 Rapport après reboot :

 



========== PROCESSES ==========
 Unable to kill process: mDNSResponder.exe
 Unable to kill process: Boonty.exe
 ========== SERVICES/DRIVERS ==========
 Unable to stop service Service Bonjour (Bonjour Service) .
 Unable to stop service Boonty Games .
 ========== REGISTRY ==========
 ========== FILES ==========
 File/Folder C:\Program Files\Common Files\BOONTY Shared not found.
 ========== COMMANDS ==========
 File delete failed. C:\Users\Baptiste\AppData\Loca​l\Temp\etilqs_JLzV9FNKryUfA0M4​0b8N scheduled to be deleted on reboot.
 User's Temp folder emptied.
 User's Temporary Internet Files folder emptied.
 User's Internet Explorer cache folder emptied.
 Local Service Temp folder emptied.
 Local Service Temporary Internet Files folder emptied.
 File delete failed. C:\Windows\temp\_avast4_\Websh​lock.txt scheduled to be deleted on reboot.
 File delete failed. C:\Windows\temp\TMP0000005FA80​CFD287D8FA9F5 scheduled to be deleted on reboot.
 Windows Temp folder emptied.
 File delete failed. C:\Users\Baptiste\AppData\Loca​l\Mozilla\Firefox\Profiles\ww0​fv9tm.default\Cache\_CACHE_001​_ scheduled to be deleted on reboot.
 File delete failed. C:\Users\Baptiste\AppData\Loca​l\Mozilla\Firefox\Profiles\ww0​fv9tm.default\Cache\_CACHE_002​_ scheduled to be deleted on reboot.
 File delete failed. C:\Users\Baptiste\AppData\Loca​l\Mozilla\Firefox\Profiles\ww0​fv9tm.default\Cache\_CACHE_003​_ scheduled to be deleted on reboot.
 File delete failed. C:\Users\Baptiste\AppData\Loca​l\Mozilla\Firefox\Profiles\ww0​fv9tm.default\Cache\_CACHE_MAP​_ scheduled to be deleted on reboot.
 File delete failed. C:\Users\Baptiste\AppData\Loca​l\Mozilla\Firefox\Profiles\ww0​fv9tm.default\urlclassifier3.s​qlite scheduled to be deleted on reboot.
 File delete failed. C:\Users\Baptiste\AppData\Loca​l\Mozilla\Firefox\Profiles\ww0​fv9tm.default\XUL.mfl scheduled to be deleted on reboot.
 FireFox cache emptied.
 Temp folders emptied.
 Explorer started successfully

 OTMoveIt3 by OldTimer - Version 1.0.7.2 log created on 12262008_114607

 Files moved on Reboot...
 File C:\Users\Baptiste\AppData\Loca​l\Temp\etilqs_JLzV9FNKryUfA0M4​0b8N not found!
 File move failed. C:\Windows\temp\_avast4_\Websh​lock.txt scheduled to be moved on reboot.
 File C:\Windows\temp\TMP0000005FA80​CFD287D8FA9F5 not found!
 C:\Users\Baptiste\AppData\Loca​l\Mozilla\Firefox\Profiles\ww0​fv9tm.default\Cache\_CACHE_001​_ moved successfully.
 C:\Users\Baptiste\AppData\Loca​l\Mozilla\Firefox\Profiles\ww0​fv9tm.default\Cache\_CACHE_002​_ moved successfully.
 C:\Users\Baptiste\AppData\Loca​l\Mozilla\Firefox\Profiles\ww0​fv9tm.default\Cache\_CACHE_003​_ moved successfully.
 C:\Users\Baptiste\AppData\Loca​l\Mozilla\Firefox\Profiles\ww0​fv9tm.default\Cache\_CACHE_MAP​_ moved successfully.
 C:\Users\Baptiste\AppData\Loca​l\Mozilla\Firefox\Profiles\ww0​fv9tm.default\urlclassifier3.s​qlite moved successfully.
 C:\Users\Baptiste\AppData\Loca​l\Mozilla\Firefox\Profiles\ww0​fv9tm.default\XUL.mfl moved successfully.
 




 Je vais redémarrer mon ordinateur et je vais suivre les instructions pour le message d'erreur.

 Edit : J'ai bien supprimé les pilotes d'imprimantes.

 Le message d'erreur n'apparait plus, le problème a l'air réglé.

 Je te remercies pour ta précieuse aide ;)

 PS : Comment nettoyer de fond en comble mon système pour que les fichiers systèmes soient comme neufs et bien rangés ?

(Publicité)
La Mayenne-son calme -sa verdu
Profil : Equipe sécurité
  1. homepage
bernard53
Membre impliqué (de 20 000 à 29 999 messages postés) Helpeur confirmé Fan Club de Clic-Clic
  1. Posté le 26/12/2008 à 13:21:33  
  1. Prévenir les modérateurs en cas d'abus
 
:hello:

 :super:  

 Que veux tu dire par. :chepa:

 



 
 Comment nettoyer de fond en comble mon système pour que les fichiers systèmes soient comme neufs et bien rangés
 





 Ton système est propre d'intrus, tu as l'air d'être bien a jour.  :bien:

 :salut:

baptiste787
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 26/12/2008 à 14:56:53  
  1. Prévenir les modérateurs en cas d'abus
 
A vrai dire mon pc est assez lent, ce qui est bizarre pour sa config.

La Mayenne-son calme -sa verdu
Profil : Equipe sécurité
  1. homepage
bernard53
Membre impliqué (de 20 000 à 29 999 messages postés) Helpeur confirmé Fan Club de Clic-Clic
  1. Posté le 26/12/2008 à 17:53:57  
  1. Prévenir les modérateurs en cas d'abus
 

Baptiste787 a écrit :

A vrai dire mon pc est assez lent, ce qui est bizarre pour sa config.
 




 :hello:  a quel moment est-il lent?

 Internet ou avec une application??

(Publicité)
baptiste787
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 27/12/2008 à 11:49:25  
  1. Prévenir les modérateurs en cas d'abus
 
En fait c'est surtout avec des gros jeux comme tomb raider ou autre.

 Ça lui arrive aussi d'être ralenti en étant sur internet.

La Mayenne-son calme -sa verdu
Profil : Equipe sécurité
  1. homepage
bernard53
Membre impliqué (de 20 000 à 29 999 messages postés) Helpeur confirmé Fan Club de Clic-Clic
  1. Posté le 27/12/2008 à 12:46:59  
  1. Prévenir les modérateurs en cas d'abus
 
:hello:  

 Pour tes jeux cela viens de la puissance de ceux-ci.

 Pour IE fait ceci.


 Clique droit sur l’icône d’internet Explorer. Sélectionner Propriétés .
 Dans onglet Avancés cliquez sur le bouton Réinitialiser.


 Si pas mieux .
 Essaies ceci :
 Démarrer --> Tous les programmes --> Accessoires --> Clic-droit sur Invite de commandes --> Exécuter en tant qu'administrateur :
 Tu exécutes ces 2 commandes:
 



 
 netsh winsock reset
 netsh int ip reset
 




 Redémarres le PC, et refais un essai.

 netsh winsock reset permet la remise à zéro du socket qui gène la couche TCP/IP (peut être utile pour résoudre un problème lié au réseau : problème de navigation, problème d’adressage IP)

  netsh int ip reset  permet la remise à zéro de la couche TCP/IP

 :salut:

baptiste787
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 28/12/2008 à 18:39:44  
  1. Prévenir les modérateurs en cas d'abus
 
:salut:

 En effet pour IE le problème de la vitesse est réglé, mais pour mozilla firefox comment faire ?

 Merci ! :)

(Publicité)
La Mayenne-son calme -sa verdu
Profil : Equipe sécurité
  1. homepage
bernard53
Membre impliqué (de 20 000 à 29 999 messages postés) Helpeur confirmé Fan Club de Clic-Clic
  1. Posté le 28/12/2008 à 20:03:41  
  1. Prévenir les modérateurs en cas d'abus
 
pour Mozilla essai ceci.

 Outils<<Options<<choisir Onglet général puis Restaurer la configuration par défaut


remi88
  1. Posté le 28/01/2009 à 10:50:28  
  1. Prévenir les modérateurs en cas d'abus
 
Bonjour, j'ai moi aussi le problème du ntdll.dll défaillant. Voici le rapport que me renvoie RSIT. En revanche je ne sais pas quoi cocher dans les cases, et le programme conseille de s'en référer à des connaisseurs. Pouvez-vous m'aider?
 Merci d'avance!
 Rémi


 info.txt logfile of random's system information tool 1.05 2009-01-28 10:38:43

 ======Uninstall list======

 -->C:\Program Files\Common Files\Real\Update_OB\r1puninst​.exe RealNetworks|RealPlayer|6.0
 -->Dummy
 -->MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-033​93876DFDF}
 -->MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E​344289F87}
 -->MsiExec.exe /I{11F93B4B-48F0-4A4E-AE77-DFA​96A99664B}
 -->MsiExec.exe /I{2EA870FA-585F-4187-903D-CB9​FFD21E2E0}
 -->MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20D​DA27E8BB0}
 -->MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4​EE48CE048}
 -->MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958​A45325C82}
 -->MsiExec.exe /I{C4CBAD7E-DF4A-4FEC-AC17-8BC​709AFB844}
 -->MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387​B6DE00F7C}
 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{55B781F0-060E-11D​4-99D7-00C04FCCB775}\Setup.exe​" -l0x40c
 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{C183A21C-395A-490​F-99D4-CCAB35E32859}\Setup.exe​" -l0x40c
 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0011-0000-0000-00000​00FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6​538D419}
 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-040C-0000-00000​00FF1CE} /uninstall {A0353900-21A2-42CF-B973-88350​0A027F7}
 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-00000​00FF1CE} /uninstall {A0353900-21A2-42CF-B973-88350​0A027F7}
 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-00000​00FF1CE} /uninstall {A0353900-21A2-42CF-B973-88350​0A027F7}
 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040C-0000-00000​00FF1CE} /uninstall {A0353900-21A2-42CF-B973-88350​0A027F7}
 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-040C-0000-00000​00FF1CE} /uninstall {A0353900-21A2-42CF-B973-88350​0A027F7}
 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-00000​00FF1CE} /uninstall {A0353900-21A2-42CF-B973-88350​0A027F7}
 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-00000​00FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17​824982D}
 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-00000​00FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4​CD33CA9}
 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-00000​00FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565​E796173}
 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-00000​00FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C09​5BAB72C}
 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-00000​00FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C130​12D99D4}
 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-00000​00FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B​91D7BF1}
 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-040C-0000-00000​00FF1CE} /uninstall {A0353900-21A2-42CF-B973-88350​0A027F7}
 Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{623D​32E9-0C62-4453-AD44-98B31F52A5​E1}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
 Adobe Acrobat 8.1.3 Standard-->msiexec /I {AC76BA86-1033-F400-BA7E-00000​0000003}
 Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F89​4678E5102}
 Adobe Flash Player ActiveX-->C:\Windows\system32\​Macromed\Flash\uninstall_activ​eX.exe
 Adobe Flash Player Plugin-->C:\Windows\system32\M​acromed\Flash\uninstall_plugin​.exe
 Adobe Help Center 2.1-->MsiExec.exe /I{25569723-DC5A-4467-A639-795​35BF01B71}
 Adobe Photoshop Elements 5.0-->msiexec /I {A7B609FB-83D8-4FC3-8477-1BC65​ECFE85B}
 Adobe Premiere Elements 3.0.2 Templates-->MsiExec.exe /I{6EACDDF4-4220-49A3-9204-984​C86852C3D}
 Adobe Premiere Elements 3.0.2-->msiexec /I {530AFAFF-6F0A-48BB-88D0-04F96​58322D3}
 Adobe Premiere Elements 3.0.2-->MsiExec.exe /I{530AFAFF-6F0A-48BB-88D0-04F​9658322D3}
 Adobe Reader 8.1.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81​300000003}
 Age of Mythology - The Titans Expansion-->"C:\Program Files\Microsoft Games\Age of Mythology\UNINSTXP.EXE" /runtemp /addremove
 Age of Mythology-->"C:\Program Files\Microsoft Games\Age of Mythology\UNINSTAL.EXE" /runtemp /addremove
 Alps Pointing-device for VAIO-->C:\Program Files\Apoint\Uninstap.exe ADDREMOVE
 American Conquest-->C:\Program Files\American Conquest\uninstall.exe
 Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F​3777F9886}
 Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F4​95BE32033}
 Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
 ArcSoft Software Suite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{497A1721-088F-41E​F-8876-B43C9DA5528B}\Setup.exe​" -l0x40c
 Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162​FD56DC986}
 Bluetooth Stack for Windows by Toshiba-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2​600E01EF6}
 Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15​DDC5B0959}
 Browser Address Error Redirector-->regsvr32 /u /s "C:\PROGRA~1\GOOGLE~1\BAE.dll"
 Caesar IV-->C:\Program Files\InstallShield Installation Information\{B7666229-351B-47D​9-AA6F-DF777CF04BBF}\Setup.exe -runfromtemp -l0x040c -removeonly
 Chinese Traditional Fonts Support For Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-2448-0000-800​000000003}
 Click to DVD 2.0.05 Menu Data-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\10\01\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9E407618-D9CD-4F3​9-9490-9ED45294073D}\setup.exe​" -l0x40c  -removeonly
 Click to DVD 2.6.00-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\50\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E809063C-51A3-426​9-8984-D1EB742F2151}\setup.exe​" -l0x40c  -removeonly
 DSD Direct-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\00\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{82D5BACA-3619-4D3​4-99DB-3A65CFB4DA33}\setup.exe​" -l0x40c  -removeonly
 DSD Playback Plug-in-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\00\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{009E7FB7-1775-4D8​9-8956-F5C9A1C019FC}\setup.exe​" -l0x40c  -removeonly
 Fichiers de prise en charge de l'installation de Microsoft SQL Server (Français)-->MsiExec.exe /X{3380F354-C5F7-4E71-8F51-EEE​6C3F06C62}
 FileZilla Client 3.0.8.1-->C:\Program Files\FileZilla FTP Client\uninstall.exe
 GDR 3068 for SQL Server Database Services 2005 ENU (KB948109)-->C:\Windows\SQL9_K​B948109_ENU\Hotfix.exe /Uninstall
 Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
 Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C​4EF0CFA29}
 Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar2.dl​l"
 HDAUDIO SoftV92 Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAU​DIO_VEN_14F1&DEV_2BFA&SUBSYS_1​04D0200\HXFSETUP.EXE -U -ISnSZIRXz.inf
 HHD Software Free Hex Editor 3.12-->"C:\Program Files\HHD Software\Hex Editor 3.x\Uninstaller.exe"
 HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
 Invisible Secrets 4-->C:\PROGRA~1\INVISI~1\UNWIS​E.EXE C:\PROGRA~1\INVISI~1\INSTALL.L​OG
 iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3​BF748D371}
 IziSpot 4-->MsiExec.exe /X{78DEE332-4FE2-469F-9CF7-F54​C47E11F21}
 Java DB 10.3.1.4-->MsiExec.exe /X{CD49361E-3FE6-457E-90A1-9C5​9E29B5D02}
 Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F8​3216011FF}
 Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B​0D0160020}
 Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B​0D0160030}
 Java(TM) 6 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B​0D0160040}
 Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B​0D0160050}
 Java(TM) 6 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B​0D0160060}
 Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B​0D0160070}
 Java(TM) SE Development Kit 6 Update 5-->MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B​0D0160050}
 Java(TM) SE Runtime Environment 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B​0D0160000}
 JCreator LE 4.50-->"C:\Program Files\Xinox Software\JCreatorV4LE\unins000​.exe"
 livebox-->C:\Program Files\InstallShield Installation Information\{17342E3B-0818-4A6​F-BFF8-99476605ADD6}\Setup.exe -runfromtemp -l0x040c -removeonly
 Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-000​0000FF1CE}
 Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-000​0000FF1CE}
 Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-000​0000FF1CE}
 Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-00000​00FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA5​40AADFB}
 Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-000​0000FF1CE}
 Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-000​0000FF1CE}
 Microsoft Office Professional Plus 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
 Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-000​0000FF1CE}
 Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-000​0000FF1CE}
 Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-000​0000FF1CE}
 Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-000​0000FF1CE}
 Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-000​0000FF1CE}
 Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-000​0000FF1CE}
 Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-000​0000FF1CE}
 Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-000​0000FF1CE}
 Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-000​0000FF1CE}
 Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-000​0000FF1CE}
 Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-000​0000FF1CE}
 Microsoft SQL Server 2005 Express Edition (VAIO_VEDB)-->MsiExec.exe /I{480DBB60-F0B6-45F2-B26F-1A2​E11197791}
 Microsoft SQL Server 2005-->"C:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe" /Remove
 Microsoft SQL Server Native Client-->MsiExec.exe /I{9C7E944F-4502-40B8-A0AB-66B​2FA9EE829}
 Microsoft SQL Server VSS Writer-->MsiExec.exe /I{75FF1600-6330-43FA-9022-E08​35BF20778}
 Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B25​85E8E76B7}
 Microsoft Works-->MsiExec.exe /I{6B1CB38D-E2E4-4A30-933D-EFD​EBA76AD9C}
 MiKTeX 2.7-->"C:\Program Files\MiKTeX 2.7\miktex\bin\copystart_admin​.exe" "C:\Program Files\MiKTeX 2.7\miktex\config\uninstall.da​t"
 Mozilla Firefox (3.0.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
 Mozilla Thunderbird (2.0.0.12)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.e​xe
 MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAF​C6BCFF99F}
 MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-696​9D703A9EF}
 MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3D​E528246EF}
 MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5​DCDC52A71}
 MSXML4 Parser-->MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE​346E5DA13}
 MySQL Connector/ODBC 3.51-->MsiExec.exe /I{0CB3C535-1171-4A20-B549-E2C​B5DEB9723}
 NVIDIA Drivers-->C:\Windows\system32\​NVUNINST.EXE UninstallGUI
 Oblivion-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\00\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{35CB6715-41F8-4F9​9-8881-6FC75BF054B0}\setup.exe​" -l0x40c  -removeonly
 OpenMG Limited Patch 4.7-07-13-24-01-->C:\Program Files\Common Files\Sony Shared\OpenMG\HotFixes\HotFix4​.7-07-13-24-01\HotFixSetup\set​up.exe /u
 OpenMG Secure Module 4.7.00-->C:\PROGRA~1\COMMON~1\​INSTAL~1\Driver\1150\INTEL3~1\​IDriver.exe /M{CCD663AE-610D-4BDF-AAB0-E91​4B044527D} UNINSTALL
 OpenOffice.org 2.4-->MsiExec.exe /I{1E0FF527-971B-4BBF-83D1-987​E8DEE437D}
 Orange Les offres Internet-->C:\Program Files\Orange\GLOBAL\Sung\unins​t.exe /G:{90CA15EA-C0A5-7CAF-B9E9-B8​B2A87EFE11}
 Outil de restauration de données VAIO-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\50\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57B955CE-B5D3-495​D-AF1B-FAEE0540BFEF}\setup.exe​" -l0x40c  -removeonly
 Outil VAIO Media Registration 6.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\50\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AF9A04EB-7D8E-41D​E-9EDE-4AB9BB2B71B6}\setup.exe​" -l0x40c UNINSTALL -removeonly
 PHOTOfunSTUDIO -viewer--->C:\Program Files\InstallShield Installation Information\{9A9DBEBC-C800-477​6-A970-D76D6AA405B1}\setup.exe -runfromtemp -l0x040c -z"Uninstall" -removeonly
 Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"
 Plugins SonicStage Mastering Studio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\00\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9C1C8A04-F8CA-447​2-A92D-4288CE32DE86}\setup.exe​" -l0x40c  -removeonly
 Praetorians-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{AAC8AF92-DAEC-45D​2-B77D-36699E3751A9}\Setup.exe​"
 qRezix v2.1-->"C:\Program Files\qRezix\Uninstall.exe"
 QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258​729456EE4}
 RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst​.exe RealNetworks|RealPlayer|6.0
 Roxio Easy Media Creator Home-->MsiExec.exe /I{B7FB0C86-41A4-4402-9A33-912​C462042A0}
 Roxio MyDVD-->MsiExec.exe /I{21657574-BD54-48A2-9450-EB0​3B2C7FC29}
 Roxio Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F​187AD502E}
 Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0011-0000-0000-00000​00FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486F​D82DC85}
 Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0011-0000-0000-00000​00FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3​A0103C7}
 Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {90120000-0011-0000-0000-00000​00FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B​31EB7E2}
 Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038​BD3F1FB2A}
 Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038​BD3F1FB2A}
 Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {90120000-0011-0000-0000-00000​00FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-40453​3642F4B}
 Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0011-0000-0000-00000​00FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A889​0641E77}
 Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0011-0000-0000-00000​00FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D​3ACDD85}
 Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0011-0000-0000-00000​00FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F38​5D82C5F}
 Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {90120000-0011-0000-0000-00000​00FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4B​E468FAC}
 Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {90120000-0011-0000-0000-00000​00FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2​E64517C}
 Setting Utility Series-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\50\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{59452470-A902-477​F-9338-9B88101681BD}\setup.exe​" -l0x40c UNINSTALL -removeonly
 Skype 3.0-->"C:\Program Files\Skype\Phone\unins000.exe​"
 Skype Plugin Manager-->MsiExec.exe /I{3D5E5C0A-5B36-4F98-99A7-287​F7DBDCE03}
 SonicStage 4.3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\10\01\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A0EB195B-5876-48E​6-879D-33D4B2102610}\setup.exe​" -l0x40c UNINSTALL -removeonly
 SonicStage Mastering Studio Audio Filter Custom Preset-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\00\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EC37A846-53AC-4DA​7-98FA-76A4E74AA900}\setup.exe​" -l0x40c  -removeonly
 SonicStage Mastering Studio Audio Filter-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\00\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DF7DB916-90E5-40F​2-9010-B8125EB5FD6F}\setup.exe​" -l0x40c  -removeonly
 SonicStage Mastering Studio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\00\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6332AFF1-9D9A-429​C-AA03-F82749FA4F49}\setup.exe​" -l0x40c  -removeonly
 Sony Utilities DLL-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\50\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EF3D45BB-2260-400​8-88EA-492E7744A9DF}\setup.exe​" -l0x9  -removeonly
 Sony Video Shared Library-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\00\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{01FDC9FC-4D4F-4DB​0-ACD1-D3E8E1D52902}\setup.exe​" -l0x40c  -removeonly
 System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Un​install.exe
 TeXnicCenter Version 1.0 Stable RC1-->"C:\Program Files\TeXnicCenter\unins000.ex​e"
 Update for Microsoft Office Excel 2007 Help (KB957242)-->msiexec /package {90120000-0016-040C-0000-00000​00FF1CE} /uninstall {49E314EE-81FA-4007-8F1A-8D39B​DBB4498}
 Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0011-0000-0000-00000​00FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE​788A756}
 Update for Microsoft Office Outlook 2007 Help (KB957246)-->msiexec /package {90120000-001A-040C-0000-00000​00FF1CE} /uninstall {80E46078-C1C5-4AE8-8744-3EAFC​812E118}
 Update for Office 2007 (KB946691)-->msiexec /package {90120000-0011-0000-0000-00000​00FF1CE} /uninstall {A420F522-7395-4872-9882-C591B​4B92278}
 Update for Outlook 2007 Junk Email Filter (kb958619)-->msiexec /package {90120000-0011-0000-0000-00000​00FF1CE} /uninstall {79B301C1-DBC0-467C-AFDA-2A6CD​AFA4302}
 VAIO Aqua Breeze Wallpaper-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\50\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{97BCD719-6ECB-458​F-97D6-F38D2E07375E}\setup.exe​" -l0x9  -removeonly
 VAIO AV Mode Launcher-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\50\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{428A6DA3-FD56-44A​E-B602-15DCCD6A7515}\setup.exe​" -l0x40c  -removeonly
 VAIO Camera Capture Utility-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\50\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6D2576EC-A0E9-418​A-A09A-409933A3B6F4}\setup.exe​" -l0x40c  -removeonly
 VAIO Camera Utility-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\50\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1417F599-1DBD-449​9-9375-B2813E9F890C}\setup.exe​" -l0x40c  -removeonly
 VAIO Content Importer / VAIO Content Exporter-->C:\Program Files\InstallShield Installation Information\{68A69CFF-130D-4CD​E-AB0E-7374ECB144C8}\setup.exe -runfromtemp -l0x040c -removeonly
 VAIO Control Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\50\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FC37C108-821D-4ED​E-8F40-D5B497586805}\setup.exe​" -l0x40c  -removeonly
 VAIO Cozy Orange Wallpaper-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\50\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A2FF7F5-6F0E-4A5​D-A881-39365E718BD6}\setup.exe​" -l0x9  -removeonly
 VAIO Entertainment Platform-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\00\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6B1F20F2-6321-466​9-A58C-33DF8E7517FF}\setup.exe​" -l0x40c  -removeonly
 VAIO Event Service-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\50\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0D85ADD-DD61-4B4​3-87A0-6DA52A211A8B}\setup.exe​" -l0x40c  -removeonly
 VAIO Hardware Diagnostics-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{A947C2B3-7445-42C​4-9063-EE704CACCB22}\Setup.exe​" -l0x40c
 VAIO Media 6.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\50\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{560F6B2E-F0DF-44E​5-8190-A4A161F0E205}\setup.exe​" -l0x40c UNINSTALL -removeonly
 VAIO Media AC3 Decoder 1.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{2063C2E8-3812-4BB​D-9998-6610F80C1DD4}\Setup.exe​" -l0x40c UNINSTALL
 VAIO Media Content Collection 6.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\50\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{500162A0-4DD5-460​A-BAFD-895AAE48C532}\setup.exe​" -l0x40c UNINSTALL -removeonly
 VAIO Media Integrated Server 6.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\50\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{785EB1D4-ECEC-419​5-99B4-73C47E187721}\setup.exe​" -l0x40c UNINSTALL -removeonly
 VAIO Media Redistribution 6.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\50\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5855C127-1F20-404​D-B7FB-1FD84D7EAB5E}\setup.exe​" -l0x40c UNINSTALL -removeonly
 VAIO Original Screen Saver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{1BEF9285-5530-426​B-A5F1-5836B95C7EB1}\Setup.exe​" -l0x40c
 VAIO Photo 2007-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\50\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5E343EF6-D27C-4CF​C-9FAE-9AAFB541BCEE}\setup.exe​" -l0x9  -removeonly
 VAIO Power Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\50\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9E319E96-ED8E-4B0​1-9775-C521A1869A25}\setup.exe​" -l0x40c UNINSTALL -removeonly
 VAIO Tender Green Wallpaper-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\50\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{934A3213-1CB6-426​4-84A2-EE080C017BCA}\setup.exe​" -l0x9  -removeonly
 VAIO Update 3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\50\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48820099-ED7D-424​B-890C-9A82EF00656D}\setup.exe​" -l0x40c  -removeonly
 VeohTV BETA-->C:\Program Files\InstallShield Installation Information\{97A96172-A963-4A3​7-9FFB-DA6805BB915A}\setup.exe -runfromtemp -l0x0409
 VideoLAN VLC media player 0.8.6d-->C:\Program Files\VideoLAN\VLC\uninstall.e​xe
 Warcraft III-->C:\Windows\War3Unin.exe C:\Windows\War3Unin.dat
 Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE​1A1300390}
 Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4​995401D65}
 WinDVD for VAIO-->C:\Program Files\InstallShield Installation Information\{20471B27-D702-4FE​8-8DEC-0702CC8C0A85}\setup.exe -runfromtemp -l0x040c
 Wireless Switch Setting Utility-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\50\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A0F3EF9-68EE-49E​9-A05B-ED5B82DF63E5}\setup.exe​" -l0x40c  -removeonly
 ZoneAlarm-->C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe

 ======Security center information======

 FW: ZoneAlarm Firewall
 AS: Windows Defender

 System event log

 Computer Name: Algebra
 Event Code: 537
 Message: Aucun périphérique de sécurité du module de plateforme sécurisée compatible trouvé sur cet ordinateur. Impossible de démarrer les services de base de module de plateforme sécurisée.
 Record Number: 91602
 Source Name: Microsoft-Windows-TBS
 Time Written: 20090128091831.268607-000
 Event Type: Information
 User: AUTORITE NT\SERVICE LOCAL

 Computer Name: Algebra
 Event Code: 7036
 Message: Le service Lanceur des services Windows Media Center est entré dans l'état : arrêté.
 Record Number: 91603
 Source Name: Service Control Manager
 Time Written: 20090128091833.000000-000
 Event Type: Information
 User:

 Computer Name: Algebra
 Event Code: 7036
 Message: Le service Windows Update est entré dans l'état : en cours d'exécution.
 Record Number: 91604
 Source Name: Service Control Manager
 Time Written: 20090128091835.000000-000
 Event Type: Information
 User:

 Computer Name: Algebra
 Event Code: 7036
 Message: Le service Prise en charge de l’application Rapports et solutions aux problèmes du Panneau de configuration est entré dans l'état : en cours d'exécution.
 Record Number: 91605
 Source Name: Service Control Manager
 Time Written: 20090128092911.000000-000
 Event Type: Information
 User:

 Computer Name: Algebra
 Event Code: 7036
 Message: Le service Prise en charge de l’application Rapports et solutions aux problèmes du Panneau de configuration est entré dans l'état : arrêté.
 Record Number: 91606
 Source Name: Service Control Manager
 Time Written: 20090128092912.000000-000
 Event Type: Information
 User:

 Application event log

 Computer Name: Algebra
 Event Code: 1000
 Message: Application défaillante iexplore.exe, version 7.0.6001.18000, horodatage 0x47918f11, module défaillant IEFRAME.dll, version 7.0.6001.18099, horodatage 0x486467bb, code d’exception 0xc0000005, décalage d’erreur 0x0009074e, ID du processus 0x124c, heure de début de l’application 0x01c98129f126ae4b.
 Record Number: 40869
 Source Name: Application Error
 Time Written: 20090128092326.000000-000
 Event Type: Erreur
 User:

 Computer Name: Algebra
 Event Code: 1000
 Message: Application défaillante iexplore.exe, version 7.0.6001.18000, horodatage 0x47918f11, module défaillant IEFRAME.dll, version 7.0.6001.18099, horodatage 0x486467bb, code d’exception 0xc0000005, décalage d’erreur 0x0009074e, ID du processus 0xe34, heure de début de l’application 0x01c9812a2357cd4b.
 Record Number: 40870
 Source Name: Application Error
 Time Written: 20090128092356.000000-000
 Event Type: Erreur
 User:

 Computer Name: Algebra
 Event Code: 1000
 Message: Application défaillante iexplore.exe, version 7.0.6001.18000, horodatage 0x47918f11, module défaillant IEFRAME.dll, version 7.0.6001.18099, horodatage 0x486467bb, code d’exception 0xc0000005, décalage d’erreur 0x0009074e, ID du processus 0x490, heure de début de l’application 0x01c9812a26cecb9b.
 Record Number: 40871
 Source Name: Application Error
 Time Written: 20090128092404.000000-000
 Event Type: Erreur
 User:

 Computer Name: Algebra
 Event Code: 1000
 Message: Application défaillante iexplore.exe, version 7.0.6001.18000, horodatage 0x47918f11, module défaillant IEFRAME.dll, version 7.0.6001.18099, horodatage 0x486467bb, code d’exception 0xc0000005, décalage d’erreur 0x0009074e, ID du processus 0xa90, heure de début de l’application 0x01c9812a2b11092b.
 Record Number: 40872
 Source Name: Application Error
 Time Written: 20090128092409.000000-000
 Event Type: Erreur
 User:

 Computer Name: Algebra
 Event Code: 1000
 Message: Application défaillante iexplore.exe, version 7.0.6001.18000, horodatage 0x47918f11, module défaillant IEFRAME.dll, version 7.0.6001.18099, horodatage 0x486467bb, code d’exception 0xc0000005, décalage d’erreur 0x0009074e, ID du processus 0x1310, heure de début de l’application 0x01c9812a2e3098ab.
 Record Number: 40873
 Source Name: Application Error
 Time Written: 20090128092416.000000-000
 Event Type: Erreur
 User:

 Security event log

 Computer Name: Algebra
 Event Code: 5038
 Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.

 Nom du fichier : \Device\HarddiskVolume2\Window​s\System32\drivers\tcpip.sys  
 Record Number: 20744
 Source Name: Microsoft-Windows-Security-Aud​iting
 Time Written: 20090128093839.977607-000
 Event Type: Échec de l'audit
 User:

 Computer Name: Algebra
 Event Code: 5038
 Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.

 Nom du fichier : \Device\HarddiskVolume2\Window​s\System32\drivers\tcpip.sys  
 Record Number: 20745
 Source Name: Microsoft-Windows-Security-Aud​iting
 Time Written: 20090128093840.007607-000
 Event Type: Échec de l'audit
 User:

 Computer Name: Algebra
 Event Code: 5038
 Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.

 Nom du fichier : \Device\HarddiskVolume2\Window​s\System32\drivers\tcpip.sys  
 Record Number: 20746
 Source Name: Microsoft-Windows-Security-Aud​iting
 Time Written: 20090128093840.036607-000
 Event Type: Échec de l'audit
 User:

 Computer Name: Algebra
 Event Code: 5038
 Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.

 Nom du fichier : \Device\HarddiskVolume2\Window​s\System32\drivers\tcpip.sys  
 Record Number: 20747
 Source Name: Microsoft-Windows-Security-Aud​iting
 Time Written: 20090128093840.064607-000
 Event Type: Échec de l'audit
 User:

 Computer Name: Algebra
 Event Code: 5038
 Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.

 Nom du fichier : \Device\HarddiskVolume2\Window​s\System32\drivers\tcpip.sys  
 Record Number: 20748
 Source Name: Microsoft-Windows-Security-Aud​iting
 Time Written: 20090128093840.094607-000
 Event Type: Échec de l'audit
 User:

 ======Environment variables======

 "ComSpec"=%SystemRoot%\system3​2\cmd.exe
 "FP_NO_HOST_CHECK"=NO
 "OS"=Windows_NT
 "Path"=C:\Program Files\MiKTeX 2.7\miktex\bin;C:\Program Files\Common Files\ArcSoft\Bin;%SystemRoot%​\system32;%SystemRoot%;%System​Root%\System32\Wbem;C:\Program Files\Microsoft SQL Server\90\Tools\binn\;C:\Progr​am Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\Progr​am Files\Common Files\Adobe\AGL;C:\Program Files\QuickTime\QTSystem\
 "PATHEXT"=.COM;.EXE;.BAT;.CMD;​.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.​MSC
 "PROCESSOR_ARCHITECTURE"=x86
 "TEMP"=%SystemRoot%\TEMP
 "TMP"=%SystemRoot%\TEMP
 "USERNAME"=SYSTEM
 "windir"=%SystemRoot%
 "PROCESSOR_LEVEL"=6
 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
 "PROCESSOR_REVISION"=0f0d
 "NUMBER_OF_PROCESSORS"=2
 "configsetroot"=%SystemRoot%\C​onfigSetRoot
 "RoxioCentral"=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
 "tvdumpflags"=8
 "CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext​\QTJava.zip
 "QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext​\QTJava.zip

 -----------------EOF----------​-------

La Mayenne-son calme -sa verdu
Profil : Equipe sécurité
  1. homepage
bernard53
Membre impliqué (de 20 000 à 29 999 messages postés) Helpeur confirmé Fan Club de Clic-Clic
  1. Posté le 28/01/2009 à 11:13:08  
  1. Prévenir les modérateurs en cas d'abus
 
:hello: Rémi88

 tu veux bien créer ton propre post s.t.p et sans soucis vas regarder ton problème.

 Par contre mets le rapport log.txt de RSIT

 :salut:

(Publicité)
baptiste787
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 24/02/2009 à 10:29:48  
  1. Prévenir les modérateurs en cas d'abus
 
:hello:

 Je reposte dans ce sujet car le problème est malheureusement revenu ...  :hurle:

 Je publie le rapport de RSIT ci-dessous :

 



Logfile of random's system information tool 1.05 (written by random/random)
 Run by Baptiste at 2009-02-24 10:25:22
 Microsoft® Windows Vista™ Édition Familiale Premium  Service Pack 1
 System drive C: has 36 GB (8%) free of 466 GB
 Total RAM: 3326 MB (53% free)

 Logfile of Trend Micro HijackThis v2.0.2
 Scan saved at 10:25:30, on 24/02/2009
 Platform: Windows Vista SP1 (WinNT 6.00.1905)
 MSIE: Internet Explorer v7.00 (7.00.6001.18000)
 Boot mode: Normal

 Running processes:
 C:\Windows\system32\Dwm.exe
 C:\Windows\system32\taskeng.ex​e
 C:\Program Files\Windows Defender\MSASCui.exe
 C:\Windows\RtHDVCpl.exe
 C:\Program Files\TortoiseSVN\bin\TSVNCach​e.exe
 C:\hp\support\hpsysdrv.exe
 C:\Program Files\Hewlett-Packard\On-Scree​n OSD Indicator\OSD.exe
 C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
 C:\Windows\system32\schtasks.e​xe
 C:\Program Files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe
 C:\Program Files\Alwil Software\Avast4\ashDisp.exe
 C:\Program Files\Common Files\Real\Update_OB\realsched​.exe
 C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
 C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.​exe
 C:\Program Files\iTunes\iTunesHelper.exe
 C:\Program Files\Java\jre6\bin\jusched.ex​e
 C:\Program Files\CyberLink\PowerDVD8\PDVD​8Serv.exe
 C:\Windows\System32\mobsync.ex​e
 C:\Windows\System32\rundll32.e​xe
 C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe
 C:\Program Files\Windows Sidebar\sidebar.exe
 C:\Users\Baptiste\AppData\Loca​l\Google\Update\GoogleUpdate.e​xe
 C:\Program Files\Windows Live\Messenger\msnmsgr.exe
 C:\Program Files\Windows Media Player\wmpnscfg.exe
 C:\Users\Baptiste\AppData\Roam​ing\Microsoft\Live Search\Notification-LiveSearch​.exe
 C:\Users\Baptiste\AppData\Roam​ing\Microsoft\Live Search\Mise-a-jour-LiveSearch.​exe
 C:\Program Files\Windows Live\Contacts\wlcomm.exe
 C:\hp\kbd\kbd.exe
 C:\Program Files\Mozilla Firefox\firefox.exe
 C:\Windows\System32\Adobe\SHOC​KW~1\SWHELP~4.EXE
 C:\Program Files\Windows Media Player\wmplayer.exe
 C:\Windows\Explorer.exe
 C:\Windows\system32\SearchFilt​erHost.exe
 C:\Users\Baptiste\Desktop\RSIT​.exe
 C:\Program Files\trend micro\Baptiste.exe

 R1 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://fr.msn.com/
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/ [...] pf=desktop
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Search_U​RL = http://go.microsoft.com/fwlink/?LinkId=54896
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/ [...] pf=desktop
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,SearchAssistan​t =
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,CustomizeSearc​h =
 R1 - HKCU\Software\Microsoft\Window​s\CurrentVersion\Internet Settings,ProxyOverride = *.local
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Toolbar,LinksFolderNa​me =
 O1 - Hosts: ::1 localhost
 O1 - Hosts: 65.54.239.80 messenger.hotmail.com
 O1 - Hosts: 65.54.239.80 dp.msnmessenger.akadns.net
 O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7​D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\Ac​roIEHelper.dll
 O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988​571CECB} - (no file)
 O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC​4DFA408} - (no file)
 O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628​F01010C} - (no file)
 O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1​D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExt​ensions.dll
 O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF​1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
 O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C​1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
 O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09​D4B49CA} - (no file)
 O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
 O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
 O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
 O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
 O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Scree​n OSD Indicator\OSD.exe"
 O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Pac​kard\HP Health Check\HPHC_Scheduler.exe
 O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe​"
 O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
 O4 - HKLM\..\Run: [D-Link D-Link Wireless G DWA-110] C:\Program Files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe
 O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\as​hDisp.exe
 O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
 O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched​.exe"  -osboot
 O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
 O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.​exe
 O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
 O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.​exe"
 O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\​CS4ServiceManager.exe" -launchedbylogin
 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
 O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
 O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.ex​e"
 O4 - HKLM\..\Run: [RemoteControl8] "C:\Program Files\CyberLink\PowerDVD8\PDVD​8Serv.exe"
 O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD8\Lang​uage\Language.exe"
 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,​NvStartup
 O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.d​ll,NvTaskbarInit
 O4 - HKLM\..\Run: [Hercules DJ Series] C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe /boot
 O4 - HKCU\..\Run: [Sidebar] C:\Program Files\windows sidebar\sidebar.exe /autoRun
 O4 - HKCU\..\Run: [Google Update] "C:\Users\Baptiste\AppData\Loc​al\Google\Update\GoogleUpdate.​exe" /c
 O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
 O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
 O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
 O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
 O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
 O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
 O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
 O4 - Startup: Enregistrement de FIFA 09.lnk = C:\Program Files\EA Sports\FIFA 09\Support\EAregister.exe
 O4 - Startup: Outil de notification Live Search.lnk = Baptiste\AppData\Roaming\Micro​soft\Live Search\Notification-LiveSearch​.exe
 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Off​ice12\EXCEL.EXE/3000
 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663E​E0C6C49} - C:\PROGRA~1\MICROS~3\Office12\​ONBttnIE.dll
 O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663E​E0C6C49} - C:\PROGRA~1\MICROS~3\Office12\​ONBttnIE.dll
 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C5​71A8263} - C:\PROGRA~1\MICROS~3\Office12\​REFIEBAR.DLL
 O13 - Gopher Prefix:
 O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw [...] ontrol.cab
 O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F2​1721616} (DivXBrowserPlugin Object) - http://download.divx.com/playe [...] Plugin.cab
 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46​475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/ [...] b56907.cab
 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB62​48B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemSe​rvices.dll
 O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawser​vice.exe
 O23 - Service: Apache2.2 - Apache Software Foundation - c:\xampp\apache\bin\apache.exe
 O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe
 O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
 O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
 O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
 O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
 O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
 O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.ex​e
 O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.​exe
 O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
 O23 - Service: Hercules DJ Control MP3 (HerculesDJControlMP3) - Unknown owner - C:\Program Files\Hercules\Audio\DJ Console Series\HerculesDJControlMP3.EX​E
 O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
 O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
 O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\​Intel 32\IDriverT.exe
 O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
 O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - http://libusb-win32.sourceforge.net - C:\Windows\system32\libusbd-nt​.exe
 O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
 O23 - Service: mental ray 3.6 Satellite for Autodesk 3ds Max 2008 32-bit 32-bit (mi-raysat_3dsMax2008_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2008\mentalray\satellite\raysa​t_3dsMax2008_32server.exe
 O23 - Service: mysql - Unknown owner - c:\xampp\mysql\bin\mysqld-nt.e​xe
 O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
 O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
 O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE​.exe
 O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

 --
 End of file - 11830 bytes

 ======Scheduled tasks folder======

 C:\Windows\tasks\GoogleUpdateT​askUserS-1-5-21-1935174570-274​1598601-364209801-1000.job

 ======Registry dump======

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
 Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\Ac​roIEHelper.dll [2006-10-22 62080]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
 Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExt​ensions.dll [2007-08-24 2212224]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
 Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-10 320920]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
 Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
 Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-10 34816]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Internet Explorer\Toolbar]
 {7FEBEFE3-6B19-4349-98D2-FFB09​D4B49CA}

 [HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Run]
 "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
 "RtHDVCpl"=C:\Windows\RtHDVCpl​.exe [2008-07-03 6266880]
 "hpsysdrv"=c:\hp\support\hpsys​drv.exe [2007-04-18 65536]
 "KBD"=C:\HP\KBD\KbdStub.EXE [2006-12-08 65536]
 "OsdMaestro"=C:\Program Files\Hewlett-Packard\On-Scree​n OSD Indicator\OSD.exe [2007-02-15 118784]
 "HP Health Check Scheduler"=[ProgramFilesFolder]Hewlett-Pac​kard\HP Health Check\HPHC_Scheduler.exe []
 "SunJavaUpdateReg"=C:\Windows\​system32\jureg.exe [2007-04-07 54936]
 ""= []
 "ANIWZCS2Service"=C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe [2007-01-19 49152]
 "D-Link D-Link Wireless G DWA-110"=C:\Program Files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe [2007-05-04 1662976]
 "avast!"=C:\PROGRA~1\ALWILS~1\​Avast4\ashDisp.exe [2008-11-26 81000]
 "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
 "TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched​.exe [2008-08-08 185896]
 "IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2008-06-02 178712]
 "AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.​exe [2008-10-01 111936]
 "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
 "GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.​exe [2007-08-24 33648]
 "AdobeCS4ServiceManager"=C:\Pr​ogram Files\Common Files\Adobe\CS4ServiceManager\​CS4ServiceManager.exe [2008-08-14 611712]
 "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-11-04 413696]
 "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]
 "SunJavaUpdateSched"=C:\Progra​m Files\Java\jre6\bin\jusched.ex​e [2008-11-10 136600]
 "RemoteControl8"=C:\Program Files\CyberLink\PowerDVD8\PDVD​8Serv.exe [2008-03-20 83240]
 "PDVD8LanguageShortcut"=C:\Pro​gram Files\CyberLink\PowerDVD8\Lang​uage\Language.exe [2007-12-14 50472]
 "NvCplDaemon"=C:\Windows\syste​m32\NvCpl.dll [2008-10-07 13584928]
 "NvMediaCenter"=C:\Windows\sys​tem32\NvMcTray.dll [2008-10-07 92704]
 "Hercules DJ Series"=C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe [2008-12-08 484648]

 [HKEY_CURRENT_USER\Software\Mic​rosoft\Windows\CurrentVersion\​Run]
 "Sidebar"=C:\Program Files\windows sidebar\sidebar.exe [2008-01-19 1233920]
 "Google Update"=C:\Users\Baptiste\AppD​ata\Local\Google\Update\Google​Update.exe [2008-09-03 133104]
 "AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2008-03-20 217544]
 "EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe [2009-01-09 3321856]
 "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
 "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

 C:\Users\Baptiste\AppData\Roam​ing\Microsoft\Windows\Start Menu\Programs\Startup
 Enregistrement de FIFA 09.lnk - C:\Program Files\EA Sports\FIFA 09\Support\EAregister.exe
 Outil de notification Live Search.lnk - C:\Users\Baptiste\AppData\Roam​ing\Microsoft\Live Search\Notification-LiveSearch​.exe

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\ShellExecuteHooks]
 "{B5A7F190-DDA6-4420-B3BA-5245​3494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExt​ensions.dll [2007-08-24 2212224]

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\aawservice]

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\network\aawservice]

 [HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Policies\System]
 "dontdisplaylastusername"=0
 "legalnoticecaption"=
 "legalnoticetext"=
 "shutdownwithoutlogon"=1
 "undockwithoutlogon"=1
 "EnableUIADesktopToggle"=0

 [HKEY_LOCAL_MACHINE\system\curr​entcontrolset\services\shareda​ccess\parameters\firewallpolic​y\standardprofile\authorizedap​plications\list]

 [HKEY_LOCAL_MACHINE\system\curr​entcontrolset\services\shareda​ccess\parameters\firewallpolic​y\domainprofile\authorizedappl​ications\list]

 [HKEY_CURRENT_USER\software\mic​rosoft\windows\currentversion\​explorer\mountpoints2\{9cf5010​a-7996-11dd-9951-001fc60f5fe1}​]
 shell\AutoRun\command - J:\setup.exe

 [HKEY_CURRENT_USER\software\mic​rosoft\windows\currentversion\​explorer\mountpoints2\{a981103​f-dcac-11dd-b24c-001fc60f5fe1}​]
 shell\Auto\command - L:\AdobeR.exe e
 shell\AutoRun\command - C:\Windows\system32\RunDLL32.E​XE Shell32.DLL,ShellExec_RunDLL L:\AdobeR.exe e


 ======File associations======

 .js - edit -
 .js - open -
 .reg - open - "regedit.exe" "%1"
 .txt - open -

 ======List of files/folders created in the last 1 months======

 2009-02-23 00:41:01 ----D---- C:\ProgramData\Messenger Plus!
 2009-02-22 14:39:11 ----D---- C:\Program Files\Microsoft
 2009-02-22 14:33:49 ----SHD---- C:\Config.Msi
 2009-02-14 01:03:50 ----A---- C:\Windows\system32\WNASPINT.D​LL
 2009-02-14 00:55:26 ----D---- C:\eJay
 2009-02-13 23:00:35 ----D---- C:\Program Files\ASIO4ALL v2
 2009-02-13 22:59:56 ----D---- C:\Program Files\Outsim
 2009-02-13 22:58:22 ----D---- C:\Program Files\Image-Line
 2009-02-13 20:28:40 ----D---- C:\ProgramData\Propellerhead Software
 2009-02-13 20:28:40 ----A---- C:\Windows\system32\REX Shared Library.dll
 2009-02-13 20:28:40 ----A---- C:\Windows\system32\ReWire.dll
 2009-02-13 20:28:34 ----D---- C:\Users\Baptiste\AppData\Roam​ing\Propellerhead Software
 2009-02-13 20:27:29 ----D---- C:\Program Files\Propellerhead
 2009-02-13 19:58:09 ----D---- C:\Users\Baptiste\AppData\Roam​ing\DivX
 2009-02-13 19:56:54 ----A---- C:\Windows\system32\rmbe3260.d​ll
 2009-02-13 19:56:54 ----A---- C:\Windows\system32\ra32sipr.d​ll
 2009-02-13 19:56:54 ----A---- C:\Windows\system32\ra32dnet.d​ll
 2009-02-13 19:56:54 ----A---- C:\Windows\system32\ra3228_8.d​ll
 2009-02-13 19:56:53 ----A---- C:\Windows\system32\ra3214_4.d​ll
 2009-02-13 19:56:53 ----A---- C:\Windows\system32\pngu3263.d​ll
 2009-02-13 19:56:53 ----A---- C:\Windows\system32\pneng50.dl​l
 2009-02-13 19:56:53 ----A---- C:\Windows\system32\pnc3250.dl​l
 2009-02-13 19:56:53 ----A---- C:\Windows\system32\msvcr70.dl​l
 2009-02-13 19:56:53 ----A---- C:\Windows\system32\msvcp70.dl​l
 2009-02-13 19:56:53 ----A---- C:\Windows\system32\encdnet.dl​l
 2009-02-13 19:56:53 ----A---- C:\Windows\system32\decdnet.dl​l
 2009-02-13 19:53:55 ----A---- C:\Windows\system32\Synsopos.e​xe
 2009-02-13 19:53:51 ----A---- C:\Windows\system32\SynsoLChk.​dll
 2009-02-13 19:53:51 ----A---- C:\Windows\system32\SYNSOACC.d​ll
 2009-02-13 19:53:50 ----D---- C:\Program Files\Syncrosoft
 2009-02-13 19:39:30 ----D---- C:\Users\Baptiste\AppData\Roam​ing\Steinberg
 2009-02-13 19:39:30 ----D---- C:\Program Files\Steinberg
 2009-02-11 18:24:54 ----A---- C:\Windows\system32\EncDec.dll
 2009-02-11 18:24:51 ----A---- C:\Windows\system32\psisdecd.d​ll
 2009-02-11 15:16:09 ----A---- C:\Windows\system32\mshtml.dll
 2009-02-11 15:16:07 ----A---- C:\Windows\system32\ieframe.dl​l
 2009-02-11 15:16:06 ----A---- C:\Windows\system32\urlmon.dll
 2009-02-11 15:16:04 ----A---- C:\Windows\system32\wininet.dl​l
 2009-02-11 15:16:04 ----A---- C:\Windows\system32\msfeeds.dl​l
 2009-02-11 15:16:03 ----A---- C:\Windows\system32\mstime.dll
 2009-02-11 15:16:03 ----A---- C:\Windows\system32\iertutil.d​ll
 2009-02-11 15:16:02 ----A---- C:\Windows\system32\jsproxy.dl​l
 2009-02-06 18:52:40 ----A---- C:\Windows\system32\sirenacm.d​ll
 2009-02-04 20:05:49 ----A---- C:\Windows\system32\devil.dll
 2009-02-04 20:05:49 ----A---- C:\Windows\system32\avisynth.d​ll
 2009-02-04 20:05:48 ----A---- C:\Windows\system32\yv12vfw.dl​l
 2009-02-04 20:05:48 ----A---- C:\Windows\system32\i420vfw.dl​l
 2009-02-04 20:05:48 ----A---- C:\Windows\system32\AVSredirec​t.dll
 2009-02-04 20:05:47 ----D---- C:\Program Files\AviSynth 2.5
 2009-02-04 20:05:38 ----RSH---- C:\Windows\system32\nbDX.dll
 2009-02-04 20:05:38 ----RSH---- C:\Windows\system32\msfDX.dll
 2009-02-04 20:05:38 ----RSH---- C:\Windows\system32\flvDX.dll
 2009-02-04 20:05:30 ----D---- C:\Program Files\eRightSoft
 2009-02-01 21:41:18 ----D---- C:\Program Files\Common Files\PX Storage Engine
 2009-02-01 20:40:15 ----D---- C:\Program Files\Cheat Engine55
 2009-01-30 12:43:02 ----D---- C:\Program Files\DivX
 2009-01-26 20:42:24 ----D---- C:\Program Files\Windows Live Safety Center

 ======List of files/folders modified in the last 1 months======

 2009-02-24 10:25:30 ----D---- C:\Windows\Prefetch
 2009-02-24 10:25:28 ----D---- C:\Windows\Temp
 2009-02-24 10:25:23 ----D---- C:\Program Files\trend micro
 2009-02-24 09:44:24 ----SHD---- C:\System Volume Information
 2009-02-24 09:40:10 ----D---- C:\Windows\system32\drivers
 2009-02-23 13:26:03 ----D---- C:\Windows\System32
 2009-02-23 13:26:03 ----D---- C:\Windows\inf
 2009-02-23 13:26:03 ----A---- C:\Windows\system32\PerfString​Backup.INI
 2009-02-23 13:13:47 ----D---- C:\Windows\tracing
 2009-02-23 11:53:31 ----D---- C:\Users\Baptiste\AppData\Roam​ing\FileZilla
 2009-02-23 11:46:40 ----RD---- C:\Program Files
 2009-02-23 00:41:01 ----HD---- C:\ProgramData
 2009-02-23 00:28:16 ----D---- C:\downloads
 2009-02-23 00:16:10 ----D---- C:\Users\Baptiste\AppData\Roam​ing\LimeWire
 2009-02-22 14:51:08 ----D---- C:\Program Files\Messenger Plus! Live
 2009-02-22 14:39:29 ----SHD---- C:\Windows\Installer
 2009-02-22 14:39:07 ----D---- C:\Program Files\Windows Live
 2009-02-14 12:37:38 ----D---- C:\Windows
 2009-02-14 00:55:24 ----HD---- C:\Program Files\InstallShield Installation Information
 2009-02-14 00:53:19 ----D---- C:\Program Files\Dofus
 2009-02-14 00:48:36 ----D---- C:\Users\Baptiste\AppData\Roam​ing\Azureus
 2009-02-13 19:56:53 ----RSD---- C:\Windows\Fonts
 2009-02-13 13:22:39 ----D---- C:\Program Files\Common Files\microsoft shared
 2009-02-12 19:01:02 ----D---- C:\Windows\Tasks
 2009-02-12 11:57:25 ----D---- C:\Windows\winsxs
 2009-02-12 07:56:17 ----RSD---- C:\Windows\assembly
 2009-02-12 07:56:17 ----D---- C:\Windows\Microsoft.NET
 2009-02-12 07:48:43 ----D---- C:\Windows\system32\catroot
 2009-02-12 07:48:31 ----D---- C:\Windows\system32\catroot2
 2009-02-11 22:59:10 ----D---- C:\Windows\ehome
 2009-02-11 22:59:10 ----D---- C:\Program Files\Windows Mail
 2009-02-11 18:28:48 ----D---- C:\ProgramData\Microsoft Help
 2009-02-08 12:46:11 ----D---- C:\ProgramData\Electronic Arts
 2009-02-08 00:04:03 ----D---- C:\Program Files\Vuze
 2009-02-06 17:03:09 ----D---- C:\Program Files\Mozilla Firefox
 2009-02-05 20:49:41 ----D---- C:\Users\Baptiste\AppData\Roam​ing\dvdcss
 2009-02-04 00:21:12 ----A---- C:\Windows\system32\mrt.exe
 2009-02-01 21:41:18 ----D---- C:\Program Files\Common Files
 2009-01-30 12:43:12 ----SD---- C:\Windows\Downloaded Program Files

 ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 R1 aswRdr;aswRdr; C:\Windows\system32\drivers\as​wRdr.sys [2008-11-26 23152]
 R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\as​wSP.sys [2008-11-26 111184]
 R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\as​wTdi.sys [2008-11-26 50864]
 R1 StarOpen;StarOpen; C:\Windows\system32\drivers\St​arOpen.sys [2008-12-06 5632]
 R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VB​oxDrv.sys [2008-12-17 100368]
 R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VB​oxUSBMon.sys [2008-12-17 41680]
 R2 acedrv11;acedrv11; \??\C:\Windows\system32\driver​s\acedrv11.sys [2008-07-30 277736]
 R2 adfs;adfs; C:\Windows\system32\drivers\ad​fs.sys [2008-08-14 74720]
 R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\as​wFsBlk.sys [2008-11-26 20560]
 R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\as​wMonFlt.sys [2008-11-26 51792]
 R3 Bulk;HDJBulk; C:\Windows\System32\Drivers\HD​JBulk.sys [2008-12-09 82432]
 R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GE​ARAspiWDM.sys [2008-04-17 15464]
 R3 HDJAsioK;HDJAsioK; C:\Windows\System32\Drivers\HD​JAsioK.sys [2008-12-09 132096]
 R3 HDJMidi;Hercules DJ Console Rmx MIDI; C:\Windows\system32\DRIVERS\HD​JMidi.sys [2008-12-05 96768]
 R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RT​KVHDA.sys [2008-07-03 2152088]
 R3 libusb0;LibUsb-Win32 - Kernel Driver 11/20/2005, 20051120; C:\Windows\system32\drivers\li​busb0.sys [2006-04-23 29184]
 R3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\lv​usbsta.sys [2005-01-31 22016]
 R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nv​lddmkm.sys [2008-10-07 7380896]
 R3 Ps2;PS2; C:\Windows\system32\DRIVERS\PS​2.sys [2005-12-12 19072]
 R3 RT73;D-Link USB Wireless LAN Card Driver; C:\Windows\system32\DRIVERS\Dr​71WU.sys [2007-05-11 329728]
 R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rt​lh86.sys [2007-10-03 99840]
 R3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\us​baudio.sys [2008-01-19 73088]
 R3 VBoxNetFlt;VBoxNetFlt Service; C:\Windows\system32\DRIVERS\VB​oxNetFlt.sys [2008-12-17 81360]
 R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WU​DFRd.sys [2008-01-19 83328]
 S3 a3hxf2iv;a3hxf2iv; C:\Windows\system32\drivers\a3​hxf2iv.sys []
 S3 ahmag63h;ahmag63h; C:\Windows\system32\drivers\ah​mag63h.sys []
 S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\dr​mkaud.sys [2008-01-19 5632]
 S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MS​KSSRV.sys [2008-01-19 8192]
 S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MS​PCLOCK.sys [2008-01-19 5888]
 S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MS​PQM.sys [2008-01-19 5504]
 S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MS​TEE.sys [2008-01-19 6016]
 S3 PID_0920;Logitech QuickCam Express(PID_0920); C:\Windows\system32\DRIVERS\LV​532AV.SYS [2005-01-31 163328]
 S3 s125bus;Sony Ericsson Device 125 driver (WDM); C:\Windows\system32\DRIVERS\s1​25bus.sys [2007-04-24 83336]
 S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ss​cdbus.sys [2008-02-22 87936]
 S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\ss​cdmdfl.sys [2008-02-22 14976]
 S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\ss​cdmdm.sys [2008-02-22 114304]
 S3 USBCamera;Icatch(IV) Still Camera Device; C:\Windows\System32\Drivers\Bu​lk533.sys [2002-07-25 10986]
 S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wp​dusb.sys [2008-01-19 39936]
 S3 XPADFL02;XPAD Filter Service 02; C:\Windows\system32\DRIVERS\xp​adfl02.sys [2006-12-24 27904]
 S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wm​iacpi.sys [2006-11-02 11264]

 ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawser​vice.exe [2008-08-04 611664]
 R2 Apache2.2;Apache2.2; c:\xampp\apache\bin\apache.exe [2007-12-21 17920]
 R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe [2008-11-07 132424]
 R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-11-26 18752]
 R2 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2008-08-04 79360]
 R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-11-26 155160]
 R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.ex​e [2008-08-29 238888]
 R2 HerculesDJControlMP3;Hercules DJ Control MP3; C:\Program Files\Hercules\Audio\DJ Console Series\HerculesDJControlMP3.EX​E [2007-11-21 17408]
 R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-09-19 65536]
 R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2008-06-02 354840]
 R2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1; C:\Windows\system32\libusbd-nt​.exe [2005-03-09 18944]
 R2 LightScribeService;LightScribe​Service Direct Disc Labeling Service; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-11-19 79136]
 R2 mysql;mysql; c:\xampp\mysql\bin\mysqld-nt.e​xe [2007-12-21 4653056]
 R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-10-07 203296]
 R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024]
 R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE​.exe [2007-05-28 275968]
 R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-11-26 254040]
 R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-11-26 352920]
 R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
 S2 mi-raysat_3dsMax2008_32;mental ray 3.6 Satellite for Autodesk 3ds Max 2008 32-bit 32-bit; C:\Program Files\Autodesk\3ds Max 2008\mentalray\satellite\raysa​t_3dsMax2008_32server.exe [2007-09-24 65536]
 S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.​exe [2008-11-17 655624]
 S3 GameConsoleService;GameConsole​Service; C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe [2007-07-24 181800]
 S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\​Intel 32\IDriverT.exe [2005-04-03 69632]
 S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditSer​vice.exe [2007-08-24 68464]
 S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
 S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
 S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2008-09-28 92656]

 -----------------EOF----------​-------
 




 Merci d'avance pour ton aide Bernard. ;)

 :salut:

La Mayenne-son calme -sa verdu
Profil : Equipe sécurité
  1. homepage
bernard53
Membre impliqué (de 20 000 à 29 999 messages postés) Helpeur confirmé Fan Club de Clic-Clic
  1. Posté le 24/02/2009 à 10:48:19  
  1. Prévenir les modérateurs en cas d'abus
 
:hello:  Baptiste787

 bon tu as bien fait de poster car tu as une infection.

 1-
 [:azerty39:1]  Téléchargez  de sUBs :
 http://www.techsupportforum.co [...] fector.exe
 Lancer Flash_Disinfector.exe

 [:fml:8] Si ton antivirus fait une alerte, désactive la protection pour pouvoir exécuter ce fichier.
 Ton infection est donc une infection qui se propage par disques amovibles (clefs USB, disque dur externe, carte flash etc..).Les disques amovibles que tu as insérés dans l'ordinateur quand celui-ci était infecté ont été infectés à leur tour.
 Le simple faite d'ouvrir le poste de travail et de double-cliquer sur ta clef USB/disque dur externe va réinfecter ton système .
 Tu trouveras un lien explicatif sur la propagation de ces infections sur ce lien :
 http://forum.malekal.com/ftopic3350.php
 Il te faut maintenant nettoyer tes clefs USB/disques dur externes , pour cela :
 SURTOUT ne pas double-cliquer sur le disque dans le poste de travail
 [:fml:8] Ouvre le poste de travail
 [:fml:8] Clic sur le menu outils en haut à droite puis options des dossiers
 [:fml:8] Dans la nouvelle fenêtre, clic sur l'onglet Affichage en haut
 [:fml:8] Coche dans la liste "Afficher les fichiers cachés"
 [:fml:8] Décoche "masquer les fichiers protéger du système d exploitations (recommandée)"
 [:fml:8] Tu vas recevoir un message qui te dit que cela peut endommager le système, n'en tiens pas compte.
 [:fml:8] Ouvre le poste de travail
 [:fml:8] Pour chaque disque dans le poste de travail : Fais un clic droit sur le disque dur - surtout ne double-clic pas dessus !!!
 [:fml:8] Choisis ouvrir dans le menu déroulant.
 [:fml:8] Cherche un fichier autorun.inf et des fichiers : Adober.exe ou RavMonE.exe ou MS32DLL.DLL.VBS ou autorun.vbs
 [:fml:8]  Si présents, supprimez le en faisant un clic droit puis supprimer.
 [:fml:8] Répétez l'opération sur tous les disques se trouvant dans le poste de travail


 2-remets moi après un nouveau rapport RSIT

 :salut:



 :edit
 nouveau lien  pour Flash_Disinfector.exe

 http://download.bleepingcomput [...] fector.exe

baptiste787
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 24/02/2009 à 11:23:12  
  1. Prévenir les modérateurs en cas d'abus
 
J'ai exécuté Flash disinfector, puis j'ai regardé comme tu as précisé s'il y avait des fichiers sur les disques, mais aucune trace de ces fichiers.

 Voici le rapport de RSIT :

 



Logfile of random's system information tool 1.05 (written by random/random)
 Run by Baptiste at 2009-02-24 11:21:36
 Microsoft® Windows Vista™ Édition Familiale Premium  Service Pack 1
 System drive C: has 36 GB (8%) free of 466 GB
 Total RAM: 3326 MB (53% free)

 Logfile of Trend Micro HijackThis v2.0.2
 Scan saved at 11:21:40, on 24/02/2009
 Platform: Windows Vista SP1 (WinNT 6.00.1905)
 MSIE: Internet Explorer v7.00 (7.00.6001.18000)
 Boot mode: Normal

 Running processes:
 C:\Windows\system32\Dwm.exe
 C:\Windows\system32\taskeng.ex​e
 C:\Program Files\Windows Defender\MSASCui.exe
 C:\Windows\RtHDVCpl.exe
 C:\Program Files\TortoiseSVN\bin\TSVNCach​e.exe
 C:\hp\support\hpsysdrv.exe
 C:\Program Files\Hewlett-Packard\On-Scree​n OSD Indicator\OSD.exe
 C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
 C:\Windows\system32\schtasks.e​xe
 C:\Program Files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe
 C:\Program Files\Alwil Software\Avast4\ashDisp.exe
 C:\Program Files\Common Files\Real\Update_OB\realsched​.exe
 C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
 C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.​exe
 C:\Program Files\iTunes\iTunesHelper.exe
 C:\Program Files\Java\jre6\bin\jusched.ex​e
 C:\Program Files\CyberLink\PowerDVD8\PDVD​8Serv.exe
 C:\Windows\System32\rundll32.e​xe
 C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe
 C:\Program Files\Windows Sidebar\sidebar.exe
 C:\Users\Baptiste\AppData\Loca​l\Google\Update\GoogleUpdate.e​xe
 C:\Program Files\Windows Live\Messenger\msnmsgr.exe
 C:\Program Files\Windows Media Player\wmpnscfg.exe
 C:\Users\Baptiste\AppData\Roam​ing\Microsoft\Live Search\Notification-LiveSearch​.exe
 C:\Users\Baptiste\AppData\Roam​ing\Microsoft\Live Search\Mise-a-jour-LiveSearch.​exe
 C:\Program Files\Windows Live\Contacts\wlcomm.exe
 C:\hp\kbd\kbd.exe
 C:\Program Files\Mozilla Firefox\firefox.exe
 C:\Program Files\Windows Media Player\wmplayer.exe
 C:\Windows\system32\conime.exe
 C:\Windows\Explorer.exe
 C:\Windows\system32\taskeng.ex​e
 C:\Windows\system32\SearchFilt​erHost.exe
 C:\Users\Baptiste\Desktop\RSIT​.exe
 C:\Program Files\trend micro\Baptiste.exe

 R1 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://fr.msn.com/
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/ [...] pf=desktop
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Search_U​RL = http://go.microsoft.com/fwlink/?LinkId=54896
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/ [...] pf=desktop
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,SearchAssistan​t =
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,CustomizeSearc​h =
 R1 - HKCU\Software\Microsoft\Window​s\CurrentVersion\Internet Settings,ProxyOverride = *.local
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Toolbar,LinksFolderNa​me =
 O1 - Hosts: ::1 localhost
 O1 - Hosts: 65.54.239.80 messenger.hotmail.com
 O1 - Hosts: 65.54.239.80 dp.msnmessenger.akadns.net
 O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7​D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\Ac​roIEHelper.dll
 O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988​571CECB} - (no file)
 O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC​4DFA408} - (no file)
 O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628​F01010C} - (no file)
 O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1​D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExt​ensions.dll
 O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF​1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
 O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C​1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
 O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09​D4B49CA} - (no file)
 O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
 O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
 O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
 O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
 O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Scree​n OSD Indicator\OSD.exe"
 O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Pac​kard\HP Health Check\HPHC_Scheduler.exe
 O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe​"
 O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
 O4 - HKLM\..\Run: [D-Link D-Link Wireless G DWA-110] C:\Program Files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe
 O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\as​hDisp.exe
 O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
 O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched​.exe"  -osboot
 O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
 O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.​exe
 O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
 O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.​exe"
 O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\​CS4ServiceManager.exe" -launchedbylogin
 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
 O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
 O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.ex​e"
 O4 - HKLM\..\Run: [RemoteControl8] "C:\Program Files\CyberLink\PowerDVD8\PDVD​8Serv.exe"
 O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD8\Lang​uage\Language.exe"
 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,​NvStartup
 O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.d​ll,NvTaskbarInit
 O4 - HKLM\..\Run: [Hercules DJ Series] C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe /boot
 O4 - HKCU\..\Run: [Sidebar] C:\Program Files\windows sidebar\sidebar.exe /autoRun
 O4 - HKCU\..\Run: [Google Update] "C:\Users\Baptiste\AppData\Loc​al\Google\Update\GoogleUpdate.​exe" /c
 O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
 O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
 O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
 O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
 O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
 O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
 O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
 O4 - Startup: Enregistrement de FIFA 09.lnk = C:\Program Files\EA Sports\FIFA 09\Support\EAregister.exe
 O4 - Startup: Outil de notification Live Search.lnk = Baptiste\AppData\Roaming\Micro​soft\Live Search\Notification-LiveSearch​.exe
 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Off​ice12\EXCEL.EXE/3000
 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663E​E0C6C49} - C:\PROGRA~1\MICROS~3\Office12\​ONBttnIE.dll
 O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663E​E0C6C49} - C:\PROGRA~1\MICROS~3\Office12\​ONBttnIE.dll
 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C5​71A8263} - C:\PROGRA~1\MICROS~3\Office12\​REFIEBAR.DLL
 O13 - Gopher Prefix:
 O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw [...] ontrol.cab
 O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F2​1721616} (DivXBrowserPlugin Object) - http://download.divx.com/playe [...] Plugin.cab
 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46​475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/ [...] b56907.cab
 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB62​48B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemSe​rvices.dll
 O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawser​vice.exe
 O23 - Service: Apache2.2 - Apache Software Foundation - c:\xampp\apache\bin\apache.exe
 O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe
 O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
 O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
 O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
 O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
 O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
 O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.ex​e
 O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.​exe
 O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
 O23 - Service: Hercules DJ Control MP3 (HerculesDJControlMP3) - Unknown owner - C:\Program Files\Hercules\Audio\DJ Console Series\HerculesDJControlMP3.EX​E
 O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
 O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
 O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\​Intel 32\IDriverT.exe
 O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
 O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - http://libusb-win32.sourceforge.net - C:\Windows\system32\libusbd-nt​.exe
 O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
 O23 - Service: mental ray 3.6 Satellite for Autodesk 3ds Max 2008 32-bit 32-bit (mi-raysat_3dsMax2008_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2008\mentalray\satellite\raysa​t_3dsMax2008_32server.exe
 O23 - Service: mysql - Unknown owner - c:\xampp\mysql\bin\mysqld-nt.e​xe
 O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
 O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
 O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE​.exe
 O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

 --
 End of file - 11813 bytes

 ======Scheduled tasks folder======

 C:\Windows\tasks\GoogleUpdateT​askUserS-1-5-21-1935174570-274​1598601-364209801-1000.job

 ======Registry dump======

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
 Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\Ac​roIEHelper.dll [2006-10-22 62080]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
 Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExt​ensions.dll [2007-08-24 2212224]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
 Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-10 320920]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
 Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
 Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-10 34816]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Internet Explorer\Toolbar]
 {7FEBEFE3-6B19-4349-98D2-FFB09​D4B49CA}

 [HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Run]
 "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
 "RtHDVCpl"=C:\Windows\RtHDVCpl​.exe [2008-07-03 6266880]
 "hpsysdrv"=c:\hp\support\hpsys​drv.exe [2007-04-18 65536]
 "KBD"=C:\HP\KBD\KbdStub.EXE [2006-12-08 65536]
 "OsdMaestro"=C:\Program Files\Hewlett-Packard\On-Scree​n OSD Indicator\OSD.exe [2007-02-15 118784]
 "HP Health Check Scheduler"=[ProgramFilesFolder]Hewlett-Pac​kard\HP Health Check\HPHC_Scheduler.exe []
 "SunJavaUpdateReg"=C:\Windows\​system32\jureg.exe [2007-04-07 54936]
 ""= []
 "ANIWZCS2Service"=C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe [2007-01-19 49152]
 "D-Link D-Link Wireless G DWA-110"=C:\Program Files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe [2007-05-04 1662976]
 "avast!"=C:\PROGRA~1\ALWILS~1\​Avast4\ashDisp.exe [2008-11-26 81000]
 "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
 "TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched​.exe [2008-08-08 185896]
 "IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2008-06-02 178712]
 "AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.​exe [2008-10-01 111936]
 "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
 "GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.​exe [2007-08-24 33648]
 "AdobeCS4ServiceManager"=C:\Pr​ogram Files\Common Files\Adobe\CS4ServiceManager\​CS4ServiceManager.exe [2008-08-14 611712]
 "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-11-04 413696]
 "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]
 "SunJavaUpdateSched"=C:\Progra​m Files\Java\jre6\bin\jusched.ex​e [2008-11-10 136600]
 "RemoteControl8"=C:\Program Files\CyberLink\PowerDVD8\PDVD​8Serv.exe [2008-03-20 83240]
 "PDVD8LanguageShortcut"=C:\Pro​gram Files\CyberLink\PowerDVD8\Lang​uage\Language.exe [2007-12-14 50472]
 "NvCplDaemon"=C:\Windows\syste​m32\NvCpl.dll [2008-10-07 13584928]
 "NvMediaCenter"=C:\Windows\sys​tem32\NvMcTray.dll [2008-10-07 92704]
 "Hercules DJ Series"=C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe [2008-12-08 484648]

 [HKEY_CURRENT_USER\Software\Mic​rosoft\Windows\CurrentVersion\​Run]
 "Sidebar"=C:\Program Files\windows sidebar\sidebar.exe [2008-01-19 1233920]
 "Google Update"=C:\Users\Baptiste\AppD​ata\Local\Google\Update\Google​Update.exe [2008-09-03 133104]
 "AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2008-03-20 217544]
 "EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe [2009-01-09 3321856]
 "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
 "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

 C:\Users\Baptiste\AppData\Roam​ing\Microsoft\Windows\Start Menu\Programs\Startup
 Enregistrement de FIFA 09.lnk - C:\Program Files\EA Sports\FIFA 09\Support\EAregister.exe
 Outil de notification Live Search.lnk - C:\Users\Baptiste\AppData\Roam​ing\Microsoft\Live Search\Notification-LiveSearch​.exe

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\ShellExecuteHooks]
 "{B5A7F190-DDA6-4420-B3BA-5245​3494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExt​ensions.dll [2007-08-24 2212224]

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\aawservice]

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\network\aawservice]

 [HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Policies\System]
 "dontdisplaylastusername"=0
 "legalnoticecaption"=
 "legalnoticetext"=
 "shutdownwithoutlogon"=1
 "undockwithoutlogon"=1
 "EnableUIADesktopToggle"=0

 [HKEY_CURRENT_USER\Software\Mic​rosoft\Windows\CurrentVersion\​Policies\explorer]
 "NoDriveAutoRun"=FFFFFFFF
 "NoDriveTypeAutoRun"=36

 [HKEY_LOCAL_MACHINE\system\curr​entcontrolset\services\shareda​ccess\parameters\firewallpolic​y\standardprofile\authorizedap​plications\list]

 [HKEY_LOCAL_MACHINE\system\curr​entcontrolset\services\shareda​ccess\parameters\firewallpolic​y\domainprofile\authorizedappl​ications\list]

 [HKEY_CURRENT_USER\software\mic​rosoft\windows\currentversion\​explorer\mountpoints2\{9cf5010​a-7996-11dd-9951-001fc60f5fe1}​]
 shell\AutoRun\command - J:\setup.exe

 [HKEY_CURRENT_USER\software\mic​rosoft\windows\currentversion\​explorer\mountpoints2\{a981103​f-dcac-11dd-b24c-001fc60f5fe1}​]
 shell\Auto\command - L:\AdobeR.exe e
 shell\AutoRun\command - C:\Windows\system32\RunDLL32.E​XE Shell32.DLL,ShellExec_RunDLL L:\AdobeR.exe e


 ======File associations======

 .js - edit -
 .js - open -
 .reg - open - "regedit.exe" "%1"
 .txt - open -

 ======List of files/folders created in the last 1 months======

 2009-02-24 11:11:50 ----RASHD---- C:\autorun.inf
 2009-02-23 00:41:01 ----D---- C:\ProgramData\Messenger Plus!
 2009-02-22 14:39:11 ----D---- C:\Program Files\Microsoft
 2009-02-22 14:33:49 ----SHD---- C:\Config.Msi
 2009-02-14 01:03:50 ----A---- C:\Windows\system32\WNASPINT.D​LL
 2009-02-14 00:55:26 ----D---- C:\eJay
 2009-02-13 23:00:35 ----D---- C:\Program Files\ASIO4ALL v2
 2009-02-13 22:59:56 ----D---- C:\Program Files\Outsim
 2009-02-13 22:58:22 ----D---- C:\Program Files\Image-Line
 2009-02-13 20:28:40 ----D---- C:\ProgramData\Propellerhead Software
 2009-02-13 20:28:40 ----A---- C:\Windows\system32\REX Shared Library.dll
 2009-02-13 20:28:40 ----A---- C:\Windows\system32\ReWire.dll
 2009-02-13 20:28:34 ----D---- C:\Users\Baptiste\AppData\Roam​ing\Propellerhead Software
 2009-02-13 20:27:29 ----D---- C:\Program Files\Propellerhead
 2009-02-13 19:58:09 ----D---- C:\Users\Baptiste\AppData\Roam​ing\DivX
 2009-02-13 19:56:54 ----A---- C:\Windows\system32\rmbe3260.d​ll
 2009-02-13 19:56:54 ----A---- C:\Windows\system32\ra32sipr.d​ll
 2009-02-13 19:56:54 ----A---- C:\Windows\system32\ra32dnet.d​ll
 2009-02-13 19:56:54 ----A---- C:\Windows\system32\ra3228_8.d​ll
 2009-02-13 19:56:53 ----A---- C:\Windows\system32\ra3214_4.d​ll
 2009-02-13 19:56:53 ----A---- C:\Windows\system32\pngu3263.d​ll
 2009-02-13 19:56:53 ----A---- C:\Windows\system32\pneng50.dl​l
 2009-02-13 19:56:53 ----A---- C:\Windows\system32\pnc3250.dl​l
 2009-02-13 19:56:53 ----A---- C:\Windows\system32\msvcr70.dl​l
 2009-02-13 19:56:53 ----A---- C:\Windows\system32\msvcp70.dl​l
 2009-02-13 19:56:53 ----A---- C:\Windows\system32\encdnet.dl​l
 2009-02-13 19:56:53 ----A---- C:\Windows\system32\decdnet.dl​l
 2009-02-13 19:53:55 ----A---- C:\Windows\system32\Synsopos.e​xe
 2009-02-13 19:53:51 ----A---- C:\Windows\system32\SynsoLChk.​dll
 2009-02-13 19:53:51 ----A---- C:\Windows\system32\SYNSOACC.d​ll
 2009-02-13 19:53:50 ----D---- C:\Program Files\Syncrosoft
 2009-02-13 19:39:30 ----D---- C:\Users\Baptiste\AppData\Roam​ing\Steinberg
 2009-02-13 19:39:30 ----D---- C:\Program Files\Steinberg
 2009-02-11 18:24:54 ----A---- C:\Windows\system32\EncDec.dll
 2009-02-11 18:24:51 ----A---- C:\Windows\system32\psisdecd.d​ll
 2009-02-11 15:16:09 ----A---- C:\Windows\system32\mshtml.dll
 2009-02-11 15:16:07 ----A---- C:\Windows\system32\ieframe.dl​l
 2009-02-11 15:16:06 ----A---- C:\Windows\system32\urlmon.dll
 2009-02-11 15:16:04 ----A---- C:\Windows\system32\wininet.dl​l
 2009-02-11 15:16:04 ----A---- C:\Windows\system32\msfeeds.dl​l
 2009-02-11 15:16:03 ----A---- C:\Windows\system32\mstime.dll
 2009-02-11 15:16:03 ----A---- C:\Windows\system32\iertutil.d​ll
 2009-02-11 15:16:02 ----A---- C:\Windows\system32\jsproxy.dl​l
 2009-02-06 18:52:40 ----A---- C:\Windows\system32\sirenacm.d​ll
 2009-02-04 20:05:49 ----A---- C:\Windows\system32\devil.dll
 2009-02-04 20:05:49 ----A---- C:\Windows\system32\avisynth.d​ll
 2009-02-04 20:05:48 ----A---- C:\Windows\system32\yv12vfw.dl​l
 2009-02-04 20:05:48 ----A---- C:\Windows\system32\i420vfw.dl​l
 2009-02-04 20:05:48 ----A---- C:\Windows\system32\AVSredirec​t.dll
 2009-02-04 20:05:47 ----D---- C:\Program Files\AviSynth 2.5
 2009-02-04 20:05:38 ----RSH---- C:\Windows\system32\nbDX.dll
 2009-02-04 20:05:38 ----RSH---- C:\Windows\system32\msfDX.dll
 2009-02-04 20:05:38 ----RSH---- C:\Windows\system32\flvDX.dll
 2009-02-04 20:05:30 ----D---- C:\Program Files\eRightSoft
 2009-02-01 21:41:18 ----D---- C:\Program Files\Common Files\PX Storage Engine
 2009-02-01 20:40:15 ----D---- C:\Program Files\Cheat Engine55
 2009-01-30 12:43:02 ----D---- C:\Program Files\DivX
 2009-01-26 20:42:24 ----D---- C:\Program Files\Windows Live Safety Center

 ======List of files/folders modified in the last 1 months======

 2009-02-24 11:21:39 ----D---- C:\Program Files\trend micro
 2009-02-24 11:21:35 ----D---- C:\Windows\Temp
 2009-02-24 11:18:07 ----D---- C:\Windows\System32
 2009-02-24 11:18:07 ----D---- C:\Windows\inf
 2009-02-24 11:18:07 ----A---- C:\Windows\system32\PerfString​Backup.INI
 2009-02-24 11:10:54 ----D---- C:\Windows\Prefetch
 2009-02-24 09:44:24 ----SHD---- C:\System Volume Information
 2009-02-24 09:40:10 ----D---- C:\Windows\system32\drivers
 2009-02-23 13:13:47 ----D---- C:\Windows\tracing
 2009-02-23 11:53:31 ----D---- C:\Users\Baptiste\AppData\Roam​ing\FileZilla
 2009-02-23 11:46:40 ----RD---- C:\Program Files
 2009-02-23 00:41:01 ----HD---- C:\ProgramData
 2009-02-23 00:28:16 ----D---- C:\downloads
 2009-02-23 00:16:10 ----D---- C:\Users\Baptiste\AppData\Roam​ing\LimeWire
 2009-02-22 14:51:08 ----D---- C:\Program Files\Messenger Plus! Live
 2009-02-22 14:39:29 ----SHD---- C:\Windows\Installer
 2009-02-22 14:39:07 ----D---- C:\Program Files\Windows Live
 2009-02-14 12:37:38 ----D---- C:\Windows
 2009-02-14 00:55:24 ----HD---- C:\Program Files\InstallShield Installation Information
 2009-02-14 00:53:19 ----D---- C:\Program Files\Dofus
 2009-02-14 00:48:36 ----D---- C:\Users\Baptiste\AppData\Roam​ing\Azureus
 2009-02-13 19:56:53 ----RSD---- C:\Windows\Fonts
 2009-02-13 13:22:39 ----D---- C:\Program Files\Common Files\microsoft shared
 2009-02-12 19:01:02 ----D---- C:\Windows\Tasks
 2009-02-12 11:57:25 ----D---- C:\Windows\winsxs
 2009-02-12 07:56:17 ----RSD---- C:\Windows\assembly
 2009-02-12 07:56:17 ----D---- C:\Windows\Microsoft.NET
 2009-02-12 07:48:43 ----D---- C:\Windows\system32\catroot
 2009-02-12 07:48:31 ----D---- C:\Windows\system32\catroot2
 2009-02-11 22:59:10 ----D---- C:\Windows\ehome
 2009-02-11 22:59:10 ----D---- C:\Program Files\Windows Mail
 2009-02-11 18:28:48 ----D---- C:\ProgramData\Microsoft Help
 2009-02-08 12:46:11 ----D---- C:\ProgramData\Electronic Arts
 2009-02-08 00:04:03 ----D---- C:\Program Files\Vuze
 2009-02-06 17:03:09 ----D---- C:\Program Files\Mozilla Firefox
 2009-02-05 20:49:41 ----D---- C:\Users\Baptiste\AppData\Roam​ing\dvdcss
 2009-02-04 00:21:12 ----A---- C:\Windows\system32\mrt.exe
 2009-02-01 21:41:18 ----D---- C:\Program Files\Common Files
 2009-01-30 12:43:12 ----SD---- C:\Windows\Downloaded Program Files

 ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 R1 aswRdr;aswRdr; C:\Windows\system32\drivers\as​wRdr.sys [2008-11-26 23152]
 R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\as​wSP.sys [2008-11-26 111184]
 R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\as​wTdi.sys [2008-11-26 50864]
 R1 StarOpen;StarOpen; C:\Windows\system32\drivers\St​arOpen.sys [2008-12-06 5632]
 R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VB​oxDrv.sys [2008-12-17 100368]
 R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VB​oxUSBMon.sys [2008-12-17 41680]
 R2 acedrv11;acedrv11; \??\C:\Windows\system32\driver​s\acedrv11.sys [2008-07-30 277736]
 R2 adfs;adfs; C:\Windows\system32\drivers\ad​fs.sys [2008-08-14 74720]
 R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\as​wFsBlk.sys [2008-11-26 20560]
 R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\as​wMonFlt.sys [2008-11-26 51792]
 R3 Bulk;HDJBulk; C:\Windows\System32\Drivers\HD​JBulk.sys [2008-12-09 82432]
 R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GE​ARAspiWDM.sys [2008-04-17 15464]
 R3 HDJAsioK;HDJAsioK; C:\Windows\System32\Drivers\HD​JAsioK.sys [2008-12-09 132096]
 R3 HDJMidi;Hercules DJ Console Rmx MIDI; C:\Windows\system32\DRIVERS\HD​JMidi.sys [2008-12-05 96768]
 R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RT​KVHDA.sys [2008-07-03 2152088]
 R3 libusb0;LibUsb-Win32 - Kernel Driver 11/20/2005, 20051120; C:\Windows\system32\drivers\li​busb0.sys [2006-04-23 29184]
 R3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\lv​usbsta.sys [2005-01-31 22016]
 R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nv​lddmkm.sys [2008-10-07 7380896]
 R3 Ps2;PS2; C:\Windows\system32\DRIVERS\PS​2.sys [2005-12-12 19072]
 R3 RT73;D-Link USB Wireless LAN Card Driver; C:\Windows\system32\DRIVERS\Dr​71WU.sys [2007-05-11 329728]
 R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rt​lh86.sys [2007-10-03 99840]
 R3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\us​baudio.sys [2008-01-19 73088]
 R3 VBoxNetFlt;VBoxNetFlt Service; C:\Windows\system32\DRIVERS\VB​oxNetFlt.sys [2008-12-17 81360]
 R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WU​DFRd.sys [2008-01-19 83328]
 S3 a3hxf2iv;a3hxf2iv; C:\Windows\system32\drivers\a3​hxf2iv.sys []
 S3 ahmag63h;ahmag63h; C:\Windows\system32\drivers\ah​mag63h.sys []
 S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\dr​mkaud.sys [2008-01-19 5632]
 S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MS​KSSRV.sys [2008-01-19 8192]
 S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MS​PCLOCK.sys [2008-01-19 5888]
 S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MS​PQM.sys [2008-01-19 5504]
 S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MS​TEE.sys [2008-01-19 6016]
 S3 PID_0920;Logitech QuickCam Express(PID_0920); C:\Windows\system32\DRIVERS\LV​532AV.SYS [2005-01-31 163328]
 S3 s125bus;Sony Ericsson Device 125 driver (WDM); C:\Windows\system32\DRIVERS\s1​25bus.sys [2007-04-24 83336]
 S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ss​cdbus.sys [2008-02-22 87936]
 S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\ss​cdmdfl.sys [2008-02-22 14976]
 S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\ss​cdmdm.sys [2008-02-22 114304]
 S3 USBCamera;Icatch(IV) Still Camera Device; C:\Windows\System32\Drivers\Bu​lk533.sys [2002-07-25 10986]
 S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wp​dusb.sys [2008-01-19 39936]
 S3 XPADFL02;XPAD Filter Service 02; C:\Windows\system32\DRIVERS\xp​adfl02.sys [2006-12-24 27904]
 S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wm​iacpi.sys [2006-11-02 11264]

 ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawser​vice.exe [2008-08-04 611664]
 R2 Apache2.2;Apache2.2; c:\xampp\apache\bin\apache.exe [2007-12-21 17920]
 R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe [2008-11-07 132424]
 R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-11-26 18752]
 R2 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2008-08-04 79360]
 R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-11-26 155160]
 R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.ex​e [2008-08-29 238888]
 R2 HerculesDJControlMP3;Hercules DJ Control MP3; C:\Program Files\Hercules\Audio\DJ Console Series\HerculesDJControlMP3.EX​E [2007-11-21 17408]
 R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-09-19 65536]
 R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2008-06-02 354840]
 R2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1; C:\Windows\system32\libusbd-nt​.exe [2005-03-09 18944]
 R2 LightScribeService;LightScribe​Service Direct Disc Labeling Service; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-11-19 79136]
 R2 mysql;mysql; c:\xampp\mysql\bin\mysqld-nt.e​xe [2007-12-21 4653056]
 R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-10-07 203296]
 R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024]
 R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE​.exe [2007-05-28 275968]
 R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-11-26 254040]
 R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-11-26 352920]
 R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
 S2 mi-raysat_3dsMax2008_32;mental ray 3.6 Satellite for Autodesk 3ds Max 2008 32-bit 32-bit; C:\Program Files\Autodesk\3ds Max 2008\mentalray\satellite\raysa​t_3dsMax2008_32server.exe [2007-09-24 65536]
 S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.​exe [2008-11-17 655624]
 S3 GameConsoleService;GameConsole​Service; C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe [2007-07-24 181800]
 S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\​Intel 32\IDriverT.exe [2005-04-03 69632]
 S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditSer​vice.exe [2007-08-24 68464]
 S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
 S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
 S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2008-09-28 92656]

 -----------------EOF----------​-------
 


La Mayenne-son calme -sa verdu
Profil : Equipe sécurité
  1. homepage
bernard53
Membre impliqué (de 20 000 à 29 999 messages postés) Helpeur confirmé Fan Club de Clic-Clic
  1. Posté le 24/02/2009 à 11:45:14  
  1. Prévenir les modérateurs en cas d'abus
 
Ceci à suivre.

 Télécharge >>OTMoveIt3<< (de Old_Timer) sur ton Bureau.

 [:fml:8]Pour VISTA : Clic-droit  et choisis   "Exécuter en tant qu'administrateur".

 [:fml:8] AVAST reconnait ce logiciel comme un intrus, donc le désactiver le temps des manipulations.

 Double-clique sur OTMoveIt3.exe pour le lancer.  http://nsm01.casimages.com/img​/2008/10/30//08103010210460772​683183.jpg

 Copie la liste qui se trouve en citation ci-dessous:
 



 




 :Reg
 [-HKEY_CURRENT_USER\software\mi​crosoft\windows\currentversion​\explorer\mountpoints2\{a98110​3f-dcac-11dd-b24c-001fc60f5fe1​}]



 :Files
 :Commands
 [purity]
 [emptytemp]

 [Reboot]
 



 et colle-la dans le cadre de gauche de OTMoveIt3 http://nsa03.casimages.com/img​/2008/10/31/081031041309719656​.png
 http://nsm01.casimages.com/img​/2008/10/30//08103010214460772​683206.jpg


 Clique sur http://nsa03.casimages.com/img​/2008/10/31/081031041550426873​.png pour lancer la suppression.
 attendre la fin du travail de l'outil puis fermer OTMoveIt3.

 Le résultat apparaitra dans le cadre Results.
 Clique sur Exit pour fermer.
 Poste le rapport situé dans C:\_OTMoveIt\MovedFiles\*******_******.log


 NB: Il te sera peut-être demandé de redémarrer le pc pour achever la suppression.
 si c'est le cas accepte par Oui/Yes.


 ensuite ceci dont j'ai un doute.

 Vas sur le site http://virusscan.jotti.org/
 - Clic en haut à droite sur "Parcourir", navigue dans les dossiers et sélectionne ce fichier :

 



 
 C:\Windows\system32\drivers\adfs.sys
 



 - Clic sur submit toujours en haut à droite
 - Le scan va se lancer, ça va prendre un petit instant
 - En bas, tu as le résultat du scan, copie/colle le résultat complet du scan ici –
 [:fml:8] ATTENTION de bien prendre le résultat du scan de ton fichier (le nom du fichier apparaît en haut) et non le scan fait avant le tiens!
 Aide : http://www.malekal.com/scan_Av [...] ocId662799


 ET ceci::

 Télécharge GenProc de (Narco4 & jean-chretien1) sur ton Bureau.
 Dé zippe le dossier: clic droit dessus > Extraire ici ou Tout Extrait .
 Ouvre le dossier jaune GenProc sur ton Bureau >

 Double-clique sur GenProc.bat : jeanchreti​en1-3
 [:fml:8]Pour VISTA : [:fml:8]
 Fais un Clic-droit sur  GenProc.bat  et choisis   "Exécuter en tant qu'administrateur".

  Suis les instructions ...
 Poste ici le rapport qui sera généré.
 Le rapport va s'ouvrir sur ton bureau. Si cela n'est pas le cas clique sur cet icône présent sur ton bureau.  http://nsa03.casimages.com/img​/2008/11/17/081117080236440364​.jpg

 Téléchargement :
 http://www.alt-shift-return.or [...] enProc.zip

 TUTO: Genproc

 :salut:

baptiste787
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 24/02/2009 à 12:23:34  
  1. Prévenir les modérateurs en cas d'abus
 
Rapport de OTMoveIT3 :

 



========== REGISTRY ==========
 Registry key HKEY_CURRENT_USER\software\mic​rosoft\windows\currentversion\​explorer\mountpoints2\{a981103​f-dcac-11dd-b24c-001fc60f5fe1}​\\ not found.
 ========== FILES ==========
 ========== COMMANDS ==========
 File delete failed. C:\Users\Baptiste\AppData\Loca​l\Temp\etilqs_LhByeOfgmWT6Milw​Qmcw scheduled to be deleted on reboot.
 User's Temp folder emptied.
 User's Temporary Internet Files folder emptied.
 User's Internet Explorer cache folder emptied.
 Local Service Temp folder emptied.
 Local Service Temporary Internet Files folder emptied.
 File delete failed. C:\Windows\temp\_avast4_\Websh​lock.txt scheduled to be deleted on reboot.
 Windows Temp folder emptied.
 File delete failed. C:\Users\Baptiste\AppData\Loca​l\Mozilla\Firefox\Profiles\ww0​fv9tm.default\Cache\_CACHE_001​_ scheduled to be deleted on reboot.
 File delete failed. C:\Users\Baptiste\AppData\Loca​l\Mozilla\Firefox\Profiles\ww0​fv9tm.default\Cache\_CACHE_002​_ scheduled to be deleted on reboot.
 File delete failed. C:\Users\Baptiste\AppData\Loca​l\Mozilla\Firefox\Profiles\ww0​fv9tm.default\Cache\_CACHE_003​_ scheduled to be deleted on reboot.
 File delete failed. C:\Users\Baptiste\AppData\Loca​l\Mozilla\Firefox\Profiles\ww0​fv9tm.default\Cache\_CACHE_MAP​_ scheduled to be deleted on reboot.
 File delete failed. C:\Users\Baptiste\AppData\Loca​l\Mozilla\Firefox\Profiles\ww0​fv9tm.default\urlclassifier3.s​qlite scheduled to be deleted on reboot.
 File delete failed. C:\Users\Baptiste\AppData\Loca​l\Mozilla\Firefox\Profiles\ww0​fv9tm.default\XUL.mfl scheduled to be deleted on reboot.
 FireFox cache emptied.
 Temp folders emptied.
 
 OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 02242009_114723

 Files moved on Reboot...
 File C:\Users\Baptiste\AppData\Loca​l\Temp\etilqs_LhByeOfgmWT6Milw​Qmcw not found!
 File move failed. C:\Windows\temp\_avast4_\Websh​lock.txt scheduled to be moved on reboot.
 C:\Users\Baptiste\AppData\Loca​l\Mozilla\Firefox\Profiles\ww0​fv9tm.default\Cache\_CACHE_001​_ moved successfully.
 C:\Users\Baptiste\AppData\Loca​l\Mozilla\Firefox\Profiles\ww0​fv9tm.default\Cache\_CACHE_002​_ moved successfully.
 C:\Users\Baptiste\AppData\Loca​l\Mozilla\Firefox\Profiles\ww0​fv9tm.default\Cache\_CACHE_003​_ moved successfully.
 C:\Users\Baptiste\AppData\Loca​l\Mozilla\Firefox\Profiles\ww0​fv9tm.default\Cache\_CACHE_MAP​_ moved successfully.
 C:\Users\Baptiste\AppData\Loca​l\Mozilla\Firefox\Profiles\ww0​fv9tm.default\urlclassifier3.s​qlite moved successfully.
 C:\Users\Baptiste\AppData\Loca​l\Mozilla\Firefox\Profiles\ww0​fv9tm.default\XUL.mfl moved successfully.
 




 Le fichier adfs.sys :

 A-Squared    
 Found nothing
 AntiVir  
 Found nothing
 ArcaVir  
 Found nothing
 Avast  
 Found nothing
 AVG Antivirus  
 Found nothing
 BitDefender  
 Found nothing
 ClamAV  
 Found nothing
 CPsecure  
 Found nothing
 Dr.Web  
 Found nothing
 F-Prot Antivirus  
 Found nothing
 F-Secure Anti-Virus  
 Found nothing
 Ikarus  
 Found nothing
 Kaspersky Anti-Virus  
 Found nothing
 NOD32  
 Found nothing
 Norman Virus Control  
 Found nothing
 Panda Antivirus  
 Found nothing
 Sophos Antivirus  
 Found nothing
 VirusBuster  
 Found nothing
 VBA32  
 Found nothing

 Pour GenProc, j'ai essayé plusieurs fois mais j'ai toujours la même erreur indiquée dans le tuto...

La Mayenne-son calme -sa verdu
Profil : Equipe sécurité
  1. homepage
bernard53
Membre impliqué (de 20 000 à 29 999 messages postés) Helpeur confirmé Fan Club de Clic-Clic
  1. Posté le 24/02/2009 à 12:43:54  
  1. Prévenir les modérateurs en cas d'abus
 
Tu as bien lancer Genproc " en tant Administrateur"!!

 Sinon fait un scan en ligne ici.

 http://www.kaspersky.com/virusscanner


 ou la::

 Poste un rapport Nod32 http://www.eset-nod32.fr/scanner.html (il faut utiliser Internet Explorer)
 - coche toutes les cases à chaque fois, et lorsque c'est terminé, colle le rapport :
 - C:\Program Files\EsetOnlineScanner\log.tx​t

 :salut:

baptiste787
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 04/03/2009 à 13:23:57  
  1. Prévenir les modérateurs en cas d'abus
 
J'avais bien lancé Genproc en tant qu'administrateur !

 Pour kaspersky il ne trouve rien du tout.

 Pour Nod32, je n'ai pas de fichier log.txt, seulement un fichier debuglog.txt.

La Mayenne-son calme -sa verdu
Profil : Equipe sécurité
  1. homepage
bernard53
Membre impliqué (de 20 000 à 29 999 messages postés) Helpeur confirmé Fan Club de Clic-Clic
  1. Posté le 04/03/2009 à 14:38:40  
  1. Prévenir les modérateurs en cas d'abus
 
:hello:

 OK le pc est propre.  :bien:

 quand est il de ton erreur. :chepa:

 :salut:

baptiste787
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 04/03/2009 à 14:40:40  
  1. Prévenir les modérateurs en cas d'abus
 
Par contre lors du test Nod32, il était affiché "2 threads found".

La Mayenne-son calme -sa verdu
Profil : Equipe sécurité
  1. homepage
bernard53
Membre impliqué (de 20 000 à 29 999 messages postés) Helpeur confirmé Fan Club de Clic-Clic
  1. Posté le 04/03/2009 à 15:10:03  
  1. Prévenir les modérateurs en cas d'abus
 

Baptiste787 a écrit :

Par contre lors du test Nod32, il était affiché "2 threads found".
 




 Tu peux me mettre le rapport s.t.p

baptiste787
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 04/03/2009 à 19:16:26  
  1. Prévenir les modérateurs en cas d'abus
 
Je n'ai que le fichier debuglog.txt qui contient ceci :

 # vers_standard_module=3884 (20090224)
 # vers_arch_module=1.064 (20080214)
 # vers_adv_heur_module=1.066 (20070917)

La Mayenne-son calme -sa verdu
Profil : Equipe sécurité
  1. homepage
bernard53
Membre impliqué (de 20 000 à 29 999 messages postés) Helpeur confirmé Fan Club de Clic-Clic
  1. Posté le 04/03/2009 à 19:50:46  
  1. Prévenir les modérateurs en cas d'abus
 
:hello:

 tu dois avoir fait une erreur de manip, tu as bien fait ceci pour Nod32: :chepa:

 "coche toutes les cases à chaque fois, et lorsque c'est terminé, colle le rapport"

 

kaguimama
  1. Posté le 06/09/2013 à 15:37:03  
  1. Prévenir les modérateurs en cas d'abus
 
Message inutile ...
Message édité par secwineman le 06/09/2013 à 16:42:26
  1. config
secwineman
Assidu (de 10 000 à 19 999 messages postés)
  1. Posté le 06/09/2013 à 16:42:37  
  1. Prévenir les modérateurs en cas d'abus
 
Ce sujet a été fermé par Secwineman


---------------
Consulter mon profil LinkedIn
Legtux, hébergeur indépendant gratuit : sites web, mails, fichiers
 Page :
1

Aller à :
 

Sujets relatifs
groupe contact windows mail afficher l'explorateur sous xp
menu Fichier de explorateur windows fait plantage configuration de l'explorateur de windows
comment faire fonctionner son plasma avec le pc ? Parefeu installer , beugue sans cesse
Cherche logiciel explorateur de site  
Plus de sujets relatifs à : Explorateur windows a cessé de fonctionner

Les 5 sujets de discussion précédents Nombre de réponses Dernier message
Au secourd... Polices grisées... Virus ? 1
Aperçu des images [résolu] 7
impossible lancer le diaporama 3
language 12
Page d'accueil internet blanche 5