Merci de m’aider.
Voila le rapport log.txt:
Logfile of random’s system information tool 1.06 (written by random/random)
Run by Maxime at 2010-02-20 14:13:00
Microsoft® Windows Vista Édition Familiale Premium Service Pack 1
System drive C: has 167 GB (36%) free of 469 GB
Total RAM: 6142 MB (70% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:13:01, on 20/02/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18294)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\ACER\Preload\Autorun\DRV\Fiji Keyboard\ABoard.exe
C:\Program Files (x86)\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\ACER\Preload\Autorun\DRV\Fiji Keyboard\AOSD.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
C:\Program Files (x86)\Free Download Manager\fdm.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
C:\Program Files (x86)\Opera\Opera.exe
C:\Users\Maxime\RSIT.exe
C:\Users\Maxime\HiJackThis\Maxime.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = homepage.packardbell.com…
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = homepage.packardbell.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = homepage.packardbell.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = homepage.packardbell.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d’aide de l’Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
O4 - HKLM…\Run: [Adobe Reader Speed Launcher] “C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe”
O4 - HKLM…\Run: [QuickTime Task] “C:\Program Files (x86)\QuickTime\QTTask.exe” -atboottime
O4 - HKLM…\Run: [iTunesHelper] “C:\Program Files (x86)\iTunes\iTunesHelper.exe”
O4 - HKLM…\Run: [avgnt] “C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe” /min
O4 - HKLM…\Run: [BMISR] C:\Program Files (x86)\KYE\WebMate\BM.exe
O4 - HKCU…\Run: [SmpcSys] C:\Program Files (x86)\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU…\Run: [msnmsgr] “C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe” /background
O4 - HKCU…\Run: [Skype] “C:\Program Files (x86)\Skype\Phone\Skype.exe” /nosplash /minimized
O4 - HKCU…\Run: [DAEMON Tools Lite] “C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe” -autorun
O4 - HKCU…\Run: [EA Core] “C:\Program Files (x86)\Electronic Arts\EADM\Core.exe” -silent
O4 - HKCU…\Run: [Free Download Manager] “C:\Program Files (x86)\Free Download Manager\fdm.exe” -autorun
O4 - HKCU…\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19…\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User ‘SERVICE LOCAL’)
O4 - HKUS\S-1-5-19…\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘SERVICE LOCAL’)
O4 - HKUS\S-1-5-20…\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User ‘SERVICE RÉSEAU’)
O8 - Extra context menu item: Download all with Free Download Manager - [C:\Program…](file://C:\Program) Files (x86)\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - [C:\Program…](file://C:\Program) Files (x86)\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - [C:\Program…](file://C:\Program) Files (x86)\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - [C:\Program…](file://C:\Program) Files (x86)\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE…
O8 - Extra context menu item: Google Sidewiki… - C:\Program… Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Dragon Age: Origins - Application de mise à jour (DAUpdaterSvc) - BioWare - C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Packard Bell Services - C:\Windows\SYSTEM32\HidService.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de liPod (iPod Service) - Apple Inc. - C:\Program Files (x86)\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RelevantKnowledge - Unknown owner - C:\Program Files (x86)\RelevantKnowledge\rlservice.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TabletServicePen - Unknown owner - C:\Windows\system32\Pen_Tablet.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
–
End of file - 10013 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d’aide de l’Assistant de connexion Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2009-03-02 98304]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“Adobe Reader Speed Launcher”=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
“QuickTime Task”=C:\Program Files (x86)\QuickTime\QTTask.exe [2009-09-05 417792]
“iTunesHelper”=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2009-10-28 141600]
“avgnt”=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
“BMISR”=C:\Program Files (x86)\KYE\WebMate\BM.exe []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“SmpcSys”=C:\Program Files (x86)\Packard Bell\SetUpMyPC\SmpSys.exe [2009-03-18 1160736]
“msnmsgr”=C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
“Skype”=C:\Program Files (x86)\Skype\Phone\Skype.exe [2009-07-16 25604904]
“DAEMON Tools Lite”=C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]
“EA Core”=C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent []
“Free Download Manager”=C:\Program Files (x86)\Free Download Manager\fdm.exe [2009-03-02 3399727]
“ehTray.exe”=C:\Windows\ehome\ehTray.exe [2008-07-03 152064]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
“EnableLUA”=0
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1
“EnableUIADesktopToggle”=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
“NoActiveDesktop”=
“ForceActiveDesktopOn”=
“NoActiveDesktopChanges”=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
“C:\Users\Maxime\IM88532.JPG-www.facebook.com.exe”=“C:\Users\Maxime\IM88532.JPG-www.facebook.com.exe:*:Enabled:Firewall Administrating”
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{05973e4c-6174-11de-86c3-806e6f6e6963}]
shell\AutoRun\command - E:\autorun.exe -auto
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{b67f629b-90a3-11de-a0bb-001f16f2e111}]
shell\Auto\command - cmd /C launch.bat
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat
======List of files/folders created in the last 1 months======
2010-02-20 14:06:15 ----D---- C:\rsit
2010-02-20 13:33:28 ----A---- C:\Windows\ScUnin.exe
2010-02-20 12:44:19 ----D---- C:\Users\Maxime\AppData\Roaming\Malwarebytes
2010-02-20 12:44:14 ----D---- C:\ProgramData\Malwarebytes
2010-02-20 12:44:13 ----D---- C:\Program Files (x86)\Malwarebytes’ Anti-Malware
2010-02-18 23:08:39 ----SHD---- C:\Config.Msi
2010-02-18 22:43:29 ----A---- C:\Windows\system32\wups.dll
2010-02-18 22:43:29 ----A---- C:\Windows\system32\wudriver.dll
2010-02-18 22:43:29 ----A---- C:\Windows\system32\wuapi.dll
2010-02-18 22:43:20 ----A---- C:\Windows\system32\wuwebv.dll
2010-02-18 22:43:20 ----A---- C:\Windows\system32\wuapp.exe
2010-02-18 22:41:20 ----D---- C:\Program Files (x86)\AxBx
2010-02-11 23:58:27 ----A---- C:\Windows\amcap.exe
2010-02-11 23:58:15 ----A---- C:\Windows\vsnpstd.exe
2010-02-11 23:58:15 ----A---- C:\Windows\system32\unicows.dll
2010-02-11 23:58:15 ----A---- C:\Windows\system32\dsnpstd.dll
2010-02-11 23:58:15 ----A---- C:\Windows\snpstd.ini
2010-02-11 23:58:08 ----A---- C:\Windows\system32\vsnpstd.dll
2010-02-11 23:58:08 ----A---- C:\Windows\system32\rsnpstd.dll
2010-02-11 23:58:08 ----A---- C:\Windows\system32\csnpstd.dll
2010-02-11 23:58:06 ----D---- C:\Program Files (x86)\Common Files\snpstd
2010-02-11 23:58:06 ----A---- C:\Windows\usnpstd.exe
2010-02-11 23:23:42 ----D---- C:\Windows\Album
2010-02-11 23:23:11 ----D---- C:\ProgramData\InstallShield
2010-02-11 23:22:13 ----D---- C:\Windows\PixArt
2010-02-11 23:22:13 ----D---- C:\Program Files (x86)\Common Files\PAC7302
2010-02-11 23:22:12 ----D---- C:\Program Files (x86)\KYE
2010-02-11 23:21:35 ----D---- C:\Windows\Downloaded Installations
2010-02-11 23:18:58 ----A---- C:\Windows\system32\mfc71.dll
2010-02-08 21:31:37 ----D---- C:\Program Files (x86)\Hedgewars 0.9.12
2010-02-08 14:58:47 ----D---- C:\Program Files (x86)\osu!
2010-02-08 13:14:59 ----D---- C:\Users\Maxime\AppData\Roaming\InstallShield
2010-02-07 16:49:42 ----D---- C:\ProgramData\Avira
2010-02-07 16:49:42 ----D---- C:\Program Files (x86)\Avira
2010-02-04 11:42:08 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-02-04 11:40:15 ----D---- C:\Program Files (x86)\Microsoft SQL Server
2010-02-04 11:40:13 ----D---- C:\Program Files (x86)\DAODB
2010-02-01 14:55:21 ----D---- C:\ProgramData\BioWare
2010-02-01 14:51:19 ----D---- C:\Windows\1C4551A64743409391E41477CD655043.TMP
2010-02-01 14:32:15 ----D---- C:\Program Files (x86)\Dragon Age
2010-01-31 11:24:21 ----A---- C:\Windows\system32\msvcr71.dll
2010-01-31 11:24:21 ----A---- C:\Windows\system32\msvcp71.dll
2010-01-30 21:08:43 ----D---- C:\Program Files (x86)\Beneton Movie GIF
2010-01-28 12:54:34 ----D---- C:\ProgramData\Media Center Programs
2010-01-28 12:54:33 ----D---- C:\Program Files (x86)\Common Files\BioWare
2010-01-28 12:24:39 ----RHD---- C:\Users\Maxime\AppData\Roaming\SecuROM
2010-01-27 19:14:01 ----D---- C:\Program Files (x86)\Common Files\Adobe AIR
2010-01-23 23:39:18 ----D---- C:\ProgramData\Steam
2010-01-23 23:39:06 ----D---- C:\ProgramData\PopCap Games
======List of files/folders modified in the last 1 months======
2010-02-20 14:12:27 ----D---- C:\Windows\Temp
2010-02-20 14:12:23 ----D---- C:\Users\Maxime\AppData\Roaming\Free Download Manager
2010-02-20 14:07:57 ----D---- C:\Windows\System32
2010-02-20 14:07:57 ----D---- C:\Windows\inf
2010-02-20 14:06:46 ----D---- C:\Users\Maxime\AppData\Roaming\Skype
2010-02-20 14:02:51 ----D---- C:\Users\Maxime\AppData\Roaming\WTablet
2010-02-20 14:01:47 ----D---- C:\Users\Maxime\AppData\Roaming\uTorrent
2010-02-20 14:01:36 ----RD---- C:\Program Files (x86)
2010-02-20 14:01:36 ----D---- C:\Windows\SysWOW64
2010-02-20 14:01:36 ----D---- C:\Windows
2010-02-20 13:33:10 ----RD---- C:\Program Files
2010-02-20 12:44:15 ----D---- C:\Windows\system32\drivers
2010-02-20 12:44:14 ----HD---- C:\ProgramData
2010-02-20 12:37:00 ----D---- C:\Users\Maxime\AppData\Roaming\skypePM
2010-02-20 12:36:47 ----D---- C:\Program Files (x86)\Steam
2010-02-19 15:59:13 ----D---- C:\Windows\rescache
2010-02-19 15:42:47 ----D---- C:\Windows\system32\fr-FR
2010-02-19 15:41:58 ----D---- C:\Windows\winsxs
2010-02-19 15:40:47 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2010-02-19 07:12:06 ----SHD---- C:\System Volume Information
2010-02-18 23:42:45 ----D---- C:\Users\Maxime\AppData\Roaming\vlc
2010-02-18 23:34:29 ----SHD---- C:\Windows\Installer
2010-02-17 01:39:31 ----D---- C:\Program Files (x86)\uTorrent
2010-02-16 01:16:39 ----D---- C:\Users\Maxime\AppData\Roaming\dvdcss
2010-02-12 20:33:09 ----D---- C:\Program Files (x86)\Windows Live Safety Center
2010-02-11 23:58:15 ----D---- C:\Windows\twain_32
2010-02-11 23:58:06 ----D---- C:\Program Files (x86)\Common Files
2010-02-10 13:42:01 ----D---- C:\Windows\Prefetch
2010-02-08 13:15:48 ----D---- C:\Program Files (x86)\Rising Force Online France
2010-02-08 13:13:02 ----D---- C:\ProgramData\Google
2010-02-08 13:13:02 ----D---- C:\Program Files (x86)\Google
2010-02-08 13:12:47 ----D---- C:\Program Files (x86)\Eufloria Demo
2010-02-08 12:54:42 ----RSD---- C:\Windows\assembly
2010-02-07 20:53:54 ----D---- C:\Program Files (x86)\Free Download Manager
2010-02-06 14:40:06 ----D---- C:\Windows\Registration
2010-02-04 11:41:11 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2010-02-04 11:41:09 ----D---- C:\Program Files (x86)\Microsoft.NET
2010-02-01 14:51:18 ----D---- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2010-01-30 13:49:33 ----D---- C:\Program Files (x86)\Fenrir Online
2010-01-28 12:22:43 ----SD---- C:\Users\Maxime\AppData\Roaming\Microsoft
2010-01-27 19:16:12 ----D---- C:\ProgramData\Electronic Arts
2010-01-27 19:15:56 ----D---- C:\Users\Maxime\AppData\Roaming\Adobe
2010-01-27 19:15:56 ----D---- C:\ProgramData\Adobe
2010-01-27 18:28:44 ----D---- C:\Program Files (x86)\Electronic Arts
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys []
R3 athrusb6;Atheros Wireless LAN USB device driver 6 Series; C:\Windows\system32\DRIVERS\athrxu6.sys []
R3 e1yexpress;Intel® Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y60x64.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys []
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys []
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys []
R3 wacmoumonitor;Wacom Mode Helper; C:\Windows\system32\DRIVERS\wacmoumonitor.sys []
R3 wacommousefilter;Wacom Mouse Filter Driver; C:\Windows\system32\DRIVERS\wacommousefilter.sys []
R3 wacomvhid;Wacom Virtual Hid Driver; C:\Windows\system32\DRIVERS\wacomvhid.sys []
R3 WacomVKHid;Virtual Keyboard Driver; C:\Windows\system32\DRIVERS\WacomVKHid.sys []
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys []
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []
S3 av5qxn6s;av5qxn6s; C:\Windows\system32\drivers\av5qxn6s.sys []
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys []
S3 dump_wmimmc;dump_wmimmc; ??\C:\Program Files (x86)\gPotato.eu\Dragonica\FR\Release\GameGuard\dump_wmimmc.sys []
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys []
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys []
S3 MSPCLOCK;Proxy d’horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys []
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys []
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys []
S3 NPPTNT2;NPPTNT2; ??\C:\Windows\system32\npptNT2.sys [2005-01-03 4682]
S3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys []
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys []
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6; C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [2007-09-10 124832]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 GenericHidService;Generic Service for HID Keyboard Input Collections; C:\Windows\system32\HidService.exe [2008-05-29 83264]
R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-09-12 354840]
R2 MSSQL$BWDATOOLSET;SQL Server (BWDATOOLSET); C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-11-25 29263712]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [2006-12-19 81920]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-25 153952]
R2 TabletServicePen;TabletServicePen; C:\Windows\system32\Pen_Tablet.exe []
R3 iPod Service;Service de liPod; C:\Program Files (x86)\iPod\bin\iPodService.exe [2009-10-28 545568]
S2 RelevantKnowledge;RelevantKnowledge; C:\Program Files (x86)\RelevantKnowledge\rlservice.exe /service []
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2008-07-27 93184]
S3 DAUpdaterSvc;Dragon Age: Origins - Application de mise à jour; C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-07-26 25832]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-05-13 654848]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2009-07-22 3240876]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2007-09-12 87288]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-25 45408]
S4 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [2008-02-18 877864]
S4 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [2008-04-28 529704]
S4 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-25 239968]
-----------------EOF-----------------
Et voila le rapport info.txt :
info.txt logfile of random’s system information tool 1.06 2010-02-20 14:06:18
======Uninstall list======
–>C:\Program Files (x86)\Nero\Nero8\nero\uninstall\UNNERO.exe /UNINSTALL
–>C:\Windows\UNNeroBackItUp.exe /UNINSTALL
–>C:\Windows\UNNeroMediaHome.exe /UNINSTALL
–>C:\Windows\UNNeroShowTime.exe /UNINSTALL
–>C:\Windows\UNNeroVision.exe /UNINSTALL
–>C:\Windows\UNRecode.exe /UNINSTALL
–>MsiExec /X{DD1865F0-AD73-40FB-B23E-1822E02396FF}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {00C5525B-3CB3-467D-8100-2E6FB306CD86}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-002A-040C-1000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
Adobe AIR–>c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR–>MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 10 Plugin–>C:\Windows\SysWOW64\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player ActiveX–>C:\Windows\SysWOW64\Macromed\Flash\uninstall_activeX.exe
Adobe Photoshop Elements 6.0–>msiexec /I {F54AC413-D2C6-4A24-B324-370C223C6250}
Adobe Reader 9 - Français–>MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
Apple Application Support–>MsiExec.exe /I{B607C354-CD79-4D22-86D1-92DC94153F42}
Apple Software Update–>MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR–>C:\Program Files (x86)\WinRAR\uninstall.exe
Assistant de connexion Windows Live–>MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
Avira AntiVir Personal - Free Antivirus–>C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe /REMOVE
BattleForge–>MsiExec.exe /X{C580908C-B3BA-4C19-BD60-16F02F272201}
Beneton Movie GIF 1.1.2–>“C:\Program Files (x86)\Beneton Movie GIF\unins000.exe”
Clean Virus MSN–>“C:\Program Files (x86)\AxBx\Clean Virus MSN\unins000.exe”
DAEMON Tools Toolbar–>C:\Program Files (x86)\DAEMON Tools Toolbar\uninst.exe
Dead Space–>MsiExec.exe /X{4D87DC92-C328-46EC-A7B4-9C88129DC696}
Dragon Age Toolset–>“C:\Program Files (x86)\Common Files\BioWare\Uninstall Dragon Age Toolset.exe”
Dragon Age: Origins–>C:\Program Files (x86)\Common Files\BioWare\Uninstall Dragon Age.exe
EA Download Manager UI–>msiexec /qb /x {A59BB15D-51B7-F12B-4548-8C0368243441}
EA Download Manager UI–>MsiExec.exe /I{A59BB15D-51B7-F12B-4548-8C0368243441}
EA Download Manager–>C:\Program Files (x86)\Electronic Arts\EADM\EADMUninstall.exe
Fenrir Online 2.0–>“C:\Program Files (x86)\Fenrir Online\unins000.exe”
Free Download Manager 3.0–>C:\Program Files (x86)\Free Download Manager\uninst.exe
Galerie de photos Windows Live–>MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}
Half-Life 2: Episode One–>“C:\Program Files (x86)\Steam\steam.exe” uninstall…
Half-Life 2: Episode Two–>“C:\Program Files (x86)\Steam\steam.exe” uninstall…
Half-Life 2: Lost Coast–>“C:\Program Files (x86)\Steam\steam.exe” uninstall…
Half-Life 2–>“C:\Program Files (x86)\Steam\steam.exe” uninstall…
HijackThis 2.0.2–>“C:\Users\Maxime\HiJackThis\HijackThis.exe” /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)–>C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)–>C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {08155812-0202-4D5F-A7FF-12A2782DC548} /qb+ REBOOTPROMPT=""
Identity Card–>C:\Program Files (x86)\Packard Bell\Identity Card\Uninstall.exe
Impossible Creatures–>“C:\Program Files (x86)\Microsoft Games\Impossible Creatures\UNINSTAL.EXE” /runtemp /addremove
InfoCentre–>C:\Program Files (x86)\Packard Bell\InfoCentre\Uninstall.exe
Installation Windows Live–>C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Installation Windows Live–>MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
iTunes–>MsiExec.exe /I{D1A74FBB-CA8D-4CCA-9B89-BAAA436DB178}
Junk Mail filter update–>MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
Les Sims 3–>“C:\Program Files (x86)\InstallShield Installation Information{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\setup.exe” -runfromtemp -l0x040c -removeonly
Malwarebytes’ Anti-Malware–>“C:\Program Files (x86)\Malwarebytes’ Anti-Malware\unins000.exe”
Messenger Plus! Live–>“C:\Program Files (x86)\Messenger Plus! Live\Uninstall.exe”
MetaBoli–>“C:\Program Files (x86)\InstallShield Installation Information{709817E4-5439-4206-8738-796B34B623BD}\setup.exe” -runfromtemp -l0x040c -removeonly
Microsoft Choice Guard–>MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Games for Windows - LIVE -->MsiExec.exe /X{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}
Microsoft Games for Windows - LIVE Redistributable–>MsiExec.exe /X{FD052FB9-FE90-4438-B355-15EDC89D8FB1}
Microsoft Office Excel MUI (French) 2007–>MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Home and Student 2007–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe” /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007–>MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office OneNote MUI (French) 2007–>MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007–>MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (French)–>MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007–>MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007–>MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007–>MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007–>MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007–>MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007–>MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007–>MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007–>MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Suite Activation Assistant–>MsiExec.exe /X{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
Microsoft Office Word MUI (French) 2007–>MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft SQL Server 2005 Compact Edition [ENU]–>MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft SQL Server 2005 Express Edition (BWDATOOLSET)–>MsiExec.exe /I{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}
Microsoft SQL Server 2005 Tools Express Edition–>MsiExec.exe /I{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}
Microsoft SQL Server 2005–>“C:\Program Files (x86)\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe” /Remove
Microsoft SQL Server Setup Support Files (English)–>MsiExec.exe /X{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053–>MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable–>MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable–>MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022–>MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17–>MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Works–>MsiExec.exe /I{0214A441-A4AB-43A8-8DEF-2F73C5364673}
Microsoft WSE 3.0 Runtime–>MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13}
MKV Converter version 1.3.1.0–>“C:\Program Files (x86)\MKVConverter\unins000.exe”
Module de compatibilité pour Microsoft Office System 2007–>MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
MSVCRT–>MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)–>MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Nero 8 Essentials–>MsiExec.exe /X{5C1BF3AC-B19D-4C26-B0A0-90833A521036}
neroxml–>MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA PhysX–>MsiExec.exe /X{DD1865F0-AD73-40FB-B23E-1822E02396FF}
OpenAL–>“C:\Program Files (x86)\OpenAL\oalinst.exe” /U
Opera 9.64–>MsiExec.exe /X{E1BBBAC5-2857-4155-82A6-54492CE88620}
osu!–>MsiExec.exe /X{C3592426-531E-4110-911D-BFECE2CE284C}
Outil de téléchargement Windows Live–>MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Packard Bell Customer Registration–>C:\Program Files (x86)\Packard Bell\Packard Bell Customer Registration\Uninstall.exe
Packard Bell Recovery Management–>“C:\Program Files (x86)\InstallShield Installation Information{7F811A54-5A09-4579-90E1-C93498E230D9}\setup.exe” -runfromtemp -l0x040c -removeonly
Packard Bell ScreenSaver–>C:\Windows\Screensavers\Packard Bell\Uninstall.exe
Pcsx2 0.9.6–>MsiExec.exe /I{0E2B767B-EA6A-489B-BF83-8083FE1DB661}
Pen Tablet–>C:\Program Files (x86)\Tablet\Pen\Remove.exe /u
Portal–>“C:\Program Files (x86)\Steam\steam.exe” uninstall…
QuickTime–>MsiExec.exe /I{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}
Realtek High Definition Audio Driver–>C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe -r -m -nrg2709
RGSS de RMXP version 1.0.1–>“C:\Program Files (x86)\Bodom-Child - RaBBi\RGSS\unins000.exe”
RMXP version 1.0.0.1–>“C:\Program Files (x86)\Bodom-Child - RaBBi\RMXP\unins000.exe”
RPG Maker 2003–>C:\Program Files (x86)\RPG Maker 2003\Désinstaller.exe
Security Update for 2007 Microsoft Office System (KB969559)–>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB969679)–>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C66E4A6C-6E07-4C63-8CCD-2493B5087C73}
Security Update for Microsoft Office Excel 2007 (KB969682)–>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C03803BD-745A-46F8-8557-817DED578780}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)–>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office system 2007 (KB969613)–>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office Word 2007 (KB969604)–>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {CF3D6499-709C-43D0-8908-BC5652656050}
SetUpMyPC–>C:\Program Files (x86)\Packard Bell\SetUpMyPC\Uninstall.exe
Shattered Horizon–>“C:\Program Files (x86)\Steam\steam.exe” uninstall…
Skype 4.1–>MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
SourceForts–>c:\program files (x86)\steam\SteamApps\SourceMods\sourceforts\uninstall.exe
SPORE Aventures Galactiques–>“C:\Program Files (x86)\InstallShield Installation Information{63CEA2E4-4FE7-4F2C-B388-C1313D24157C}\setup.exe” -runfromtemp -l0x040c -removeonly
SPORE–>“C:\Program Files (x86)\InstallShield Installation Information{9DF0196F-B6B8-4C3A-8790-DE42AA530101}\setup.exe” -runfromtemp -l0x040c -removeonly
Starcraft–>C:\Windows\SCunin.exe C:\Windows\SCunin.dat
Steam–>MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Team Fortress 2–>“C:\Program Files (x86)\Steam\steam.exe” uninstall…
TmNationsForever–>“C:\Program Files (x86)\TmNationsForever\unins000.exe”
Update for 2007 Microsoft Office System (KB967642)–>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Updator–>C:\Program Files (x86)\Packard Bell\Updator\Uninstall.exe
VideoCAM Messenger–>RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup “C:\Program Files (x86)\InstallShield Installation Information{862546CA-19C6-4D42-A6EB-352820682FA3}\setup.exe” -l0x40c
VLC media player 1.0.1–>C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
WBFS Manager 3.0–>C:\Program Files\WBFS\WBFS Manager 3.0\uninstall.exe
WebMate–>C:\Program Files (x86)\InstallShield Installation Information{13605214-8CA9-4B59-90A0-DEBB9A9F68E5}\setup.exe -runfromtemp -l0x040c -removeonly
Windows Live Call–>MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform–>MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}
Windows Live FolderShare–>MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA}
Windows Live Mail–>MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
Windows Live Messenger–>MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live OneCare safety scanner–>“C:\Program Files (x86)\Windows Live Safety Center\UnInstall.exe”
Windows Live OneCare safety scanner–>MsiExec.exe /X{FE0646A7-19D0-41B4-A2BB-2C35D644270D}
Windows Live Writer–>MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}
======Security center information======
AS: Windows Defender
======System event log======
Computer Name: PC-de-Maxime
Event Code: 4226
Message: TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées.
Record Number: 107044
Source Name: Tcpip
Time Written: 20100220001959.003565-000
Event Type: Avertissement
User:
Computer Name: PC-de-Maxime
Event Code: 4226
Message: TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées.
Record Number: 107049
Source Name: Tcpip
Time Written: 20100220011855.239565-000
Event Type: Avertissement
User:
Computer Name: PC-de-Maxime
Event Code: 4226
Message: TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées.
Record Number: 107051
Source Name: Tcpip
Time Written: 20100220113712.328565-000
Event Type: Avertissement
User:
Computer Name: PC-de-Maxime
Event Code: 4001
Message: Le Service dautoconfiguration WLAN sest arrêté correctement.
Record Number: 107060
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20100220130156.578000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
Computer Name: PC-de-Maxime
Event Code: 15016
Message: Impossible dinitialiser le package de sécurité Kerberos pour lauthentification côté serveur. Le champ de données contient le numéro de lerreur.
Record Number: 107072
Source Name: Microsoft-Windows-HttpEvent
Time Written: 20100220130246.035770-000
Event Type: Erreur
User:
=====Application event log=====
Computer Name: PC-de-Maxime
Event Code: 4113
Message: AntiVir a détecté dans le fichier C:\Windows\infocard.exe un code suspect avec la désignation ‘TR/Buzus.dfjk’!
Record Number: 28737
Source Name: Avira AntiVir
Time Written: 20100220020042.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
Computer Name: PC-de-Maxime
Event Code: 4113
Message: AntiVir a détecté dans le fichier C:\Windows\infocard.exe un code suspect avec la désignation ‘TR/Buzus.dfjk’!
Record Number: 28738
Source Name: Avira AntiVir
Time Written: 20100220114748.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
Computer Name: PC-de-Maxime
Event Code: 4113
Message: AntiVir a détecté dans le fichier C:\Windows\infocard.exe un code suspect avec la désignation ‘TR/Buzus.dfjk’!
Record Number: 28739
Source Name: Avira AntiVir
Time Written: 20100220122141.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
Computer Name: PC-de-Maxime
Event Code: 4113
Message: AntiVir a détecté dans le fichier C:\Windows\infocard.exe un code suspect avec la désignation ‘TR/Buzus.dfjk’!
Record Number: 28750
Source Name: Avira AntiVir
Time Written: 20100220130136.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
Computer Name: PC-de-Maxime
Event Code: 10
Message: Le filtre dévénement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA “Win32_Processor” AND TargetInstance.LoadPercentage > 99 » na pas pu être réactivé dans lespace de noms « //./root/CIMV2 » à cause de lerreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé.
Record Number: 28805
Source Name: Microsoft-Windows-WMI
Time Written: 20100220130259.000000-000
Event Type: Erreur
User:
=====Security event log=====
Computer Name: PC-de-Maxime
Event Code: 4616
Message: Lheure du système a été modifiée.
Sujet :
ID de sécurité : S-1-5-19
Nom du compte : SERVICE LOCAL
Domaine du compte : AUTORITE NT
ID douverture de session : 0x3e5
Informations sur le processus :
ID du processus : 0x420
Nom : C:\Windows\System32\svchost.exe
Heure précédente : 10:47:13 07/01/2010
Nouvelle heure : 10:47:13 07/01/2010
Cet événement est généré lorsque lheure du système est modifiée. Le changement régulier de lheure du système est une opération normale de la part du service de temps Windows qui sexécute avec des privilèges système. Mais, dautres modifications de lheure du système peuvent indiquer des tentatives de falsification de lordinateur.
Record Number: 23318
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100107094713.656200-000
Event Type: Succès de l’audit
User:
Computer Name: PC-de-Maxime
Event Code: 4634
Message: Fermeture de session dun compte.
Sujet :
ID de sécurité : S-1-5-7
Nom du compte : ANONYMOUS LOGON
Domaine du compte : AUTORITE NT
ID du compte : 0x29e93
Type douverture de session : 3
Cet événement est généré lorsquune session ouverte est supprimée. Il peut être associé à un événement douverture de session en utilisant la valeur ID douverture de session. Les ID douverture de session ne sont uniques quentre les redémarrages sur un même ordinateur.
Record Number: 23319
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100107094713.749800-000
Event Type: Succès de l’audit
User:
Computer Name: PC-de-Maxime
Event Code: 4608
Message: Windows démarre.
Cet événement est journalisé lorsque LSASS.EXE démarre et que le sous-système daudit est initialisé.
Record Number: 23320
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100107094755.900150-000
Event Type: Succès de l’audit
User:
Computer Name: PC-de-Maxime
Event Code: 4624
Message: Louverture de session dun compte sest correctement déroulée.
Sujet :
ID de sécurité : S-1-0-0
Nom du compte : -
Domaine du compte : -
ID douverture de session : 0x0
Type douverture de session : 0
Nouvelle ouverture de session :
ID de sécurité : S-1-5-18
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
ID douverture de session : 0x3e7
GUID douverture de session : {00000000-0000-0000-0000-000000000000}
Informations sur le processus :
ID du processus : 0x4
Nom du processus :
Informations sur le réseau :
Nom de la station de travail : -
Adresse du réseau source : -
Port source : -
Informations détaillées sur lauthentification :
Processus douverture de session : -
Package dauthentification : -
Services en transit : -
Nom du package (NTLM uniquement) : -
Longueur de la clé : 0
Cet événement est généré lors de la création dune ouverture de session. Il est généré sur lordinateur sur lequel louverture de session a été effectuée.
Le champ Objet indique le compte sur le système local qui a demandé louverture de session. Il sagit le plus souvent dun service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe.
Le champ Type douverture de session indique le type douverture de session qui sest produit. Les types les plus courants sont 2 (interactif) et 3 (réseau).
Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui sest connecté.
Les champs relatifs au réseau indiquent la provenance dune demande douverture de session à distance. Le nom de la station de travail nétant pas toujours disponible, peut être laissé vide dans certains cas.
Les champs relatifs aux informations dauthentification fournissent des détails sur cette demande douverture de session spécifique.
- Le GUID douverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC .
- Les services en transit indiquent les services intermédiaires qui ont participé à cette demande douverture de session.
- Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM.
- La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session na été demandée.
Record Number: 23321
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100107094755.900150-000
Event Type: Succès de l’audit
User:
Computer Name: PC-de-Maxime
Event Code: 4902
Message: La table de stratégie daudit par utilisateur a été créée.
Nombre déléments : 0
ID de la stratégie : 0x13331
Record Number: 23322
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100107094755.993750-000
Event Type: Succès de l’audit
User:
======Environment variables======
“ComSpec”=%SystemRoot%\system32\cmd.exe
“FP_NO_HOST_CHECK”=NO
“OS”=Windows_NT
“Path”=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files (x86)\QuickTime\QTSystem;C:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn
“PATHEXT”=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
“PROCESSOR_ARCHITECTURE”=AMD64
“TEMP”=%SystemRoot%\TEMP
“TMP”=%SystemRoot%\TEMP
“USERNAME”=SYSTEM
“windir”=%SystemRoot%
“PROCESSOR_LEVEL”=6
“PROCESSOR_IDENTIFIER”=Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
“PROCESSOR_REVISION”=170a
“NUMBER_OF_PROCESSORS”=4
“TRACE_FORMAT_SEARCH_PATH”=\NTREL202.ntdev.corp.microsoft.com\34FB5F65-FFEB-4B61-BF0E-A6A76C450FAA\TraceFormat
“DFSTRACINGON”=FALSE
“CLASSPATH”=.;C:\Program Files (x86)\QuickTime\QTSystem\QTJava.zip
“QTJAVA”=C:\Program Files (x86)\QuickTime\QTSystem\QTJava.zip
-----------------EOF-----------------
En espérant que cela puisse t’aider à m’aider
Edité le 20/02/2010 à 14:15