Aller au contenu

lacaille91

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    337

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par lacaille91

  1. lacaille91
    bonjour! voila lorsque je demarre firefox tout semble normal, quand je le ferme et veux passer ccleaner il me dit qu'il est rester ouvert je verifie dans gestionnaire de tache et il apparait je stop le processus. Je passe ccleaner tout fonctionne. Je relance firefox il me dit session mal fermer voulez voulez restaurer et la c'est 3 pages avec adresse "http://infomoneyservice.com/3/blank.php" site que je ne connais pas. J'ai passez antimalware il me detecte rien. Voila mon rapport hijack Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 09:31:50, on 20/07/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\RunDLL32.exe C:\Program Files\Calendrier\Cld2000.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\ManyCam 2.4\ManyCam.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\Outlook Express\msimn.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\trend micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = Google R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5555 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [Cld2000.exe] C:\Program Files\Calendrier\Cld2000.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ManyCam] "C:\Program Files\ManyCam 2.4\ManyCam.exe" O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.zebulon.fr/outils/antivirus/kavwebscan_unicode.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1215344624765 O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe -- End of file - 6444 bytes merci a vous.
  2. lacaille91
    non je n'ai plus d'alerte! est ce que je dois supprimer mes points de restaurations? merci
  3. lacaille91
    re! voila j'ai supprimer les fichiers nommes par Mbam et voici le rapport avira: Avira AntiVir Personal Date de création du fichier de rapport : jeudi 27 mai 2010 19:26 La recherche porte sur 2166874 souches de virus. Détenteur de la licence : Avira AntiVir Personal - FREE Antivirus Numéro de série : 0000149996-ADJIE-0000001 Plateforme : Windows XP Version de Windows : (Service Pack 2) [5.1.2600] Mode Boot : Démarré normalement Identifiant : SYSTEM Nom de l'ordinateur : XPSP2-209D8CC83 Informations de version : BUILD.DAT : 9.0.0.75 21698 Bytes 22/01/2010 23:14:00 AVSCAN.EXE : 9.0.3.10 466689 Bytes 13/10/2009 10:25:46 AVSCAN.DLL : 9.0.3.0 49409 Bytes 03/03/2009 09:21:02 LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 10:35:11 LUKERES.DLL : 9.0.2.0 13569 Bytes 03/03/2009 09:21:31 VBASE000.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 09:18:26 VBASE001.VDF : 7.10.1.0 1372672 Bytes 19/11/2009 09:18:26 VBASE002.VDF : 7.10.3.1 3143680 Bytes 20/01/2010 09:18:26 VBASE003.VDF : 7.10.3.75 996864 Bytes 26/01/2010 09:18:26 VBASE004.VDF : 7.10.4.203 1579008 Bytes 05/03/2010 12:14:12 VBASE005.VDF : 7.10.6.82 2494464 Bytes 15/04/2010 08:32:53 VBASE006.VDF : 7.10.6.83 2048 Bytes 15/04/2010 08:32:53 VBASE007.VDF : 7.10.6.84 2048 Bytes 15/04/2010 08:32:53 VBASE008.VDF : 7.10.6.85 2048 Bytes 15/04/2010 08:32:53 VBASE009.VDF : 7.10.6.86 2048 Bytes 15/04/2010 08:32:54 VBASE010.VDF : 7.10.6.87 2048 Bytes 15/04/2010 08:32:54 VBASE011.VDF : 7.10.6.88 2048 Bytes 15/04/2010 08:32:54 VBASE012.VDF : 7.10.6.89 2048 Bytes 15/04/2010 08:32:54 VBASE013.VDF : 7.10.6.90 2048 Bytes 15/04/2010 08:32:54 VBASE014.VDF : 7.10.6.123 126464 Bytes 19/04/2010 07:31:23 VBASE015.VDF : 7.10.6.152 123392 Bytes 21/04/2010 06:33:54 VBASE016.VDF : 7.10.6.178 122880 Bytes 22/04/2010 06:33:54 VBASE017.VDF : 7.10.6.206 120320 Bytes 26/04/2010 18:05:10 VBASE018.VDF : 7.10.6.232 99328 Bytes 28/04/2010 18:05:10 VBASE019.VDF : 7.10.7.2 155648 Bytes 30/04/2010 18:05:11 VBASE020.VDF : 7.10.7.26 119808 Bytes 04/05/2010 18:02:07 VBASE021.VDF : 7.10.7.51 118272 Bytes 06/05/2010 18:00:36 VBASE022.VDF : 7.10.7.75 404992 Bytes 10/05/2010 09:32:57 VBASE023.VDF : 7.10.7.100 125440 Bytes 13/05/2010 09:33:15 VBASE024.VDF : 7.10.7.119 177664 Bytes 17/05/2010 13:47:30 VBASE025.VDF : 7.10.7.139 129024 Bytes 19/05/2010 16:39:47 VBASE026.VDF : 7.10.7.157 145920 Bytes 21/05/2010 08:02:43 VBASE027.VDF : 7.10.7.173 147456 Bytes 25/05/2010 11:24:54 VBASE028.VDF : 7.10.7.174 2048 Bytes 25/05/2010 11:24:54 VBASE029.VDF : 7.10.7.175 2048 Bytes 25/05/2010 11:24:55 VBASE030.VDF : 7.10.7.176 2048 Bytes 25/05/2010 11:24:55 VBASE031.VDF : 7.10.7.186 120320 Bytes 27/05/2010 15:35:23 Version du moteur : 8.2.1.242 AEVDF.DLL : 8.1.2.0 106868 Bytes 24/04/2010 06:33:58 AESCRIPT.DLL : 8.1.3.29 1343866 Bytes 13/05/2010 09:33:13 AESCN.DLL : 8.1.6.1 127347 Bytes 13/05/2010 09:33:12 AESBX.DLL : 8.1.3.1 254324 Bytes 24/04/2010 06:33:58 AERDL.DLL : 8.1.4.6 541043 Bytes 16/04/2010 08:34:45 AEPACK.DLL : 8.2.1.1 426358 Bytes 19/03/2010 20:04:44 AEOFFICE.DLL : 8.1.1.0 201081 Bytes 13/05/2010 09:33:11 AEHEUR.DLL : 8.1.1.27 2670967 Bytes 05/05/2010 18:02:18 AEHELP.DLL : 8.1.11.3 242039 Bytes 02/04/2010 10:36:17 AEGEN.DLL : 8.1.3.9 377203 Bytes 13/05/2010 09:33:11 AEEMU.DLL : 8.1.2.0 393588 Bytes 24/04/2010 06:33:56 AECORE.DLL : 8.1.15.3 192886 Bytes 13/05/2010 09:33:11 AEBB.DLL : 8.1.1.0 53618 Bytes 24/04/2010 06:33:56 AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 07:47:30 AVPREF.DLL : 9.0.3.0 44289 Bytes 26/08/2009 14:13:31 AVREP.DLL : 8.0.0.7 159784 Bytes 04/03/2010 12:02:38 AVREG.DLL : 9.0.0.0 36609 Bytes 07/11/2008 14:24:42 AVARKT.DLL : 9.0.0.3 292609 Bytes 24/03/2009 14:05:22 AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 09:36:37 SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 14:03:49 SMTPLIB.DLL : 9.2.0.25 28417 Bytes 02/02/2009 07:20:57 NETNT.DLL : 9.0.0.0 11521 Bytes 07/11/2008 14:40:59 RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 17/06/2009 12:44:26 RCTEXT.DLL : 9.0.73.0 88321 Bytes 02/11/2009 15:58:32 Configuration pour la recherche actuelle : Nom de la tâche...............................: Contrôle intégral du système Fichier de configuration......................: c:\program files\avira\antivir desktop\sysscan.avp Documentation.................................: bas Action principale.............................: réparer Action secondaire.............................: renommer Recherche sur les secteurs d'amorçage maître..: marche Recherche sur les secteurs d'amorçage.........: marche Secteurs d'amorçage...........................: C:, D:, E:, F:, G:, Recherche dans les programmes actifs..........: marche Recherche en cours sur l'enregistrement.......: marche Recherche de Rootkits.........................: marche Contrôle d'intégrité de fichiers système......: arrêt Fichier mode de recherche.....................: Tous les fichiers Recherche sur les archives....................: marche Limiter la profondeur de récursivité..........: 20 Archive Smart Extensions......................: marche Heuristique de macrovirus.....................: marche Heuristique fichier...........................: moyen Catégories de dangers divergentes.............: +APPL,+GAME,+JOKE,+PCK,+PFS,+SPR, Début de la recherche : jeudi 27 mai 2010 19:26 La recherche d'objets cachés commence. '41851' objets ont été contrôlés, '0' objets cachés ont été trouvés. La recherche sur les processus démarrés commence : Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés Processus de recherche 'firefox.exe' - '1' module(s) sont contrôlés Processus de recherche 'newsLeecher.exe' - '1' module(s) sont contrôlés Processus de recherche 'alg.exe' - '1' module(s) sont contrôlés Processus de recherche 'dllhost.exe' - '1' module(s) sont contrôlés Processus de recherche 'wscntfy.exe' - '1' module(s) sont contrôlés Processus de recherche 'msnmsgr.exe' - '1' module(s) sont contrôlés Processus de recherche 'ctfmon.exe' - '1' module(s) sont contrôlés Processus de recherche 'LVComSer.exe' - '1' module(s) sont contrôlés Processus de recherche 'Cld2000.exe' - '1' module(s) sont contrôlés Processus de recherche 'jusched.exe' - '1' module(s) sont contrôlés Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés Processus de recherche 'Communications_Helper.exe' - '1' module(s) sont contrôlés Processus de recherche 'dllhost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'LVComSer.exe' - '1' module(s) sont contrôlés Processus de recherche 'jqs.exe' - '1' module(s) sont contrôlés Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés Processus de recherche 'LVPrcSrv.exe' - '1' module(s) sont contrôlés Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés Processus de recherche 'services.exe' - '1' module(s) sont contrôlés Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés '31' processus ont été contrôlés avec '31' modules La recherche sur les secteurs d'amorçage maître commence : Secteur d'amorçage maître HD0 [iNFO] Aucun virus trouvé ! Secteur d'amorçage maître HD1 [iNFO] Aucun virus trouvé ! La recherche sur les secteurs d'amorçage commence : Secteur d'amorçage 'C:\' [iNFO] Aucun virus trouvé ! Secteur d'amorçage 'D:\' [iNFO] Aucun virus trouvé ! Secteur d'amorçage 'E:\' [iNFO] Aucun virus trouvé ! Secteur d'amorçage 'F:\' [iNFO] Aucun virus trouvé ! Secteur d'amorçage 'G:\' [iNFO] Aucun virus trouvé ! La recherche sur les renvois aux fichiers exécutables (registre) commence : Le registre a été contrôlé ( '42' fichiers). La recherche sur les fichiers sélectionnés commence : Recherche débutant dans 'C:\' C:\pagefile.sys [AVERTISSEMENT] Impossible d'ouvrir le fichier ! [REMARQUE] Ce fichier est un fichier système Windows. [REMARQUE] Il est correct que ce fichier ne puisse pas être ouvert pour la recherche. C:\System Volume Information\_restore{00248B94-3747-4025-9C76-7402C4B80F0A}\RP5 49\A0332190.sys [RESULTAT] Contient le cheval de Troie TR/Crypt.ZPACK.Gen [REMARQUE] Une copie de sécurité a été créée sous le nom 4c31b100.qua ( QUARANTAINE ) [REMARQUE] Le fichier a été renommé en 'A0332190.sys.VIR' ! C:\System Volume Information\_restore{00248B94-3747-4025-9C76-7402C4B80F0A}\RP5 49\A0332191.sys [RESULTAT] Contient le cheval de Troie TR/Crypt.ZPACK.Gen [REMARQUE] Une copie de sécurité a été créée sous le nom 4d2141b1.qua ( QUARANTAINE ) [REMARQUE] Le fichier a été renommé en 'A0332191.sys.VIR' ! C:\System Volume Information\_restore{00248B94-3747-4025-9C76-7402C4B80F0A}\RP5 49\A0332192.sys [RESULTAT] Contient le cheval de Troie TR/Crypt.ZPACK.Gen [REMARQUE] Une copie de sécurité a été créée sous le nom 4c31b102.qua ( QUARANTAINE ) [REMARQUE] Le fichier a été renommé en 'A0332192.sys.VIR' ! C:\System Volume Information\_restore{00248B94-3747-4025-9C76-7402C4B80F0A}\RP5 49\A0332193.sys [RESULTAT] Contient le cheval de Troie TR/Crypt.ZPACK.Gen [REMARQUE] Une copie de sécurité a été créée sous le nom 4c31b101.qua ( QUARANTAINE ) [REMARQUE] Le fichier a été renommé en 'A0332193.sys.VIR' ! C:\System Volume Information\_restore{00248B94-3747-4025-9C76-7402C4B80F0A}\RP5 49\A0332194.sys [RESULTAT] Contient le cheval de Troie TR/Crypt.ZPACK.Gen [REMARQUE] Une copie de sécurité a été créée sous le nom 4d2141b2.qua ( QUARANTAINE ) [REMARQUE] Le fichier a été renommé en 'A0332194.sys.VIR' ! C:\System Volume Information\_restore{00248B94-3747-4025-9C76-7402C4B80F0A}\RP5 49\A0332195.sys [RESULTAT] Contient le cheval de Troie TR/Crypt.ZPACK.Gen [REMARQUE] Une copie de sécurité a été créée sous le nom 4c31b103.qua ( QUARANTAINE ) [REMARQUE] Le fichier a été renommé en 'A0332195.sys.VIR' ! C:\System Volume Information\_restore{00248B94-3747-4025-9C76-7402C4B80F0A}\RP5 49\A0332196.sys [RESULTAT] Contient le cheval de Troie TR/Crypt.ZPACK.Gen [REMARQUE] Une copie de sécurité a été créée sous le nom 4d2141b4.qua ( QUARANTAINE ) [REMARQUE] Le fichier a été renommé en 'A0332196.sys.VIR' ! C:\System Volume Information\_restore{00248B94-3747-4025-9C76-7402C4B80F0A}\RP5 49\A0332197.sys [RESULTAT] Contient le cheval de Troie TR/Crypt.ZPACK.Gen [REMARQUE] Une copie de sécurité a été créée sous le nom 4c31b105.qua ( QUARANTAINE ) [REMARQUE] Le fichier a été renommé en 'A0332197.sys.VIR' ! C:\System Volume Information\_restore{00248B94-3747-4025-9C76-7402C4B80F0A}\RP5 49\A0332198.sys [RESULTAT] Contient le cheval de Troie TR/Crypt.ZPACK.Gen [REMARQUE] Une copie de sécurité a été créée sous le nom 4d2141b3.qua ( QUARANTAINE ) [REMARQUE] Le fichier a été renommé en 'A0332198.sys.VIR' ! C:\System Volume Information\_restore{00248B94-3747-4025-9C76-7402C4B80F0A}\RP5 49\A0332199.sys [RESULTAT] Contient le cheval de Troie TR/Crypt.ZPACK.Gen [REMARQUE] Une copie de sécurité a été créée sous le nom 4c31b104.qua ( QUARANTAINE ) [REMARQUE] Le fichier a été renommé en 'A0332199.sys.VIR' ! C:\System Volume Information\_restore{00248B94-3747-4025-9C76-7402C4B80F0A}\RP5 49\A0332200.sys [RESULTAT] Contient le cheval de Troie TR/Crypt.ZPACK.Gen [REMARQUE] Une copie de sécurité a été créée sous le nom 4d2141b6.qua ( QUARANTAINE ) [REMARQUE] Le fichier a été renommé en 'A0332200.sys.VIR' ! C:\System Volume Information\_restore{00248B94-3747-4025-9C76-7402C4B80F0A}\RP5 49\A0332201.sys [RESULTAT] Contient le cheval de Troie TR/Crypt.ZPACK.Gen [REMARQUE] Une copie de sécurité a été créée sous le nom 4c31b107.qua ( QUARANTAINE ) [REMARQUE] Le fichier a été renommé en 'A0332201.sys.VIR' ! Recherche débutant dans 'D:\' <LOGICIELS> D:\programme files news\XoloX\msc-cnet.exe [0] Type d'archive: CAB SFX (self extracting) --> \agentins.ui [AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée. [AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée. D:\System Volume Information\_restore{9826A102-4BCF-4453-8511-58A8DD1A60AE}\RP1 84\A0070919.exe [RESULTAT] Contient le modèle de détection du ver WORM/SdBot.CAOC [REMARQUE] Une copie de sécurité a été créée sous le nom 4c2eb6c4.qua ( QUARANTAINE ) [REMARQUE] Le fichier a été renommé en 'A0070919.exe.VIR' ! D:\System Volume Information\_restore{9826A102-4BCF-4453-8511-58A8DD1A60AE}\RP1 84\A0070921.exe [RESULTAT] Contient le modèle de détection du ver WORM/SdBot.CAOC [REMARQUE] Une copie de sécurité a été créée sous le nom 4c2eb6c5.qua ( QUARANTAINE ) [REMARQUE] Le fichier a été renommé en 'A0070921.exe.VIR' ! Recherche débutant dans 'E:\' <JEUX> Recherche débutant dans 'F:\' <INTERNET> Recherche débutant dans 'G:\' G:\System Volume Information\_restore{00248B94-3747-4025-9C76-7402C4B80F0A}\RP5 49\A0332752.exe [RESULTAT] Contient le modèle de détection du ver WORM/SdBot.CAOC [REMARQUE] Une copie de sécurité a été créée sous le nom 4c31b9d1.qua ( QUARANTAINE ) [REMARQUE] Le fichier a été renommé en 'A0332752.exe.VIR' ! Fin de la recherche : jeudi 27 mai 2010 20:27 Temps nécessaire: 1:01:01 Heure(s) La recherche a été effectuée intégralement 7009 Les répertoires ont été contrôlés 233406 Des fichiers ont été contrôlés 23 Des virus ou programmes indésirables ont été trouvés 0 Des fichiers ont été classés comme suspects 0 Des fichiers ont été supprimés 0 Des virus ou programmes indésirables ont été réparés 17 Les fichiers ont été déplacés dans la quarantaine 17 Les fichiers ont été renommés 1 Impossible de contrôler des fichiers 233382 Fichiers non infectés 5101 Les archives ont été contrôlées 3 Avertissements 18 Consignes 41851 Des objets ont été contrôlés lors du Rootkitscan 0 Des objets cachés ont été trouvés
  4. lacaille91
    voila le rapport malware Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Version de la base de données: 4052 Windows 5.1.2600 Service Pack 2 Internet Explorer 8.0.6001.18702 27/05/2010 18:25:45 mbam-log-2010-05-27 (18-25-45).txt Type d'examen: Examen rapide Elément(s) analysé(s): 122558 Temps écoulé: 14 minute(s), 51 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 2 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 2 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\avsoft (Trojan.Fraudpack) -> No action taken. HKEY_CURRENT_USER\Software\avsoft (Trojan.Fraudpack) -> No action taken. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\Documents and Settings\Admin\Local Settings\Temp\svchost.exe (Trojan.Agent) -> No action taken. C:\Documents and Settings\HelpAssistant\Local Settings\Temp\svchost.exe (Trojan.Agent) -> No action taken.
  5. lacaille91
    merci c'est en cours! j'ai du redémarrer mon pc et mon antivirus ne détecte plus ! bizarre... je fais le scan.. voial le dernier endroit ou il se trouvais Dans le fichier 'C:\WINDOWS\system32\drivers\nabtsfec.sys' un virus ou un programme indésirable 'TR/Crypt.ZPACK.Gen' [trojan] a été détecté.
  6. lacaille91
    bonjour antivir me detecte cela: TR/Crypt.ZPACK.Gen j'ai beau choisir deplacer, ou supprimer il reviens toujours, voila le rapport hijack: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:26:08, on 27/05/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Calendrier\Cld2000.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\Outlook Express\msimn.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\WINDOWS\system32\cmd.exe C:\DOCUME~1\Admin\LOCALS~1\Temp\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\trend micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.fr/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5555 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O1 - Hosts: ::1 localhost O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [Cld2000.exe] C:\Program Files\Calendrier\Cld2000.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.zebulon.fr/outils/antivirus/kav...can_unicode.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1215344624765 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe -- End of file - 6143 bytes
  7. lacaille91

    installation imprimante wifi

    lacaille91 a répondu à un(e) sujet de lacaille91 dans Hardware

    en faite je connais pas l'ip de mon imprimante peu être il me le faudrait pour que je puisse la déclarer lors de l'ajout d'imprimante! mais je ne sais pas comment trouver cet ip!
  8. lacaille91
    bonjour! j'ai acheter une imprimante hp photosmart, je desire qu' elle soit installer en wifi, j'ai donc suivie les instructions le rapport pour la livebox est bon, j'ai aussi branche via usb l'impriman,e sur mon pc elle est bien installer et reconnue. J'aimerais pouvoir imprimer vie la wifi comment faire pour que mon pc la detecte en wifi? merci
  9. lacaille91
    je tiens a te remercier toi et tous ceux qui nous aide quand ont a des soucis ! oui mon processeur amd athlon 2600xp + je me sert pas de ie mais de firefox puis je le supprimer ie? encore merci vraiment ! je ne vais pas te dire a charge de revanche ! ou alors conseil en bricolage lol merci a toi
  10. lacaille91
    ok voila! quarantaine virer! vraiment merci a toi
  11. lacaille91
    je t'ai envoyer un mp! merci
  12. lacaille91
    et bien j'aimerais avoir toutes tes connaissances! j'ai telecharger ivdf multiple pour version 9 j'espere que c'est le bon! car par rapport a explication pas de ivdf unicode! voila mise a jour effectuer ! vraiment merci a toi si tu as d'autre chose a me proposer pour etre plus securiser je suis preneur lol j'ai encore une question au demarrage j'ai spy bot qui se met en route et je suis obliger d'arrêter le processus pour démarrer comment eviter cela? merci
  13. lacaille91
    installer avira! et configurer comme indiquer! mais impossible de fire mise a jour d' avira.. pas de chance moi! merci a toi
  14. lacaille91
    désinstallation reussis ! j installe avira! et je te tiens au courant merci
  15. lacaille91
    je n'arriver pas a desisntaller avast ni dans panneau de configuration ( il apparais pas) j'ai telecharger utilitaire quand je redemarre le pc avast tjrs là! merci
  16. lacaille91
    c'est que j'avais pas activer les mise a jour auto et le pare feu windows. je ferrais le changement d antivirus dans l'apres midi, je te tiens au courant! c'est genial d'avoir des gens comme toi qui peuvent nous aider ! vraiment merci.
  17. lacaille91
    bonjour! me revoila! j'ai donc enlever les lignes en mode sans echec voila le rapport apres: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:18:08, on 26/02/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0013) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Calendrier\Cld2000.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Norton Ghost\Agent\VProSvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\trend micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.fr/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5555 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [Cld2000.exe] C:\Program Files\Calendrier\Cld2000.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O12 - Plugin for .mu3: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .mus: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .mxl: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .mya: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .myr: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .myt: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .xmz: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.zebulon.fr/outils/antivirus/kav...can_unicode.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1215344624765 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: SymSnapService - Symantec - C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe -- End of file - 7369 bytes le pc se comprote normalement a premiere vue! j'ai juste un icone de securiter windows (centre de securité) qui c mis en bas a droite je ne l'avais pas avant. pense tu que je devrais enlever avast pour antivir? merci
  18. lacaille91
    me revoilou! ok pour la mise a jour! j'ai desactivé tea timer en faisant ctlr/alt/sup et je l'ai enlever de processus. rapport malware ras! rapport hijack Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:45:27, on 25/02/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0013) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Calendrier\Cld2000.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Norton Ghost\Agent\VProSvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\trend micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.fr/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5555 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [Cld2000.exe] C:\Program Files\Calendrier\Cld2000.exe O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user') O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O12 - Plugin for .mu3: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .mus: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .mxl: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .mya: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .myr: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .myt: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .xmz: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.zebulon.fr/outils/antivirus/kav...can_unicode.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1215344624765 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: SymSnapService - Symantec - C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe -- End of file - 7291 bytes merci a toi vraiment de me donner de ton temps.
  19. lacaille91
    voila le rapport malware sans update: Malwarebytes' Anti-Malware 1.44 Version de la base de données: 3510 Windows 5.1.2600 Service Pack 2 Internet Explorer 7.0.5730.13 25/02/2010 19:46:20 mbam-log-2010-02-25 (19-46-20).txt Type de recherche: Examen rapide Eléments examinés: 111603 Temps écoulé: 8 minute(s), 32 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 4 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSMHelp (Hijack.Help) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) voila le rapport hijack: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:22:28, on 25/02/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0013) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Calendrier\Cld2000.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Norton Ghost\Agent\VProSvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\trend micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.fr/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5555 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [Cld2000.exe] C:\Program Files\Calendrier\Cld2000.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-20\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'Default user') O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O12 - Plugin for .mu3: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .mus: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .mxl: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .mya: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .myr: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .myt: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .xmz: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.zebulon.fr/outils/antivirus/kav...can_unicode.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1215344624765 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: SymSnapService - Symantec - C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe -- End of file - 7772 bytes encore merci j'ai lancer le .exe le dernier que tu m'as envoyer toujours la meme erreur en mise a jour.
  20. lacaille91
    re ! lors de la mise a jour de malware il m'ouvre une fenetre! erreur 412! je ne peu donc faire la mise a jour! je fais quand meme le scan et je post ensuite! j'accumule les ennuies se soir tu es pas pro en chaudiere elle fuit mdrrr merci
  21. lacaille91
    voila je pense avoir bien fait là All processes killed ========== FILES ========== File/Folder C:\Documents and Settings\Admin\Local Settings\Application Data\mwoisu not found. File/Folder C:\PROGRA~1\ANTIVI~1\avpm.exe not found. C:\Program Files\NewsLeecher4 folder moved successfully. File/Folder C:\Documents and Settings\Admin\Local Settings\Application Data\NewsLeecher4 not found. File/Folder C:\Program Files\uTorrent not found. File/Folder C:\Documents and Settings\Admin\Local Settings\Application Data\uTorrent not found. File/Folder D:\Program Files\Azureus not found. File/Folder C:\Documents and Settings\Admin\Local Settings\Application Data\Azureus not found. File/Folder C:\Program Files\BitTorrent not found. File/Folder C:\Documents and Settings\Admin\Local Settings\Application Data\BitTorrent not found. ========== REGISTRY ========== Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ketsdkuh\ not found. Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^AVP Monitor.lnk\ not found. Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Program Files\uTorrent\uTorrent.exe not found. Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\D:\Program Files\Azureus\Azureus.exe not found. Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Program Files\BitTorrent\bittorrent.exe not found. Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8d0e7248-cfa5-11de-8c16-000c765c0d76}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8d0e7248-cfa5-11de-8c16-000c765c0d76}\ not found. ========== COMMANDS ========== [EMPTYTEMP] User: Admin ->Temp folder emptied: 4047 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 16280977 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: HelpAssistant ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 0 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 66314 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 16,00 mb OTM by OldTimer - Version 3.1.9.0 log created on 02252010_164934 Files moved on Reboot... C:\WINDOWS\temp\$$$dq3e moved successfully. C:\WINDOWS\temp\$67we.$ moved successfully. C:\WINDOWS\temp\Perflib_Perfdata_5e8.dat moved successfully. File C:\WINDOWS\temp\Perflib_Perfdata_878.dat not found! Registry entries deleted on Reboot... la suite.. Logfile of random's system information tool 1.06 (written by random/random) Run by Admin at 2010-02-25 17:00:37 Microsoft Windows XP Professionnel Service Pack 2 System drive C: has 5 GB (36%) free of 13 GB Total RAM: 1023 MB (59% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:01:05, on 25/02/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0013) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\notepad.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Calendrier\Cld2000.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Norton Ghost\Agent\VProSvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe C:\Documents and Settings\Admin\Bureau\RSIT.exe C:\Program Files\Trend Micro\HijackThis\Admin.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.fr/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5555 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Cld2000.exe] C:\Program Files\Calendrier\Cld2000.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O12 - Plugin for .mu3: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .mus: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .mxl: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .mya: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .myr: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .myt: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .xmz: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.zebulon.fr/outils/antivirus/kav...can_unicode.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - http://activex.camfrogweb.com/advanced/2.0..._instmodule.exe O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1215344624765 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: SymSnapService - Symantec - C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe -- End of file - 8421 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-08-16 73728] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-11-17 577536] "LogitechCommunicationsManager"=C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe [2007-10-25 563984] "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360] "MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-07-26 3883856] "Cld2000.exe"=C:\Program Files\Calendrier\Cld2000.exe [2009-10-14 3029504] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE [2004-01-14 409600] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam10\QuickCam10.exe /hide [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Ghost 14.0] C:\Program Files\Norton Ghost\Agent\VProTray.exe [2008-01-19 2245984] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe [2009-08-16 148888] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Admin^Menu Démarrer^Programmes^Démarrage^Outil de notification Live Search.lnk] C:\DOCUME~1\Admin\APPLIC~2\MICROS~1\LIVESE~1\NOTIFI~1.EXE [2008-11-11 143360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk] C:\PROGRA~1\MICROS~3\Office10\OSA.EXE [2001-02-13 83360] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 "NoSMHelp"=1 "MemCheckBoxInRunDlg"=1 "NoSMBalloonTip"=1 "NoDesktopCleanupWizard"=1 "NoWelcomeScreen"=1 "NoAutoUpdate"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cdba481f-b0c2-11de-8f72-000c765c0d76}] shell\AutoRun\command - H:\InstallTomTomHOME.exe ======File associations====== .js - open - "C:\Program Files\Macromedia\Dreamweaver MX 2004\Dreamweaver.exe" "%1" ======List of files/folders created in the last 1 months====== 2010-02-25 16:32:17 ----D---- C:\_OTM 2010-02-25 15:27:58 ----D---- C:\rsit 2010-02-25 15:27:58 ----D---- C:\Program Files\trend micro 2010-02-25 15:20:08 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-02-05 19:16:35 ----D---- C:\Program Files\AAALOGO2009 2010-02-05 19:10:27 ----D---- C:\Program Files\Fichiers communs\Vbox 2010-02-05 19:10:07 ----A---- C:\WINDOWS\unlite3.exe 2010-02-05 19:10:05 ----D---- C:\Program Files\Bradbury ======List of files/folders modified in the last 1 months====== 2010-02-25 16:55:57 ----D---- C:\WINDOWS\Temp 2010-02-25 16:55:27 ----D---- C:\Program Files\Mozilla Firefox 2010-02-25 16:54:33 ----D---- C:\WINDOWS\system32\CatRoot2 2010-02-25 16:53:02 ----D---- C:\WINDOWS\Registration 2010-02-25 16:49:37 ----RD---- C:\Program Files 2010-02-25 16:32:26 ----AD---- C:\WINDOWS 2010-02-25 16:31:48 ----D---- C:\WINDOWS\Prefetch 2010-02-25 15:35:34 ----D---- C:\WINDOWS\system32 2010-02-25 15:32:15 ----D---- C:\Documents and Settings 2010-02-25 15:18:14 ----SH---- C:\boot.ini 2010-02-25 15:18:14 ----A---- C:\WINDOWS\win.ini 2010-02-25 15:18:14 ----A---- C:\WINDOWS\system.ini 2010-02-22 14:52:28 ----A---- C:\WINDOWS\NeroDigital.ini 2010-02-22 11:52:13 ----SHD---- C:\RECYCLER 2010-02-22 10:47:46 ----D---- C:\Documents and Settings\Admin\Application Data\vlc 2010-02-09 20:36:43 ----SHD---- C:\WINDOWS\Installer 2010-02-09 20:36:41 ----SHD---- C:\Config.Msi 2010-02-09 20:32:32 ----SD---- C:\Documents and Settings\Admin\Application Data\Microsoft 2010-02-09 20:32:23 ----A---- C:\WINDOWS\ODBC.INI 2010-02-09 20:31:47 ----D---- C:\WINDOWS\ShellNew 2010-02-09 20:31:26 ----D---- C:\Program Files\Microsoft Office 2010-02-09 20:31:25 ----RSD---- C:\WINDOWS\Fonts 2010-02-09 20:29:35 ----D---- C:\WINDOWS\system 2010-02-09 20:29:35 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared 2010-02-07 09:35:59 ----D---- C:\Program Files\Unlocker 2010-02-06 08:41:52 ----D---- C:\Program Files\Macromedia 2010-02-06 08:40:52 ----HD---- C:\Program Files\InstallShield Installation Information 2010-02-06 08:40:52 ----D---- C:\Program Files\Fichiers communs\Macromedia 2010-02-06 08:38:50 ----D---- C:\Program Files\Canon 2010-02-06 08:38:36 ----D---- C:\Program Files\ma-config.com 2010-02-06 08:38:34 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com 2010-02-06 08:33:11 ----HD---- C:\WINDOWS\inf 2010-02-05 19:10:27 ----D---- C:\Program Files\Fichiers communs ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408] R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2005-10-12 41600] R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768] R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560] R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2008-07-21 24392] R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560] R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160] R2 v2imount;Symantec V2i Mount Driver; C:\WINDOWS\system32\DRIVERS\v2imount.sys [2008-01-19 38112] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-03-08 4027840] R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120] R3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2005-07-26 27165] R3 GEARAspiWDM;GearAspiWDM; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-01-19 15664] R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-10-02 9600] R3 LVcKap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LVcKap.sys [2007-10-19 2109976] R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2007-10-11 25624] R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2007-10-12 41752] R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver; C:\WINDOWS\system32\DRIVERS\ManyCam.sys [2008-01-14 21632] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2005-07-26 12288] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2005-07-26 1897408] R3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2007-10-12 13848] R3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\WINDOWS\system32\DRIVERS\LV302V32.SYS [2007-10-12 1279000] R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2005-07-26 59264] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2005-07-26 31616] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480] S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2005-07-26 14848] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2005-07-26 17024] S3 epmntdrv;epmntdrv; \??\C:\WINDOWS\system32\epmntdrv.sys [] S3 EuGdiDrv;EuGdiDrv; \??\C:\WINDOWS\system32\EuGdiDrv.sys [] S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys [2007-10-11 2142488] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2005-07-26 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2005-07-26 85376] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2005-07-26 10880] S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-03 40320] S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2007-11-06 34064] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2005-07-26 11136] S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2005-07-26 7552] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2005-07-26 15360] S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [] S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [] S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2005-07-26 25856] S3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] S3 VProEventMonitor;Symantec Event Monitor Driver; C:\WINDOWS\system32\DRIVERS\vproeventmonitor.sys [2008-01-19 15088] S3 WimFltr;WimFltr; C:\WINDOWS\system32\DRIVERS\wimfltr.sys [2008-01-19 128104] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2005-07-26 19328] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-08-16 152984] R2 LVCOMSer;LVCOMSer; C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe [2007-10-19 186904] R2 LVPrcSrv;Process Monitor; C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe [2007-10-19 141848] R2 Norton Ghost;Norton Ghost; C:\Program Files\Norton Ghost\Agent\VProSvc.exe [2008-01-19 4388192] R2 Symantec SymSnap VSS Provider;Symantec SymSnap VSS Provider; C:\WINDOWS\system32\dllhost.exe [2004-08-19 5120] R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040] R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920] R3 SymSnapService;SymSnapService; C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe [2007-12-20 1553896] S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe [2007-10-19 141848] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 getPlus® Helper;getPlus® Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-06-26 31592] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 Macromedia Licensing Service;Macromedia Licensing Service; C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe [2009-12-29 68096] S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-11-06 92792] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- merci a toi!
  22. lacaille91
    j'en sais rien sais un pc j'ai recuperer! pour les logiciel p2p du passée mddr pour le scan mais j'ai dit bonjour dans mon premier poste ! voila otm: All processes killed Error: Unable to interpret <files> in the current context! Error: Unable to interpret <C:\Documents and Settings\Admin\Local Settings\Application Data\mwoisu> in the current context! Error: Unable to interpret <C:\PROGRA~1\ANTIVI~1\avpm.exe> in the current context! Error: Unable to interpret <C:\Program Files\NewsLeecher4> in the current context! Error: Unable to interpret <C:\Documents and Settings\Admin\Local Settings\Application Data\NewsLeecher4> in the current context! Error: Unable to interpret <C:\Program Files\uTorrent> in the current context! Error: Unable to interpret <C:\Documents and Settings\Admin\Local Settings\Application Data\uTorrent> in the current context! Error: Unable to interpret <D:\Program Files\Azureus> in the current context! Error: Unable to interpret <C:\Documents and Settings\Admin\Local Settings\Application Data\Azureus> in the current context! Error: Unable to interpret <C:\Program Files\BitTorrent> in the current context! Error: Unable to interpret <C:\Documents and Settings\Admin\Local Settings\Application Data\BitTorrent> in the current context! ========== REGISTRY ========== Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ketsdkuh\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^AVP Monitor.lnk\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Program Files\uTorrent\uTorrent.exe deleted successfully. Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\D:\Program Files\Azureus\Azureus.exe deleted successfully. Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Program Files\BitTorrent\bittorrent.exe deleted successfully. Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8d0e7248-cfa5-11de-8c16-000c765c0d76}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8d0e7248-cfa5-11de-8c16-000c765c0d76}\ not found. ========== COMMANDS ========== [EMPTYTEMP] User: Admin ->Temp folder emptied: 1407038 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 86603212 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: HelpAssistant ->Temp folder emptied: 595236 bytes ->Temporary Internet Files folder emptied: 33438 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 11075003 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 189636 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33237 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 2114737 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 259241 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes RecycleBin emptied: 812344 bytes Total Files Cleaned = 98,00 mb OTM by OldTimer - Version 3.1.9.0 log created on 02252010_163217 Files moved on Reboot... C:\WINDOWS\temp\$$$dq3e moved successfully. C:\WINDOWS\temp\$67we.$ moved successfully. File C:\WINDOWS\temp\Perflib_Perfdata_250.dat not found! C:\WINDOWS\temp\Perflib_Perfdata_608.dat moved successfully. Registry entries deleted on Reboot... puis rsit: Logfile of random's system information tool 1.06 (written by random/random) Run by Admin at 2010-02-25 16:39:48 Microsoft Windows XP Professionnel Service Pack 2 System drive C: has 5 GB (36%) free of 13 GB Total RAM: 1023 MB (43% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:40:02, on 25/02/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0013) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Calendrier\Cld2000.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Norton Ghost\Agent\VProSvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe C:\Documents and Settings\Admin\Bureau\RSIT.exe C:\Program Files\Trend Micro\HijackThis\Admin.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.fr/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5555 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Cld2000.exe] C:\Program Files\Calendrier\Cld2000.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O12 - Plugin for .mu3: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .mus: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .mxl: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .mya: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .myr: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .myt: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .xmz: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.zebulon.fr/outils/antivirus/kav...can_unicode.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - http://activex.camfrogweb.com/advanced/2.0..._instmodule.exe O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1215344624765 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: SymSnapService - Symantec - C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe -- End of file - 8364 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-08-16 73728] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-11-17 577536] "LogitechCommunicationsManager"=C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe [2007-10-25 563984] "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360] "MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-07-26 3883856] "Cld2000.exe"=C:\Program Files\Calendrier\Cld2000.exe [2009-10-14 3029504] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE [2004-01-14 409600] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam10\QuickCam10.exe /hide [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Ghost 14.0] C:\Program Files\Norton Ghost\Agent\VProTray.exe [2008-01-19 2245984] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe [2009-08-16 148888] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Admin^Menu Démarrer^Programmes^Démarrage^Outil de notification Live Search.lnk] C:\DOCUME~1\Admin\APPLIC~2\MICROS~1\LIVESE~1\NOTIFI~1.EXE [2008-11-11 143360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk] C:\PROGRA~1\MICROS~3\Office10\OSA.EXE [2001-02-13 83360] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 "NoSMHelp"=1 "MemCheckBoxInRunDlg"=1 "NoSMBalloonTip"=1 "NoDesktopCleanupWizard"=1 "NoWelcomeScreen"=1 "NoAutoUpdate"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cdba481f-b0c2-11de-8f72-000c765c0d76}] shell\AutoRun\command - H:\InstallTomTomHOME.exe ======File associations====== .js - open - "C:\Program Files\Macromedia\Dreamweaver MX 2004\Dreamweaver.exe" "%1" ======List of files/folders created in the last 1 months====== 2010-02-25 16:32:17 ----D---- C:\_OTM 2010-02-25 15:27:58 ----D---- C:\rsit 2010-02-25 15:27:58 ----D---- C:\Program Files\trend micro 2010-02-25 15:20:08 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-02-05 19:16:35 ----D---- C:\Program Files\AAALOGO2009 2010-02-05 19:10:27 ----D---- C:\Program Files\Fichiers communs\Vbox 2010-02-05 19:10:07 ----A---- C:\WINDOWS\unlite3.exe 2010-02-05 19:10:05 ----D---- C:\Program Files\Bradbury ======List of files/folders modified in the last 1 months====== 2010-02-25 16:38:11 ----D---- C:\WINDOWS\Temp 2010-02-25 16:37:21 ----D---- C:\Program Files\Mozilla Firefox 2010-02-25 16:36:42 ----D---- C:\WINDOWS\system32\CatRoot2 2010-02-25 16:32:26 ----AD---- C:\WINDOWS 2010-02-25 16:31:48 ----D---- C:\WINDOWS\Prefetch 2010-02-25 15:35:34 ----D---- C:\WINDOWS\system32 2010-02-25 15:32:15 ----D---- C:\Documents and Settings 2010-02-25 15:27:58 ----RD---- C:\Program Files 2010-02-25 15:18:14 ----SH---- C:\boot.ini 2010-02-25 15:18:14 ----A---- C:\WINDOWS\win.ini 2010-02-25 15:18:14 ----A---- C:\WINDOWS\system.ini 2010-02-25 09:17:26 ----D---- C:\WINDOWS\Registration 2010-02-22 14:52:28 ----A---- C:\WINDOWS\NeroDigital.ini 2010-02-22 11:52:13 ----SHD---- C:\RECYCLER 2010-02-22 10:47:46 ----D---- C:\Documents and Settings\Admin\Application Data\vlc 2010-02-09 20:36:43 ----SHD---- C:\WINDOWS\Installer 2010-02-09 20:36:41 ----SHD---- C:\Config.Msi 2010-02-09 20:32:32 ----SD---- C:\Documents and Settings\Admin\Application Data\Microsoft 2010-02-09 20:32:23 ----A---- C:\WINDOWS\ODBC.INI 2010-02-09 20:31:47 ----D---- C:\WINDOWS\ShellNew 2010-02-09 20:31:26 ----D---- C:\Program Files\Microsoft Office 2010-02-09 20:31:25 ----RSD---- C:\WINDOWS\Fonts 2010-02-09 20:29:35 ----D---- C:\WINDOWS\system 2010-02-09 20:29:35 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared 2010-02-07 09:35:59 ----D---- C:\Program Files\Unlocker 2010-02-06 08:41:52 ----D---- C:\Program Files\Macromedia 2010-02-06 08:40:52 ----HD---- C:\Program Files\InstallShield Installation Information 2010-02-06 08:40:52 ----D---- C:\Program Files\Fichiers communs\Macromedia 2010-02-06 08:38:50 ----D---- C:\Program Files\Canon 2010-02-06 08:38:36 ----D---- C:\Program Files\ma-config.com 2010-02-06 08:38:34 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com 2010-02-06 08:33:11 ----HD---- C:\WINDOWS\inf 2010-02-05 19:10:27 ----D---- C:\Program Files\Fichiers communs ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408] R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2005-10-12 41600] R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768] R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560] R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2008-07-21 24392] R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560] R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160] R2 v2imount;Symantec V2i Mount Driver; C:\WINDOWS\system32\DRIVERS\v2imount.sys [2008-01-19 38112] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-03-08 4027840] R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120] R3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2005-07-26 27165] R3 GEARAspiWDM;GearAspiWDM; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-01-19 15664] R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-10-02 9600] R3 LVcKap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LVcKap.sys [2007-10-19 2109976] R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2007-10-11 25624] R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2007-10-12 41752] R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver; C:\WINDOWS\system32\DRIVERS\ManyCam.sys [2008-01-14 21632] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2005-07-26 12288] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2005-07-26 1897408] R3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2007-10-12 13848] R3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\WINDOWS\system32\DRIVERS\LV302V32.SYS [2007-10-12 1279000] R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2005-07-26 59264] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2005-07-26 31616] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480] S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2005-07-26 14848] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2005-07-26 17024] S3 epmntdrv;epmntdrv; \??\C:\WINDOWS\system32\epmntdrv.sys [] S3 EuGdiDrv;EuGdiDrv; \??\C:\WINDOWS\system32\EuGdiDrv.sys [] S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys [2007-10-11 2142488] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2005-07-26 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2005-07-26 85376] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2005-07-26 10880] S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-03 40320] S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2007-11-06 34064] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2005-07-26 11136] S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2005-07-26 7552] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2005-07-26 15360] S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [] S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [] S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2005-07-26 25856] S3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] S3 VProEventMonitor;Symantec Event Monitor Driver; C:\WINDOWS\system32\DRIVERS\vproeventmonitor.sys [2008-01-19 15088] S3 WimFltr;WimFltr; C:\WINDOWS\system32\DRIVERS\wimfltr.sys [2008-01-19 128104] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2005-07-26 19328] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-08-16 152984] R2 LVCOMSer;LVCOMSer; C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe [2007-10-19 186904] R2 LVPrcSrv;Process Monitor; C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe [2007-10-19 141848] R2 Norton Ghost;Norton Ghost; C:\Program Files\Norton Ghost\Agent\VProSvc.exe [2008-01-19 4388192] R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040] R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920] R3 SymSnapService;SymSnapService; C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe [2007-12-20 1553896] S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe [2007-10-19 141848] S2 Symantec SymSnap VSS Provider;Symantec SymSnap VSS Provider; C:\WINDOWS\system32\dllhost.exe [2004-08-19 5120] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 getPlus® Helper;getPlus® Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-06-26 31592] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 Macromedia Licensing Service;Macromedia Licensing Service; C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe [2009-12-29 68096] S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-11-06 92792] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- merci a de suite!
  23. lacaille91
    ok ! merci
  24. lacaille91
    oups desoler pour la manip de supprimer le log! il se trouvait là: c: doc and setting/admin/local setting/application data/mwoisu/soetftav.exe je n'ai que le log! pas d 'info txt! Logfile of random's system information tool 1.06 (written by random/random) Run by Admin at 2010-02-25 15:52:46 Microsoft Windows XP Professionnel Service Pack 2 System drive C: has 5 GB (35%) free of 13 GB Total RAM: 1023 MB (43% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:52:56, on 25/02/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0013) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Calendrier\Cld2000.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Norton Ghost\Agent\VProSvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Admin\Bureau\RSIT.exe C:\Program Files\Trend Micro\HijackThis\Admin.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.fr/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5555 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Cld2000.exe] C:\Program Files\Calendrier\Cld2000.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O12 - Plugin for .mu3: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .mus: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .mxl: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .mya: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .myr: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .myt: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .xmz: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.zebulon.fr/outils/antivirus/kav...can_unicode.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - http://activex.camfrogweb.com/advanced/2.0..._instmodule.exe O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1215344624765 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: SymSnapService - Symantec - C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe -- End of file - 8331 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-08-16 73728] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-11-17 577536] "LogitechCommunicationsManager"=C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe [2007-10-25 563984] "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360] "MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-07-26 3883856] "Cld2000.exe"=C:\Program Files\Calendrier\Cld2000.exe [2009-10-14 3029504] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE [2004-01-14 409600] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ketsdkuh] C:\Documents and Settings\Admin\Local Settings\Application Data\mwoisu\soetsftav.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam10\QuickCam10.exe /hide [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Ghost 14.0] C:\Program Files\Norton Ghost\Agent\VProTray.exe [2008-01-19 2245984] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe [2009-08-16 148888] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Admin^Menu Démarrer^Programmes^Démarrage^Outil de notification Live Search.lnk] C:\DOCUME~1\Admin\APPLIC~2\MICROS~1\LIVESE~1\NOTIFI~1.EXE [2008-11-11 143360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^AVP Monitor.lnk] C:\PROGRA~1\ANTIVI~1\avpm.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk] C:\PROGRA~1\MICROS~3\Office10\OSA.EXE [2001-02-13 83360] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 "NoSMHelp"=1 "MemCheckBoxInRunDlg"=1 "NoSMBalloonTip"=1 "NoDesktopCleanupWizard"=1 "NoWelcomeScreen"=1 "NoAutoUpdate"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent" "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice" "D:\Program Files\Azureus\Azureus.exe"="D:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus" "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8d0e7248-cfa5-11de-8c16-000c765c0d76}] shell\AutoRun\command - J:\mostick.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cdba481f-b0c2-11de-8f72-000c765c0d76}] shell\AutoRun\command - H:\InstallTomTomHOME.exe ======File associations====== .js - open - "C:\Program Files\Macromedia\Dreamweaver MX 2004\Dreamweaver.exe" "%1" ======List of files/folders created in the last 1 months====== 2010-02-25 15:27:58 ----D---- C:\rsit 2010-02-25 15:27:58 ----D---- C:\Program Files\trend micro 2010-02-25 15:20:08 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-02-05 19:16:35 ----D---- C:\Program Files\AAALOGO2009 2010-02-05 19:10:27 ----D---- C:\Program Files\Fichiers communs\Vbox 2010-02-05 19:10:07 ----A---- C:\WINDOWS\unlite3.exe 2010-02-05 19:10:05 ----D---- C:\Program Files\Bradbury ======List of files/folders modified in the last 1 months====== 2010-02-25 15:52:15 ----D---- C:\WINDOWS\Prefetch 2010-02-25 15:43:25 ----D---- C:\Program Files\Mozilla Firefox 2010-02-25 15:35:34 ----D---- C:\WINDOWS\system32 2010-02-25 15:32:15 ----D---- C:\Documents and Settings 2010-02-25 15:32:13 ----D---- C:\WINDOWS\Temp 2010-02-25 15:27:58 ----RD---- C:\Program Files 2010-02-25 15:21:55 ----D---- C:\WINDOWS\system32\CatRoot2 2010-02-25 15:20:28 ----AD---- C:\WINDOWS 2010-02-25 15:18:14 ----SH---- C:\boot.ini 2010-02-25 15:18:14 ----A---- C:\WINDOWS\win.ini 2010-02-25 15:18:14 ----A---- C:\WINDOWS\system.ini 2010-02-25 09:17:26 ----D---- C:\WINDOWS\Registration 2010-02-22 14:52:28 ----A---- C:\WINDOWS\NeroDigital.ini 2010-02-22 11:52:13 ----SHD---- C:\RECYCLER 2010-02-22 10:47:46 ----D---- C:\Documents and Settings\Admin\Application Data\vlc 2010-02-09 20:36:43 ----SHD---- C:\WINDOWS\Installer 2010-02-09 20:36:41 ----SHD---- C:\Config.Msi 2010-02-09 20:32:32 ----SD---- C:\Documents and Settings\Admin\Application Data\Microsoft 2010-02-09 20:32:23 ----A---- C:\WINDOWS\ODBC.INI 2010-02-09 20:31:47 ----D---- C:\WINDOWS\ShellNew 2010-02-09 20:31:26 ----D---- C:\Program Files\Microsoft Office 2010-02-09 20:31:25 ----RSD---- C:\WINDOWS\Fonts 2010-02-09 20:29:35 ----D---- C:\WINDOWS\system 2010-02-09 20:29:35 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared 2010-02-07 09:35:59 ----D---- C:\Program Files\Unlocker 2010-02-06 08:41:52 ----D---- C:\Program Files\Macromedia 2010-02-06 08:40:52 ----HD---- C:\Program Files\InstallShield Installation Information 2010-02-06 08:40:52 ----D---- C:\Program Files\Fichiers communs\Macromedia 2010-02-06 08:38:50 ----D---- C:\Program Files\Canon 2010-02-06 08:38:36 ----D---- C:\Program Files\ma-config.com 2010-02-06 08:38:34 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com 2010-02-06 08:33:11 ----HD---- C:\WINDOWS\inf 2010-02-05 19:10:27 ----D---- C:\Program Files\Fichiers communs ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408] R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2005-10-12 41600] R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768] R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560] R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2008-07-21 24392] R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560] R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160] R2 v2imount;Symantec V2i Mount Driver; C:\WINDOWS\system32\DRIVERS\v2imount.sys [2008-01-19 38112] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-03-08 4027840] R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120] R3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2005-07-26 27165] R3 GEARAspiWDM;GearAspiWDM; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-01-19 15664] R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-10-02 9600] R3 LVcKap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LVcKap.sys [2007-10-19 2109976] R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2007-10-11 25624] R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2007-10-12 41752] R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver; C:\WINDOWS\system32\DRIVERS\ManyCam.sys [2008-01-14 21632] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2005-07-26 12288] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2005-07-26 1897408] R3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2007-10-12 13848] R3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\WINDOWS\system32\DRIVERS\LV302V32.SYS [2007-10-12 1279000] R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2005-07-26 59264] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2005-07-26 31616] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480] S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2005-07-26 14848] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2005-07-26 17024] S3 epmntdrv;epmntdrv; \??\C:\WINDOWS\system32\epmntdrv.sys [] S3 EuGdiDrv;EuGdiDrv; \??\C:\WINDOWS\system32\EuGdiDrv.sys [] S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys [2007-10-11 2142488] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2005-07-26 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2005-07-26 85376] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2005-07-26 10880] S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-03 40320] S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2007-11-06 34064] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2005-07-26 11136] S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2005-07-26 7552] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2005-07-26 15360] S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [] S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [] S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2005-07-26 25856] S3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] S3 VProEventMonitor;Symantec Event Monitor Driver; C:\WINDOWS\system32\DRIVERS\vproeventmonitor.sys [2008-01-19 15088] S3 WimFltr;WimFltr; C:\WINDOWS\system32\DRIVERS\wimfltr.sys [2008-01-19 128104] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2005-07-26 19328] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-08-16 152984] R2 LVCOMSer;LVCOMSer; C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe [2007-10-19 186904] R2 LVPrcSrv;Process Monitor; C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe [2007-10-19 141848] R2 Norton Ghost;Norton Ghost; C:\Program Files\Norton Ghost\Agent\VProSvc.exe [2008-01-19 4388192] R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040] R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920] R3 SymSnapService;SymSnapService; C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe [2007-12-20 1553896] S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe [2007-10-19 141848] S2 Symantec SymSnap VSS Provider;Symantec SymSnap VSS Provider; C:\WINDOWS\system32\dllhost.exe [2004-08-19 5120] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 getPlus® Helper;getPlus® Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-06-26 31592] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 Macromedia Licensing Service;Macromedia Licensing Service; C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe [2009-12-29 68096] S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-11-06 92792] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF-----------------
  25. lacaille91
    j'ai redemarrer sasn echec et regarder dans msconfig j'avis çà: soeftsftav je 'lai decocher puis suis allez a l'endroit on il y avais le .exe puis virer a la poubelle, j'ai redemarrer j'ai plus le message mais tjrs ce truc non cocher au demarrage. Logfile of random's system information tool 1.06 (written by random/random) Run by Admin at 2010-02-25 15:27:58 Microsoft Windows XP Professionnel Service Pack 2 System drive C: has 5 GB (36%) free of 13 GB Total RAM: 1023 MB (41% free) HijackThis download failed ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-08-16 73728] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-11-17 577536] "LogitechCommunicationsManager"=C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe [2007-10-25 563984] "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360] "MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-07-26 3883856] "Cld2000.exe"=C:\Program Files\Calendrier\Cld2000.exe [2009-10-14 3029504] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE [2004-01-14 409600] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ketsdkuh] C:\Documents and Settings\Admin\Local Settings\Application Data\mwoisu\soetsftav.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam10\QuickCam10.exe /hide [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Ghost 14.0] C:\Program Files\Norton Ghost\Agent\VProTray.exe [2008-01-19 2245984] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe [2009-08-16 148888] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Admin^Menu Démarrer^Programmes^Démarrage^Outil de notification Live Search.lnk] C:\DOCUME~1\Admin\APPLIC~2\MICROS~1\LIVESE~1\NOTIFI~1.EXE [2008-11-11 143360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^AVP Monitor.lnk] C:\PROGRA~1\ANTIVI~1\avpm.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk] C:\PROGRA~1\MICROS~3\Office10\OSA.EXE [2001-02-13 83360] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 "NoSMHelp"=1 "MemCheckBoxInRunDlg"=1 "NoSMBalloonTip"=1 "NoDesktopCleanupWizard"=1 "NoWelcomeScreen"=1 "NoAutoUpdate"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8d0e7248-cfa5-11de-8c16-000c765c0d76}] shell\AutoRun\command - J:\mostick.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cdba481f-b0c2-11de-8f72-000c765c0d76}] shell\AutoRun\command - H:\InstallTomTomHOME.exe ======File associations====== .js - open - "C:\Program Files\Macromedia\Dreamweaver MX 2004\Dreamweaver.exe" "%1" ======List of files/folders created in the last 1 months====== 2010-02-25 15:27:58 ----D---- C:\rsit 2010-02-25 15:27:58 ----D---- C:\Program Files\trend micro 2010-02-25 15:20:08 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-02-05 19:16:35 ----D---- C:\Program Files\AAALOGO2009 2010-02-05 19:10:27 ----D---- C:\Program Files\Fichiers communs\Vbox 2010-02-05 19:10:07 ----A---- C:\WINDOWS\unlite3.exe 2010-02-05 19:10:05 ----D---- C:\Program Files\Bradbury ======List of files/folders modified in the last 1 months====== 2010-02-25 15:27:58 ----RD---- C:\Program Files 2010-02-25 15:24:17 ----D---- C:\Program Files\Mozilla Firefox 2010-02-25 15:23:53 ----D---- C:\WINDOWS\Temp 2010-02-25 15:21:55 ----D---- C:\WINDOWS\system32\CatRoot2 2010-02-25 15:20:28 ----AD---- C:\WINDOWS 2010-02-25 15:18:14 ----SH---- C:\boot.ini 2010-02-25 15:18:14 ----A---- C:\WINDOWS\win.ini 2010-02-25 15:18:14 ----A---- C:\WINDOWS\system.ini 2010-02-25 15:12:14 ----D---- C:\WINDOWS\Prefetch 2010-02-25 15:08:24 ----D---- C:\WINDOWS\system32 2010-02-25 09:17:26 ----D---- C:\WINDOWS\Registration 2010-02-22 14:52:28 ----A---- C:\WINDOWS\NeroDigital.ini 2010-02-22 11:52:13 ----SHD---- C:\RECYCLER 2010-02-22 10:47:46 ----D---- C:\Documents and Settings\Admin\Application Data\vlc 2010-02-09 20:36:43 ----SHD---- C:\WINDOWS\Installer 2010-02-09 20:36:41 ----SHD---- C:\Config.Msi 2010-02-09 20:32:32 ----SD---- C:\Documents and Settings\Admin\Application Data\Microsoft 2010-02-09 20:32:23 ----A---- C:\WINDOWS\ODBC.INI 2010-02-09 20:31:47 ----D---- C:\WINDOWS\ShellNew 2010-02-09 20:31:26 ----D---- C:\Program Files\Microsoft Office 2010-02-09 20:31:25 ----RSD---- C:\WINDOWS\Fonts 2010-02-09 20:29:35 ----D---- C:\WINDOWS\system 2010-02-09 20:29:35 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared 2010-02-07 09:35:59 ----D---- C:\Program Files\Unlocker 2010-02-06 08:41:52 ----D---- C:\Program Files\Macromedia 2010-02-06 08:40:52 ----HD---- C:\Program Files\InstallShield Installation Information 2010-02-06 08:40:52 ----D---- C:\Program Files\Fichiers communs\Macromedia 2010-02-06 08:38:50 ----D---- C:\Program Files\Canon 2010-02-06 08:38:36 ----D---- C:\Program Files\ma-config.com 2010-02-06 08:38:34 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com 2010-02-06 08:33:11 ----HD---- C:\WINDOWS\inf 2010-02-05 19:10:27 ----D---- C:\Program Files\Fichiers communs ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408] R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2005-10-12 41600] R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768] R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560] R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2008-07-21 24392] R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560] R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160] R2 v2imount;Symantec V2i Mount Driver; C:\WINDOWS\system32\DRIVERS\v2imount.sys [2008-01-19 38112] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-03-08 4027840] R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120] R3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2005-07-26 27165] R3 GEARAspiWDM;GearAspiWDM; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-01-19 15664] R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-10-02 9600] R3 LVcKap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LVcKap.sys [2007-10-19 2109976] R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2007-10-11 25624] R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2007-10-12 41752] R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver; C:\WINDOWS\system32\DRIVERS\ManyCam.sys [2008-01-14 21632] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2005-07-26 12288] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2005-07-26 1897408] R3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2007-10-12 13848] R3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\WINDOWS\system32\DRIVERS\LV302V32.SYS [2007-10-12 1279000] R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2005-07-26 59264] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2005-07-26 31616] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480] S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2005-07-26 14848] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2005-07-26 17024] S3 epmntdrv;epmntdrv; \??\C:\WINDOWS\system32\epmntdrv.sys [] S3 EuGdiDrv;EuGdiDrv; \??\C:\WINDOWS\system32\EuGdiDrv.sys [] S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys [2007-10-11 2142488] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2005-07-26 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2005-07-26 85376] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2005-07-26 10880] S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-03 40320] S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2007-11-06 34064] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2005-07-26 11136] S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2005-07-26 7552] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2005-07-26 15360] S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [] S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [] S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2005-07-26 25856] S3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] S3 VProEventMonitor;Symantec Event Monitor Driver; C:\WINDOWS\system32\DRIVERS\vproeventmonitor.sys [2008-01-19 15088] S3 WimFltr;WimFltr; C:\WINDOWS\system32\DRIVERS\wimfltr.sys [2008-01-19 128104] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2005-07-26 19328] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-08-16 152984] R2 LVCOMSer;LVCOMSer; C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe [2007-10-19 186904] R2 LVPrcSrv;Process Monitor; C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe [2007-10-19 141848] R2 Norton Ghost;Norton Ghost; C:\Program Files\Norton Ghost\Agent\VProSvc.exe [2008-01-19 4388192] R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040] R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920] R3 SymSnapService;SymSnapService; C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe [2007-12-20 1553896] S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe [2007-10-19 141848] S2 Symantec SymSnap VSS Provider;Symantec SymSnap VSS Provider; C:\WINDOWS\system32\dllhost.exe [2004-08-19 5120] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 getPlus® Helper;getPlus® Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-06-26 31592] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 Macromedia Licensing Service;Macromedia Licensing Service; C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe [2009-12-29 68096] S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-11-06 92792] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- info.txt logfile of random's system information tool 1.06 2010-02-25 15:28:03 ======Uninstall list====== -->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL -->C:\WINDOWS\UNNeroVision.exe /UNINSTALL -->C:\WINDOWS\UNNMP.exe /UNINSTALL -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf AAA Logo 2009 Business Edition 3.0-->"C:\Program Files\AAALOGO2009\unins000.exe" Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001} Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7} avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup Bibliothèques GTK+ 2.12.12 rev a (supprimer uniquement)-->C:\Program Files\Fichiers communs\GTK\2.0\uninst.exe Calendrier Xtra v11.020-->"C:\Program Files\Calendrier\unins001.exe" Canon PhotoRecord-->MsiExec.exe /X{D958FAC4-BAE0-4B1D-A42E-DE9BFDE7DDEE} Canon PIXMA iP2000-->C:\WINDOWS\system32\CNMCP66.exe "-PRINTERNAMECanon PIXMA iP2000" "-HELPERDLLC:\BJPrinter\CNMWINDOWS\Canon PIXMA iP2000 Installer\Inst2\cnmis.dll" "-RCDLLC:\BJPrinter\CNMWINDOWS\Canon PIXMA iP2000 Installer\Inst2\cnmi040c.dll" Canon Utilities Easy-PhotoPrint-->C:\Program Files\Canon\Easy-PhotoPrint\uninst.exe C:\Program Files\Canon\Easy-PhotoPrint\uninst.ini Canon Utilities Easy-PrintToolBox-->C:\WINDOWS\BJPSUNST.EXE CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe" CDex extraction audio-->"C:\Program Files\CDex_170b2\uninstall.exe" CD-LabelPrint-->"C:\Program Files\Canon\CD-LabelPrint\Uninstal.exe" Canon.CDLabelPrint.Application CloneDVD2-->"C:\Program Files\Elaborate Bytes\CloneDVD2\CloneDVD2-uninst.exe" /D="C:\Program Files\Elaborate Bytes\CloneDVD2" Coffret de pilotes Logitech Legacy USB Camera-->"C:\Program Files\Fichiers communs\LogiShrd\LogiDriverStore\legacyqcam\10.51.2023\LgDrvInst.exe" -remove -instdir"C:\Program Files\Fichiers communs\LogiShrd\LogiDriverStore\legacyqcam\" -enumdelay=2000 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -promptuninstall -arpregkey"legacyqcam_10.51" /clone_wait /hide_progress Coffret de pilotes Logitech QuickCam-->"C:\Program Files\Fichiers communs\LogiShrd\LogiDriverStore\lvdrivers\11.50.1145\LgDrvInst.exe" -remove -instdir"C:\Program Files\Fichiers communs\LogiShrd\LogiDriverStore\lvdrivers\" -enumdelay=2000 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -promptuninstall -arpregkey"lvdrivers_11.50" /clone_wait /hide_progress Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE} ConvertHelper 2.2-->"C:\Program Files\ConvertHelper\unins000.exe" DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC EASEUS Partition Master 4.1.1 Home Edition-->"C:\Program Files\EASEUS\EASEUS Partition Master 4.1.1 Home Edition\unins000.exe" Flv Audio Extractor 1.04-->"C:\Program Files\Flv Audio Extractor\unins000.exe" Guitar Pro 5.2-->"C:\Program Files\Guitar Pro 5\unins000.exe" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Windows XP (KB915865)-->"C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe" Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31} Java 6 Update 14-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216014FF} Java 6 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060} Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070} Kaspersky On-line Scanner-->C:\WINDOWS\system32\KASPER~1\KASPER~1\kavuninstall.exe Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall LG PC Suite-->C:\Program Files\InstallShield Installation Information\{993960EE-CA4D-443F-8F88-E24260DD5FD2}\setup.exe -runfromtemp -l0x040c -removeonly Logitech Audio Echo Cancellation Component-->MsiExec.exe /X{BEF726DD-4037-4214-8C6A-E625C02D2870} Logitech QuickCam-->MsiExec.exe /X{945AC98B-3DC8-45BE-BAE0-22CEEE37A103} Logitech Video Enumerator-->MsiExec.exe /X{EA516024-D84D-41F1-814F-83175A6188F2} Macromedia Dreamweaver MX 2004-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{05BB2EC5-6BEF-4DDC-9E75-BEE7B161157A}\Setup.exe" -l0x40c mmUninstall ManyCam 2.4 (remove only)-->"C:\Program Files\ManyCam 2.4\uninstall.exe" Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C} Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128} Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31} Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft Money 2001-->MsiExec.exe /I{D085A1B6-90A4-11D3-82B7-00C04FA309DE} Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Office XP Professional avec FrontPage-->MsiExec.exe /I{9028040C-6000-11D3-8CFE-0050048383C9} Microsoft Publisher 2002-->MsiExec.exe /I{90190409-6000-11D3-8CFE-0050048383C9} Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe Mozilla Firefox (3.5.7)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E} MVision-->MsiExec.exe /I{35725FBC-A136-4A46-9F29-091759D9BB93} Nero Suite-->C:\Program Files\Fichiers communs\Nero\Uninstall\setupx.exe /uninstall ExtraUninstallID="" NewsLeecher v4.0 Beta 2-->"C:\Program Files\NewsLeecher4\unins000.exe" Norton Ghost-->MsiExec.exe /I{B0255743-165B-4BD5-8DA8-37DFB9930014} Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe" QuickPar 0.9-->C:\Program Files\QuickPar\uninst.exe Real Alternative 1.9.0-->"C:\Program Files\Real Alternative\unins000.exe" Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x40c -removeonly SC Ver 2.69-->"C:\Program Files\SC\unins000.exe" Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} Shared Add-in Extensibility Update for Microsoft .NET Framework 2.0 (KB908002)-->MsiExec.exe /X{09959E11-AD5D-408E-96AF-E3346954D6B8} Shared Add-in Support Update for Microsoft .NET Framework 2.0 (KB908002)-->MsiExec.exe /X{64F3B15C-24C7-4B2B-9B72-65CCBBD7F06B} Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" TeamViewer 4-->C:\Program Files\TeamViewer\Version4\uninstall.exe TubeMaster++ 1.2-->"F:\Program Files\tubemaster\TubeMaster++\unins000.exe" vanBasco's Karaoke Player-->C:\Program Files\vanBasco's Karaoke Player\uninst.exe VLC media player 1.0.0-->C:\Program Files\VideoLAN\VLC\uninstall.exe WBFS Manager 3.0-->C:\Program Files\WBFS\WBFS Manager 3.0\uninstall.exe Windows Genuine Advantage v1.3.0254.0-->MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91} Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe" Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe" Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe" Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956} Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1} Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" WinPcap 4.0.2-->C:\Program Files\WinPcap\uninstall.exe XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe" ======Hosts File====== 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com ======Security center information====== AV: avast! antivirus 4.8.1368 [VPS 100224-1] ======System event log====== Computer Name: XPSP2-209D8CC83 Event Code: 7036 Message: Le service Gestionnaire de connexions d'accès distant est entré dans l'état : en cours d'exécution. Record Number: 18501 Source Name: Service Control Manager Time Written: 20100115082040.000000+060 Event Type: Informations User: Computer Name: XPSP2-209D8CC83 Event Code: 7035 Message: Un contrôle Démarrer a correctement été envoyé au service Distributed Transaction Coordinator. Record Number: 18500 Source Name: Service Control Manager Time Written: 20100115082027.000000+060 Event Type: Informations User: AUTORITE NT\SYSTEM Computer Name: XPSP2-209D8CC83 Event Code: 7036 Message: Le service Service de la passerelle de la couche Application est entré dans l'état : en cours d'exécution. Record Number: 18499 Source Name: Service Control Manager Time Written: 20100115082027.000000+060 Event Type: Informations User: Computer Name: XPSP2-209D8CC83 Event Code: 7036 Message: Le service Gestionnaire de comptes de sécurité est entré dans l'état : en cours d'exécution. Record Number: 18498 Source Name: Service Control Manager Time Written: 20100115082027.000000+060 Event Type: Informations User: Computer Name: XPSP2-209D8CC83 Event Code: 7035 Message: Un contrôle Démarrer a correctement été envoyé au service Service de la passerelle de la couche Application. Record Number: 18497 Source Name: Service Control Manager Time Written: 20100115082027.000000+060 Event Type: Informations User: AUTORITE NT\SYSTEM =====Application event log===== Computer Name: XPSP2-209D8CC83 Event Code: 101 Message: MsnMsgr (1836) Le moteur de base de données est arrêté. Record Number: 8181 Source Name: ESENT Time Written: 20091019183711.000000+120 Event Type: Informations User: Computer Name: XPSP2-209D8CC83 Event Code: 103 Message: MsnMsgr (1836) \\.\C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\xxx@hotmail.fr\SharingMetadata\Working\database_7C0C_4464_C44_1B90\dfsr.db: Le moteur de base de données a arrêté une instance (0). Record Number: 8180 Source Name: ESENT Time Written: 20091019183711.000000+120 Event Type: Informations User: Computer Name: XPSP2-209D8CC83 Event Code: 102 Message: MsnMsgr (1836) \\.\C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\xxx@hotmail.fr\SharingMetadata\Working\database_7C0C_4464_C44_1B90\dfsr.db: Le moteur de base de données a démarré une nouvelle instance (0). Record Number: 8179 Source Name: ESENT Time Written: 20091019181157.000000+120 Event Type: Informations User: Computer Name: XPSP2-209D8CC83 Event Code: 100 Message: MsnMsgr (1836) Le moteur de base de données 5.01.2600.2180 est démarré. Record Number: 8178 Source Name: ESENT Time Written: 20091019181155.000000+120 Event Type: Informations User: Computer Name: XPSP2-209D8CC83 Event Code: 101 Message: MsnMsgr (1836) Le moteur de base de données est arrêté. Record Number: 8177 Source Name: ESENT Time Written: 20091019175911.000000+120 Event Type: Informations User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 10 Stepping 0, AuthenticAMD "PROCESSOR_REVISION"=0a00 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP -----------------EOF-----------------
×
×
  • Créer...