Resultat de Spybot : trouvé un certain nombre de cookie traceurs qu’il a ensuite nettoyé (voir image avant le nettoyage) ça m’avait pas l’air trop grave.
Image :
[spoiler]http://img32.imageshack.us/img32/8716/spybotm.jpg[/spoiler]
Encore merci pour le grand coups de main et le nettoyage que nous avons fait jusque là :super: !
J’ai toujours mes problemes de perfs : c-a-d le son qui saccade au moindre resize de fenêtre d’un browser (que ce soit Chrome, IE ou Firefox) ou même juste pendant le chargement d’une fenêtre, ou bien que je joue à World of Warcraft et que j’arrive dans une zone ou il y’a “un peu de graphisme” alors que y’a encore jusque une semaine tout marchait bien. Peut-être un probleme hardware, quelque chose quelque part qui est en panne et je ne sais pas le determiner ?
Après tout ceci et le dernier redemarrage, revoici un RSIT :
log.txt :
[spoiler]Logfile of random’s system information tool 1.06 (written by random/random)
Run by FTX at 2009-09-28 14:20:29
Microsoft® Windows Vista Professionnel Service Pack 1
System drive C: has 140 GB (59%) free of 238 GB
Total RAM: 2045 MB (49% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:20:54, on 28/09/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal
Running processes:
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Creative\MediaSource5\MtdAcqu.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\conime.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Winamp\elevator.exe
C:\Users\FTX\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\FTX\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\FTX\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\FTX\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\FTX\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\FTX\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\FTX\Desktop\RSIT.exe
C:\Program Files\trend micro\FTX.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.fr…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = fr.msn.com…
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM…\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM…\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM…\Run: [WinampAgent] “C:\Program Files\Winamp\winampa.exe”
O4 - HKLM…\Run: [PDVDDXSrv] “C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe”
O4 - HKLM…\Run: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry
O4 - HKLM…\Run: [Malwarebytes Anti-Malware (reboot)] “C:\Program Files\Malwarebytes’ Anti-Malware\mbam.exe” /runcleanupscript
O4 - HKLM…\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”
O4 - HKLM…\Run: [QuickTime Task] “C:\Program Files\QuickTime\QTTask.exe” -atboottime
O4 - HKLM…\Run: [SunJavaUpdateSched] “C:\Program Files\Java\jre6\bin\jusched.exe”
O4 - HKCU…\Run: [Google Update] “C:\Users\FTX\AppData\Local\Google\Update\GoogleUpdate.exe” /c
O4 - HKCU…\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU…\Run: [MtdAcqu] “C:\Program Files\Creative\MediaSource5\MtdAcqu.exe” /s
O4 - HKCU…\Run: [FileHippo.com] “C:\Program Files\FileHippo.com\UpdateChecker.exe” /background
O4 - HKCU…\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra ‘Tools’ menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra ‘Tools’ menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - platformdl.adobe.com…
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Service Google Update (gupdate1c9f902ecc1719c) (gupdate1c9f902ecc1719c) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.33\bin\mysqld.exe
–
End of file - 7301 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Google Software Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2529707172-566689011-1989786900-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2529707172-566689011-1989786900-1000UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-06-29 668656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-09-28 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“Windows Defender”=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
“avast!”=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-09-15 81000]
“WinampAgent”=C:\Program Files\Winamp\winampa.exe [2009-07-01 37888]
“PDVDDXSrv”=C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [2006-10-20 118784]
“P17RunE”=RunDll32 P17RunE.dll,RunDLLEntry []
“Malwarebytes Anti-Malware (reboot)”=C:\Program Files\Malwarebytes’ Anti-Malware\mbam.exe [2009-09-10 1312080]
“Adobe Reader Speed Launcher”=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
“QuickTime Task”=C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]
“SunJavaUpdateSched”=C:\Program Files\Java\jre6\bin\jusched.exe [2009-09-28 149280]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“Google Update”=C:\Users\FTX\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-05 133104]
“WMPNSCFG”=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
“MtdAcqu”=C:\Program Files\Creative\MediaSource5\MtdAcqu.exe [2008-10-30 278528]
“FileHippo.com”=C:\Program Files\FileHippo.com\UpdateChecker.exe [2009-07-27 155648]
“SpybotSD TeaTimer”=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
“{AEB6717E-7E19-11d0-97EE-00C04FD91972}”= []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1
“EnableUIADesktopToggle”=0
“UacDisableNotify”=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
“NoDriveAutoRun”=FFFFFFFF
“NoDriveTypeAutoRun”=255
“HonorAutoRunSetting”=1
“NoDrives”=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
“NoDriveAutoRun”=
“NoDriveTypeAutoRun”=
“HonorAutoRunSetting”=
“NoDrives”=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
“C:\Program Files\BitTorrent\bittorrent.exe”=“C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent”
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 months======
2009-09-28 13:21:13 ----A---- C:\Windows\system32\javaws.exe
2009-09-28 13:21:13 ----A---- C:\Windows\system32\javaw.exe
2009-09-28 13:21:13 ----A---- C:\Windows\system32\java.exe
2009-09-28 13:20:30 ----D---- C:\Program Files\Java
2009-09-28 13:06:38 ----D---- C:\ProgramData\Apple Computer
2009-09-28 13:04:23 ----D---- C:\Program Files\Common Files\Apple
2009-09-28 13:04:16 ----D---- C:\ProgramData\Apple
2009-09-28 13:04:16 ----D---- C:\Program Files\Apple Software Update
2009-09-28 12:59:50 ----D---- C:\Users\FTX\AppData\Roaming\IrfanView
2009-09-28 12:53:06 ----D---- C:\Program Files\Common Files\Adobe AIR
2009-09-28 12:49:42 ----D---- C:\Program Files\FileHippo.com
2009-09-27 21:55:03 ----D---- C:\Windows\temp
2009-09-27 21:55:02 ----SHD---- C:$RECYCLE.BIN
2009-09-27 21:55:01 ----A---- C:\ComboFix.txt
2009-09-27 21:45:19 ----A---- C:\Windows\zip.exe
2009-09-27 21:45:19 ----A---- C:\Windows\SWXCACLS.exe
2009-09-27 21:45:19 ----A---- C:\Windows\SWSC.exe
2009-09-27 21:45:19 ----A---- C:\Windows\SWREG.exe
2009-09-27 21:45:19 ----A---- C:\Windows\sed.exe
2009-09-27 21:45:19 ----A---- C:\Windows\NIRCMD.exe
2009-09-27 21:45:19 ----A---- C:\Windows\grep.exe
2009-09-27 21:45:16 ----D---- C:\Windows\ERDNT
2009-09-27 21:45:15 ----D---- C:\ftx
2009-09-27 21:43:32 ----D---- C:\Qoobox
2009-09-26 21:53:50 ----D---- C:\UsbFix
2009-09-26 21:40:51 ----D---- C:_OTMoveIt
2009-09-26 17:01:42 ----D---- C:\Users\FTX\AppData\Roaming\Auslogics
2009-09-26 17:01:18 ----D---- C:\Program Files\Auslogics
2009-09-26 09:03:51 ----D---- C:\Program Files\NVIDIA Corporation
2009-09-25 15:35:38 ----A---- C:\rapport.txt
2009-09-25 14:13:48 ----D---- C:\Users\FTX\AppData\Roaming\Malwarebytes
2009-09-25 14:13:43 ----D---- C:\ProgramData\Malwarebytes
2009-09-25 14:13:43 ----D---- C:\Program Files\Malwarebytes’ Anti-Malware
2009-09-25 01:01:19 ----D---- C:\Program Files\trend micro
2009-09-25 01:01:18 ----D---- C:\rsit
2009-09-24 19:12:43 ----D---- C:\Program Files\CCleaner
2009-09-24 18:10:46 ----D---- C:\Users\FTX\AppData\Roaming\Nero
2009-09-24 18:05:36 ----D---- C:\Program Files\Nero
2009-09-24 18:05:02 ----D---- C:\ProgramData\Nero
2009-09-24 18:04:53 ----D---- C:\Program Files\Common Files\Nero
2009-09-23 14:23:17 ----D---- C:\Users\FTX\AppData\Roaming\Creative
2009-09-23 14:15:44 ----D---- C:\ProgramData\Creative Labs
2009-09-23 13:47:35 ----A---- C:\Windows\system32\Sens_oal.dll
2009-09-22 23:21:45 ----D---- C:\Program Files\Common Files\Creative
2009-09-22 23:21:42 ----HD---- C:\Program Files\Creative Installation Information
2009-09-22 22:55:59 ----D---- C:\Program Files\Common Files\Creative Labs Shared
2009-09-22 22:54:13 ----D---- C:\ProgramData\Creative
2009-09-22 22:52:16 ----D---- C:\Program Files\Creative
2009-09-13 19:41:02 ----RHD---- C:\Users\FTX\AppData\Roaming\SecuROM
2009-09-09 10:58:16 ----A---- C:\Windows\system32\jscript.dll
2009-09-09 10:57:56 ----A---- C:\Windows\system32\netiohlp.dll
2009-09-09 10:57:53 ----A---- C:\Windows\system32\TCPSVCS.EXE
2009-09-09 10:57:53 ----A---- C:\Windows\system32\NETSTAT.EXE
2009-09-09 10:57:53 ----A---- C:\Windows\system32\ARP.EXE
2009-09-09 10:57:52 ----A---- C:\Windows\system32\MRINFO.EXE
2009-09-09 10:57:52 ----A---- C:\Windows\system32\HOSTNAME.EXE
2009-09-09 10:57:52 ----A---- C:\Windows\system32\finger.exe
2009-09-09 10:57:51 ----A---- C:\Windows\system32\ROUTE.EXE
2009-09-09 10:57:48 ----A---- C:\Windows\system32\netevent.dll
2009-09-09 10:56:44 ----A---- C:\Windows\system32\wlanmsm.dll
2009-09-09 10:56:43 ----A---- C:\Windows\system32\wlansvc.dll
2009-09-09 10:56:43 ----A---- C:\Windows\system32\wlansec.dll
2009-09-09 10:56:43 ----A---- C:\Windows\system32\L2SecHC.dll
2009-09-09 10:56:34 ----A---- C:\Windows\system32\WMVCORE.DLL
2009-09-09 10:56:33 ----A---- C:\Windows\system32\mf.dll
2009-09-03 01:29:15 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-09-03 01:29:10 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
======List of files/folders modified in the last 1 months======
2009-09-28 14:05:48 ----D---- C:\Users\FTX\AppData\Roaming\Skype
2009-09-28 14:00:32 ----D---- C:\Users\FTX\AppData\Roaming\skypePM
2009-09-28 13:44:07 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-09-28 13:40:27 ----D---- C:\Windows\Tasks
2009-09-28 13:39:53 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-09-28 13:38:36 ----SHD---- C:\Windows\Installer
2009-09-28 13:38:11 ----D---- C:\ProgramData\NVIDIA
2009-09-28 13:28:08 ----D---- C:\Windows\system32\catroot2
2009-09-28 13:28:05 ----SHD---- C:\System Volume Information
2009-09-28 13:21:13 ----D---- C:\Windows\System32
2009-09-28 13:20:39 ----A---- C:\Windows\system32\deploytk.dll
2009-09-28 13:20:30 ----D---- C:\Program Files
2009-09-28 13:14:08 ----D---- C:\Program Files\Windows Live
2009-09-28 13:08:31 ----D---- C:\Windows\system32\Tasks
2009-09-28 13:08:28 ----RD---- C:\Program Files\Skype
2009-09-28 13:07:08 ----D---- C:\Program Files\QuickTime
2009-09-28 13:06:38 ----D---- C:\ProgramData
2009-09-28 13:06:06 ----D---- C:\Windows
2009-09-28 13:04:23 ----D---- C:\Program Files\Common Files
2009-09-28 13:02:09 ----D---- C:\Users\FTX\AppData\Roaming\Notepad++
2009-09-28 13:01:18 ----D---- C:\Program Files\Notepad++
2009-09-28 12:58:02 ----D---- C:\ProgramData\Adobe
2009-09-28 12:57:42 ----D---- C:\Program Files\Common Files\Adobe
2009-09-28 12:57:01 ----D---- C:\Program Files\Adobe
2009-09-28 11:47:48 ----SD---- C:\Windows\Downloaded Program Files
2009-09-28 11:38:38 ----D---- C:\Users\FTX\AppData\Roaming\OpenOffice.org2
2009-09-28 11:38:04 ----D---- C:\Windows\tracing
2009-09-28 00:44:19 ----D---- C:\Windows\Prefetch
2009-09-27 22:20:35 ----D---- C:\Windows\system32\drivers
2009-09-27 22:07:08 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-09-27 22:07:07 ----D---- C:\Windows\inf
2009-09-27 22:00:18 ----HD---- C:\Windows\system32\GroupPolicy
2009-09-27 21:55:04 ----D---- C:\Windows\system32\fr-FR
2009-09-27 21:53:37 ----A---- C:\Windows\system.ini
2009-09-27 21:51:40 ----D---- C:\Windows\AppPatch
2009-09-26 09:02:20 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-09-26 09:02:20 ----D---- C:\Program Files\AGEIA Technologies
2009-09-26 09:00:15 ----D---- C:\Windows\system32\catroot
2009-09-26 08:59:04 ----D---- C:\NVIDIA
2009-09-25 19:12:29 ----D---- C:\Program Files\SystemRequirementsLab
2009-09-24 19:23:01 ----D---- C:\Windows\Debug
2009-09-24 18:04:43 ----D---- C:\Windows\winsxs
2009-09-23 17:18:50 ----D---- C:\Windows\system32\Msdtc
2009-09-23 17:18:48 ----D---- C:\Windows\system32\wbem
2009-09-23 17:18:18 ----D---- C:\Windows\system32\config
2009-09-23 17:17:51 ----D---- C:\Windows\system32\spool
2009-09-23 17:17:50 ----D---- C:\Windows\system32\CodeIntegrity
2009-09-23 17:17:50 ----D---- C:\Users\FTX\AppData\Roaming\Winamp
2009-09-23 17:17:49 ----D---- C:\Users\FTX\AppData\Roaming\Ventrilo
2009-09-23 17:17:45 ----D---- C:\ProgramData\FLEXnet
2009-09-23 17:17:44 ----D---- C:\Program Files\Winamp
2009-09-23 17:17:43 ----HD---- C:\Program Files\InstallShield Installation Information
2009-09-23 17:17:40 ----D---- C:\Windows\registration
2009-09-23 17:12:58 ----D---- C:\Users\FTX\AppData\Roaming\DNA
2009-09-23 16:13:50 ----D---- C:\Program Files\Common Files\Alias Shared
2009-09-23 16:13:46 ----D---- C:\Program Files\Alias
2009-09-23 16:02:36 ----D---- C:\Windows\Logs
2009-09-23 15:47:41 ----D---- C:\PerfLogs
2009-09-22 13:36:09 ----D---- C:\Users\FTX\AppData\Roaming\IGN_DLM
2009-09-15 12:59:36 ----A---- C:\Windows\system32\aswBoot.exe
2009-09-13 19:11:52 ----D---- C:\Program Files\Ubisoft
2009-09-09 14:30:34 ----D---- C:\Windows\rescache
2009-09-09 12:54:09 ----D---- C:\Program Files\Windows Mail
2009-09-06 15:49:39 ----D---- C:\Users\FTX\AppData\Roaming\FileZilla
2009-09-02 11:15:39 ----D---- C:\Program Files\Mozilla Firefox
2009-09-02 10:13:39 ----D---- C:\Users\FTX\AppData\Roaming\Adobe
2009-09-02 09:19:36 ----D---- C:\Windows\Microsoft.NET
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-09-15 23152]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-09-15 52368]
R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys [2008-01-19 350720]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-09-15 53328]
R2 Sentinel;Sentinel; C:\Windows\System32\Drivers\SENTINEL.SYS [2001-06-21 73728]
R3 e1express;Pilote de la connexion réseau Intel® PRO/1000 PCI Express; C:\Windows\system32\DRIVERS\e1e6032.sys [2008-01-19 220672]
R3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-08-17 9545152]
R3 P17;SB Audigy; C:\Windows\system32\drivers\P17.sys [2009-04-21 1147392]
R3 SCREAMINGBDRIVER;Screaming Bee Audio; C:\Windows\system32\drivers\ScreamingBAudio.sys [2006-09-28 21920]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S2 DS1410D;DS1410D; C:\Windows\SYSTEM32\drivers\DS1410D.SYS []
S3 catchme;catchme; ??\C:\Users\FTX\AppData\Local\Temp\catchme.sys []
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Proxy d’horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 Sntnlusb;Rainbow USB SuperPro; C:\Windows\system32\DRIVERS\SNTNLUSB.SYS [2001-06-21 20032]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-09-15 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-09-15 138680]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [2008-11-18 307200]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-08-17 215584]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2009-08-17 239648]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-09-15 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-09-15 352920]
S2 gupdate1c9f902ecc1719c;Service Google Update (gupdate1c9f902ecc1719c); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-06-29 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-06-29 183280]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-03-20 72704]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2009-09-23 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2009-09-22 79360]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2008-01-19 523776]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2007-12-31 654848]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S3 wampapache;wampapache; c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe [2008-12-10 24636]
S3 wampmysqld;wampmysqld; c:\wamp\bin\mysql\mysql5.1.33\bin\mysqld.exe [2009-03-16 6562432]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2008-01-19 917504]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
-----------------EOF-----------------
[/spoiler]
info.txt :
[spoiler]info.txt logfile of random’s system information tool 1.06 2009-09-28 14:20:56
======Uninstall list======
–>“C:\Program Files\Creative Installation Information\CREATIVE_MEDIASOURCE_U\Setup.exe” /remove /nolog/l0x040c
–>“C:\Program Files\Creative Installation Information\E-CENTER_NET_CONTENT_U\Setup.exe” /remove /nolog/l0x040c
–>“C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_CDBURNER_U\Setup.exe” /remove /nolog/l0x040c
–>MsiExec /X{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}
–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation
Information{12321490-F573-4815-B6CC-7ABEF18C9AC4}\setup.exe" -l0x40c
–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation
Information{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x40c
–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation
Information{2670895A-4E6C-4450-B868-7B7DB80A3357}\setup.exe" -l0x40c
–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation
Information{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x40c
–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation
Information{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x40c /remove
–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation
Information{7AB55EC6-1158-41EF-B87D-90555A8F5C92}\setup.exe" -l0x40c
–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation
Information{88B1984E-36F0-47B8-B8DC-728966807A9C}\setup.exe" -l0x40c
–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation
Information{AAEF329E-F353-46C9-933D-24A571986093}\setup.exe" -l0x40c
–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation
Information{AAEF329E-F353-46C9-933D-24A571986093}\setup.exe" -l0x40c /remove
–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation
Information{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9
–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation
Information{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9 /remove
Adobe After Effects 7.0–>msiexec /I {DD362256-A7A2-4524-9457-213DDC2AFC2A}
Adobe AIR–>c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR–>MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Anchor Service CS3–>MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3–>MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3–>MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting–>MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe BridgeTalk Plugin CS3–>MsiExec.exe /I{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}
Adobe Camera Raw 4.0–>MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps–>MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific–>MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings–>MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Recommended Settings–>MsiExec.exe /I{73B5D990-04EA-4751-B10F-5534770B91F2}
Adobe Color JA Extra Settings–>MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Extra Settings–>MsiExec.exe /I{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}
Adobe Creative Suite 3 Design Premium–>MsiExec.exe /I{B1EF7B00-8FCC-4209-BFB6-37C50B354B2A}
Adobe Default Language CS3–>MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3–>MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2–>MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
Adobe Extension Manager CS3–>MsiExec.exe /I{BE5F3842-8309-4754-92D5-83E02E6077A3}
Adobe Flash CS3–>MsiExec.exe /I{80FD3971-8482-49C8-BA8C-B6464A15882F}
Adobe Flash Player 10 ActiveX–>C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin–>C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Video Encoder–>MsiExec.exe /I{1B0BCA28-1F11-4D60-8A2F-DEBE04B5341E}
Adobe Fonts All–>MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3–>MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Illustrator CS3–>MsiExec.exe /I{6E08CE13-C2AB-4749-9335-5900B958929E}
Adobe InDesign CS3 Icon Handler–>MsiExec.exe /I{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}
Adobe InDesign CS3–>MsiExec.exe /I{FE8327F9-3AC1-4586-8C7E-3DEE2BC92441}
Adobe Linguistics CS3–>MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe MotionPicture Color Files–>MsiExec.exe /I{6B708481-748A-4EB4-97C1-CD386244FF77}
Adobe PDF Library Files–>MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3–>MsiExec.exe /I{C1FA4B3B-1625-4922-9C9D-780E8FCE161A}
Adobe Reader 9.1–>MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A91000000001}
Adobe Setup–>MsiExec.exe /I{9D3F3D5A-BE6D-48C4-B51E-E2D6753ABCDE}
Adobe SING CS3–>MsiExec.exe /I{B671CBFD-4109-4D35-9252-3062D3CCB7B2}
Adobe Stock Photos CS3–>MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support–>MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3–>MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client–>MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WAS CS3–>MsiExec.exe /I{C5BD220A-EFE8-48A5-B70E-9503D535FACE}
Adobe WinSoft Linguistics Plugin–>MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3–>MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
Advertising Center–>MsiExec.exe /X{b2ec4a38-b545-4a00-8214-13fe0e915e6d}
AHV content for Acrobat and Flash–>MsiExec.exe /I{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}
Ajouter ou supprimer Adobe Creative Suite 3 Design Premium–>C:\Program Files\Common Files\Adobe\Installers\e79070e1ef25043cbd93191267ecaf0
\Setup.exe
Alias DirectConnect 2.0–>MsiExec.exe /I{6E4B4026-92AD-46D3-AD73-6D6F23943871}
Amazon MP3 Downloader 1.0.3–>C:\Program Files\Amazon\MP3 Downloader\Uninstall.exe
Apple Application Support–>MsiExec.exe /I{0C34B801-6AEC-4667-B053-03A67E2D0415}
Apple Software Update–>MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Audacity 1.3.7 (Unicode)–>“C:\Program Files\Audacity 1.3 Beta (Unicode)\unins000.exe”
Auslogics Disk Defrag–>“C:\Program Files\Auslogics\Auslogics Disk Defrag\unins000.exe”
Autodesk Mudbox 2009–>MsiExec.exe /I{48FA4241-BD99-440B-A3C4-E2D3B88FBF73}
avast! Antivirus–>C:\Program Files\Alwil Software\Avast4\aswRunDll.exe “C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll”,RunSetup
Beyond Good & Evil–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield
Installation Information{6BF81CE7-3D5A-497F-8912-2A65A0253E1B}\Setup.exe" -l0x9
Bink and Smacker–>C:\PROGRA~1\RADVideo\UNWISE.EXE C:\PROGRA~1\RADVideo\INSTALL.LOG
CCleaner (remove only)–>“C:\Program Files\CCleaner\uninst.exe”
Creative ALchemy–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield
Installation Information{12321490-F573-4815-B6CC-7ABEF18C9AC4}\setup.exe" -l0x40c /remove
Creative MediaSource 5–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program
Files\InstallShield Installation Information{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}\setup.exe" -l0x40c /remove
Creative Software AutoUpdate–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program
Files\InstallShield Installation Information{88B1984E-36F0-47B8-B8DC-728966807A9C}\setup.exe" -l0x40c /remove
Creative WaveStudio 7–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program
Files\InstallShield Installation Information{2670895A-4E6C-4450-B868-7B7DB80A3357}\setup.exe" -l0x40c /remove
DivX Codec–>C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
EVEREST Home Edition v2.20–>“C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe”
FileHippo.com Update Checker–>“C:\Program Files\FileHippo.com\uninstall.exe”
FileZilla Client 3.0.7–>C:\Program Files\FileZilla FTP Client\uninstall.exe
Google Update Helper–>MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google Earth–>MsiExec.exe /X{CC016F21-3970-11DE-B878-005056806466}
HijackThis 2.0.2–>“C:\Program Files\trend micro\HijackThis.exe” /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)–>C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
/uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)–>C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
/uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
IrfanView (remove only)–>C:\Program Files\IrfanView\iv_uninstall.exe
Java™ 6 Update 16–>MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF}
La boite a couleurs version 1.6.14–>“C:\Program Files\LaBoiteACouleurs\unins000.exe”
LADSPA_plugins-win-0.4.15–>“C:\Program Files\Audacity\Plug-Ins\unins000.exe”
LAME v3.98.2 for Audacity–>“C:\Program Files\Lame for Audacity\unins000.exe”
Malwarebytes’ Anti-Malware–>“C:\Program Files\Malwarebytes’ Anti-Malware\unins000.exe”
Maya 2009–>MsiExec.exe /I{2F05CEAF-A575-41E5-B3D0-FE4CEF83CA0A}
Microsoft .NET Framework 1.1 Hotfix (KB929729)–>“C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe”
“C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M929729\M929729Uninstall.msp”
Microsoft .NET Framework 1.1–>msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1–>MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra–>MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1–>C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1–>MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft MPEG-4 VKI Video Codec V1/V2/V3–>rundll32.exe setupapi,InstallHinfSection DefaultUninstall 132 C:\Windows\INF\mpg4c32.inf
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053–>MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable–>MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148–>MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022–>MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft XNA Framework Redistributable 2.0–>MsiExec.exe /I{245F6C7A-0C22-4DE0-8202-2AAA620A1D3A}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra–>C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack
SP1 - fra\setup.exe
Mozilla Firefox (3.0.13)–>C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB936181)–>MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)–>MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)–>MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Mumble and Murmur–>C:\Program Files\Mumble\Uninstall.exe
MusicEase 8.2–>C:\PROGRA~1\MUSICE~1\UNWISE.EXE C:\PROGRA~1\MUSICE~1\INSTALL.LOG
Nero 9 Essentials–>C:\Program Files\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="XM02-508X-MHAT-19WU-9Z3Z-0CH0-
3U6E-85W5-MMHH-6647-1Z5L-7M8C-0U45-758P-0000"
Nero ControlCenter–>MsiExec.exe /X{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}
Nero Installer–>MsiExec.exe /X{e8a80433-302b-4ff1-815d-fcc8eac482ff}
Nero Online Upgrade–>MsiExec.exe /X{dba84796-8503-4ff0-af57-1747dd9a166d}
Nero StartSmart OEM–>MsiExec.exe /X{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}
Nero StartSmart–>MsiExec.exe /X{7748ac8c-18e3-43bb-959b-088faea16fb2}
neroxml–>MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Notepad+±->C:\Program Files\Notepad++\uninstall.exe
NVIDIA Drivers–>C:\Windows\system32\nvuninst.exe UninstallGUI
NVIDIA PhysX–>MsiExec.exe /X{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}
NVIDIA Stereoscopic 3D Driver–>“C:\Program Files\NVIDIA Corporation\3D Vision\nvStInst.exe” /uninstall /ask
OpenAL–>“C:\Program Files\OpenAL\oalinst.exe” /U
OpenOffice.org 2.4–>MsiExec.exe /I{1E0FF527-971B-4BBF-83D1-987E8DEE437D}
Outil de mise à jour Google–>“C:\Program Files\Google\Google Updater\GoogleUpdater.exe” -uninstall
Panneau de configuration audio Creative–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program
Files\InstallShield Installation Information{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x40c /remove
PDF Settings–>MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
Petank Party 0.9.2.0–>“C:\Program Files\Petank Party\unins000.exe”
PowerDVD–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield
Installation Information{281ECE39-F043-492B-8337-F2E546B5604A}\Setup.exe" -l0x40c -cluninstall
Propriétés de Creative Sound Blaster–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program
Files\InstallShield Installation Information{7AB55EC6-1158-41EF-B87D-90555A8F5C92}\setup.exe" -l0x40c /remove
QuickTime–>MsiExec.exe /I{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}
Reason–>MsiExec.exe /X{CE1B4A56-9F34-4E88-AD25-DA219320C68D}
Riva FLV Encoder 2.0–>“C:\Program Files\Riva\Riva FLV Encoder 2.0\unins000.exe”
Sentinel System Driver–>C:\WINDOWS\SYSTEM32\RNBOSENT\SETUPX86.EXE /U /q
Simple Attractor Renderer–>msiexec /qb /x {9B988669-6967-878A-4B5B-DD6FCE8D548E}
Simple Attractor Renderer–>MsiExec.exe /I{9B988669-6967-878A-4B5B-DD6FCE8D548E}
Skype web features–>MsiExec.exe /I{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}
Skype 4.1–>MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Spybot - Search & Destroy 1.5.2.20–>“C:\Windows\unins000.exe”
Spybot - Search & Destroy–>“C:\Program Files\Spybot - Search & Destroy\unins000.exe”
System Requirements Lab–>C:\Program Files\SystemRequirementsLab\Uninstall.exe
TeamSpeak 2 RC2–>“C:\Program Files\Teamspeak2_RC2\unins000.exe”
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)–>C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
/uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Ventrilo Client–>MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
Visual C++ 8.0 CRT (x86) WinSXS MSM–>MsiExec.exe /I{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E}
Visual C++ 8.0 CRT.Policy (x86) WinSXS MSM–>MsiExec.exe /I{63E949F6-03BC-5C40-FF1F-C8B3B9A1E18E}
Visual C++ 8.0 MFC (x86) WinSXS MSM–>MsiExec.exe /I{9BAE13A2-E7AF-D6C3-FF1F-C8B3B9A1E18E}
Visual C++ 8.0 MFC.Policy (x86) WinSXS MSM–>MsiExec.exe /I{68B7C6D9-1DF2-54C1-FF1F-C8B3B9A1E18E}
Vue 7–>C:\Program Files\e-on software\Vue 7\Uninstall.exe
WampServer 2.0–>“c:\wamp\unins000.exe”
Winamp–>“C:\Program Files\Winamp\UninstWA.exe”
Windows Live installer–>MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
WinRAR archiver–>C:\Program Files\WinRAR\uninstall.exe
World of Warcraft–>C:\Program Files\Common Files\Blizzard Entertainment\World of Warcraft Public Test-PTR\Uninstall.exe
XviD MPEG-4 Video Codec–>C:\Windows\system32\rundll32.exe setupapi,InstallHinfSection Remove_XviD 132 C:\Windows\INF\xvid.inf
=====HijackThis Backups=====
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) [2009-09-28]
O4 - HKCU…\Run: [Skype] “C:\Program Files\Skype\Phone\Skype.exe” /nosplash /minimized [2009-09-28]
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local [2009-09-28]
O4 - HKLM…\Run: [QuickTime Task] “C:\Program Files\QuickTime\QTTask.exe” -atboottime [2009-09-28]
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = [2009-09-28]
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe [2009-09-28]
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program
Files\Bonjour\mDNSResponder.exe [2009-09-28]
O4 - HKLM…\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe” [2009-09-28]
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - download.eset.com… [2009-09-28]
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program
Files\Bonjour\mDNSResponder.exe [2009-09-28]
======Hosts File======
127.0.0.1 007guard.com
127.0.0.1 www.007guard.com
127.0.0.1 008i.com
127.0.0.1 008k.com
127.0.0.1 www.008k.com
127.0.0.1 00hq.com
127.0.0.1 www.00hq.com
127.0.0.1 010402.com
127.0.0.1 032439.com
127.0.0.1 www.032439.com
======Security center information======
AV: avast! antivirus 4.7.1098 [VPS 090924-0]
AS: Spybot - Search and Destroy (disabled)
AS: Windows Defender
======System event log======
Computer Name: PC-FTX
Event Code: 3004
Message: Lagent de protection en temps réel Windows Defender a détecté des modifications. Microsoft vous recommande danalyser les logiciels
responsables de ces modifications, à la recherche de risques potentiels. Vous pouvez vous servir des informations relatives au fonctionnement de
ces programmes pour autoriser ou non leur exécution, ou pour les supprimer de lordinateur. Nautorisez les modifications que si vous faites
confiance au programme ou à léditeur de logiciel. Windows Defender ne peut pas annuler les modifications que vous autorisez.
Pour plus dinformations, consultez les données suivantes :
Non applicable
ID danalyse : {091E42B8-C28F-4BC6-BCDA-6D39A4863A24}
Utilisateur : PC-FTX\FTX
Nom : Unknown
ID :
ID de gravité :
ID de catégorie :
Chemin daccès trouvé : regkey:HKCU@S-1-5-21-2529707172-566689011-1989786900-1000
\Software\Microsoft\Windows\CurrentVersion\Run\SpybotSD TeaTimer;runkey:HKCU@S-1-5-21-2529707172-566689011-1989786900-1000
\Software\Microsoft\Windows\CurrentVersion\Run\SpybotSD TeaTimer;file:C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
Type dalerte : Logiciel non classifié
Type de détection :
Record Number: 194175
Source Name: Microsoft-Windows-Windows Defender
Time Written: 20090928111202.000000-000
Event Type: Avertissement
User:
Computer Name: PC-FTX
Event Code: 7016
Message: Le service NVIDIA Display Driver Service a signalé un état actuel 32 non valide.
Record Number: 194203
Source Name: Service Control Manager
Time Written: 20090928113650.000000-000
Event Type: Erreur
User:
Computer Name: PC-FTX
Event Code: 15016
Message: Impossible dinitialiser le package de sécurité Kerberos pour lauthentification côté serveur. Le champ de données contient le numéro
de lerreur.
Record Number: 194228
Source Name: Microsoft-Windows-HttpEvent
Time Written: 20090928113754.597345-000
Event Type: Erreur
User:
Computer Name: PC-FTX
Event Code: 7000
Message: Le service DS1410D n’a pas pu démarrer en raison de l’erreur :
Le fichier spécifié est introuvable.
Record Number: 194267
Source Name: Service Control Manager
Time Written: 20090928113818.000000-000
Event Type: Erreur
User:
Computer Name: PC-FTX
Event Code: 3004
Message: Lagent de protection en temps réel Windows Defender a détecté des modifications. Microsoft vous recommande danalyser les logiciels
responsables de ces modifications, à la recherche de risques potentiels. Vous pouvez vous servir des informations relatives au fonctionnement de
ces programmes pour autoriser ou non leur exécution, ou pour les supprimer de lordinateur. Nautorisez les modifications que si vous faites
confiance au programme ou à léditeur de logiciel. Windows Defender ne peut pas annuler les modifications que vous autorisez.
Pour plus dinformations, consultez les données suivantes :
Non applicable
ID danalyse : {743264B5-213C-409D-8AD0-36A30EE9FED3}
Utilisateur : PC-FTX\FTX
Nom : Unknown
ID :
ID de gravité :
ID de catégorie :
Chemin daccès trouvé : file:C:\Windows\system32\drivers\etc\hosts
Type dalerte : Logiciel non classifié
Type de détection :
Record Number: 194322
Source Name: Microsoft-Windows-Windows Defender
Time Written: 20090928114302.000000-000
Event Type: Avertissement
User:
=====Application event log=====
Computer Name: PC-FTX
Event Code: 11
Message: Échec de l’extraction de la liste racine tierce partie depuis le fichier CAB de mise à jour automatique à :
http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab avec l’erreur : Un certificat requis n’est pas
dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé.
.
Record Number: 108124
Source Name: Microsoft-Windows-CAPI2
Time Written: 20090928111410.000000-000
Event Type: Erreur
User:
Computer Name: PC-FTX
Event Code: 20227
Message: CoID={B05C6EFF-72A0-47B8-8D02-3656569A0070} : Lutilisateur PC-FTX\FTX a composé le numéro de la connexion Connexion haut débit. La
connexion a échoué. Code derreur retourné : 0.
Record Number: 108171
Source Name: RasClient
Time Written: 20090928120054.000000-000
Event Type: Erreur
User:
Computer Name: PC-FTX
Event Code: 20227
Message: CoID={06BAC004-D913-4693-A91E-673A22CE6652} : Lutilisateur PC-FTX\FTX a composé le numéro de la connexion Connexion haut débit. La
connexion a échoué. Code derreur retourné : 0.
Record Number: 108174
Source Name: RasClient
Time Written: 20090928120057.000000-000
Event Type: Erreur
User:
Computer Name: PC-FTX
Event Code: 20227
Message: CoID={31079A22-663C-41BE-80FC-A44C612F90F5} : Lutilisateur PC-FTX\FTX a composé le numéro de la connexion Connexion haut débit. La
connexion a échoué. Code derreur retourné : 815.
Record Number: 108177
Source Name: RasClient
Time Written: 20090928120457.000000-000
Event Type: Erreur
User:
Computer Name: PC-FTX
Event Code: 20227
Message: CoID={B21D26F2-8274-46B2-B888-8707450D60F7} : Lutilisateur PC-FTX\FTX a composé le numéro de la connexion Connexion haut débit. La
connexion a échoué. Code derreur retourné : 815.
Record Number: 108180
Source Name: RasClient
Time Written: 20090928120524.000000-000
Event Type: Erreur
User:
=====Security event log=====
Computer Name: PC-FTX
Event Code: 4905
Message: Une tentative dannulation dinscription de la source dun événement de sécurité a été effectuée.
Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-FTX$
Domaine du compte : WORKGROUP
ID douverture de session : 0x3e7
Processus :
ID du processus : 0xa68
Nom du processus : C:\Windows\System32\VSSVC.exe
Source de lévénement :
Nom de la source : VSSAudit
ID de la source de lévénement : 0x12a0a43
Record Number: 50040
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090421235915.314312-000
Event Type: Succès de l’audit
User:
Computer Name: PC-FTX
Event Code: 4647
Message: Fermeture de session initiée par lutilisateur :
Sujet :
ID de sécurité : S-1-5-21-2529707172-566689011-1989786900-1000
Nom du compte : FTX
Domaine du compte : PC-FTX
ID douverture de session : 0x5d872
Cet événement est généré lorsquune fermeture de session est initiée, mais que le nombre de références du jeton nétant pas zéro, la session
ouverte ne peut pas être supprimée. Aucune autre activité initiée par lutilisateur ne peut se produire. Cet événement peut être interprété
comme un événement de fermeture de session.
Record Number: 50041
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090422052752.509312-000
Event Type: Succès de l’audit
User:
Computer Name: PC-FTX
Event Code: 1100
Message: Le service denregistrement des événements a été arrêté.
Record Number: 50042
Source Name: Microsoft-Windows-Eventlog
Time Written: 20090422052808.967312-000
Event Type: Succès de l’audit
User:
Computer Name: PC-FTX
Event Code: 4616
Message: Lheure du système a été modifiée.
Sujet :
ID de sécurité : S-1-5-19
Nom du compte : SERVICE LOCAL
Domaine du compte : AUTORITE NT
ID douverture de session : 0x3e5
Informations sur le processus :
ID du processus : 0x520
Nom : C:\Windows\System32\svchost.exe
Heure précédente : 07:28:13 22/04/2009
Nouvelle heure : 07:28:13 22/04/2009
Cet événement est généré lorsque lheure du système est modifiée. Le changement régulier de lheure du système est une opération normale de la
part du service de temps Windows qui sexécute avec des privilèges système. Mais, dautres modifications de lheure du système peuvent indiquer
des tentatives de falsification de lordinateur.
Record Number: 50043
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090422052814.458200-000
Event Type: Succès de l’audit
User:
Computer Name: PC-FTX
Event Code: 4634
Message: Fermeture de session dun compte.
Sujet :
ID de sécurité : S-1-5-7
Nom du compte : ANONYMOUS LOGON
Domaine du compte : AUTORITE NT
ID du compte : 0x23f7d
Type douverture de session : 3
Cet événement est généré lorsquune session ouverte est supprimée. Il peut être associé à un événement douverture de session en utilisant la
valeur ID douverture de session. Les ID douverture de session ne sont uniques quentre les redémarrages sur un même ordinateur.
Record Number: 50044
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090422052829.262600-000
Event Type: Succès de l’audit
User:
======Environment variables======
“ComSpec”=%SystemRoot%\system32\cmd.exe
“FP_NO_HOST_CHECK”=NO
“OS”=Windows_NT
“Path”=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\Autodesk\Maya2009\bin;C:\Program
Files\QuickTime\QTSystem;C:\Program Files\QuickTime\QTSystem
“PATHEXT”=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
“PROCESSOR_ARCHITECTURE”=x86
“TEMP”=%SystemRoot%\TEMP
“TMP”=%SystemRoot%\TEMP
“USERNAME”=SYSTEM
“windir”=%SystemRoot%
“PROCESSOR_LEVEL”=6
“PROCESSOR_IDENTIFIER”=x86 Family 6 Model 15 Stepping 6, GenuineIntel
“PROCESSOR_REVISION”=0f06
“NUMBER_OF_PROCESSORS”=2
“CLASSPATH”=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
“QTJAVA”=C:\Program Files\QuickTime\QTSystem\QTJava.zip
-----------------EOF-----------------
[/spoiler]