Votre question

"pc performance & stability analysis report" problème

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
24 Août 2011 15:46:01

Bonjour!

Hier, alors que j'étais sur mon pc, Windows m'a demandé l'autorisation pour un fichier ou je ne sais plus trop. Ne sachant pas ce que c'était, j'ai ignoré mais l'espèce de pop-up (je sais pas trop comment on peut appeler ça) m'a redemandé l'autorisation (ça doit être sur les droits d'administrateurs je crois), mais j'ai réfusé encore une fois, sauf que rebelote, ça a recommencé. Au bout de cinq ou six fois, j'ai accidentellement cliqué sur "autoriser".

Depuis, je ne sais pas si c'est lié, mais j'ai une fenêtre "pc performance & stability analysis report" qui s'ouvre, et mon bureau est noir (enfin seul l'icone Internet Explorer est présente) et aussi, mon menu démarrer est vide! Hier soir, j'ai fais une recherche sur ce "pc performance..." et j'ai lu à plusieurs endroits que c'était un rogue. J'ai fais une analyse avec mon AV qui me dit que j'ai un spyware et qu'il est mit en quarantaine, mais mon bureau reste vide et j'ai des messages qui me disent que mon disque dur est illisible à 30%.

Je n'ose pas trop allumer mon pc car étant novice j'ai un peu peur de faire une connerie! donc je suis sur un autre pc en ce moment. Si quelqu'un pouvait m'aider s'il vous plait!

Autres pages sur : performance amp stability analysis report probleme

24 Août 2011 18:45:01

Bonjour,

*Télécharge RSIT (merci random/random) sur le Bureau : Ici ou
Double-clique sur RSIT.exe, il ne nécessite pas d' installation.
Clique Continue à l' écran Disclaimer si tu acceptes les conditions.
-Si HijackThis est non détecté sur ton Pc, il le téléchargera (autorise l' accès via ton pare-feu si demandé et accepte la licence).
Lorsque l' analyse sera terminée, deux fichiers texte s' ouvriront.
Poste le contenu de log.txt (celui qui s' ouvre) ainsi qu' info.txt qui est dans la Barre des Tâches

NB : Ces rapports sont enregistrés dans le dossier C:\rsit

A+
24 Août 2011 19:14:27

(juste avant d'avoir les resultats de log et info, mon AV a supprimé un cheval de troie. il pouvait provenir de HijackThis?)

Sinon voici pour log :
Logfile of random's system information tool 1.09 (written by random/random)
Run by jaegy at 2011-08-24 19:02:10
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 112 GB (24%) free of 463 GB
Total RAM: 4093 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:02:34, on 24/08/2011
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.19088)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\ProgramData\UPatikNiIP.exe
C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe
C:\Program Files (x86)\Logitech\Video\LogiTray.exe
C:\Program Files (x86)\PacksecuriteNumericable\Common\FSM32.EXE
C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Windows\SysWOW64\attrib.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\hp\kbd\kbd.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Microsoft\BingBar\BingBar.exe
C:\Program Files (x86)\Microsoft\BingBar\BingApp.exe
C:\Program Files\trend micro\jaegy.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files (x86)\Windows Live\Family Safety\fssbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files (x86)\PacksecuriteNumericable\NRS\iescript\baselitmus.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files (x86)\PacksecuriteNumericable\NRS\iescript\baselitmus.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] "C:\Program Files (x86)\Logitech\Video\ISStart.exe" /RegAll
O4 - HKLM\..\Run: [LogitechVideoTray] "C:\Program Files (x86)\Logitech\Video\LogiTray.exe"
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files (x86)\PacksecuriteNumericable\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files (x86)\PacksecuriteNumericable\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SwitchBoard] "C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"
O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN
O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files (x86)\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [UPatikNiIP] C:\ProgramData\UPatikNiIP.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (BthServ) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Configuration automatique de réseau câblé (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Easybits Shared Services for Windows (ezSharedSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files (x86)\PacksecuriteNumericable\Anti-Virus\fsgk32st.exe
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files (x86)\PacksecuriteNumericable\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files (x86)\PacksecuriteNumericable\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files (x86)\PacksecuriteNumericable\ORSP Client\fsorsp.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: TabletServicePen - Unknown owner - C:\Windows\system32\Pen_Tablet.exe (file missing)
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: WDDMService - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: WD File Management Engine (WDFME) - Unknown owner - C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: WD File Management Shadow Engine (WDSC) - Unknown owner - C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDSC.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100 (WPFFontCache_v0400) - Unknown owner - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe

--
End of file - 27656 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\rundll32.exe C:\Windows\system32\NVSVC64.DLL,nvsvcInitialize
/QuitInfo:00000000000002D4;00000000000002E0; /AddRef;
/QuitInfo:00000000000002EC;00000000000002DC;
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
/QuitInfo:00000000000005CC;00000000000005F4; /AddRef;
/QuitInfo:00000000000005F0;0000000000000600;
taskeng.exe {D5B1A78E-6726-4CDF-BA6D-64E6E92D6177}
/loadhooks /Parent:0000000000000784
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {BF4E05A2-855B-4A30-A66F-CB7D5C3C731A}
"C:\Windows\System32\rundll32.exe" C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
"C:\Program Files\Microsoft IntelliType Pro\itype.exe"
"C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Windows\System32\p2phost.exe" -s
"C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
"C:\Windows\ehome\ehtray.exe"
"C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\ProgramData\UPatikNiIP.exe"
"C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe"
C:\Windows\ehome\ehmsas.exe -Embedding
"C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe"
C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
"C:\hp\support\hpsysdrv.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe"
"C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe"
"C:\Program Files (x86)\Logitech\Video\LogiTray.exe"
"C:\Program Files (x86)\PacksecuriteNumericable\Common\FSM32.EXE" /splash
"C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe"
"C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\SysWOW64\svchost.exe -k netsvcs
"C:\Program Files (x86)\PacksecuriteNumericable\Anti-Virus\fsgk32st.exe"
"C:\Program Files (x86)\PacksecuriteNumericable\Common\FSMA32.EXE"
"C:\Program Files (x86)\PacksecuriteNumericable\Anti-Virus\FSGK32.EXE" /service /stopevent=148 /ipcexch=128
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
oid 1.3.6.1.4.1.2213.11.1.27 HosterGroupType 0
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\Pen_Tablet.exe
"C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe"
"C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe"
WTablet\Pen_TabletUser.exe
oid 1.3.6.1.4.1.2213.11.1.27.64 HosterGroupType 0
Pen_Tablet.exe au
attrib +h "C:\Users\jaegy\*.* " /s /d
"C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDSC.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-a8b69bd6-0df5-45df-9d54-d49db8478a30 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-d0e6e0af-525f-454c-adb4-534d02a1ceaa -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-42220649-bce2-480d-a891-1376c4e902f7 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:95f94e01-8b27-41af-baec-51c50aada360
"C:\Windows\System32\rundll32.exe" pnpui.dll,SimplifiedDINotification
"C:\Program Files (x86)\PacksecuriteNumericable\FWES\Program\fsdfwd.exe"
"C:\Program Files (x86)\PacksecuriteNumericable\Spam Control\fsscoepl_x64.exe"
"C:\Program Files (x86)\PacksecuriteNumericable\ORSP Client\fsorsp.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\PacksecuriteNumericable\Anti-Virus\fssm32.exe" 3 600 604 608
rundll32.exe C:\Windows\system32\newdev.dll,pDiDeviceInstallAction \\.\pipe\PNP_Device_Install_Pipe_1.{ff146174-79c4-402b-b9ef-dcf01a5963bb} "PCI\VEN_1799&DEV_700F&SUBSYS_700F1799&REV_20\4&d59273a&0&00F0"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\PacksecuriteNumericable\Anti-Virus\fsav32.exe"
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\hp\kbd\kbd.exe"
"C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
"C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe"
"C:\Program Files\Internet Explorer\iexplore.exe" SCODEF:6052 CREDAT:79873
"C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe"
"c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe"
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:5012 CREDAT:79873
"C:\Program Files (x86)\Microsoft\BingBar\BingBar.exe" -Embedding
"C:\Program Files (x86)\Microsoft\BingBar\BingApp.exe" -Embedding
"C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE"
taskeng.exe {290F5C8A-55D5-4785-AB92-89F2AE26F2A2}
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\ehome\mcupdate.EXE $(Arg0) -gc
"C:\Windows\system32\SearchFilterHost.exe" 0 620 624 632 65536 628
"C:\Users\jaegy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MTTMN079\RSITx64[1].exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore1cc20dc79620a6a.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\HPCeeScheduleForjaegy.job
C:\Windows\tasks\User_Feed_Synchronization-{DCAD4505-3874-4C7D-A3F5-C0BB8F133016}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2010-04-28 132456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2011-08-23 410288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg64.dll [2011-06-09 341048]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files (x86)\Windows Live\Family Safety\fssbho.dll [2010-04-28 113512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2011-08-23 305328]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll [2011-06-09 1007160]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C6867EB7-8350-4856-877F-93CF8AE3DC9C}]
Browsing Protection Class - C:\Program Files (x86)\PacksecuriteNumericable\NRS\iescript\baselitmus.dll [2011-08-22 545448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-07-07 1152776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-06-15 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2010-03-25 1548096]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2011-08-23 410288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]
{265EEE8E-3228-44D3-AEA5-F7FDF5860049} - Browsing Protection Toolbar - C:\Program Files (x86)\PacksecuriteNumericable\NRS\iescript\baselitmus.dll [2011-08-22 545448]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-07-07 1152776]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2011-08-23 305328]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1584184]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-04-17 15844896]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-04-17 82464]
"fssui"=C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe [2010-04-28 647528]
"itype"=C:\Program Files\Microsoft IntelliType Pro\itype.exe [2009-05-21 2342800]
"IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2009-05-26 2314120]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-15 499608]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1555968]
"HPAdvisor"=C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN []
"CollaborationHost"=C:\Windows\system32\p2phost.exe [2008-01-21 215040]
"MsnMsgr"=C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe [2010-04-16 3872080]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 138240]
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-02-24 39408]
"LDM"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe [2009-03-17 20480]
"LogitechSoftwareUpdate"=C:\Program Files (x86)\Logitech\Video\ManifestEngine.exe [2005-06-08 196608]
"EA Core"=C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent []
"AdobeBridge"= []
"ISUSPM"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe -scheduler []
"Steam"=C:\Program Files (x86)\Steam\Steam.exe [2011-08-11 1242448]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2011-03-04 2741616]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"UPatikNiIP"=C:\ProgramData\UPatikNiIP.exe [2011-08-24 390144]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"=c:\hp\support\hpsysdrv.exe [2007-04-18 65536]
"KBD"=C:\HP\KBD\KbdStub.EXE [2006-12-08 65536]
"HP Health Check Scheduler"=c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-06-02 75008]
"HP Software Update"=c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"Adobe Photo Downloader"=C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe [2006-12-22 67752]
"LogitechVideoRepair"=C:\Program Files (x86)\Logitech\Video\ISStart.exe [2005-06-08 458752]
"LogitechVideoTray"=C:\Program Files (x86)\Logitech\Video\LogiTray.exe [2005-06-08 217088]
"F-Secure Manager"=C:\Program Files (x86)\PacksecuriteNumericable\Common\FSM32.EXE [2009-08-05 199264]
"F-Secure TNB"=C:\Program Files (x86)\PacksecuriteNumericable\FSGUI\TNBUtil.exe [2009-08-05 2349664]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-11-29 421888]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2011-03-01 421160]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5.5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [2011-01-12 1523360]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
WDDMStatus.lnk - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutorun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=0
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-08-24 19:02:11 ----D---- C:\Program Files\trend micro
2011-08-24 19:02:10 ----D---- C:\rsit
2011-08-24 01:50:00 ----AH---- C:\ProgramData\P1kAlMiG2Kb7Fz.exe
2011-08-24 01:39:49 ----AH---- C:\ProgramData\UPatikNiIP.exe
2011-08-18 00:01:20 ----D---- C:\Program Files (x86)\Apple Software Update
2011-08-11 01:52:22 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys

======List of files/folders modified in the last 1 month======

2011-08-24 19:02:11 ----RD---- C:\Program Files
2011-08-24 19:01:44 ----D---- C:\Windows\Temp
2011-08-24 18:51:21 ----HD---- C:\Program Files (x86)\Steam
2011-08-24 18:50:04 ----HD---- C:\Users\jaegy\AppData\Roaming\WTablet
2011-08-24 03:02:28 ----HD---- C:\ProgramData
2011-08-24 03:00:55 ----D---- C:\Program Files (x86)
2011-08-24 02:59:50 ----SHD---- C:\System Volume Information
2011-08-24 02:56:21 ----HD---- C:\Users\jaegy\AppData\Roaming\InstallShield
2011-08-24 02:55:46 ----D---- C:\Windows\SYSWOW64\drivers
2011-08-24 02:55:46 ----D---- C:\Windows\SysWOW64
2011-08-24 02:53:31 ----D---- C:\Windows\system32\catroot
2011-08-24 02:53:29 ----D---- C:\Windows\inf
2011-08-24 02:50:28 ----D---- C:\Program Files (x86)\Zanag
2011-08-24 02:49:30 ----HD---- C:\Users\jaegy\AppData\Roaming\uTorrent
2011-08-24 02:42:14 ----D---- C:\Windows\Minidump
2011-08-24 02:42:08 ----D---- C:\Windows
2011-08-24 02:38:33 ----D---- C:\Windows\Prefetch
2011-08-24 02:02:50 ----HD---- C:\Windows\tracing
2011-08-23 21:11:07 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-08-23 21:07:36 ----HD---- C:\Program Files (x86)\Warcraft III
2011-08-23 20:51:27 ----SHD---- C:\Windows\Installer
2011-08-23 14:58:43 ----D---- C:\Program Files (x86)\PacksecuriteNumericable
2011-08-23 03:08:41 ----D---- C:\Program Files (x86)\Windows Live
2011-08-23 03:04:37 ----D---- C:\ProgramData\Microsoft
2011-08-23 03:03:19 ----D---- C:\Program Files (x86)\Microsoft
2011-08-23 03:01:24 ----D---- C:\Windows\system32\catroot2
2011-08-23 02:20:09 ----HD---- C:\Users\jaegy\AppData\Roaming\vlc
2011-08-23 02:11:27 ----HD---- C:\Users\jaegy\AppData\Roaming\dvdcss
2011-08-21 23:41:10 ----D---- C:\Program Files (x86)\Electronic Arts
2011-08-21 23:41:05 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-08-18 00:01:24 ----D---- C:\Windows\system32\Tasks
2011-08-13 19:38:18 ----D---- C:\Windows\System32
2011-08-13 19:38:18 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-08-11 20:23:09 ----D---- C:\Windows\winsxs
2011-08-11 20:00:17 ----D---- C:\Windows\system32\drivers
2011-08-11 03:01:13 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-07-14 254528]
R1 F-Secure HIPS;F-Secure HIPS Driver; \??\C:\Program Files (x86)\PacksecuriteNumericable\HIPS\drivers\fshs.sys [2009-08-05 57920]
R1 FSES;F-Secure Email Scanning Driver; C:\Windows\System32\drivers\fses.sys [2010-12-20 45624]
R1 FSFW;F-Secure Firewall Driver; C:\Windows\System32\drivers\fsdfw.sys [2010-12-20 94280]
R1 fsvista;F-Secure Vista Support Driver; \??\C:\Program Files (x86)\PacksecuriteNumericable\Anti-Virus\minifilter\fsvista.sys [2009-08-05 14904]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-06-27 88632]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Program Files (x86)\PacksecuriteNumericable\Anti-Virus\minifilter\fsgk.sys [2011-06-09 198824]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2008-07-03 1477272]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-04-17 9544736]
R3 Point64;Microsoft IntelliPoint Filter Driver; C:\Windows\system32\DRIVERS\point64k.sys [2009-05-09 33160]
R3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [2009-01-09 31744]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-21 11264]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys [2008-02-14 160768]
R3 wacommousefilter;Wacom Mouse Filter Driver; C:\Windows\system32\DRIVERS\wacommousefilter.sys [2007-02-16 12848]
R3 wacomvhid;Wacom Virtual Hid Driver; C:\Windows\system32\DRIVERS\wacomvhid.sys [2007-02-16 14640]
R3 WacomVKHid;Virtual Keyboard Driver; C:\Windows\system32\DRIVERS\WacomVKHid.sys [2007-02-16 12976]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 108544]
S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-01-21 23040]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 115712]
S3 BTHPORT;Pilote de port Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2008-10-25 276480]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2008-10-25 34304]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 6144]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-06 61280]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 11008]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 7936]
S3 Ps2;PS2; C:\Windows\system32\DRIVERS\PS2.sys [2006-09-07 21504]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-01-21 62976]
S3 RimUsb;Téléphone intelligent BlackBerry ; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [2010-06-16 92160]
S3 RTL85n64;Belkin Wireless G Notebook Card Service v8; C:\Windows\system32\DRIVERS\RTL85n64.sys [2007-04-23 433960]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2011-02-18 51712]
S3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-21 98816]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2009-02-13 14464]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 46080]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 8704]
S4 F-Secure Filter;F-Secure File System Filter; \??\C:\Program Files (x86)\PacksecuriteNumericable\Anti-Virus\Win2K\FSfilter.sys [2009-08-05 39776]
S4 F-Secure Recognizer;F-Secure File System Recognizer; \??\C:\Program Files (x86)\PacksecuriteNumericable\Anti-Virus\Win2K\FSrec.sys [2009-08-05 25184]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 438328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeActiveFileMonitor5.0;Adobe Active File Monitor V5; C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe [2006-12-22 108712]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]
R2 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-06-15 249648]
R2 Bonjour Service;Service Bonjour; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-10-07 345376]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 F-Secure Gatekeeper Handler Starter;FSGKHS; C:\Program Files (x86)\PacksecuriteNumericable\Anti-Virus\fsgk32st.exe [2009-08-05 215648]
R2 FSMA;F-Secure Management Agent; C:\Program Files (x86)\PacksecuriteNumericable\Common\FSMA32.EXE [2009-08-05 186976]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-06-02 94208]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2011-03-04 73728]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-04-17 355840]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2009-07-24 189728]
R2 TabletServicePen;TabletServicePen; C:\Windows\system32\Pen_Tablet.exe [2007-09-07 1909032]
R2 WDDMService;WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2010-09-08 288256]
R2 WDFME;WD File Management Engine; C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe [2010-09-08 1034752]
R2 WDSC;WD File Management Shadow Engine; C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDSC.exe [2010-09-08 485376]
R3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-07-07 195336]
R3 FSDFWD;F-Secure Anti-Virus Firewall Daemon; C:\Program Files (x86)\PacksecuriteNumericable\FWES\Program\fsdfwd.exe [2010-05-11 844384]
R3 FSORSPClient;F-Secure ORSP Client; C:\Program Files (x86)\PacksecuriteNumericable\ORSP Client\fsorsp.exe [2011-05-23 61088]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2011-03-01 934176]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-08-11 411432]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Service Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-01-03 135664]
S2 RoxLiveShare9;LiveShare P2P Server 9; C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe []
S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-04-28 704872]
S3 gupdatem;Service Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-01-03 135664]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-27 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]

-----------------EOF-----------------
Contenus similaires
24 Août 2011 19:15:05

et voilà pour info :

Spoiler
info.txt logfile of random's system information tool 1.09 2011-08-24 19:02:39

======Uninstall list======

Update for Microsoft Office 2007 (KB2508958)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
-->"C:\Program Files (x86)\PacksecuriteNumericable\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Spyware Scanner"
-->"C:\Program Files (x86)\PacksecuriteNumericable\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Spyware"
-->"C:\Program Files (x86)\PacksecuriteNumericable\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Virus Client Security Installer"
-->"C:\Program Files (x86)\PacksecuriteNumericable\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Virus"
-->"C:\Program Files (x86)\PacksecuriteNumericable\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Automatic Update Agent"
-->"C:\Program Files (x86)\PacksecuriteNumericable\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure DAAS"
-->"C:\Program Files (x86)\PacksecuriteNumericable\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure DAAS2"
-->"C:\Program Files (x86)\PacksecuriteNumericable\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Diagnostics"
-->"C:\Program Files (x86)\PacksecuriteNumericable\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure E-mail Scanning"
-->"C:\Program Files (x86)\PacksecuriteNumericable\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure ExploitShield"
-->"C:\Program Files (x86)\PacksecuriteNumericable\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure FWES"
-->"C:\Program Files (x86)\PacksecuriteNumericable\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Gadget"
-->"C:\Program Files (x86)\PacksecuriteNumericable\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure GateKeeper Interface"
-->"C:\Program Files (x86)\PacksecuriteNumericable\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Gemini"
-->"C:\Program Files (x86)\PacksecuriteNumericable\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure GUI"
-->"C:\Program Files (x86)\PacksecuriteNumericable\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Help"
-->"C:\Program Files (x86)\PacksecuriteNumericable\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure HIPS"
-->"C:\Program Files (x86)\PacksecuriteNumericable\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Internet Shield"
-->"C:\Program Files (x86)\PacksecuriteNumericable\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure ISP News"
-->"C:\Program Files (x86)\PacksecuriteNumericable\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Localization API"
-->"C:\Program Files (x86)\PacksecuriteNumericable\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Management Agent"
-->"C:\Program Files (x86)\PacksecuriteNumericable\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure NRS"
-->"C:\Program Files (x86)\PacksecuriteNumericable\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure ORSP Client"
-->"C:\Program Files (x86)\PacksecuriteNumericable\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Protocol Scanner"
-->"C:\Program Files (x86)\PacksecuriteNumericable\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Spam Control"
-->"C:\Program Files (x86)\PacksecuriteNumericable\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Spam Scanner"
-->"C:\Program Files (x86)\PacksecuriteNumericable\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure TNB"
-->"C:\Program Files (x86)\PacksecuriteNumericable\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Uninstall"
-->MsiExec.exe /I{C4CBAD7E-DF4A-4FEC-AC17-8BC709AFB844}
Adobe AIR-->C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}
Adobe Community Help-->msiexec /qb /x {3521BDBD-D453-5D9F-AA55-44B75D214629}
Adobe Community Help-->MsiExec.exe /I{3521BDBD-D453-5D9F-AA55-44B75D214629}
Adobe Download Assistant-->msiexec /qb /x {3CA2B4FD-AEF2-ED4F-F5E5-0095DDA47AC7}
Adobe Download Assistant-->MsiExec.exe /I{3CA2B4FD-AEF2-ED4F-F5E5-0095DDA47AC7}
Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10k_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10i_Plugin.exe -maintain plugin
Adobe Help Center 2.1-->MsiExec.exe /I{25569723-DC5A-4467-A639-79535BF01B71}
Adobe Photoshop CS5 Portable-->"C:\Program Files (x86)\Adobe\Adobe Photoshop CS5 Portable\unins000.exe"
Adobe Photoshop Elements 5.0-->msiexec /I {A7B609FB-83D8-4FC3-8477-1BC65ECFE85B}
Adobe Premiere Pro CS5.5-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{0497EAED-70DA-4BBE-BEB3-AF77FD8788EA}"
Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
Adobe Story-->msiexec /qb /x {C28DD992-5B7B-D195-6841-4EC57DF512BD}
Adobe Story-->MsiExec.exe /I{C28DD992-5B7B-D195-6841-4EC57DF512BD}
Apple Application Support-->MsiExec.exe /I{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}
Apple Mobile Device Support-->MsiExec.exe /I{8F473675-D702-45F9-8EBC-342B40C17BF5}
Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
Archiveur WinRAR-->C:\Program Files (x86)\WinRAR\uninstall.exe
ArtRage 2-->MsiExec.exe /X{F18F267E-1DCF-41CD-97CA-27F58CFCCA9C}
Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
Bing Bar-->MsiExec.exe /X{16D0F2D2-242C-4885-BEF1-4B1655C141AE}
BlackBerry App World Browser Plugin-->MsiExec.exe /X{598420E8-E9F9-4FAE-9B6C-599FDF2F611A}
BlackBerry Desktop Software 6.0.1-->MsiExec.exe /I{84A78614-0E4B-4A4E-BA8C-2B0A05A08E4E}
BlackBerry Desktop Software 6.0.1-->MsiExec.exe /i{84A78614-0E4B-4A4E-BA8C-2B0A05A08E4E}
BlackBerry Device Software v5.0.0 pour smartphone BlackBerry 8520-->MsiExec.exe /X{2B39620B-F959-4C8A-AEEF-B5D29D8012D0}
Bonjour-->MsiExec.exe /X{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}
CANON iMAGE GATEWAY Task for ZoomBrowser EX-->"C:\Program Files (x86)\Common Files\Canon\UIW\1.7.0.0\Uninst.exe" "C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\CRWUnInstall.ini"
Canon Internet Library for ZoomBrowser EX-->"C:\Program Files (x86)\Common Files\Canon\UIW\1.7.0.0\Uninst.exe" "C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\CIGUnInstall.ini"
Canon MOV Decoder-->"C:\Program Files (x86)\Common Files\Canon\UIW\1.7.0.0\Uninst.exe" "C:\Program Files (x86)\Canon\Canon MOV Decoder150\CanonMOVDecoderUnInstall.ini"
Canon MOV Encoder-->"C:\Program Files (x86)\Common Files\Canon\UIW\1.7.0.0\Uninst.exe" "C:\Program Files (x86)\Canon\Canon MOV Encoder\CanonMOVEncoderUnInstall.ini"
Canon MovieEdit Task for ZoomBrowser EX-->"C:\Program Files (x86)\Common Files\Canon\UIW\1.7.0.0\Uninst.exe" "C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\MVWUninst.ini"
Canon Utilities Digital Photo Professional 3.8-->"C:\Program Files (x86)\Common Files\Canon\UIW\1.7.0.0\Uninst.exe" "C:\Program Files (x86)\Canon\Digital Photo Professional\Uninst.ini"
Canon Utilities EOS Utility-->"C:\Program Files (x86)\Common Files\Canon\UIW\1.7.0.0\Uninst.exe" "C:\Program Files (x86)\Canon\EOS Utility\Uninst.ini"
Canon Utilities PhotoStitch-->"C:\Program Files (x86)\Common Files\Canon\UIW\1.7.0.0\Uninst.exe" "C:\Program Files (x86)\Canon\PhotoStitch\Uninst.ini"
Canon Utilities Picture Style Editor-->"C:\Program Files (x86)\Common Files\Canon\UIW\1.7.0.0\Uninst.exe" "C:\Program Files (x86)\Canon\Picture Style Editor\Uninst.ini"
Canon Utilities WFT Utility-->"C:\Program Files (x86)\Common Files\Canon\UIW\1.7.0.0\Uninst.exe" "C:\Program Files (x86)\Canon\WFT Utility\Uninst.ini"
Canon Utilities ZoomBrowser EX-->"C:\Program Files (x86)\Common Files\Canon\UIW\1.7.0.0\Uninst.exe" "C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\Uninst.ini"
Canon ZoomBrowser EX Memory Card Utility-->"C:\Program Files (x86)\Common Files\Canon\UIW\1.7.0.0\Uninst.exe" "C:\Program Files (x86)\Canon\ZoomBrowser EX MCU\Uninst.ini"
Corel Graphics - Windows Shell Extension-->c:\Program Files (x86)\Common Files\Corel\Shared\Shell Extension\ShellUninst.exe -ProductCode {51DD370C-6690-424E-9674-5F14468B323F} -arp
Corel Graphics - Windows Shell Extension-->MsiExec.exe /X{51DD370C-6690-424E-9674-5F14468B323F}
CorelDRAW Graphics Suite X5 - IPM-->MsiExec.exe /I{DE6CBC04-8673-4DBA-BA81-07F1639CEB5F}
CorelDRAW Graphics Suite X5 - Windows Shell Extension 64 Bit-->MsiExec.exe /I{66C10F29-31F0-4A9B-B2CF-465F488AE086}
CorelDRAW Graphics Suite X5 - WT-->MsiExec.exe /I{9244E956-5939-4B88-930C-0699D4AB2B95}
CorelDRAW(R) Graphics Suite X5-->c:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X5\Setup\SetupARP.exe /arp
Correctif pour Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)-->c:\Windows\SysWOW64\msiexec.exe /package {3514CD14-6F9C-39C9-94F5-6644CAD122CF} /uninstall /qb+ REBOOTPROMPT=""
Counter-Strike: Source Beta-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/260
Counter-Strike: Source-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/240
Counter-Strike: Source-->MsiExec.exe /I{9580813D-94B1-4C28-9426-A441E2BB29A5}
DAEMON Tools Lite-->C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe
DAEMON Tools Toolbar-->C:\Program Files (x86)\DAEMON Tools Toolbar\uninst.exe
Day of Defeat: Source-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/300
EA Download Manager UI-->msiexec /qb /x {D5A9DA4B-E4F9-FB49-017D-769FC540F1F0}
EA Download Manager UI-->MsiExec.exe /I{D5A9DA4B-E4F9-FB49-017D-769FC540F1F0}
EA Download Manager-->C:\Program Files (x86)\Electronic Arts\EADM\EADMUninstall.exe
FileZilla Client 3.3.4.1-->C:\Program Files (x86)\FileZilla FTP Client\uninstall.exe
Free Mp3 Wma Converter V 1.9-->"C:\Program Files (x86)\Free Audio Pack\unins000.exe"
Free YouTube to Mp3 Converter version 3.1-->"C:\Program Files (x86)\DVDVideoSoft\Free YouTube to Mp3 Converter\unins000.exe"
F-Secure PSC Prerequisites-->MsiExec.exe /I{E2E7A0E8-77C4-495F-8FA3-63DAEDAA2DB3}
Galerie de photos Windows Live-->MsiExec.exe /X{1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}
GIMP 2.6.6-->"C:\Program Files (x86)\GIMP-2.0\setup\unins000.exe"
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\13.0.782.112\Installer\setup.exe" --uninstall --multi-install --chrome --system-level
Google Toolbar for Internet Explorer-->"C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_4E7D715D860E20E1.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google Earth-->MsiExec.exe /X{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}
Half-Life 2: Deathmatch-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/320
Half-Life 2: Lost Coast-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/340
Hewlett-Packard Active Check for Health Check-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
Hewlett-Packard Asset Agent for Health Check-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->c:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->c:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {08155812-0202-4D5F-A7FF-12A2782DC548} /qb+ REBOOTPROMPT=""
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)-->c:\Windows\SysWOW64\msiexec.exe /package {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)-->c:\Windows\SysWOW64\msiexec.exe /package {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)-->c:\Windows\SysWOW64\msiexec.exe /package {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)-->c:\Windows\SysWOW64\msiexec.exe /package {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)-->c:\Windows\SysWOW64\msiexec.exe /package {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB} /uninstall /qb+ REBOOTPROMPT=""
HP Active Support Library-->C:\Program Files (x86)\InstallShield Installation Information\{5DAA9C36-8F8B-462F-8CCA-E205BC3751F5}\setup.exe -runfromtemp -l0x0409
HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}\setup.exe" -l0x9 -removeonly
HP Customer Feedback-->MsiExec.exe /I{9DBA770F-BF73-4D39-B1DF-6035D95268FC}
HP Demo-->MsiExec.exe /X{97ABD26A-3249-46CB-B2E2-F66E64B2E480}
HP Easy Setup - Frontend-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F405DC00-37F3-4A5F-97F4-C1310CCEE53A}\setup.exe" -l0x9 -removeonly
HP Photosmart Essential 3.0-->C:\Program Files (x86)\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Picasso Media Center Add-In-->MsiExec.exe /I{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}
HP Recovery Manager RSS-->MsiExec.exe /X{A0640EC2-B97E-4FC1-AD14-227C9E386BB4}
HP Update-->MsiExec.exe /X{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}
Installation Windows Live-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{133742BA-6F46-4D3E-85AF-78631D9AD8B8}
iTunes-->MsiExec.exe /I{B24A47E5-F196-461E-A7A4-AADB72CB19DD}
Jasc Animation Shop 3-->MsiExec.exe /I{174D5678-D941-433C-BD23-58A5C7B0D36D}
Java(TM) 6 Update 20-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216020FF}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Junk Mail filter update-->MsiExec.exe /I{8E5233E1-7495-44FB-8DEB-4BE906D59619}
LameACM-->C:\Program Files (x86)\LameACM\uninstall.exe
Les Sims 2 : La bonne affaire-->C:\Program Files (x86)\EA GAMES\Les Sims 2  La bonne affaire\EAUninstall.exe
Les Sims 2-->C:\Program Files (x86)\EA GAMES\Les Sims 2\EAUninstall.exe
Les Sims™ 2 La Vie en Appartement-->C:\Program Files (x86)\EA GAMES\Les Sims 2 La Vie en Appartement\EAUninstall.exe
Les Sims™ 3 Ambitions-->"C:\Program Files (x86)\InstallShield Installation Information\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}\setup.exe" -runfromtemp -l0x040c -removeonly
Les Sims™ 3-->"C:\Program Files (x86)\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\setup.exe" -runfromtemp -l0x040c -removeonly
Les Sims™ 2 Au fil des saisons-->C:\Program Files (x86)\EA GAMES\Les Sims 2 Au fil des saisons\EAUninstall.exe
LightScribe System Software-->MsiExec.exe /X{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}
Logiciel QuickCam de Logitech-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{C43048A9-742C-4DAD-90D2-E3B53C9DB825}\setup.exe" -l0x40c
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe" -l0x40c UNINSTALL
Logitech Print Service-->C:\PROGRA~2\Logitech\PRINTS~1\UNWISE.EXE C:\PROGRA~2\Logitech\PRINTS~1\INSTALL.LOG
MAGIX Screenshare-->C:\Program Files (x86)\MAGIX\PCVisit\unwise.exe
MAGIX Speed burnR-->C:\Program Files (x86)\MAGIX\Speed2_burnR_mxcdr\unwise.exe
MAGIX Video easy Download version 1.0.2.2 (UK)-->C:\Program Files (x86)\MAGIX\Video_easy_Download_version\unwise.exe
McAfee Security Scan Plus-->"C:\Program Files (x86)\McAfee Security Scan\uninstall.exe"
Messenger Plus! Live-->"C:\Program Files (x86)\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework64\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft .NET Framework 4 Client Profile FRA Language Pack-->MsiExec.exe /X{4B5F58F7-C7D1-3CE3-9B37-B657F0852643}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {E64BA721-2310-4B55-BE5A-2925F9706192}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-040C-1000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office Office 64-bit Components 2007-->MsiExec.exe /X{90120000-002A-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
Microsoft Office Shared 64-bit MUI (French) 2007-->MsiExec.exe /X{90120000-002A-040C-1000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053-->MsiExec.exe /X{B6E3757B-5E77-3915-866A-CCFC4B8D194C}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{071c9b48-7c32-4621-a0ac-3f809523288f}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148-->MsiExec.exe /X{EE936C7A-EA40-31D5-9B65-8E3E089C3828}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022-->MsiExec.exe /X{350AA351-21FA-3270-8B7A-835434E766AD}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual Studio Tools for Applications 2.0 - ENU-->MsiExec.exe /X{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}
Microsoft Visual Studio Tools for Applications 2.0 Language Pack - FRA-->MsiExec.exe /X{3514CD14-6F9C-39C9-94F5-6644CAD122CF}
Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - FRA-->MsiExec.exe /X{8A8F0E9B-4FC9-3C40-9AFB-9AEEFE81D6A7}
Microsoft Visual Studio Tools for Applications 2.0 Runtime-->MsiExec.exe /X{299C0434-4F4E-341F-A916-4E07AEB35E79}
Microsoft Works-->MsiExec.exe /I{3B160861-7250-451E-B5EE-8B92BF30A710}
Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13}
Microsoft_VC80_ATL_x86_x64-->MsiExec.exe /I{925D058B-564A-443A-B4B2-7E90C6432E55}
Microsoft_VC80_ATL_x86-->MsiExec.exe /I{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}
Microsoft_VC80_CRT_x86_x64-->MsiExec.exe /I{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}
Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
Microsoft_VC80_MFC_x86_x64-->MsiExec.exe /I{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}
Microsoft_VC80_MFC_x86-->MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57}
Microsoft_VC80_MFCLOC_x86_x64-->MsiExec.exe /I{1E9FC118-651D-4934-97BE-E53CAE5C7D45}
Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}
Microsoft_VC90_ATL_x86_x64-->MsiExec.exe /I{8557397C-A42D-486F-97B3-A2CBC2372593}
Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}
Microsoft_VC90_CRT_x86_x64-->MsiExec.exe /I{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}
Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}
Microsoft_VC90_MFC_x86_x64-->MsiExec.exe /I{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}
Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}
Microsoft_VC90_MFCLOC_x86-->MsiExec.exe /I{B6D38690-755E-4F40-A35A-23F8BC2B86AC}
Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3}
Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223}
Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\Windows\Microsoft.NET\Framework64\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Module linguistique Microsoft .NET Framework 4 Client Profile FRA-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /x64 /lcid 1036 /parameterfolder ClientLP
Mozilla Firefox (3.6.3)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Musicnotes Software Suite 1.4.3-->"C:\Program Files (x86)\Musicnotes\unins000.exe"
muvee autoProducer 6.1-->C:\Program Files (x86)\InstallShield Installation Information\{B9AB88D8-3A09-4A4A-8993-0E2F6F9F294B}\muveesetup.exe -removeonly -runfromtemp
Notepad++-->C:\Program Files (x86)\Notepad++\uninstall.exe
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Outils de diagnostic du matériel-->C:\Program Files (x86)\PC-Doctor for Windows\uninst.exe
Outils Les Sims™ 3 Créez votre monde ! – Beta-->"C:\Program Files (x86)\InstallShield Installation Information\{65761BAE-11E8-48FE-B30F-1F01011AB906}\setup.exe" -runfromtemp -l0x040c -removeonly
Pack Sécurité Numericable-->"C:\Program Files (x86)\PacksecuriteNumericable\FSGUI\PostInstall.exe" /tUnInstall
Pen Tablet-->C:\Program Files (x86)\Tablet\Pen\Remove.exe /u
PhotoFiltre-->"C:\Program Files (x86)\PhotoFiltre\Uninst.exe"
PhotoScape-->"C:\Program Files (x86)\PhotoScape\uninstall.exe"
Pinnacle VideoSpin-->MsiExec.exe /I{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}
PxMergeModule-->MsiExec.exe /I{024521CF-C07E-4F8E-8481-0D75695E03AF}
Python 2.5.2-->MsiExec.exe /I{6B976ADF-8AE8-434E-B282-A06C7F624D2F}
QuickTime-->MsiExec.exe /I{57752979-A1C9-4C02-856B-FBB27AC4E02C}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
Safari-->MsiExec.exe /I{D6E4E5D6-7693-4BB4-95BA-21F38FAFEE90}
Security Update for 2007 Microsoft Office System (KB2288621)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5C497F0B-2061-4CC9-A61C-6B45B867354D}
Security Update for 2007 Microsoft Office System (KB2288931)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {CD769337-C8AC-46DB-A7DC-643E50089263}
Security Update for 2007 Microsoft Office System (KB2345043)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {536FB502-775F-4494-BACE-C02CC90B7A5B}
Security Update for 2007 Microsoft Office System (KB2509488)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {AD0DE453-0804-4495-9C91-33D0F9AA5463}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)-->c:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {8EAF4926-5B5D-398A-BA46-4603D8095BDE} /qb+ REBOOTPROMPT=""
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD8D7C9A-E56A-3E7B-BA6D-FE68F13296E3} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F66C3466-1FDB-347C-B3AE-FB6C50627B10} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client
Security Update for Microsoft Office 2007 System (KB2541012)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {CD907315-705A-4475-A1A0-2A1245803E4D}
Security Update for Microsoft Office Excel 2007 (KB2541007)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A0173254-F442-4D04-9154-43FA157B83D0}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {8588DD11-6BD7-4400-B55C-DD5AB74B43E1}
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {D75E6D0C-BADF-4F41-98B2-0C0F02C15062}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB2344993)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder ClientLP
Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder ClientLP
SmartSound Quicktracks 5-->"C:\Program Files (x86)\InstallShield Installation Information\{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}\setup.exe" -runfromtemp -l0x0409 -removeonly
SmartSound Quicktracks 5-->MsiExec.exe /I{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}
Solution de clavier multimédia amélioré-->C:\HP\KBD\Install.exe /u
sp44626-->c:\hp\Softpaq\sp44626\sp44626.exe
Steam(TM)-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Synthesia (remove only)-->"C:\Program Files (x86)\Synthesia\uninstall.exe"
Tomb Raider II-->C:\Windows\IsUn040c.exe -f"C:\Program Files (x86)\Core Design\Tomb Raider II\Uninst.isu"
Uninstall 1.0.0.1-->"C:\Program Files (x86)\Common Files\DVDVideoSoft\unins000.exe"
Update for 2007 Microsoft Office System (KB2284654)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {FB166E7C-8AA6-48C8-B726-1F25BEE7825A}
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->c:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Office 2007 System (KB2539530)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}
Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF}
VD64Inst-->MsiExec.exe /I{22ABA92B-6C1B-46D8-AC2B-C48EEAE172A9}
VLC media player 1.0.5-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
Warcraft III-->C:\Windows\War3Unin.exe C:\Windows\War3Unin.dat
WD SmartWare-->MsiExec.exe /X{6F482C75-174D-42EB-A2CF-B00A1F354F7B}
Windows Live Call-->MsiExec.exe /I{B3B487E7-6171-4376-9074-B28082CEB504}
Windows Live Communications Platform-->MsiExec.exe /I{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}
Windows Live Contrôle parental-->MsiExec.exe /X{A8A4C98E-08D8-41BB-BDCB-2C412327535E}
Windows Live FolderShare-->MsiExec.exe /X{76810709-A7D3-468D-9167-A1780C1E766C}
Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
Windows Live Messenger-->MsiExec.exe /X{445B183D-F4F1-45C8-B9DB-F11355CA657B}
Windows Live Movie Maker-->MsiExec.exe /X{230B83A5-7D88-4B95-B71E-F44C0C78B002}
Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}

======Security center information======

AS: Windows Defender

======System event log======

Computer Name: PC-de-jaegy
Event Code: 3004
Message: L’agent de protection en temps réel Windows Defender a détecté des modifications. Microsoft vous recommande d’analyser les logiciels responsables de ces modifications, à la recherche de risques potentiels. Vous pouvez vous servir des informations relatives au fonctionnement de ces programmes pour autoriser ou non leur exécution, ou pour les supprimer de l’ordinateur. N’autorisez les modifications que si vous faites confiance au programme ou à l’éditeur de logiciel. Windows Defender ne peut pas annuler les modifications que vous autorisez.
Pour plus d’informations, consultez les données suivantes :
http://go.microsoft.com/fwlink/?linkid=37020&name=Troja...
ID d’analyse : {C034684F-0936-41DB-B8C1-476583E4919D}
Utilisateur : PC-de-jaegy\jaegy
Nom : Trojan:Win32/FakeSysdef
ID : 155638
ID de gravité : 5
ID de catégorie : 8
Chemin d’accès trouvé : process:p id:2612;file:C:\ProgramData\P1kAlMiG2Kb7Fz.exe->(UPX);containerfile:C:\ProgramData\P1kAlMiG2Kb7Fz.exe
Type d’alerte : Logiciel espion ou autre logiciel non désiré
Type de détection : Concret
Record Number: 412414
Source Name: Microsoft-Windows-Windows Defender
Time Written: 20110824030454.000000-000
Event Type: Avertissement
User:

Computer Name: PC-de-jaegy
Event Code: 15016
Message: Impossible d’initialiser le package de sécurité Kerberos pour l’authentification côté serveur. Le champ de données contient le numéro de l’erreur.
Record Number: 412463
Source Name: Microsoft-Windows-HttpEvent
Time Written: 20110824164940.614990-000
Event Type: Erreur
User:

Computer Name: PC-de-jaegy
Event Code: 7026
Message: Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se charger :
i8042prt
Record Number: 412545
Source Name: Service Control Manager
Time Written: 20110824165116.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-jaegy
Event Code: 7022
Message: Le service Windows Update est en attente de démarrage.
Record Number: 412574
Source Name: Service Control Manager
Time Written: 20110824165603.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-jaegy
Event Code: 10010
Message: Le serveur {E60687F7-01A1-40AA-86AC-DB1CBF673334} ne s'est pas enregistré sur DCOM avant la fin du temps imparti.
Record Number: 412577
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20110824170238.000000-000
Event Type: Erreur
User:

=====Application event log=====

Computer Name: PC-de-jaegy
Event Code: 10
Message: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé.
Record Number: 355863
Source Name: Microsoft-Windows-WMI
Time Written: 20110824023626.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-jaegy
Event Code: 3036
Message: La source de contenu <iehistory://{s-1-5-21-255464774-1171680208-1707102557-1000}/> est inaccessible.

Contexte : Application , Catalogue SystemIndex

Détails :
Le filtrage a été arrêté du fait d'une action de l'utilisateur, comme par exemple l'arrêt de l'analyse. (0x80040d54)

Record Number: 355871
Source Name: Microsoft-Windows-Search
Time Written: 20110824024654.000000-000
Event Type: Avertissement
User:

Computer Name: PC-de-jaegy
Event Code: 3013
Message: Impossible de mettre à jour l'entrée <C:\USERS\JAEGY\APPDATA\LOCAL\ADOBE\AAMUPDATER\1.0\CSUTRACKER.XML> dans la configuration de hachage.

Contexte : Application , Catalogue SystemIndex

Détails :
Un périphérique attaché au système ne fonctionne pas correctement. (0x8007001f)

Record Number: 355873
Source Name: Microsoft-Windows-Search
Time Written: 20110824032807.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-jaegy
Event Code: 10
Message: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé.
Record Number: 355908
Source Name: Microsoft-Windows-WMI
Time Written: 20110824165054.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-jaegy
Event Code: 103
Message: 1 2011-08-24 19:03:35+02:00 PC-DE-JAEGY PC-de-jaegy\jaegy F-Secure Anti-Virus
Malicious code found in file C:\ProgramData\UPatikNiIP.exe.
Infection: Trojan.Generic.KD.330368


Record Number: 355917
Source Name: FSecure-FSecure-F-Secure Anti-Virus
Time Written: 20110824170335.000000-000
Event Type: Erreur
User:

=====Security event log=====

Computer Name: PC-de-jaegy
Event Code: 4624
Message: L’ouverture de session d’un compte s’est correctement déroulée.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-JAEGY$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7

Type d’ouverture de session : 5

Nouvelle ouverture de session :
ID de sécurité : S-1-5-18
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
ID d’ouverture de session : 0x3e7
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Informations sur le processus :
ID du processus : 0x290
Nom du processus : C:\Windows\System32\services.exe

Informations sur le réseau :
Nom de la station de travail :
Adresse du réseau source : -
Port source : -

Informations détaillées sur l’authentification :
Processus d’ouverture de session : Advapi
Package d’authentification : Negotiate
Services en transit : -
Nom du package (NTLM uniquement) : -
Longueur de la clé : 0

Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée.

Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe.

Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau).

Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté.

Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas.

Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique.
- Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC .
- Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session.
- Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM.
- La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée.
Record Number: 103208
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20101022114938.594110-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-jaegy
Event Code: 4672
Message: Privilèges spéciaux attribués à la nouvelle ouverture de session.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
ID d’ouverture de session : 0x3e7

Privilèges : SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 103209
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20101022114938.594110-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-jaegy
Event Code: 4648
Message: Tentative d’ouverture de session en utilisant des informations d’identification explicites.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-JAEGY$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Compte dont les informations d’identification ont été utilisées :
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Serveur cible :
Nom du serveur cible : localhost
Informations supplémentaires : localhost

Informations sur le processus :
ID du processus : 0x290
Nom du processus : C:\Windows\System32\services.exe

Informations sur le réseau :
Adresse du réseau : -
Port : -

Cet événement est généré lorsqu’un processus tente d’ouvrir une session pour un compte en spécifiant explicitement les informations d’identification de ce compte. Ceci se produit le plus souvent dans les configurations par lot comme les tâches planifiées, ou avec l’utilisation de la commande RUNAS.
Record Number: 103210
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20101022124623.039155-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-jaegy
Event Code: 4624
Message: L’ouverture de session d’un compte s’est correctement déroulée.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-JAEGY$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7

Type d’ouverture de session : 5

Nouvelle ouverture de session :
ID de sécurité : S-1-5-18
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
ID d’ouverture de session : 0x3e7
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Informations sur le processus :
ID du processus : 0x290
Nom du processus : C:\Windows\System32\services.exe

Informations sur le réseau :
Nom de la station de travail :
Adresse du réseau source : -
Port source : -

Informations détaillées sur l’authentification :
Processus d’ouverture de session : Advapi
Package d’authentification : Negotiate
Services en transit : -
Nom du package (NTLM uniquement) : -
Longueur de la clé : 0

Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée.

Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe.

Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau).

Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté.

Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas.

Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique.
- Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC .
- Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session.
- Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM.
- La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée.
Record Number: 103211
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20101022124623.039155-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-jaegy
Event Code: 4672
Message: Privilèges spéciaux attribués à la nouvelle ouverture de session.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
ID d’ouverture de session : 0x3e7

Privilèges : SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 103212
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20101022124623.039155-000
Event Type: Succès de l'audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\hp\bin\Python;C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\;C:\Program Files (x86)\Common Files\Roxio Shared\9.0\DLLShared\;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Pinnacle\Shared Files\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\34FB5F65-FFEB-4B61-BF0E-A6A76C450FAA\TraceFormat
"DFSTRACINGON"=FALSE
"OnlineServices"=Online Services
"Platform"=HPD
"PCBRAND"=Pavilion
"MSWorksProductCode"={3B160861-7250-451E-B5EE-8B92BF30A710}
"asl.log"=Destination=file;OnFirstLog=command,environment
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"CLASSPATH"=.;C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------
24 Août 2011 20:16:29

fussy a dit :
(juste avant d'avoir les resultats de log et info, mon AV a supprimé un cheval de troie. il pouvait provenir de HijackThis?)


Re,

> Peut-être.

Télécharge Rkill (merci Grinler) sur ton Bureau : Ici
/!\ Désactive tes protections résidentes : http://forum.pcastuces.com/desactiver_les_protections_r...
* Double-clique sur le fichier rkill afin de lancer l' outil (pour les utilisateurs de Vista/7, faire un clic-droit dessus puis choisir Exécuter en tant qu' Administrateur)
* Une fenêtre à fond noir va apparaître brièvement, puis disparaître
* Si rien ne se passe ou si l' outil ne se lance pas, télécharge-le depuis un des 3 autres liens ci-dessous et fais une nouvelle tentative

Lien 1
Lien 2
Lien 3

NB : Si aucun des quatre ne semble fonctionner, ne continue pas et préviens-moi dans ton prochain message.

1) Télécharge :
Malwarebytes' Anti-Malware : Ici

2) Lance-le :
Tuto : http://forum.pcastuces.com/malwarebytes_anti_malware___...

3) Poste le rapport.

Edit : Mep


24 Août 2011 21:16:01

voilà :
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Version de la base de données: 7556

Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.19088

24/08/2011 21:13:48
mbam-log-2011-08-24 (21-13-42).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 183799
Temps écoulé: 6 minute(s), 20 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
c:\Users\jaegy\AppData\Local\Temp\is-C731M.tmp\dealio.exe (PUP.Dealio.TB) -> No action taken.
24 Août 2011 21:58:45

¤ Télécharge Ad-Remover (merci C_XX) sur ton Bureau : Ici
- Double-clique dessus pour le démarrer (Vista/7, clic-droit>Exécuter en tant qu' Administrateur)
- Lance la recherche et poste le rapport généré
24 Août 2011 22:09:24

(aufait merci de m'aider!)

sinon voilà :
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files (x86)\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 22:05:27 le 24/08/2011, Mode normal

Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1 (X64)
jaegy@PC-DE-JAEGY (HP-Pavilion NF414AA-ABF a6644fr)

============== RECHERCHE ==============


Dossier trouvé: C:\Users\jaegy\AppData\Roaming\Mozilla\FireFox\Profiles\fj65djnq.default\conduit
Dossier trouvé: C:\Users\jaegy\AppData\Roaming\Mozilla\FireFox\Profiles\fj65djnq.default\ConduitEngine
Dossier trouvé: C:\Users\jaegy\AppData\Roaming\Mozilla\FireFox\Profiles\fj65djnq.default\extensions\engine@conduit.com
Fichier trouvé: C:\Users\jaegy\AppData\Roaming\Mozilla\FireFox\Profiles\fj65djnq.default\searchplugins\conduit.xml
Dossier trouvé: C:\Program Files (x86)\Ask.com
Dossier trouvé: C:\Program Files (x86)\Search Settings

-- Fichier ouvert: C:\Users\jaegy\AppData\Roaming\Mozilla\FireFox\Profiles\fj65djnq.default\Prefs.js --
Ligne trouvée: user_pref("CT2911070.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT291...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1302974/1298645/FR", "\"0\"...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/FR", "\"0\"")...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2911070", ...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.0...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3....
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2911070",...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=1/11/20...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2911070/CT2911070...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634...
Ligne trouvée: user_pref("CommunityToolbar.EngineHiddenByUser", false);
Ligne trouvée: user_pref("CommunityToolbar.EngineOwner", "CT2911070");
Ligne trouvée: user_pref("CommunityToolbar.EngineOwnerGuid", "{00725d68-069b-4095-9ff1-e7469c0e95df}");
Ligne trouvée: user_pref("CommunityToolbar.EngineOwnerToolbarId", "software_master");
Ligne trouvée: user_pref("CommunityToolbar.IsEngineShown", false);
Ligne trouvée: user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Ligne trouvée: user_pref("CommunityToolbar.OriginalEngineOwner", "CT2911070");
Ligne trouvée: user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{00725d68-069b-4095-9ff1-e7469c0e95df}");
Ligne trouvée: user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "software_master");
Ligne trouvée: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr...
Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList", "ConduitEngine,CT2911070");
Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList2", "CT2911070");
Ligne trouvée: user_pref("CommunityToolbar.alert.alertEnabled", true);
Ligne trouvée: user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Ligne trouvée: user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Wed Aug 24 2011 03:19:03 GMT+0200");
Ligne trouvée: user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Ligne trouvée: user_pref("CommunityToolbar.alert.locale", "en");
Ligne trouvée: user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Ligne trouvée: user_pref("CommunityToolbar.alert.loginLastCheckTime", "Wed Aug 24 2011 03:18:46 GMT+0200");
Ligne trouvée: user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1313487611");
Ligne trouvée: user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Ligne trouvée: user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Ligne trouvée: user_pref("CommunityToolbar.alert.showTrayIcon", false);
Ligne trouvée: user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Ligne trouvée: user_pref("CommunityToolbar.alert.userId", "76f62306-6240-43e3-a60c-d50f7d38a572");
Ligne trouvée: user_pref("CommunityToolbar.globalUserId", "9d57566f-31dd-452b-b6f6-555affd3e997");
Ligne trouvée: user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Ligne trouvée: user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2911070");
Ligne trouvée: user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Sun Jan 23 2011 23:55:09 GMT+0100");
Ligne trouvée: user_pref("ConduitEngine.FirstServerDate", "01/24/2011 01");
Ligne trouvée: user_pref("ConduitEngine.FirstTime", true);
Ligne trouvée: user_pref("ConduitEngine.FirstTimeFF3", true);
Ligne trouvée: user_pref("ConduitEngine.HasUserGlobalKeys", true);
Ligne trouvée: user_pref("ConduitEngine.HideEngineAfterRestart", true);
Ligne trouvée: user_pref("ConduitEngine.Initialize", true);
Ligne trouvée: user_pref("ConduitEngine.InitializeCommonPrefs", true);
Ligne trouvée: user_pref("ConduitEngine.InstalledDate", "Sun Jan 23 2011 23:55:10 GMT+0100");
Ligne trouvée: user_pref("ConduitEngine.IsMulticommunity", false);
Ligne trouvée: user_pref("ConduitEngine.IsOpenThankYouPage", false);
Ligne trouvée: user_pref("ConduitEngine.IsOpenUninstallPage", true);
Ligne trouvée: user_pref("ConduitEngine.LanguagePackLastCheckTime", "Sun Jan 23 2011 23:55:09 GMT+0100");
Ligne trouvée: user_pref("ConduitEngine.LastLogin_3.3.0.19", "Mon Jan 24 2011 19:04:26 GMT+0100");
Ligne trouvée: user_pref("ConduitEngine.PublisherContainerWidth", 0);
Ligne trouvée: user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Ligne trouvée: user_pref("ConduitEngine.SettingsLastCheckTime", "Mon Jan 24 2011 19:04:26 GMT+0100");
Ligne trouvée: user_pref("ConduitEngine.UserID", "UN14385165992774207");
Ligne trouvée: user_pref("ConduitEngine.engineLocale", "fr");
Ligne trouvée: user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Sun Jan 23 2011 23:55:09 GMT+0100");
Ligne trouvée: user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Sun Jan 23 2011 23:55:09 GMT+0100");
Ligne trouvée: user_pref("ConduitEngine.initDone", true);
Ligne trouvée: user_pref("ConduitEngine.isAppTrackingManagerOn", false);
Ligne trouvée: user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2911070&Sea...
-- Fichier Fermé --


Clé trouvée: HKLM\Software\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Clé trouvée: HKLM\Software\Classes\Interface\{DB885111-F39F-4D88-9EE5-C88460B6DF7B}
Clé trouvée: HKLM\Software\Classes\TypeLib\{CD082CCA-086F-4FD8-8FD7-247A0DBBD1CC}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{5F05C28D-DEA9-4AD6-A73A-064175988EAB}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C878CD69-85DB-426B-81A3-E71175AAEB91}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}

Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}


============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [3.6.3 (fr)] ****

HKLM_MozillaPlugins\@Musicnotes.com/Musicnotes Viewer,version=1.18.4 (x)
HKLM_MozillaPlugins\@Sibelius.com/Scorch Plugin,version=6.1.5.22 (x)
HKLM_Extensions|litmus-ff@f-secure.com - C:\Program Files (x86)\PacksecuriteNumericable\NRS\litmus-ff@f-secure.com

-- C:\Users\jaegy\AppData\Roaming\Mozilla\FireFox\Profiles\fj65djnq.default --
Extensions\Access Privileges Test (?)
Extensions\DTToolbar@toolbarnet.com (DAEMON Tools Toolbar)
Extensions\engine@conduit.com (Conduit Engine )
Extensions\firebug@software.joehewitt.com (Firebug)
Extensions\{00725d68-069b-4095-9ff1-e7469c0e95df} (Software Master Community Toolbar)
Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8} (Stylish)
Extensions\{53724739-8c9b-4b6d-904d-de60ae2a431c} (Fbosf)
Searchplugins\conduit.xml (hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2911070&SearchSource=3&q={searchTerms} /)
Prefs.js - browser.download.lastDir, C:\\Users\\jaegy\\Desktop\\Lauranne
Prefs.js - browser.search.defaulturl, hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2911070&SearchSource=3&q={searchTerms}
Prefs.js - browser.startup.homepage, hxxp://www.mydtzone.com/startpage|hxxp://www.google.com/firefox
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.3

========================================

**** Internet Explorer Version [8.0.6001.19088] ****

HKCU_Main|Default_Page_URL - hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=84&bd=Pavilion&pf=cndt
HKCU_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKCU_Main|Start Page - hxxp://www.daemon-search.com/startpage
HKLM_Main|Default_Page_URL - hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=84&bd=Pavilion&pf=cndt
HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Start Page - hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=84&bd=Pavilion&pf=cndt
HKCU_SearchScopes\{802DE6CE-4711-4535-BBD4-9804F422AD2C} - "Kelkoo" (hxxp://fr.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromfor...)
HKLM_SearchScopes\{802DE6CE-4711-4535-BBD4-9804F422AD2C} - "Kelkoo" (hxxp://fr.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromfor...)
HKCU_Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440} (x)
HKCU_Toolbar\WebBrowser|{32099AAC-C132-4136-9E9A-4E364A424E17} (C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll)
HKLM_Toolbar|{32099AAC-C132-4136-9E9A-4E364A424E17} (C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll)
HKLM_Toolbar|{265EEE8E-3228-44D3-AEA5-F7FDF5860049} (C:\Program Files (x86)\PacksecuriteNumericable\NRS\iescript\baselitmus.dll)
HKLM_Toolbar|{8dcb7100-df86-4384-8842-8fa844297b3f} ("C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll") (x)
HKLM_ElevationPolicy\{1239CC52-59EF-4DFA-8C61-90FFA846DF7F} - C:\Program Files (x86)\Musicnotes\Player\musnotes.exe (Musicnotes, Inc.)
HKLM_ElevationPolicy\{1239CC52-59EF-4DFA-8C61-90FFA846DF80}} - C:\Program Files (x86)\Musicnotes\GuitarGuru\mnguitar.exe (Musicnotes, Inc.)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{a00068b1-1e4e-41c7-afa9-baeb9697e2b9} - C:\Program Files (x86)\Common Files\Research In Motion\AppLoader\Loader.exe (Research In Motion Limited)
HKLM_ElevationPolicy\{aa851425-0109-43f3-9ed2-7b7090125861} - C:\Program Files (x86)\Microsoft\BingBar\BingBar.exe (Microsoft Corporation.)
HKLM_ElevationPolicy\{E5A16ED5-1288-4bc3-8F60-48E32854CEF6} - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe (Research In Motion Limited)
HKLM_ElevationPolicy\{F365CC6C-656A-4108-8CF0-16DF98696395} - C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\ZoomBrowser.exe (?)
BHO\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - "Windows Live Family Safety Browser Helper Class" (C:\Program Files (x86)\Windows Live\Family Safety\fssbho.dll)
BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
BHO\{C6867EB7-8350-4856-877F-93CF8AE3DC9C} - "Browsing Protection Class" (C:\Program Files (x86)\PacksecuriteNumericable\NRS\iescript\baselitmus.dll)
BHO\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "Bing Bar Helper" ("C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll") (x)

========================================

C:\Program Files (x86)\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files (x86)\Ad-Remover\Backup: 0 Fichier(s)

C:\Ad-Report-SCAN[1].txt - 24/08/2011 22:05:42 (13225 Octet(s))

Fin à: 22:06:38, 24/08/2011

============== E.O.F ==============
25 Août 2011 07:53:24

Bonjour,

- Double-clique sur Ad-Remover pour l' exécuter
- Lance le nettoyage et poste le rapport

A+
25 Août 2011 14:59:29

Bonjour :) 

Voilà :
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files (x86)\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 14:56:12 le 25/08/2011, Mode normal

Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1 (X64)
jaegy@PC-DE-JAEGY (HP-Pavilion NF414AA-ABF a6644fr)

============== ACTION(S) ==============


Dossier supprimé: C:\Users\jaegy\AppData\Roaming\Mozilla\FireFox\Profiles\fj65djnq.default\conduit
Dossier supprimé: C:\Users\jaegy\AppData\Roaming\Mozilla\FireFox\Profiles\fj65djnq.default\ConduitEngine
Dossier supprimé: C:\Users\jaegy\AppData\Roaming\Mozilla\FireFox\Profiles\fj65djnq.default\extensions\engine@conduit.com
Fichier supprimé: C:\Users\jaegy\AppData\Roaming\Mozilla\FireFox\Profiles\fj65djnq.default\searchplugins\conduit.xml
Dossier supprimé: C:\Program Files (x86)\Ask.com
Dossier supprimé: C:\Program Files (x86)\Search Settings

(!) -- Fichiers temporaires supprimés.


-- Fichier ouvert: C:\Users\jaegy\AppData\Roaming\Mozilla\FireFox\Profiles\fj65djnq.default\Prefs.js --
Ligne supprimée: user_pref("CT2911070.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT291...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1302974/1298645/FR", "\"0\"...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/FR", "\"0\"")...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2911070", ...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.0...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3....
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2911070",...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=1/11/20...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2911070/CT2911070...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634...
Ligne supprimée: user_pref("CommunityToolbar.EngineHiddenByUser", false);
Ligne supprimée: user_pref("CommunityToolbar.EngineOwner", "CT2911070");
Ligne supprimée: user_pref("CommunityToolbar.EngineOwnerGuid", "{00725d68-069b-4095-9ff1-e7469c0e95df}");
Ligne supprimée: user_pref("CommunityToolbar.EngineOwnerToolbarId", "software_master");
Ligne supprimée: user_pref("CommunityToolbar.IsEngineShown", false);
Ligne supprimée: user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Ligne supprimée: user_pref("CommunityToolbar.OriginalEngineOwner", "CT2911070");
Ligne supprimée: user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{00725d68-069b-4095-9ff1-e7469c0e95df}");
Ligne supprimée: user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "software_master");
Ligne supprimée: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr...
Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList", "ConduitEngine,CT2911070");
Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList2", "CT2911070");
Ligne supprimée: user_pref("CommunityToolbar.alert.alertEnabled", true);
Ligne supprimée: user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Ligne supprimée: user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Wed Aug 24 2011 03:19:03 GMT+0200");
Ligne supprimée: user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Ligne supprimée: user_pref("CommunityToolbar.alert.locale", "en");
Ligne supprimée: user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Ligne supprimée: user_pref("CommunityToolbar.alert.loginLastCheckTime", "Wed Aug 24 2011 03:18:46 GMT+0200");
Ligne supprimée: user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1313487611");
Ligne supprimée: user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Ligne supprimée: user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Ligne supprimée: user_pref("CommunityToolbar.alert.showTrayIcon", false);
Ligne supprimée: user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Ligne supprimée: user_pref("CommunityToolbar.alert.userId", "76f62306-6240-43e3-a60c-d50f7d38a572");
Ligne supprimée: user_pref("CommunityToolbar.globalUserId", "9d57566f-31dd-452b-b6f6-555affd3e997");
Ligne supprimée: user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Ligne supprimée: user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2911070");
Ligne supprimée: user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Sun Jan 23 2011 23:55:09 GMT+0100");
Ligne supprimée: user_pref("ConduitEngine.FirstServerDate", "01/24/2011 01");
Ligne supprimée: user_pref("ConduitEngine.FirstTime", true);
Ligne supprimée: user_pref("ConduitEngine.FirstTimeFF3", true);
Ligne supprimée: user_pref("ConduitEngine.HasUserGlobalKeys", true);
Ligne supprimée: user_pref("ConduitEngine.HideEngineAfterRestart", true);
Ligne supprimée: user_pref("ConduitEngine.Initialize", true);
Ligne supprimée: user_pref("ConduitEngine.InitializeCommonPrefs", true);
Ligne supprimée: user_pref("ConduitEngine.InstalledDate", "Sun Jan 23 2011 23:55:10 GMT+0100");
Ligne supprimée: user_pref("ConduitEngine.IsMulticommunity", false);
Ligne supprimée: user_pref("ConduitEngine.IsOpenThankYouPage", false);
Ligne supprimée: user_pref("ConduitEngine.IsOpenUninstallPage", true);
Ligne supprimée: user_pref("ConduitEngine.LanguagePackLastCheckTime", "Sun Jan 23 2011 23:55:09 GMT+0100");
Ligne supprimée: user_pref("ConduitEngine.LastLogin_3.3.0.19", "Mon Jan 24 2011 19:04:26 GMT+0100");
Ligne supprimée: user_pref("ConduitEngine.PublisherContainerWidth", 0);
Ligne supprimée: user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Ligne supprimée: user_pref("ConduitEngine.SettingsLastCheckTime", "Mon Jan 24 2011 19:04:26 GMT+0100");
Ligne supprimée: user_pref("ConduitEngine.UserID", "UN14385165992774207");
Ligne supprimée: user_pref("ConduitEngine.engineLocale", "fr");
Ligne supprimée: user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Sun Jan 23 2011 23:55:09 GMT+0100");
Ligne supprimée: user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Sun Jan 23 2011 23:55:09 GMT+0100");
Ligne supprimée: user_pref("ConduitEngine.initDone", true);
Ligne supprimée: user_pref("ConduitEngine.isAppTrackingManagerOn", false);
Ligne supprimée: user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2911070&Sea...
-- Fichier Fermé --


Clé supprimée: HKLM\Software\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Clé supprimée: HKLM\Software\Classes\Interface\{DB885111-F39F-4D88-9EE5-C88460B6DF7B}
Clé supprimée: HKLM\Software\Classes\TypeLib\{CD082CCA-086F-4FD8-8FD7-247A0DBBD1CC}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{5F05C28D-DEA9-4AD6-A73A-064175988EAB}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C878CD69-85DB-426B-81A3-E71175AAEB91}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}

Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}


============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [3.6.3 (fr)] ****

HKLM_MozillaPlugins\@Musicnotes.com/Musicnotes Viewer,version=1.18.4 (x)
HKLM_MozillaPlugins\@Sibelius.com/Scorch Plugin,version=6.1.5.22 (x)
HKLM_Extensions|litmus-ff@f-secure.com - C:\Program Files (x86)\PacksecuriteNumericable\NRS\litmus-ff@f-secure.com

-- C:\Users\jaegy\AppData\Roaming\Mozilla\FireFox\Profiles\fj65djnq.default --
Extensions\Access Privileges Test (?)
Extensions\DTToolbar@toolbarnet.com (DAEMON Tools Toolbar)
Extensions\firebug@software.joehewitt.com (Firebug)
Extensions\{00725d68-069b-4095-9ff1-e7469c0e95df} (Software Master Community Toolbar)
Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8} (Stylish)
Extensions\{53724739-8c9b-4b6d-904d-de60ae2a431c} (Fbosf)
Prefs.js - browser.download.lastDir, C:\\Users\\jaegy\\Desktop\\Lauranne
Prefs.js - browser.startup.homepage, hxxp://www.mydtzone.com/startpage|hxxp://www.google.com/firefox
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.3

========================================

**** Internet Explorer Version [8.0.6001.19088] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_SearchScopes\{802DE6CE-4711-4535-BBD4-9804F422AD2C} - "Kelkoo" (hxxp://fr.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromfor...)
HKLM_SearchScopes\{802DE6CE-4711-4535-BBD4-9804F422AD2C} - "Kelkoo" (hxxp://fr.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromfor...)
HKCU_Toolbar\WebBrowser|{32099AAC-C132-4136-9E9A-4E364A424E17} (C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll)
HKLM_Toolbar|{32099AAC-C132-4136-9E9A-4E364A424E17} (C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll)
HKLM_Toolbar|{265EEE8E-3228-44D3-AEA5-F7FDF5860049} (C:\Program Files (x86)\PacksecuriteNumericable\NRS\iescript\baselitmus.dll)
HKLM_Toolbar|{8dcb7100-df86-4384-8842-8fa844297b3f} ("C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll") (x)
HKLM_ElevationPolicy\{1239CC52-59EF-4DFA-8C61-90FFA846DF7F} - C:\Program Files (x86)\Musicnotes\Player\musnotes.exe (Musicnotes, Inc.)
HKLM_ElevationPolicy\{1239CC52-59EF-4DFA-8C61-90FFA846DF80}} - C:\Program Files (x86)\Musicnotes\GuitarGuru\mnguitar.exe (Musicnotes, Inc.)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{a00068b1-1e4e-41c7-afa9-baeb9697e2b9} - C:\Program Files (x86)\Common Files\Research In Motion\AppLoader\Loader.exe (Research In Motion Limited)
HKLM_ElevationPolicy\{aa851425-0109-43f3-9ed2-7b7090125861} - C:\Program Files (x86)\Microsoft\BingBar\BingBar.exe (Microsoft Corporation.)
HKLM_ElevationPolicy\{E5A16ED5-1288-4bc3-8F60-48E32854CEF6} - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe (Research In Motion Limited)
HKLM_ElevationPolicy\{F365CC6C-656A-4108-8CF0-16DF98696395} - C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\ZoomBrowser.exe (?)
BHO\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - "Windows Live Family Safety Browser Helper Class" (C:\Program Files (x86)\Windows Live\Family Safety\fssbho.dll)
BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
BHO\{C6867EB7-8350-4856-877F-93CF8AE3DC9C} - "Browsing Protection Class" (C:\Program Files (x86)\PacksecuriteNumericable\NRS\iescript\baselitmus.dll)
BHO\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "Bing Bar Helper" ("C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll") (x)

========================================

C:\Program Files (x86)\Ad-Remover\Quarantine: 77 Fichier(s)
C:\Program Files (x86)\Ad-Remover\Backup: 16 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 25/08/2011 14:56:33 (13091 Octet(s))
C:\Ad-Report-SCAN[1].txt - 24/08/2011 22:05:42 (13364 Octet(s))

Fin à: 14:57:54, 25/08/2011

============== E.O.F ==============
25 Août 2011 23:09:39

Re!
Mon rapport ne fait que trois lignes, est-ce normal?

ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
26 Août 2011 10:04:42

fussy a dit :
> Mon rapport ne fait que trois lignes, est-ce normal?


Bonjour,

> Non, réessaye.

A+
27 Août 2011 00:37:29

Mon fichier log.txt avait toujours ces trois lignes, mais quand j'ai cliqué dans affichez la liste des menaces detectées, il y avait "copier vers le presse papier", c'était ça que tu voulais?

C:\Users\jaegy\AppData\Local\Temp\is-C731M.tmp\dealio.exe Win32/Adware.Toolbar.Dealio application
C:\Users\jaegy\AppData\Local\Temp\plugtmp-97\plugin-cqyubwxohvau.pdf JS/Exploit.Pdfka.OYH cheval de troie
C:\Users\jaegy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\655de304-64d50c89 une variante probable de Java/Agent.BR cheval de troie
C:\Users\jaegy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\43458f85-5d977737 une variante de Java/Agent.BR cheval de troie
C:\Users\jaegy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\7fa50935-165a9083 menaces multiples
C:\Users\jaegy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\21bbb478-40a39592 Java/Exploit.CVE-2009-3867.AL cheval de troie
C:\Users\jaegy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\143b51c7-35bf14c5 une variante de Java/TrojanDownloader.OpenStream.NCC cheval de troie
27 Août 2011 20:07:38

Bonjour!

J'ai fais ces mises à jour :) 
29 Août 2011 21:28:47

Bonjour,

1) Télécharge :
CCleaner : Ici
Lance-le puis clique sur Options>Avancé et décoche Effacer uniquement les fichiers Temp de Windows datant de plus de 24 heures. Ferme le programme.

2) Lance CCleaner :
Dans le menu Nettoyeur, clique sur Analyse (laisse-le travailler) puis sur le bouton Lancer le nettoyage.
Fais cela plusieurs fois.

A+
30 Août 2011 13:58:33

Bonjour :) 

J'ai comme vous m'avez dit.
Et aussi, depuis quelques jours, il y a ce message qui s'affiche, qu'est ce que c'est?


30 Août 2011 15:41:47

fussy a dit :
> Et aussi, depuis quelques jours, il y a ce message qui s'affiche, qu'est ce que c'est?


Re,

> :??: 

Comment va ton Pc?

Poste un dernier rapport RSIT.
30 Août 2011 20:27:36

Re :) 

Il est toujours au même point. Aucun icône sur mon bureau (sauf internet + ce que j'ai du installer durant la manip' de ce sujet), rien non plus dans mon menu démarrer :/ 

Sinon voici log (par contre je n'ai pas le info.txt dans C:\rsit)

Logfile of random's system information tool 1.09 (written by random/random)
Run by jaegy at 2011-08-24 19:02:10
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 112 GB (24%) free of 463 GB
Total RAM: 4093 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:02:34, on 24/08/2011
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.19088)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\ProgramData\UPatikNiIP.exe
C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe
C:\Program Files (x86)\Logitech\Video\LogiTray.exe
C:\Program Files (x86)\PacksecuriteNumericable\Common\FSM32.EXE
C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Windows\SysWOW64\attrib.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\hp\kbd\kbd.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Microsoft\BingBar\BingBar.exe
C:\Program Files (x86)\Microsoft\BingBar\BingApp.exe
C:\Program Files\trend micro\jaegy.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files (x86)\Windows Live\Family Safety\fssbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files (x86)\PacksecuriteNumericable\NRS\iescript\baselitmus.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files (x86)\PacksecuriteNumericable\NRS\iescript\baselitmus.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] "C:\Program Files (x86)\Logitech\Video\ISStart.exe" /RegAll
O4 - HKLM\..\Run: [LogitechVideoTray] "C:\Program Files (x86)\Logitech\Video\LogiTray.exe"
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files (x86)\PacksecuriteNumericable\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files (x86)\PacksecuriteNumericable\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SwitchBoard] "C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"
O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN
O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files (x86)\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [UPatikNiIP] C:\ProgramData\UPatikNiIP.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (BthServ) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Configuration automatique de réseau câblé (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Easybits Shared Services for Windows (ezSharedSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files (x86)\PacksecuriteNumericable\Anti-Virus\fsgk32st.exe
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files (x86)\PacksecuriteNumericable\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files (x86)\PacksecuriteNumericable\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files (x86)\PacksecuriteNumericable\ORSP Client\fsorsp.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: TabletServicePen - Unknown owner - C:\Windows\system32\Pen_Tablet.exe (file missing)
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: WDDMService - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: WD File Management Engine (WDFME) - Unknown owner - C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: WD File Management Shadow Engine (WDSC) - Unknown owner - C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDSC.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100 (WPFFontCache_v0400) - Unknown owner - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe

--
End of file - 27656 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\rundll32.exe C:\Windows\system32\NVSVC64.DLL,nvsvcInitialize
/QuitInfo:00000000000002D4;00000000000002E0; /AddRef;
/QuitInfo:00000000000002EC;00000000000002DC;
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
/QuitInfo:00000000000005CC;00000000000005F4; /AddRef;
/QuitInfo:00000000000005F0;0000000000000600;
taskeng.exe {D5B1A78E-6726-4CDF-BA6D-64E6E92D6177}
/loadhooks /Parent:0000000000000784
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {BF4E05A2-855B-4A30-A66F-CB7D5C3C731A}
"C:\Windows\System32\rundll32.exe" C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
"C:\Program Files\Microsoft IntelliType Pro\itype.exe"
"C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Windows\System32\p2phost.exe" -s
"C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
"C:\Windows\ehome\ehtray.exe"
"C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\ProgramData\UPatikNiIP.exe"
"C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe"
C:\Windows\ehome\ehmsas.exe -Embedding
"C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe"
C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
"C:\hp\support\hpsysdrv.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe"
"C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe"
"C:\Program Files (x86)\Logitech\Video\LogiTray.exe"
"C:\Program Files (x86)\PacksecuriteNumericable\Common\FSM32.EXE" /splash
"C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe"
"C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\SysWOW64\svchost.exe -k netsvcs
"C:\Program Files (x86)\PacksecuriteNumericable\Anti-Virus\fsgk32st.exe"
"C:\Program Files (x86)\PacksecuriteNumericable\Common\FSMA32.EXE"
"C:\Program Files (x86)\PacksecuriteNumericable\Anti-Virus\FSGK32.EXE" /service /stopevent=148 /ipcexch=128
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
oid 1.3.6.1.4.1.2213.11.1.27 HosterGroupType 0
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\Pen_Tablet.exe
"C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe"
"C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe"
WTablet\Pen_TabletUser.exe
oid 1.3.6.1.4.1.2213.11.1.27.64 HosterGroupType 0
Pen_Tablet.exe au
attrib +h "C:\Users\jaegy\*.* " /s /d
"C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDSC.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-a8b69bd6-0df5-45df-9d54-d49db8478a30 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-d0e6e0af-525f-454c-adb4-534d02a1ceaa -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-42220649-bce2-480d-a891-1376c4e902f7 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:95f94e01-8b27-41af-baec-51c50aada360
"C:\Windows\System32\rundll32.exe" pnpui.dll,SimplifiedDINotification
"C:\Program Files (x86)\PacksecuriteNumericable\FWES\Program\fsdfwd.exe"
"C:\Program Files (x86)\PacksecuriteNumericable\Spam Control\fsscoepl_x64.exe"
"C:\Program Files (x86)\PacksecuriteNumericable\ORSP Client\fsorsp.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\PacksecuriteNumericable\Anti-Virus\fssm32.exe" 3 600 604 608
rundll32.exe C:\Windows\system32\newdev.dll,pDiDeviceInstallAction \\.\pipe\PNP_Device_Install_Pipe_1.{ff146174-79c4-402b-b9ef-dcf01a5963bb} "PCI\VEN_1799&DEV_700F&SUBSYS_700F1799&REV_20\4&d59273a&0&00F0"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\PacksecuriteNumericable\Anti-Virus\fsav32.exe"
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\hp\kbd\kbd.exe"
"C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
"C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe"
"C:\Program Files\Internet Explorer\iexplore.exe" SCODEF:6052 CREDAT:79873
"C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe"
"c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe"
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:5012 CREDAT:79873
"C:\Program Files (x86)\Microsoft\BingBar\BingBar.exe" -Embedding
"C:\Program Files (x86)\Microsoft\BingBar\BingApp.exe" -Embedding
"C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE"
taskeng.exe {290F5C8A-55D5-4785-AB92-89F2AE26F2A2}
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\ehome\mcupdate.EXE $(Arg0) -gc
"C:\Windows\system32\SearchFilterHost.exe" 0 620 624 632 65536 628
"C:\Users\jaegy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MTTMN079\RSITx64[1].exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore1cc20dc79620a6a.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\HPCeeScheduleForjaegy.job
C:\Windows\tasks\User_Feed_Synchronization-{DCAD4505-3874-4C7D-A3F5-C0BB8F133016}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2010-04-28 132456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2011-08-23 410288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg64.dll [2011-06-09 341048]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files (x86)\Windows Live\Family Safety\fssbho.dll [2010-04-28 113512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2011-08-23 305328]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll [2011-06-09 1007160]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C6867EB7-8350-4856-877F-93CF8AE3DC9C}]
Browsing Protection Class - C:\Program Files (x86)\PacksecuriteNumericable\NRS\iescript\baselitmus.dll [2011-08-22 545448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-07-07 1152776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-06-15 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2010-03-25 1548096]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2011-08-23 410288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]
{265EEE8E-3228-44D3-AEA5-F7FDF5860049} - Browsing Protection Toolbar - C:\Program Files (x86)\PacksecuriteNumericable\NRS\iescript\baselitmus.dll [2011-08-22 545448]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-07-07 1152776]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2011-08-23 305328]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1584184]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-04-17 15844896]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-04-17 82464]
"fssui"=C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe [2010-04-28 647528]
"itype"=C:\Program Files\Microsoft IntelliType Pro\itype.exe [2009-05-21 2342800]
"IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2009-05-26 2314120]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-15 499608]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1555968]
"HPAdvisor"=C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN []
"CollaborationHost"=C:\Windows\system32\p2phost.exe [2008-01-21 215040]
"MsnMsgr"=C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe [2010-04-16 3872080]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 138240]
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-02-24 39408]
"LDM"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe [2009-03-17 20480]
"LogitechSoftwareUpdate"=C:\Program Files (x86)\Logitech\Video\ManifestEngine.exe [2005-06-08 196608]
"EA Core"=C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent []
"AdobeBridge"= []
"ISUSPM"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe -scheduler []
"Steam"=C:\Program Files (x86)\Steam\Steam.exe [2011-08-11 1242448]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2011-03-04 2741616]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"UPatikNiIP"=C:\ProgramData\UPatikNiIP.exe [2011-08-24 390144]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"=c:\hp\support\hpsysdrv.exe [2007-04-18 65536]
"KBD"=C:\HP\KBD\KbdStub.EXE [2006-12-08 65536]
"HP Health Check Scheduler"=c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-06-02 75008]
"HP Software Update"=c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"Adobe Photo Downloader"=C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe [2006-12-22 67752]
"LogitechVideoRepair"=C:\Program Files (x86)\Logitech\Video\ISStart.exe [2005-06-08 458752]
"LogitechVideoTray"=C:\Program Files (x86)\Logitech\Video\LogiTray.exe [2005-06-08 217088]
"F-Secure Manager"=C:\Program Files (x86)\PacksecuriteNumericable\Common\FSM32.EXE [2009-08-05 199264]
"F-Secure TNB"=C:\Program Files (x86)\PacksecuriteNumericable\FSGUI\TNBUtil.exe [2009-08-05 2349664]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-11-29 421888]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2011-03-01 421160]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5.5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [2011-01-12 1523360]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
WDDMStatus.lnk - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutorun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=0
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-08-24 19:02:11 ----D---- C:\Program Files\trend micro
2011-08-24 19:02:10 ----D---- C:\rsit
2011-08-24 01:50:00 ----AH---- C:\ProgramData\P1kAlMiG2Kb7Fz.exe
2011-08-24 01:39:49 ----AH---- C:\ProgramData\UPatikNiIP.exe
2011-08-18 00:01:20 ----D---- C:\Program Files (x86)\Apple Software Update
2011-08-11 01:52:22 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys

======List of files/folders modified in the last 1 month======

2011-08-24 19:02:11 ----RD---- C:\Program Files
2011-08-24 19:01:44 ----D---- C:\Windows\Temp
2011-08-24 18:51:21 ----HD---- C:\Program Files (x86)\Steam
2011-08-24 18:50:04 ----HD---- C:\Users\jaegy\AppData\Roaming\WTablet
2011-08-24 03:02:28 ----HD---- C:\ProgramData
2011-08-24 03:00:55 ----D---- C:\Program Files (x86)
2011-08-24 02:59:50 ----SHD---- C:\System Volume Information
2011-08-24 02:56:21 ----HD---- C:\Users\jaegy\AppData\Roaming\InstallShield
2011-08-24 02:55:46 ----D---- C:\Windows\SYSWOW64\drivers
2011-08-24 02:55:46 ----D---- C:\Windows\SysWOW64
2011-08-24 02:53:31 ----D---- C:\Windows\system32\catroot
2011-08-24 02:53:29 ----D---- C:\Windows\inf
2011-08-24 02:50:28 ----D---- C:\Program Files (x86)\Zanag
2011-08-24 02:49:30 ----HD---- C:\Users\jaegy\AppData\Roaming\uTorrent
2011-08-24 02:42:14 ----D---- C:\Windows\Minidump
2011-08-24 02:42:08 ----D---- C:\Windows
2011-08-24 02:38:33 ----D---- C:\Windows\Prefetch
2011-08-24 02:02:50 ----HD---- C:\Windows\tracing
2011-08-23 21:11:07 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-08-23 21:07:36 ----HD---- C:\Program Files (x86)\Warcraft III
2011-08-23 20:51:27 ----SHD---- C:\Windows\Installer
2011-08-23 14:58:43 ----D---- C:\Program Files (x86)\PacksecuriteNumericable
2011-08-23 03:08:41 ----D---- C:\Program Files (x86)\Windows Live
2011-08-23 03:04:37 ----D---- C:\ProgramData\Microsoft
2011-08-23 03:03:19 ----D---- C:\Program Files (x86)\Microsoft
2011-08-23 03:01:24 ----D---- C:\Windows\system32\catroot2
2011-08-23 02:20:09 ----HD---- C:\Users\jaegy\AppData\Roaming\vlc
2011-08-23 02:11:27 ----HD---- C:\Users\jaegy\AppData\Roaming\dvdcss
2011-08-21 23:41:10 ----D---- C:\Program Files (x86)\Electronic Arts
2011-08-21 23:41:05 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-08-18 00:01:24 ----D---- C:\Windows\system32\Tasks
2011-08-13 19:38:18 ----D---- C:\Windows\System32
2011-08-13 19:38:18 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-08-11 20:23:09 ----D---- C:\Windows\winsxs
2011-08-11 20:00:17 ----D---- C:\Windows\system32\drivers
2011-08-11 03:01:13 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-07-14 254528]
R1 F-Secure HIPS;F-Secure HIPS Driver; \??\C:\Program Files (x86)\PacksecuriteNumericable\HIPS\drivers\fshs.sys [2009-08-05 57920]
R1 FSES;F-Secure Email Scanning Driver; C:\Windows\System32\drivers\fses.sys [2010-12-20 45624]
R1 FSFW;F-Secure Firewall Driver; C:\Windows\System32\drivers\fsdfw.sys [2010-12-20 94280]
R1 fsvista;F-Secure Vista Support Driver; \??\C:\Program Files (x86)\PacksecuriteNumericable\Anti-Virus\minifilter\fsvista.sys [2009-08-05 14904]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-06-27 88632]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Program Files (x86)\PacksecuriteNumericable\Anti-Virus\minifilter\fsgk.sys [2011-06-09 198824]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2008-07-03 1477272]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-04-17 9544736]
R3 Point64;Microsoft IntelliPoint Filter Driver; C:\Windows\system32\DRIVERS\point64k.sys [2009-05-09 33160]
R3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [2009-01-09 31744]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-21 11264]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys [2008-02-14 160768]
R3 wacommousefilter;Wacom Mouse Filter Driver; C:\Windows\system32\DRIVERS\wacommousefilter.sys [2007-02-16 12848]
R3 wacomvhid;Wacom Virtual Hid Driver; C:\Windows\system32\DRIVERS\wacomvhid.sys [2007-02-16 14640]
R3 WacomVKHid;Virtual Keyboard Driver; C:\Windows\system32\DRIVERS\WacomVKHid.sys [2007-02-16 12976]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 108544]
S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-01-21 23040]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 115712]
S3 BTHPORT;Pilote de port Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2008-10-25 276480]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2008-10-25 34304]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 6144]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-06 61280]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 11008]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 7936]
S3 Ps2;PS2; C:\Windows\system32\DRIVERS\PS2.sys [2006-09-07 21504]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-01-21 62976]
S3 RimUsb;Téléphone intelligent BlackBerry ; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [2010-06-16 92160]
S3 RTL85n64;Belkin Wireless G Notebook Card Service v8; C:\Windows\system32\DRIVERS\RTL85n64.sys [2007-04-23 433960]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2011-02-18 51712]
S3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-21 98816]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2009-02-13 14464]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 46080]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 8704]
S4 F-Secure Filter;F-Secure File System Filter; \??\C:\Program Files (x86)\PacksecuriteNumericable\Anti-Virus\Win2K\FSfilter.sys [2009-08-05 39776]
S4 F-Secure Recognizer;F-Secure File System Recognizer; \??\C:\Program Files (x86)\PacksecuriteNumericable\Anti-Virus\Win2K\FSrec.sys [2009-08-05 25184]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 438328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeActiveFileMonitor5.0;Adobe Active File Monitor V5; C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe [2006-12-22 108712]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]
R2 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-06-15 249648]
R2 Bonjour Service;Service Bonjour; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-10-07 345376]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 F-Secure Gatekeeper Handler Starter;FSGKHS; C:\Program Files (x86)\PacksecuriteNumericable\Anti-Virus\fsgk32st.exe [2009-08-05 215648]
R2 FSMA;F-Secure Management Agent; C:\Program Files (x86)\PacksecuriteNumericable\Common\FSMA32.EXE [2009-08-05 186976]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-06-02 94208]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2011-03-04 73728]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-04-17 355840]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2009-07-24 189728]
R2 TabletServicePen;TabletServicePen; C:\Windows\system32\Pen_Tablet.exe [2007-09-07 1909032]
R2 WDDMService;WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2010-09-08 288256]
R2 WDFME;WD File Management Engine; C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe [2010-09-08 1034752]
R2 WDSC;WD File Management Shadow Engine; C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDSC.exe [2010-09-08 485376]
R3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-07-07 195336]
R3 FSDFWD;F-Secure Anti-Virus Firewall Daemon; C:\Program Files (x86)\PacksecuriteNumericable\FWES\Program\fsdfwd.exe [2010-05-11 844384]
R3 FSORSPClient;F-Secure ORSP Client; C:\Program Files (x86)\PacksecuriteNumericable\ORSP Client\fsorsp.exe [2011-05-23 61088]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2011-03-01 934176]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-08-11 411432]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Service Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-01-03 135664]
S2 RoxLiveShare9;LiveShare P2P Server 9; C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe []
S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-04-28 704872]
S3 gupdatem;Service Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-01-03 135664]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-27 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]

-----------------EOF-----------------
30 Août 2011 20:47:23

Mets à jour ton Vista...
31 Août 2011 04:16:39

Re!

Houla, j'ai carrément négligé mon pc sur ce coup... J'ai fais toutes les mises à jours, sauf une :

serait-ce en rapport avec le contrôleur ehternet?
31 Août 2011 07:16:52

Bonjour,

poste un rapport RSIT complet...

A+
1 Septembre 2011 08:34:21

fussy a dit :
> (aufait, merci de m'aider et de me donner un peu de ton temps! :) )


Bonjour,

> :) 

Poste le rapport de Rkill.

A+
1 Septembre 2011 22:58:26

Bonjour :) 

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Version de la base de données: 7631

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421

01/09/2011 22:56:33
mbam-log-2011-09-01 (22-56-33).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 183399
Temps écoulé: 5 minute(s), 37 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

(c'était bien celui là qu'il fallait?)
3 Septembre 2011 10:13:36

fussy a dit :
> (c'était bien celui là qu'il fallait?)


Bonjour,

> Non : %SystemDrive%\rkill.log

A+
3 Septembre 2011 19:52:49

Bonjour,

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 01/09/2011 at 22:47:50.
Operating System: Windows (TM) Vista Home Premium


Processes terminated by Rkill or while it was running:



Rkill completed on 01/09/2011 at 22:49:52.


Est-ce bien celui-ci cette fois ?


4 Septembre 2011 10:16:39

fussy a dit :
> J'ai fais une analyse avec mon AV qui me dit que j'ai un spyware et qu'il est mit en quarantaine,


Bonjour,

> Poste le rapport.

A+
4 Septembre 2011 22:14:43

Je n'ai plus le rapport de cette analyse donc j'en ai refait une, mais elle ne détecte plus de spyware :/  Mais voici quand même le rapport :



Résultat
Aucun antiprogramme détecté

Statistiques
Analysés :

* Fichiers : 215413
* Non analysés : 65

Résultat :

* Virus : 0
* Spyware : 0
* Eléments suspects : 0
* Programme à risque : 0

Actions :

* Nettoyés : 0
* Renommés : 0
* Supprimés : 0
* Quarantaine : 0
* Echec : 0

Secteurs d'amorçage :

* Analysés : 6
* Infectés : 0
* Eléments suspects : 0
* Nettoyés : 0

Fichiers non analysés :

* Erreur d'ouverture du fichier (cliquez ici pour plus d'infos) C:\PAGEFILE.SYS
* Erreur d'ouverture du fichier (cliquez ici pour plus d'infos) C:\USERS\JAEGY\APPDATA\LOCAL\MICROSOFT\INPUTPERSONALIZATION\INKSTORE.MDB
* Le fichier C:\Users\jaegy\Adobe Premiere Pro CS5.5 Family\Adobe CS5.5\payloads\AdobeOnLocation5.1ProtectedAll\Assets1_1.zip\_10_3e24cd22ee8bf2b96db3e8f94c320a9e est crypté.
* Le fichier C:\Users\jaegy\Adobe Premiere Pro CS5.5 Family\Adobe CS5.5\payloads\AdobeOnLocation5.1ProtectedAll\Assets1_1.zip\_11_737996fd21e160b9d47c67608d7f9573 est crypté.
* Le fichier C:\Users\jaegy\Adobe Premiere Pro CS5.5 Family\Adobe CS5.5\payloads\AdobeOnLocation5.1ProtectedAll\Assets1_1.zip\_12_fd3ef54eb88164cc6692ab0f920d29e8 est crypté.
* Le fichier C:\Users\jaegy\Adobe Premiere Pro CS5.5 Family\Adobe CS5.5\payloads\AdobeOnLocation5.1ProtectedAll\Assets1_1.zip\_13_1b149bc134e829fef05c6ced2cf79b3b est crypté.
* Le fichier C:\Users\jaegy\Adobe Premiere Pro CS5.5 Family\Adobe CS5.5\payloads\AdobeOnLocation5.1ProtectedAll\Assets1_1.zip\_14_2ff6137e3c40c4dac617c74dce069900 est crypté.
* Le fichier C:\Users\jaegy\Adobe Premiere Pro CS5.5 Family\Adobe CS5.5\payloads\AdobeOnLocation5.1ProtectedAll\Assets1_1.zip\_15_8b6c746787428c3ce006a9cd4878fa5d est crypté.
* Le fichier C:\Users\jaegy\Adobe Premiere Pro CS5.5 Family\Adobe CS5.5\payloads\AdobeOnLocation5.1ProtectedAll\Assets1_1.zip\_16_30dcd62e0b4acbe246383fdcc2873de0 est crypté.
* Le fichier C:\Users\jaegy\Adobe Premiere Pro CS5.5 Family\Adobe CS5.5\payloads\AdobeOnLocation5.1ProtectedAll\Assets1_1.zip\_17_a1028604c7ffb278b2507dae902ff6a0 est crypté.
* Le fichier C:\Users\jaegy\Adobe Premiere Pro CS5.5 Family\Adobe CS5.5\payloads\AdobeOnLocation5.1ProtectedAll\Assets1_1.zip\_18_fb492d7bc41945b758d0daf7ce481cba est crypté.
* Le fichier C:\Users\jaegy\Adobe Premiere Pro CS5.5 Family\Adobe CS5.5\payloads\AdobeOnLocation5.1ProtectedAll\Assets1_1.zip\_19_a7f30f7a096da34e139210ac76fde194 est crypté.
* Le fichier C:\Users\jaegy\Adobe Premiere Pro CS5.5 Family\Adobe CS5.5\payloads\AdobeOnLocation5.1ProtectedAll\Assets1_1.zip\_1_478c586f9f2ec26aaab63da946d493d6 est crypté.
* Le fichier C:\Users\jaegy\Adobe Premiere Pro CS5.5 Family\Adobe CS5.5\payloads\AdobeOnLocation5.1ProtectedAll\Assets1_1.zip\_20_67453a4cfffb843539db308e2d3efb29 est crypté.
* Le fichier C:\Users\jaegy\Adobe Premiere Pro CS5.5 Family\Adobe CS5.5\payloads\AdobeOnLocation5.1ProtectedAll\Assets1_1.zip\_21_464a2c68a069476721780f75d037451f est crypté.
* Le fichier C:\Users\jaegy\Adobe Premiere Pro CS5.5 Family\Adobe CS5.5\payloads\AdobeOnLocation5.1ProtectedAll\Assets1_1.zip\_2_5c414ed2cc84fab590eb9ce5207faaca est crypté.
* Le fichier C:\Users\jaegy\Adobe Premiere Pro CS5.5 Family\Adobe CS5.5\payloads\AdobeOnLocation5.1ProtectedAll\Assets1_1.zip\_3_d08801bff307a3c54ca3184181965b8f est crypté.
* Le fichier C:\Users\jaegy\Adobe Premiere Pro CS5.5 Family\Adobe CS5.5\payloads\AdobeOnLocation5.1ProtectedAll\Assets1_1.zip\_4_483e571150ee02d790b677c13dedf926 est crypté.
* Le fichier C:\Users\jaegy\Adobe Premiere Pro CS5.5 Family\Adobe CS5.5\payloads\AdobeOnLocation5.1ProtectedAll\Assets1_1.zip\_5_cc2977c70cf29ed0def48dfde40766f8 est crypté.
* Le fichier C:\Users\jaegy\Adobe Premiere Pro CS5.5 Family\Adobe CS5.5\payloads\AdobeOnLocation5.1ProtectedAll\Assets1_1.zip\_6_2ed0dfe27fffc56908fdd3bae9ee6174 est crypté.
* Le fichier C:\Users\jaegy\Adobe Premiere Pro CS5.5 Family\Adobe CS5.5\payloads\AdobeOnLocation5.1ProtectedAll\Assets1_1.zip\_7_d29109e9f21310bfaec901f45b3c8fd3 est crypté.
* Le fichier C:\Users\jaegy\Adobe Premiere Pro CS5.5 Family\Adobe CS5.5\payloads\AdobeOnLocation5.1ProtectedAll\Assets1_1.zip\_8_77e840e2f54207f2d4e849207b097d9d est crypté.
* Le fichier C:\Users\jaegy\Adobe Premiere Pro CS5.5 Family\Adobe CS5.5\payloads\AdobeOnLocation5.1ProtectedAll\Assets1_1.zip\_9_49d24acda32597c81ba6b6b0cd332ce2 est crypté.
* Le fichier C:\Users\jaegy\Adobe Premiere Pro CS5.5 Family\Adobe CS5.5\payloads\AdobeOnLocation5.1ProtectedWrapperAll\Assets1_1.zip\_19_300c04ee0f892dcc995c75c5501503c6\_10_3e24cd22ee8bf2b96db3e8f94c320a9e est crypté.
* Le fichier C:\Users\jaegy\Adobe Premiere Pro CS5.5 Family\Adobe CS5.5\payloads\AdobeOnLocation5.1ProtectedWrapperAll\Assets1_1.zip\_19_300c04ee0f892dcc995c75c5501503c6\_11_737996fd21e160b9d47c67608d7f9573 est crypté.
* Le fichier C:\Users\jaegy\Adobe Premiere Pro CS5.5 Family\Adobe CS5.5\payloads\AdobeOnLocation5.1ProtectedWrapperAll\Assets1_1.zip\_19_300c04ee0f892dcc995c75c5501503c6\_12_fd3ef54eb88164cc6692ab0f920d29e8 est crypté.
* Le fichier C:\Users\jaegy\Adobe Premiere Pro CS5.5 Family\Adobe CS5.5\payloads\AdobeOnLocation5.1ProtectedWrapperAll\Assets1_1.zip\_19_300c04ee0f892dcc995c75c5501503c6\_13_1b149bc134e829fef05c6ced2cf79b3b est crypté.
* Le fichier C:\Users\jaegy\Adobe Premiere Pro CS5.5 Family\Adobe CS5.5\payloads\AdobeOnLocation5.1ProtectedWrapperAll\Assets1_1.zip\_19_300c04ee0f892dcc995c75c5501503c6\_14_2ff6137e3c40c4dac617c74dce069900 est crypté.
* Le fichier C:\Users\jaegy\Adobe Premiere Pro CS5.5 Family\Adobe CS5.5\payloads\AdobeOnLocation5.1ProtectedWrapperAll\Assets1_1.zip\_19_300c04ee0f892dcc995c75c5501503c6\_15_8b6c746787428c3ce006a9cd4878fa5d est crypté.
* Le fichier C:\Users\jaegy\Adobe Premiere Pro CS5.5 Family\Adobe CS5.5\payloads\AdobeOnLocation5.1ProtectedWrapperAll\Assets1_1.zip\_19_300c04ee0f892dcc995c75c5501503c6\_16_30dcd62e0b4acbe246383fdcc2873de0 est crypté.
* Le fichier C:\Users\jaegy\Adobe Premiere Pro CS5.5 Family\Adobe CS5.5\payloads\AdobeOnLocation5.1ProtectedWrapperAll\Assets1_1.zip\_19_300c04ee0f892dcc995c75c5501503c6\_17_a1028604c7ffb278b2507dae902ff6a0 est crypté.
* Le fichier C:\Users\jaegy\Adobe Premiere Pro CS5.5 Family\Adobe CS5.5\payloads\AdobeOnLocation5.1ProtectedWrapperAll\Assets1_1.zip\_19_300c04ee0f892dcc995c75c5501503c6\_18_fb492d7bc41945b758d0daf7ce481cba est crypté.
* Le fichier C:\Users\jaegy\Adobe Premiere Pro CS5.5 Family\Adobe CS5.5\payloads\AdobeOnLocation5.1ProtectedWrapperAll\Assets1_1.zip\_19_300c04ee0f892dcc995c75c5501503c6\_19_a7f30f7a096da34e139210ac76fde194 est crypté.
* Le fichier C:\Users\jaegy\Adobe Premiere Pro CS5.5 Family\Adobe CS5.5\payloads\AdobeOnLocation5.1ProtectedWrapperAll\Assets1_1.zip\_19_300c04ee0f892dcc995c75c5501503c6\_1_478c586f9f2ec26aaab63da946d493d6 est crypté.
* Le fichier C:\Users\jaegy\Adobe Premiere Pro CS5.5 Family\Adobe CS5.5\payloads\AdobeOnLocation5.1ProtectedWrapperAll\Assets1_1.zip\_19_300c04ee0f892dcc995c75c5501503c6\_20_67453a4cfffb843539db308e2d3efb29 est crypté.
* Le fichier C:\Users\jaegy\Adobe Premiere Pro CS5.5 Family\Adobe CS5.5\payloads\AdobeOnLocation5.1ProtectedWrapperAll\Assets1_1.zip\_19_300c04ee0f892dcc995c75c5501503c6\_21_464a2c68a069476721780f75d037451f est crypté.
* Le fichier C:\Users\jaegy\Adobe Premiere Pro CS5.5 Family\Adobe CS5.5\payloads\AdobeOnLocation5.1ProtectedWrapperAll\Assets1_1.zip\_19_300c04ee0f892dcc995c75c5501503c6\_2_5c414ed2cc84fab590eb9ce5207faaca est crypté.
* Le fichier C:\Users\jaegy\Adobe Premiere Pro CS5.5 Family\Adobe CS5.5\payloads\AdobeOnLocation5.1ProtectedWrapperAll\Assets1_1.zip\_19_300c04ee0f892dcc995c75c5501503c6\_3_d08801bff307a3c54ca3184181965b8f est crypté.
* Le fichier C:\Users\jaegy\Adobe Premiere Pro CS5.5 Family\Adobe CS5.5\payloads\AdobeOnLocation5.1ProtectedWrapperAll\Assets1_1.zip\_19_300c04ee0f892dcc995c75c5501503c6\_4_483e571150ee02d790b677c13dedf926 est crypté.
* Le fichier C:\Users\jaegy\Adobe Premiere Pro CS5.5 Family\Adobe CS5.5\payloads\AdobeOnLocation5.1ProtectedWrapperAll\Assets1_1.zip\_19_300c04ee0f892dcc995c75c5501503c6\_5_cc2977c70cf29ed0def48dfde40766f8 est crypté.
* Le fichier C:\Users\jaegy\Adobe Premiere Pro CS5.5 Family\Adobe CS5.5\payloads\AdobeOnLocation5.1ProtectedWrapperAll\Assets1_1.zip\_19_300c04ee0f892dcc995c75c5501503c6\_6_2ed0dfe27fffc56908fdd3bae9ee6174 est crypté.
* Le fichier C:\Users\jaegy\Adobe Premiere Pro CS5.5 Family\Adobe CS5.5\payloads\AdobeOnLocation5.1ProtectedWrapperAll\Assets1_1.zip\_19_300c04ee0f892dcc995c75c5501503c6\_7_d29109e9f21310bfaec901f45b3c8fd3 est crypté.
* Le fichier C:\Users\jaegy\Adobe Premiere Pro CS5.5 Family\Adobe CS5.5\payloads\AdobeOnLocation5.1ProtectedWrapperAll\Assets1_1.zip\_19_300c04ee0f892dcc995c75c5501503c6\_8_77e840e2f54207f2d4e849207b097d9d est crypté.
* Le fichier C:\Users\jaegy\Adobe Premiere Pro CS5.5 Family\Adobe CS5.5\payloads\AdobeOnLocation5.1ProtectedWrapperAll\Assets1_1.zip\_19_300c04ee0f892dcc995c75c5501503c6\_9_49d24acda32597c81ba6b6b0cd332ce2 est crypté.
* Le fichier C:\Program Files (x86)\Adobe\Adobe OnLocation CS5.1\Setup\payloads\AdobeOnLocation5.1ProtectedAll\Assets1_1.zip\_10_3e24cd22ee8bf2b96db3e8f94c320a9e est crypté.
* Le fichier C:\Program Files (x86)\Adobe\Adobe OnLocation CS5.1\Setup\payloads\AdobeOnLocation5.1ProtectedAll\Assets1_1.zip\_11_737996fd21e160b9d47c67608d7f9573 est crypté.
* Le fichier C:\Program Files (x86)\Adobe\Adobe OnLocation CS5.1\Setup\payloads\AdobeOnLocation5.1ProtectedAll\Assets1_1.zip\_12_fd3ef54eb88164cc6692ab0f920d29e8 est crypté.
* Le fichier C:\Program Files (x86)\Adobe\Adobe OnLocation CS5.1\Setup\payloads\AdobeOnLocation5.1ProtectedAll\Assets1_1.zip\_13_1b149bc134e829fef05c6ced2cf79b3b est crypté.
* Le fichier C:\Program Files (x86)\Adobe\Adobe OnLocation CS5.1\Setup\payloads\AdobeOnLocation5.1ProtectedAll\Assets1_1.zip\_14_2ff6137e3c40c4dac617c74dce069900 est crypté.
* Le fichier C:\Program Files (x86)\Adobe\Adobe OnLocation CS5.1\Setup\payloads\AdobeOnLocation5.1ProtectedAll\Assets1_1.zip\_15_8b6c746787428c3ce006a9cd4878fa5d est crypté.
* Le fichier C:\Program Files (x86)\Adobe\Adobe OnLocation CS5.1\Setup\payloads\AdobeOnLocation5.1ProtectedAll\Assets1_1.zip\_16_30dcd62e0b4acbe246383fdcc2873de0 est crypté.
* Le fichier C:\Program Files (x86)\Adobe\Adobe OnLocation CS5.1\Setup\payloads\AdobeOnLocation5.1ProtectedAll\Assets1_1.zip\_17_a1028604c7ffb278b2507dae902ff6a0 est crypté.
* Le fichier C:\Program Files (x86)\Adobe\Adobe OnLocation CS5.1\Setup\payloads\AdobeOnLocation5.1ProtectedAll\Assets1_1.zip\_18_fb492d7bc41945b758d0daf7ce481cba est crypté.
* Le fichier C:\Program Files (x86)\Adobe\Adobe OnLocation CS5.1\Setup\payloads\AdobeOnLocation5.1ProtectedAll\Assets1_1.zip\_19_a7f30f7a096da34e139210ac76fde194 est crypté.
* Le fichier C:\Program Files (x86)\Adobe\Adobe OnLocation CS5.1\Setup\payloads\AdobeOnLocation5.1ProtectedAll\Assets1_1.zip\_1_478c586f9f2ec26aaab63da946d493d6 est crypté.
* Le fichier C:\Program Files (x86)\Adobe\Adobe OnLocation CS5.1\Setup\payloads\AdobeOnLocation5.1ProtectedAll\Assets1_1.zip\_20_67453a4cfffb843539db308e2d3efb29 est crypté.
* Le fichier C:\Program Files (x86)\Adobe\Adobe OnLocation CS5.1\Setup\payloads\AdobeOnLocation5.1ProtectedAll\Assets1_1.zip\_21_464a2c68a069476721780f75d037451f est crypté.
* Le fichier C:\Program Files (x86)\Adobe\Adobe OnLocation CS5.1\Setup\payloads\AdobeOnLocation5.1ProtectedAll\Assets1_1.zip\_2_5c414ed2cc84fab590eb9ce5207faaca est crypté.
* Le fichier C:\Program Files (x86)\Adobe\Adobe OnLocation CS5.1\Setup\payloads\AdobeOnLocation5.1ProtectedAll\Assets1_1.zip\_3_d08801bff307a3c54ca3184181965b8f est crypté.
* Le fichier C:\Program Files (x86)\Adobe\Adobe OnLocation CS5.1\Setup\payloads\AdobeOnLocation5.1ProtectedAll\Assets1_1.zip\_4_483e571150ee02d790b677c13dedf926 est crypté.
* Le fichier C:\Program Files (x86)\Adobe\Adobe OnLocation CS5.1\Setup\payloads\AdobeOnLocation5.1ProtectedAll\Assets1_1.zip\_5_cc2977c70cf29ed0def48dfde40766f8 est crypté.
* Le fichier C:\Program Files (x86)\Adobe\Adobe OnLocation CS5.1\Setup\payloads\AdobeOnLocation5.1ProtectedAll\Assets1_1.zip\_6_2ed0dfe27fffc56908fdd3bae9ee6174 est crypté.
* Le fichier C:\Program Files (x86)\Adobe\Adobe OnLocation CS5.1\Setup\payloads\AdobeOnLocation5.1ProtectedAll\Assets1_1.zip\_7_d29109e9f21310bfaec901f45b3c8fd3 est crypté.
* Le fichier C:\Program Files (x86)\Adobe\Adobe OnLocation CS5.1\Setup\payloads\AdobeOnLocation5.1ProtectedAll\Assets1_1.zip\_8_77e840e2f54207f2d4e849207b097d9d est crypté.
* Le fichier C:\Program Files (x86)\Adobe\Adobe OnLocation CS5.1\Setup\payloads\AdobeOnLocation5.1ProtectedAll\Assets1_1.zip\_9_49d24acda32597c81ba6b6b0cd332ce2 est crypté.
5 Septembre 2011 12:02:03

fussy a dit :
> mais elle ne détecte plus de spyware :/ 


Bonjour,

> Te souviens-tu de son nom?

A+
5 Septembre 2011 21:03:32

Bonsoir!

Plus du tout, désolée :/  :/ 
6 Septembre 2011 12:10:57

:hello: ,

comment va (globalement) ton Pc?

A+
6 Septembre 2011 19:53:31

Bonsoir!

Toujours au même point :/  pas d'icon sur mon bureau ni dans mon menu démarrer... C'est mauvais signe je suppose ahahah?
6 Septembre 2011 20:05:52

Re,

télécharge TDSSKiller depuis ce lien : Ici

- Extrais de l' archive téléchargée le fichier TDSSKiller.exe et place-le sur le Bureau
- Fais un double-clic dessus pour le lancer

L' écran s' affiche :


- Clique sur Start scan pour lancer l' analyse
- Lorsque l' outil a terminé son travail et que
des nuisibles auront été trouvés,
vérifie que l' option est sélectionnée
puis clique sur les boutons et
- Poste le rapport (contenu du fichier SystemDrive\TDSSKiller.Version_Date_Heure_log.txt)

Ps : Merci nickW
8 Septembre 2011 20:03:55

Bonjour,

où en es-tu?

A+
9 Septembre 2011 21:16:07

Bonsoir,

J'ai fais c'que tu m'as dis mais ça n'a rien trouvé.
Je suis désolée pour le temps de réponse mais je viens de passer en première S,

Merci :) 
10 Septembre 2011 09:39:49

fussy a dit :
> Je suis désolée pour le temps de réponse mais je viens de passer en première S,


Bonjour,

> Alors bon courage.

Fais la manip' de ComboFix (merci sUBs) et poste le rapport : Ici

A+
11 Septembre 2011 16:15:31

Bonjour!

Ahahah merci :p 

Voici le rapport : ComboFix 11-09-11.02 - jaegy 11/09/2011 15:12:10.1.2 - x64
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.4093.2407 [GMT 2:00]
Lancé depuis: c:\users\jaegy\Desktop\ComboFix.exe
AV: Pack Sécurité Numericable 9.01 *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}
FW: Pack Sécurité Numericable 9.01 *Enabled* {2D7AC0A6-6241-D774-E168-461178D9686C}
SP: Pack Sécurité Numericable 9.01 *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\users\jaegy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\System Repair.lnk
c:\users\jaegy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Repair
c:\windows\bwUnin-6.1.4.68-8876480L.exe
c:\windows\SysWow64\comct332.ocx
c:\windows\SysWow64\jusched.exe
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-08-11 au 2011-09-11 ))))))))))))))))))))))))))))))))))))
.
.
2011-09-11 13:44 . 2011-09-11 13:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-09-01 20:44 . 2011-09-01 20:44 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-08-31 20:46 . 2011-08-31 20:46 -------- d-----w- C:\rsit
2011-08-31 20:29 . 2011-03-12 22:52 1653760 ----a-w- c:\windows\system32\XpsPrint.dll
2011-08-31 20:29 . 2011-03-12 21:55 876032 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-08-30 23:50 . 2011-08-30 23:50 -------- d-----w- c:\program files\Windows Portable Devices
2011-08-30 23:50 . 2011-08-30 23:50 -------- d-----w- c:\program files (x86)\Windows Portable Devices
2011-08-30 23:22 . 2009-10-01 01:02 30208 ----a-w- c:\windows\SysWow64\WPDShextAutoplay.exe
2011-08-30 23:21 . 2009-10-08 21:08 736256 ----a-w- c:\windows\system32\UIAutomationCore.dll
2011-08-30 23:21 . 2009-10-08 21:08 555520 ----a-w- c:\windows\SysWow64\UIAutomationCore.dll
2011-08-30 23:21 . 2009-10-08 21:08 234496 ----a-w- c:\windows\SysWow64\oleacc.dll
2011-08-30 23:21 . 2009-10-08 21:07 4096 ----a-w- c:\windows\SysWow64\oleaccrc.dll
2011-08-30 23:21 . 2009-10-08 21:07 315904 ----a-w- c:\windows\system32\oleacc.dll
2011-08-30 23:21 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2011-08-30 23:14 . 2009-09-10 02:07 3815424 ----a-w- c:\windows\system32\UIRibbon.dll
2011-08-30 23:14 . 2009-09-10 02:06 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2011-08-30 23:14 . 2009-09-10 02:05 103424 ----a-w- c:\windows\system32\UIAnimation.dll
2011-08-30 23:14 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\SysWow64\UIRibbonRes.dll
2011-08-30 23:14 . 2009-09-10 02:00 92672 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2011-08-30 23:14 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\SysWow64\UIRibbon.dll
2011-08-30 23:10 . 2011-02-22 14:47 479744 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-08-30 23:10 . 2011-02-22 14:13 288768 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-08-30 23:10 . 2011-02-22 13:53 1555968 ----a-w- c:\windows\system32\DWrite.dll
2011-08-30 23:10 . 2011-02-22 13:53 1149440 ----a-w- c:\windows\system32\FntCache.dll
2011-08-30 23:10 . 2011-02-22 13:33 1068544 ----a-w- c:\windows\SysWow64\DWrite.dll
2011-08-30 23:10 . 2010-05-04 19:40 316928 ----a-w- c:\windows\system32\msshsq.dll
2011-08-30 23:10 . 2010-05-04 19:13 231424 ----a-w- c:\windows\SysWow64\msshsq.dll
2011-08-30 23:10 . 2011-06-06 10:59 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-08-30 23:10 . 2011-06-06 10:59 2409784 ----a-w- c:\program files (x86)\Windows Mail\OESpamFilter.dat
2011-08-30 23:09 . 2011-07-11 13:45 2048 ----a-w- c:\windows\system32\tzres.dll
2011-08-30 23:09 . 2011-07-11 13:25 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2011-08-30 23:09 . 2011-06-17 16:16 451072 ----a-w- c:\windows\system32\winsrv.dll
2011-08-30 23:08 . 2011-06-17 20:14 1427344 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-08-30 23:08 . 2011-04-21 14:17 695296 ----a-w- c:\windows\system32\drivers\bthport.sys
2011-08-30 23:08 . 2009-06-17 10:37 35328 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS
2011-08-30 21:12 . 2011-08-30 21:14 -------- d-----w- c:\windows\SysWow64\ca-ES
2011-08-30 21:12 . 2011-08-30 21:14 -------- d-----w- c:\windows\SysWow64\eu-ES
2011-08-30 21:12 . 2011-08-30 21:14 -------- d-----w- c:\windows\SysWow64\vi-VN
2011-08-30 21:12 . 2011-08-30 21:13 -------- d-----w- c:\windows\system32\ca-ES
2011-08-30 21:12 . 2011-08-30 21:13 -------- d-----w- c:\windows\system32\eu-ES
2011-08-30 21:12 . 2011-08-30 21:13 -------- d-----w- c:\windows\system32\vi-VN
2011-08-30 18:32 . 2011-08-30 18:32 -------- d-----w- c:\windows\system32\EventProviders
2011-08-30 18:22 . 2011-08-31 20:44 -------- d-----w- c:\program files (x86)\trend micro
2011-08-29 21:47 . 2011-08-29 21:47 -------- d-----w- c:\program files\CCleaner
2011-08-27 17:44 . 2011-08-27 17:44 -------- d-----w- c:\windows\Sun
2011-08-27 17:38 . 2011-08-27 17:37 525544 ----a-w- c:\windows\system32\deployJava1.dll
2011-08-27 17:37 . 2011-08-27 17:37 -------- d-----w- c:\program files\Java
2011-08-25 17:35 . 2011-08-25 17:35 -------- d-----w- c:\program files (x86)\ESET
2011-08-24 20:05 . 2011-08-24 20:05 -------- d-----w- c:\program files (x86)\Ad-Remover
2011-08-24 19:05 . 2011-08-24 19:05 -------- d-----w- c:\users\jaegy\AppData\Roaming\Malwarebytes
2011-08-24 19:05 . 2011-07-06 17:52 41272 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-08-24 19:05 . 2011-08-24 19:05 -------- d-----w- c:\programdata\Malwarebytes
2011-08-24 19:04 . 2011-08-24 19:05 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-08-24 17:02 . 2011-08-31 20:46 -------- d-----w- c:\program files\trend micro
2011-08-23 13:09 . 2011-08-12 04:10 8862544 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8FDB5941-8DD2-4DC1-9BE6-0CF41C2C0EB7}\mpengine.dll
2011-08-21 20:28 . 2011-08-21 20:28 -------- d--h--w- c:\users\jaegy\AppData\Local\IsolatedStorage
2011-08-17 22:01 . 2011-08-17 22:01 -------- d-----w- c:\program files (x86)\Apple Software Update
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-27 17:46 . 2010-06-15 21:00 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-08-17 17:28 . 2010-05-11 20:22 42672 ----a-w- c:\windows\SysWow64\drivers\fsbts.sys
2011-07-28 18:54 . 2011-02-28 16:01 947472 ----a-w- c:\windows\SysWow64\msjava.dll
2011-07-13 23:54 . 2011-07-13 23:54 254528 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-07-06 15:49 . 2011-08-10 23:52 275456 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-06-18 12:07 . 2011-06-18 12:07 416 ----a-w- c:\programdata\Microsoft\MSDN\9.0\1036\ResourceCache.dll
2011-06-18 12:07 . 2010-03-25 20:18 416 ----a-w- c:\programdata\Microsoft\MSDN\9.0\1033\ResourceCache.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1555968]
"MsnMsgr"="c:\program files (x86)\Windows Live\Messenger\MsnMsgr.Exe" [2010-04-16 3872080]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-24 39408]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe" [2009-03-17 20480]
"LogitechSoftwareUpdate"="c:\program files (x86)\Logitech\Video\ManifestEngine.exe" [2005-06-08 196608]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2011-08-10 1242448]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2011-03-04 2741616]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]
"KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536]
"HP Health Check Scheduler"="c:\program files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-06-02 75008]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"Adobe Photo Downloader"="c:\program files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe" [2006-12-22 67752]
"LogitechVideoRepair"="c:\program files (x86)\Logitech\Video\ISStart.exe" [2005-06-08 458752]
"LogitechVideoTray"="c:\program files (x86)\Logitech\Video\LogiTray.exe" [2005-06-08 217088]
"F-Secure Manager"="c:\program files (x86)\PacksecuriteNumericable\Common\FSM32.EXE" [2009-08-05 199264]
"F-Secure TNB"="c:\program files (x86)\PacksecuriteNumericable\FSGUI\TNBUtil.exe" [2009-08-05 2349664]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-03-01 421160]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2009-3-17 450560]
WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2010-9-8 6163456]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2008-01-21 27648]
R2 gupdate;Service Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-03 135664]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-07-07 195336]
R3 gupdatem;Service Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-03 135664]
R3 RTL85n64;Belkin Wireless G Notebook Card Service v8;c:\windows\system32\DRIVERS\RTL85n64.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [x]
R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
R4 F-Secure Filter;F-Secure File System Filter;c:\program files (x86)\PacksecuriteNumericable\Anti-Virus\Win2K\FSfilter.sys [2009-08-05 39776]
R4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files (x86)\PacksecuriteNumericable\Anti-Virus\Win2K\FSrec.sys [2009-08-05 25184]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files (x86)\PacksecuriteNumericable\HIPS\drivers\fshs.sys [2009-08-05 57920]
S1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [x]
S1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [x]
S1 fsvista;F-Secure Vista Support Driver;c:\program files (x86)\PacksecuriteNumericable\Anti-Virus\minifilter\fsvista.sys [2009-08-05 14904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-06-15 249648]
S2 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe [x]
S2 WDDMService;WDDMService;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2010-09-08 288256]
S2 WDFME;WD File Management Engine;c:\program files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe [2010-09-08 1034752]
S2 WDSC;WD File Management Shadow Engine;c:\program files (x86)\Western Digital\WD Smartware\Front Parlor\WDSC.exe [2010-09-08 485376]
S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files (x86)\PacksecuriteNumericable\Anti-Virus\minifilter\fsgk.sys [2011-09-08 198808]
S3 FSORSPClient;F-Secure ORSP Client;c:\program files (x86)\PacksecuriteNumericable\ORSP Client\fsorsp.exe [2011-05-23 61088]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64k.sys [x]
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-03-04 10:29 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Contenu du dossier 'Tâches planifiées'
.
2011-09-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cc20dc79620a6a.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-03 15:50]
.
2011-09-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-03 15:50]
.
2011-09-10 c:\windows\Tasks\HPCeeScheduleForjaegy.job
- c:\program files (x86)\Hewlett-Packard\SDP\Ceement\HPCEE.exe [2008-10-24 18:03]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"fssui"="c:\program files (x86)\Windows Live\Family Safety\fsui.exe" [2010-04-28 647528]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2009-05-21 2342800]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2009-05-26 2314120]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-16 15853088]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-10-16 82464]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.fr/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = localhost;*.local
IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
LSP: c:\program files (x86)\PacksecuriteNumericable\FSPS\program\FSLSP.DLL
TCP: DhcpNameServer = 89.2.0.1 89.2.0.2
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
FF - ProfilePath - c:\users\jaegy\AppData\Roaming\Mozilla\Firefox\Profiles\fj65djnq.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.mydtzone.com/startpage|http://www.google.com/firefox
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Browsing Protection: litmus-ff@f-secure.com - c:\program files (x86)\PacksecuriteNumericable\NRS\litmus-ff@f-secure.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Fbosf: {53724739-8c9b-4b6d-904d-de60ae2a431c} - %profile%\extensions\{53724739-8c9b-4b6d-904d-de60ae2a431c}
FF - Ext: Firebug: firebug@software.joehewitt.com - %profile%\extensions\firebug@software.joehewitt.com
FF - Ext: Software Master Community Toolbar: {00725d68-069b-4095-9ff1-e7469c0e95df} - %profile%\extensions\{00725d68-069b-4095-9ff1-e7469c0e95df}
FF - Ext: DAEMON Tools Toolbar: DTToolbar@toolbarnet.com - %profile%\extensions\DTToolbar@toolbarnet.com
FF - Ext: Stylish: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8} - %profile%\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Wow6432Node-HKCU-Run-HPAdvisor - c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
Wow6432Node-HKCU-Run-CollaborationHost - c:\windows\system32\p2phost.exe
Wow6432Node-HKCU-Run-EA Core - c:\program files (x86)\Electronic Arts\EADM\Core.exe
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKCU-Run-ISUSPM - c:\program files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
HKLM-Run-Windows Defender - c:\program files (x86)\Windows Defender\MSASCui.exe
AddRemove-sp44626 - c:\hp\Softpaq\sp44626\sp44626.exe
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10w_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10w_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Heure de fin: 2011-09-11 16:11:25
ComboFix-quarantined-files.txt 2011-09-11 14:11
.
Avant-CF: 205 367 795 712 octets libres
Après-CF: 206 703 423 488 octets libres
.
- - End Of File - - 013B2805E57AA47A022D645D16A9716D


Dès que combofix s'est fermé, j'ai quelques icons (voir tous) qui ont réaparrus sur mon bureau!! Mais mon menu démarré reste vide. Je redémarre mon pc et edite le post si j'ai du nouveau après le redémarrage :) 

EDIT : toujours le menu demarrer vide, et il me manque quelques icons comme google chrome, la corbeille etc
11 Septembre 2011 16:42:05

Bonjour,

télécharge Gmer (merci Przemysl Gremek) sur le Bureau puis dézippe-le (clic-droit>extraire ici) : Ici

* Double-clique sur gmer.exe et si ton antivirus réagit, ignore l' alerte
* Un analyse rapide est alors réalisée
* Clique ensuite sur les onglets Rootkit et Scan
* A la fin de celui-ci, clique sur Copy
* Fais démarrer>Tous les programmes>Accessoires : Ouvre le Bloc-notes et clique sur Ctrl+V pour copier le rapport
* Poste ce dernier

A+
13 Septembre 2011 20:20:04

:sarcastic: 
14 Septembre 2011 20:47:20

Bonsoir!

Encore désolée, je suis pas très organisée!
Mais voilà le rapport :

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-09-14 00:42:33
Windows 6.0.6002 Service Pack 2
Running: gmer.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000a94159d6a
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000a94159d6a@001fcd128747 0x1E 0xEF 0xA6 0x77 ...
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\000a94159d6a (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\000a94159d6a@001fcd128747 0x1E 0xEF 0xA6 0x77 ...

---- EOF - GMER 1.0.15 ----
14 Septembre 2011 21:46:30

Bonsoir,

poste un rapport RSIT...

A+
26 Septembre 2011 13:22:36

Bonjour,

comment va (globalement) ton Pc?

A+
26 Septembre 2011 21:30:40

Bonjour! :) 
Toujours la même chose (menu démarrer vide, icons manquants sur mon bureau... :/ )
28 Septembre 2011 17:33:37

fussy a dit :
> J'ai fais c'que tu m'as dis mais ça n'a rien trouvé.


Bonjour,

> Alors poste le rapport.

A+

10 Octobre 2011 13:12:53

Bonjour,

où en es-tu?

A+
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS