Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrateur at 2009-08-29 15:47:06
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 105 GB (70%) free of 150 GB
Total RAM: 1023 MB (50% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:47:10, on 29/08/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\system32\svchost.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Documents and Settings\Administrateur\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Administrateur.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Regedit32] C:\WINDOWS\system32\regedit.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [braviax] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [braviax] (User 'Default user')
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Service de transfert intelligent en arrière-plan (BITS) - Unknown owner - C:\WINDOWS\
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: Mises à jour automatiques (wuauserv) - Unknown owner - C:\WINDOWS\
End of file - 3665 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\McDefragTask.job
C:\WINDOWS\tasks\McQcTask.job
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2009-06-28 198160]
"braviax"= []
"Regedit32"=C:\WINDOWS\system32\regedit.exe []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5724184]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\SYSTEM32\Ati2evxx.dll [2004-11-24 94208]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-06-14 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Disabled:Microsoft DirectPlay8 Server"
"C:\Program Files\Shareaza\Shareaza.exe"="C:\Program Files\Shareaza\Shareaza.exe:*:Enabled:Shareaza"
"C:\Program Files\Fichiers communs\McAfee\MNA\McNASvc.exe"="C:\Program Files\Fichiers communs\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{06b13628-882e-11de-831d-00112f9009c8}]
shell\autorun\command - G:\stub.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4690c269-7920-11de-8303-00112f9009c8}]
shell\AutoRun\command - G:\Setup.exe
shell\setup\command - G:\setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f818abdc-7d16-11de-8309-00112f9009c8}]
shell\AutoRun\command - G:\MediaManager.exe
======List of files/folders created in the last 1 months======
2009-08-29 15:47:06 ----D---- C:\rsit
2009-08-26 17:52:53 ----D---- C:\Program Files\Trend Micro
2009-08-26 14:33:53 ----A---- C:\WINDOWS\vyvem.vbs
2009-08-26 14:33:53 ----A---- C:\WINDOWS\isurilo.exe
2009-08-26 14:33:53 ----A---- C:\WINDOWS\iqam.bat
2009-08-26 14:33:53 ----A---- C:\WINDOWS\ecedok.com
2009-08-26 14:33:53 ----A---- C:\WINDOWS\caserajin.com
2009-08-26 14:33:53 ----A---- C:\Documents and Settings\All Users\Application Data\ybokeci.com
2009-08-26 14:32:16 ----A---- C:\WINDOWS\urohikuzim.com
2009-08-26 14:32:16 ----A---- C:\WINDOWS\ejymewys.com
2009-08-26 14:32:16 ----A---- C:\Documents and Settings\All Users\Application Data\ryjilizuzi.com
2009-08-22 16:59:53 ----A---- C:\WINDOWS\system32\MPFServiceFailureCount.txt
2009-08-22 15:54:35 ----SHD---- C:\Config.Msi
2009-08-22 15:25:55 ----A---- C:\WINDOWS\zogobidyd.bat
2009-08-22 15:25:55 ----A---- C:\Documents and Settings\Administrateur\Application Data\gynubyzu.exe
2009-08-22 15:25:54 ----A---- C:\Documents and Settings\Administrateur\Application Data\savytuly.bat
2009-08-22 14:57:45 ----D---- C:\Program Files\Lavasoft
2009-08-22 14:57:45 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2009-08-22 14:53:55 ----D---- C:\WINDOWS\Sun
2009-08-21 17:58:17 ----A---- C:\Program Files\Fichiers communs\ijiwo.vbs
2009-08-21 17:58:17 ----A---- C:\Documents and Settings\Administrateur\Application Data\videb.bat
2009-08-21 17:58:16 ----A---- C:\WINDOWS\uqiqyl.com
2009-08-21 17:58:16 ----A---- C:\WINDOWS\ecaduliva.dll
2009-08-21 17:58:16 ----A---- C:\Program Files\Fichiers communs\danilopimy.bat
2009-08-21 17:58:16 ----A---- C:\Documents and Settings\All Users\Application Data\hoby.dll
2009-08-21 17:58:15 ----A---- C:\WINDOWS\yvetekyxox.vbs
2009-08-21 17:58:15 ----A---- C:\WINDOWS\ihacedipi.dll
2009-08-21 17:54:50 ----D---- C:\Documents and Settings\Administrateur\Application Data\Opera
2009-08-21 16:42:59 ----D---- C:\Program Files\Fichiers communs\Thraex Software
2009-08-21 16:30:09 ----D---- C:\Program Files\Shockwave 3D Lights Redux for FS9
2009-08-21 12:52:56 ----A---- C:\WINDOWS\uninstall_Wonderful Madeira.ini
2009-08-21 12:05:58 ----D---- C:\Documents and Settings\Administrateur\Application Data\InstallShield
2009-08-20 18:51:08 ----D---- C:\Program Files\VisualFlight
2009-08-20 17:40:25 ----A---- C:\WINDOWS\system32\PerfStringBackup.TMP
2009-08-20 17:39:53 ----RSD---- C:\WINDOWS\assembly
2009-08-18 15:25:44 ----D---- C:\WINDOWS\Microsoft.NET
2009-08-18 15:21:28 ----A---- C:\WINDOWS\iun506.exe
2009-08-16 10:52:22 ----A---- C:\WINDOWS\eSellerateEngine.dll
2009-08-15 11:23:17 ----D---- C:\Program Files\Shareaza
2009-08-15 11:23:17 ----D---- C:\Documents and Settings\Administrateur\Application Data\Shareaza
2009-08-14 17:23:32 ----D---- C:\Program Files\GE2006
2009-08-13 18:24:14 ----D---- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
2009-08-13 18:23:48 ----D---- C:\Program Files\DAEMON Tools Toolbar
2009-08-13 18:18:16 ----D---- C:\Documents and Settings\Administrateur\Application Data\DAEMON Tools Lite
2009-08-06 15:21:42 ----D---- C:\Documents and Settings\Administrateur\Application Data\GetRightToGo
2009-08-06 15:09:13 ----D---- C:\Program Files\QuickTime
2009-08-06 15:09:11 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2009-08-02 17:17:44 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-08-02 17:17:40 ----D---- C:\Fraps
2009-08-01 23:27:14 ----D---- C:\WINDOWS\San Andreas Mod Installer
2009-08-01 22:28:42 ----D---- C:\Program Files\OO Software
2009-08-01 22:00:49 ----D---- C:\Program Files\PC Inspector File Recovery
2009-07-31 23:08:01 ----A---- C:\WINDOWS\Wininit.ini
2009-07-30 17:42:49 ----D---- C:\Pass Revelator
======List of files/folders modified in the last 1 months======
2009-08-29 15:45:27 ----D---- C:\WINDOWS\Prefetch
2009-08-29 15:25:07 ----D---- C:\Program Files\Mozilla Firefox
2009-08-29 15:25:01 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-08-29 15:25:01 ----D---- C:\WINDOWS\system32
2009-08-29 15:23:10 ----D---- C:\WINDOWS\system32\drivers
2009-08-29 15:22:14 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-08-29 11:31:40 ----D---- C:\WINDOWS
2009-08-28 20:48:56 ----D---- C:\WINDOWS\system32\CatRoot2
2009-08-28 20:07:30 ----RD---- C:\Program Files
2009-08-26 14:33:53 ----D---- C:\Program Files\Fichiers communs
2009-08-26 14:33:24 ----D---- C:\Program Files\McAfee
2009-08-26 13:11:31 ----HD---- C:\WINDOWS\inf
2009-08-26 13:11:31 ----D---- C:\WINDOWS\Temp
2009-08-26 13:10:33 ----D---- C:\WINDOWS\system32\CatRoot
2009-08-25 20:17:56 ----D---- C:\Media
2009-08-23 16:06:44 ----SD---- C:\WINDOWS\Tasks
2009-08-23 14:21:54 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-08-22 15:54:34 ----SHD---- C:\WINDOWS\Installer
2009-08-22 15:54:27 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-08-22 14:57:35 ----D---- C:\WINDOWS\WinSxS
2009-08-21 18:09:31 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-08-21 18:02:35 ----D---- C:\Documents and Settings\Administrateur\Application Data\uTorrent
2009-08-21 17:54:50 ----A---- C:\WINDOWS\win.ini
2009-08-21 15:32:20 ----HD---- C:\Program Files\InstallShield Installation Information
2009-08-21 10:30:32 ----D---- C:\WINDOWS\system32\spool
2009-08-20 17:39:09 ----D---- C:\WINDOWS\system32\mui
2009-08-20 17:39:09 ----D---- C:\Program Files\Internet Explorer
2009-08-20 17:38:51 ----D---- C:\WINDOWS\pchealth
2009-08-20 12:53:17 ----SD---- C:\Documents and Settings\Administrateur\Application Data\Microsoft
2009-08-20 12:32:03 ----D---- C:\Program Files\Microsoft Games
2009-08-20 12:17:16 ----D---- C:\WINDOWS\system32\Restore
2009-08-20 12:17:15 ----D---- C:\WINDOWS\system32\Com
2009-08-20 12:17:15 ----D---- C:\WINDOWS\repair
2009-08-20 12:16:24 ----D---- C:\WINDOWS\system32\oobe
2009-08-20 12:16:20 ----D---- C:\WINDOWS\SoftwareDistribution
2009-08-20 12:16:20 ----D---- C:\WINDOWS\Registration
2009-08-20 12:16:16 ----D---- C:\WINDOWS\ime
2009-08-19 16:26:40 ----D---- C:\Program Files\Video Convert Master
2009-08-16 10:37:48 ----RSD---- C:\WINDOWS\Fonts
2009-08-14 19:29:24 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-08-14 15:54:59 ----D---- C:\WINDOWS\Downloaded Installations
2009-08-14 11:20:10 ----D---- C:\Documents and Settings\Administrateur\Application Data\LimeWire
2009-08-06 15:02:25 ----D---- C:\Documents and Settings\Administrateur\Application Data\Download Manager
2009-08-06 14:54:31 ----D---- C:\Documents and Settings\Administrateur\Application Data\Adobe
2009-08-02 17:57:42 ----D---- C:\WINDOWS\Minidump
2009-08-01 23:28:00 ----D---- C:\WINDOWS\system32\config
2009-08-01 23:27:49 ----D---- C:\WINDOWS\system32\wbem
2009-07-31 22:10:44 ----D---- C:\Program Files\Fichiers communs\InstallShield
2009-07-30 22:27:34 ----D---- C:\Documents and Settings\Administrateur\Application Data\Any Video Converter
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 40576]
R1 mfehidk;McAfee Inc. mfehidk; C:\WINDOWS\system32\drivers\mfehidk.sys [2009-07-08 214024]
R1 MPFP;MPFP; C:\WINDOWS\System32\Drivers\Mpfp.sys [2009-07-16 120136]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-11-24 872960]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-04-15 2564032]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\WINDOWS\system32\drivers\mfeavfk.sys [2009-07-08 79816]
R3 mfebopk;McAfee Inc. mfebopk; C:\WINDOWS\system32\drivers\mfebopk.sys [2009-07-08 35272]
R3 mfesmfk;McAfee Inc. mfesmfk; C:\WINDOWS\system32\drivers\mfesmfk.sys [2009-07-08 40552]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 P1110VID;Creative WebCam NX; C:\WINDOWS\system32\DRIVERS\P1110VID.sys [2003-05-14 90357]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-06-28 47360]
R3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 434aafc4;434aafc4; C:\WINDOWS\System32\drivers\434aafc4.sys []
S1 c57f3b03;c57f3b03; C:\WINDOWS\System32\drivers\c57f3b03.sys []
S1 c71b25cf;c71b25cf; C:\WINDOWS\System32\drivers\c71b25cf.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 mferkdk;McAfee Inc. mferkdk; C:\WINDOWS\system32\drivers\mferkdk.sys [2009-07-08 34248]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-06-14 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-06-14 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2004-11-24 425984]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-06 152984]
R2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2009-07-10 865832]
R2 McNASvc;McAfee Network Agent; c:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe [2009-07-07 2482848]
R2 McProxy;McAfee Proxy Service; c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe [2009-07-08 359952]
R2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2009-07-08 144704]
R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2009-07-10 894136]
R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\McAfee\MSK\MskSrver.exe [2009-07-08 26640]
R3 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2009-07-08 606736]
R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-06-22 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-06-28 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2009-07-08 365072]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2009-06-09 89136]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-06-09 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S4 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2004-11-24 516096]
S4 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-06-28 655624]
S4 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [2009-02-11 210216]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.06 2009-08-29 15:47:13
======Uninstall list======
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CA9EC1C6-3B51-11D6-B1A9-BCD2747AA951}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CA9EC1C6-3B51-11D6-B1A9-BCD2747AA951}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D43F13A1-1E39-4BD4-9682-DF889FE75421}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D43F13A1-1E39-4BD4-9682-DF889FE75421}\setup.exe" -l0x40c /remove
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
©I°¢ïw©IµÄRealONE½âÂëÆ÷-->C:\WINDOWS\unvise32.exe C:\Program Files\Common Files\uninstal.log
Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8}
Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-1033-0000-0000-000000000001}
Adobe Bridge CS4-->MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0}
Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}
Adobe Color - Photoshop Specific CS4-->MsiExec.exe /I{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}
Adobe Color EU Recommended Settings CS4-->MsiExec.exe /I{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}
Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F}
Adobe Color NA Extra Settings CS4-->MsiExec.exe /I{098A2A49-7CF3-4F08-A38D-FB879117152A}
Adobe Color Video Profiles CS CS4-->MsiExec.exe /I{63C24A08-70F3-4C8E-B9FB-9F21A903801D}
Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
Adobe CSI CS4-->MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF}
Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}
Adobe ExtendScript Toolkit CS4-->MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Fonts All-->MsiExec.exe /I{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}
Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
Adobe Linguistics CS4-->MsiExec.exe /I{931AB7EA-3656-4BB7-864D-022B09E3DD67}
Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A}
Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353}
Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
Adobe Photoshop CS4 Support-->MsiExec.exe /I{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}
Adobe Photoshop CS4-->C:\Program Files\Fichiers communs\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\Setup.exe --uninstall=1
Adobe Photoshop CS4-->MsiExec.exe /I{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}
Adobe Photoshop CS4-->MsiExec.exe /I{E4848436-0345-47E2-B648-8B522FCDA623}
Adobe Reader 7.0.5 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70500000002}
Adobe Search for Help-->MsiExec.exe /I{F0E64E2E-3A60-40D8-A55D-92F6831875DA}
Adobe Service Manager Extension-->MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}
Adobe Setup-->MsiExec.exe /I{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}
Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001}
Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}
Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}
Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}
AdobeColorCommonSetCMYK-->MsiExec.exe /I{68243FF8-83CA-466B-B2B8-9F99DA5479C4}
AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}
aerosoft's - German Airports 3 - Hamburg-->C:\Program Files\InstallShield Installation Information\{D234EAC0-7D49-492F-97EC-8FA09FD7C1C4}\setup.exe -runfromtemp -l0x0009 -removeonly
aerosoft's - German Airports 4 - FS2004-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{674D3526-6B4F-468A-9802-1130A39B1562}\Setup.exe" -uninst
aerosoft's - London Heathrow 2008-->C:\Program Files\InstallShield Installation Information\{C0A6901F-C919-47A3-A4D9-E2056314086B}\setup.exe -runfromtemp -l0x0009 -uninst -removeonly
aerosoft's - Madrid 2008-->C:\Program Files\InstallShield Installation Information\{0FC39141-1BB8-4C29-9D74-A6710131B74F}\setup.exe -runfromtemp -l0x0009 -uninst -removeonly
aerosoft's - Mega Airport Frankfurt - FS2004-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34BDC9DA-9320-491C-AA40-B0D98A0EBA9C}\Setup.exe" -uninst
aerosoft's - Mega Airport Paris CDG-->C:\Program Files\InstallShield Installation Information\{51D199F4-5593-4BC9-B2A5-BB1CDE0C894A}\setup.exe -runfromtemp -l0x0009 -removeonly
aerosoft's - Wonderful Madeira - FS2004-->"C:\Program Files\Microsoft Games\flight simulator 9\uninstall_Wonderful Madeira.exe"
Analyseur et SDK MSXML 4.0 SP2-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
Any Video Converter 2.7.5-->"C:\Program Files\Any Video Converter\unins000.exe"
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
CLOUD9 Amsterdam 1.04-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2874FFC3-24DA-4BE7-B122-0573CED08A98}\Setup.exe" -l0x9
CLOUD9 Bergen FS9 1.01-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{33EB5D57-E4AB-4282-8E3A-277719688055}\Setup.exe" -l0x9
CLOUD9 LosAngeles 1.01-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8440C171-F033-4410-B099-5BE38273A13B}\Setup.exe" -l0x9
CLOUD9 Washington 1.01-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5D5ADABE-6247-4EDB-B0B5-0D4693EFC7E5}\Setup.exe" -l0x9
ColAirports - Medellin SKRG-->C:\Program Files\Microsoft Games\flight simulator 9\UnInstall_SKGR.exe
Connect-->MsiExec.exe /I{B29AD377-CC12-490A-A480-1452337C618D}
Creative WebCam NX Driver (1.02.01.0827)-->C:\WINDOWS\CtDrvIns.exe -uninstall -script P1110.uns -unsext NT -plugin p1110pin.dll -pluginres p1110pin.crl
CueClub-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\Real\RealGames\CueClub\setup.exe"
CYUL v1.1.1 for FS9-->MsiExec.exe /X{4C9C5A71-3C7B-422D-B98D-4722CD1FE8B1}
DAEMON Tools Toolbar-->C:\Program Files\DAEMON Tools Toolbar\uninst.exe
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
ffdshow [rev 2975] [2009-05-28]-->"C:\Program Files\ffdshow\unins000.exe"
Fraps (remove only)-->"C:\Fraps\uninstall.exe"
FreeZ-->C:\Program Files\Microsoft Games\flight simulator 9\Addon Scenery\FreeZ\FreeZ_Uninstall.exe
FSDT & Cloud9 1.00-->C:\Program Files\Microsoft Games\flight simulator 9\Modules\Uninstall.exe
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Ground Environment-->C:\Program Files\Microsoft Games\flight simulator 9\GEUninstal.exe
GTA San Andreas-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\setup.exe" -l0x40c -removeonly
Hatem AI TRAFFIC 1.1-->C:\Program Files\Microsoft Games\flight simulator 9\Uninstall.exe
HijackThis 2.0.2-->"C:\Documents and Settings\Administrateur\Bureau\HijackThis.exe" /uninstall
Java(TM) 6 Update 14-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216014FF}
K-Lite Codec Pack 5.0.0 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
KMSP v1.1.1 for FS2004-->MsiExec.exe /I{98297A57-368B-4FC3-A236-5BDEBB0C3702}
kuler-->MsiExec.exe /I{098727E1-775A-4450-B573-3F441F1CA243}
LimeWire 5.2.8-->"C:\Program Files\LimeWire\uninstall.exe"
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
McAfee SecurityCenter-->C:\Program Files\McAfee\MSC\mcuninst.exe
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Flight Simulator 2004 Un siècle d'aviation-->"C:\Program Files\Microsoft Games\flight simulator 9\UNINSTAL.EXE" /runtemp /addremove
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (3.0.13)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML4 Parser-->MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13}
PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}
Photoshop Camera Raw-->MsiExec.exe /I{CC75AB5C-2110-4A7F-AF52-708680D22FE8}
QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" REMOVE
Remove UK2000 Birmingham Xtreme files-->C:\WINDOWS\iun506.exe C:\Program Files\Microsoft Games\Flight Simulator 9\UK2000 scenery\UK2000 Birmingham Xtreme\irunin.ini
SAEZ-SVMI v1.1.1 for FS9-->MsiExec.exe /X{2E4758A4-F036-4137-8FC1-93D02DEEE61E}
Shareaza 2.4.0.0-->"C:\Program Files\Shareaza\Uninstall\unins000.exe"
Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434}
The Very Singapore-->D:\Program Files\Microsoft Games\Flight Simulator 9\Addon Scenery\TheVerySingapore\Uninstal.exe
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
Video Convert Master 8.0.10.1032-->"C:\Program Files\Video Convert Master\unins000.exe"
Virtual DJ Home Edition - Atomix Productions-->C:\PROGRA~1\VIRTUA~1\UNWISE.EXE C:\PROGRA~1\VIRTUA~1\INSTALL.LOG
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
Visual Flight London-->C:\Program Files\VisualFlight\\VisualFlightLondon1.2aUninstall.exe
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
=====HijackThis Backups=====
O4 - HKUS\S-1-5-18\..\Run: [braviax] (User 'SYSTEM') [2009-08-26]
O4 - HKUS\.DEFAULT\..\Run: [braviax] (User 'Default user') [2009-08-26]
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [2009-08-26]
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-26]
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2009-08-26]
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-08-26]
O4 - HKLM\..\Run: [Regedit32] C:\WINDOWS\system32\regedit.exe [2009-08-26]
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE RÉSEAU') [2009-08-26]
O23 - Service: Service de transfert intelligent en arrière-plan (BITS) - Unknown owner - C:\WINDOWS\ [2009-08-26]
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE LOCAL') [2009-08-26]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = google.net-studio.org [2009-08-26]
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe [2009-08-26]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer [2009-08-26]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = [2009-08-26]
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey [2009-08-26]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = [2009-08-26]
O4 - HKUS\S-1-5-18\..\Run: [braviax] (User 'SYSTEM') [2009-08-26]
O4 - HKUS\.DEFAULT\..\Run: [braviax] (User 'Default user') [2009-08-26]
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background [2009-08-26]
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe [2009-08-26]
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe [2009-08-26]
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe [2009-08-26]
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2009-08-26]
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe [2009-08-26]
O23 - Service: Mises à jour automatiques (wuauserv) - Unknown owner - C:\WINDOWS\ [2009-08-26]
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2009-08-26]
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2009-08-26]
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe [2009-08-26]
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2009-08-26]
O4 - HKUS\.DEFAULT\..\Run: [braviax] (User 'Default user') [2009-08-27]
O4 - HKUS\S-1-5-18\..\Run: [braviax] (User 'SYSTEM') [2009-08-27]
O23 - Service: Service de transfert intelligent en arrière-plan (BITS) - Unknown owner - C:\WINDOWS\ [2009-08-27]
O23 - Service: Mises à jour automatiques (wuauserv) - Unknown owner - C:\WINDOWS\ [2009-08-27]
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE RÉSEAU') [2009-08-27]
O23 - Service: Service de transfert intelligent en arrière-plan (BITS) - Unknown owner - C:\WINDOWS\ [2009-08-27]
O23 - Service: Mises à jour automatiques (wuauserv) - Unknown owner - C:\WINDOWS\ [2009-08-27]
O23 - Service: Mises à jour automatiques (wuauserv) - Unknown owner - C:\WINDOWS\ [2009-08-27]
O23 - Service: Mises à jour automatiques (wuauserv) - Unknown owner - C:\WINDOWS\ [2009-08-27]
O23 - Service: Service de transfert intelligent en arrière-plan (BITS) - Unknown owner - C:\WINDOWS\ [2009-08-27]
O23 - Service: Mises à jour automatiques (wuauserv) - Unknown owner - C:\WINDOWS\ [2009-08-27]
O23 - Service: Mises à jour automatiques (wuauserv) - Unknown owner - C:\WINDOWS\ [2009-08-27]
O23 - Service: Service de transfert intelligent en arrière-plan (BITS) - Unknown owner - C:\WINDOWS\ [2009-08-27]
O23 - Service: Service de transfert intelligent en arrière-plan (BITS) - Unknown owner - C:\WINDOWS\ [2009-08-27]
O23 - Service: Mises à jour automatiques (wuauserv) - Unknown owner - C:\WINDOWS\ [2009-08-27]
O23 - Service: Mises à jour automatiques (wuauserv) - Unknown owner - C:\WINDOWS\ [2009-08-27]
O23 - Service: Mises à jour automatiques (wuauserv) - Unknown owner - C:\WINDOWS\ [2009-08-27]
O23 - Service: Service de transfert intelligent en arrière-plan (BITS) - Unknown owner - C:\WINDOWS\ [2009-08-27]
O23 - Service: Service de transfert intelligent en arrière-plan (BITS) - Unknown owner - C:\WINDOWS\ [2009-08-28]
O23 - Service: Mises à jour automatiques (wuauserv) - Unknown owner - C:\WINDOWS\ [2009-08-28]
O23 - Service: Mises à jour automatiques (wuauserv) - Unknown owner - C:\WINDOWS\ [2009-08-28]
O4 - HKUS\S-1-5-18\..\Run: [braviax] (User 'SYSTEM') [2009-08-28]
O4 - HKUS\.DEFAULT\..\Run: [braviax] (User 'Default user') [2009-08-28]
O4 - HKLM\..\Run: [Regedit32] C:\WINDOWS\system32\regedit.exe [2009-08-28]
O23 - Service: Mises à jour automatiques (wuauserv) - Unknown owner - C:\WINDOWS\ [2009-08-28]
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [2009-08-28]
O4 - HKLM\..\Run: [Regedit32] C:\WINDOWS\system32\regedit.exe [2009-08-28]
O23 - Service: Service de transfert intelligent en arrière-plan (BITS) - Unknown owner - C:\WINDOWS\ [2009-08-28]
O4 - HKUS\S-1-5-18\..\Run: [braviax] (User 'SYSTEM') [2009-08-28]
O4 - HKUS\.DEFAULT\..\Run: [braviax] (User 'Default user') [2009-08-28]
======Security center information======
AV: McAfee VirusScan
FW: McAfee Personal Firewall
======System event log======
Computer Name: ORDINATEUR
Event Code: 64005
Message: Le fichier système protégé beep.sys n'a pas été restauré à sa version originale et valide
car le processus de restauration de la protection des fichiers Windows a été annulé
par une action d'un utilisateur. Le nom d'utilisateur est Administrateur.
La version du fichier incorrect est Inconnu.
Record Number: 5905
Source Name: Windows File Protection
Time Written: 20090821172743.000000+060
Event Type: Informations
User:
Computer Name: ORDINATEUR
Event Code: 64005
Message: Le fichier système protégé beep.sys n'a pas été restauré à sa version originale et valide
car le processus de restauration de la protection des fichiers Windows a été annulé
par une action d'un utilisateur. Le nom d'utilisateur est Administrateur.
La version du fichier incorrect est Inconnu.
Record Number: 5904
Source Name: Windows File Protection
Time Written: 20090821172743.000000+060
Event Type: Informations
User:
Computer Name: ORDINATEUR
Event Code: 64005
Message: Le fichier système protégé beep.sys n'a pas été restauré à sa version originale et valide
car le processus de restauration de la protection des fichiers Windows a été annulé
par une action d'un utilisateur. Le nom d'utilisateur est Administrateur.
La version du fichier incorrect est Inconnu.
Record Number: 5903
Source Name: Windows File Protection
Time Written: 20090821172743.000000+060
Event Type: Informations
User:
Computer Name: ORDINATEUR
Event Code: 64005
Message: Le fichier système protégé beep.sys n'a pas été restauré à sa version originale et valide
car le processus de restauration de la protection des fichiers Windows a été annulé
par une action d'un utilisateur. Le nom d'utilisateur est Administrateur.
La version du fichier incorrect est Inconnu.
Record Number: 5902
Source Name: Windows File Protection
Time Written: 20090821172743.000000+060
Event Type: Informations
User:
Computer Name: ORDINATEUR
Event Code: 64005
Message: Le fichier système protégé beep.sys n'a pas été restauré à sa version originale et valide
car le processus de restauration de la protection des fichiers Windows a été annulé
par une action d'un utilisateur. Le nom d'utilisateur est Administrateur.
La version du fichier incorrect est Inconnu.
Record Number: 5901
Source Name: Windows File Protection
Time Written: 20090821172743.000000+060
Event Type: Informations
User:
=====Application event log=====
Computer Name: ORDINATEUR
Event Code: 100
Message: msnmsgr (2772) Le moteur de base de données 5.01.2600.5512 est démarré.
Record Number: 5201
Source Name: ESENT
Time Written: 20090817180354.000000+060
Event Type: Informations
User:
Computer Name: ORDINATEUR
Event Code: 101
Message: msnmsgr (2772) Le moteur de base de données est arrêté.
Record Number: 5200
Source Name: ESENT
Time Written: 20090817180301.000000+060
Event Type: Informations
User:
Computer Name: ORDINATEUR
Event Code: 103
Message: msnmsgr (2772) \\.\C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Messenger\sara____miss@hotmail.com\SharingMetadata\Working\database_4CE8_F7F7_E8F7_DCE0\dfsr.db: Le moteur de base de données a arrêté une instance (0).
Record Number: 5199
Source Name: ESENT
Time Written: 20090817180301.000000+060
Event Type: Informations
User:
Computer Name: ORDINATEUR
Event Code: 102
Message: msnmsgr (2772) \\.\C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Messenger\sara____miss@hotmail.com\SharingMetadata\Working\database_4CE8_F7F7_E8F7_DCE0\dfsr.db: Le moteur de base de données a démarré une nouvelle instance (0).
Record Number: 5198
Source Name: ESENT
Time Written: 20090817180233.000000+060
Event Type: Informations
User:
Computer Name: ORDINATEUR
Event Code: 100
Message: msnmsgr (2772) Le moteur de base de données 5.01.2600.5512 est démarré.
Record Number: 5197
Source Name: ESENT
Time Written: 20090817180233.000000+060
Event Type: Informations
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SYSTEMROOT%\SYSTEM32;%SYSTEMROOT%;%SYSTEMROOT%\SYSTEM32\WBEM;C:\PROGRAM FILES\FICHIERS COMMUNS\ADOBE\AGL;C:\WINDOWS;C:\WINDOWS\SYSTEM32\WBEM;C:\WINDOWS\SYSTEM32;;C:\PROGRAM FILES\FICHIERS COMMUNS\DIVX SHARED\;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 3 Stepping 4, GenuineIntel
"PROCESSOR_REVISION"=0304
"NUMBER_OF_PROCESSORS"=2
"TEMP"=%USERPROFILE%\Local Settings\Temp
"TMP"=%USERPROFILE%\Local Settings\Temp
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
-----------------EOF-----------------
Anti virus gratuit
