alma

voici Stealth MBR rootkit detector 0.2.4 by Gmer, http://www.gmer.net device: opened successfully user: MBR read successfully kernel: MBR read successfully user & kernel MBR OK

rien de tout cela j'allume mon pc et voici ce que j'ai -ecran noir avec le message caution: this hard disk may be infected by virus! et apres lorsque j'appui sur une touche l'ordi continu a se charge normalement

je sais cela a fonctionne 3 ou 4 jrs puis plouf enfin voici le rapport Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:02, on 2008-09-05 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\brsvc01a.exe C:\WINDOWS\system32\brss01a.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\QuickTime\QTTask.exe C:\Program Files\Brother\ControlCenter3\brccMCtl.exe C:\Program Files\Brother\Brmfcmon\BrMfimon.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Program Files\Secunia\PSI (RC3)\psi.exe C:\WINDOWS\explorer.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\DAP\DAP.EXE C:\hjt\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aliceadsl.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\WINDOWS\ASScrProlog.exe O4 - HKLM\..\Run: [brMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" O4 - HKLM\..\Run: [indexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NVMCTRAY.DLL,NvTaskbarInit O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Secunia PSI (RC3).lnk = C:\Program Files\Secunia\PSI (RC3)\psi.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://F:\OFFICE\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: http://www.aliceadsl.fr O15 - Trusted Zone: http://www.zebulon.fr O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab2.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1203294740609 O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownlo...iaSmartScan.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichier...ion_3_0_2_0.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Unknown owner - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe (file missing) O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe O23 - Service: GhostStartService - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: Norton Ghost - Symantec Corporation - F:\Program Files\ghost12\Agent\VProSvc.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 9788 bytes

bonjour losque j'allume mon pc la premiere chose que je vois c'est le message suivant : caution: this hard disk may be infected by virus! que dois je faire merci

apparament oui j'ai telecharge l'exe on verra plus tard pour la suite merci

merci encore

j'ai essayé et voici ce qui arrive je tappe bien http://www.acronis.fr/homecomputing/download/trueimage/ jarrive bien sur le cite d'acronis et lorsque je clique sur le lien francais Forbidden You don't have permission to access /homecomputing/download/link/ on this server. Apache/2.0.52 (Red Hat) DAV/2 mod_python/3.1.3 Python/2.3.4 Server at fr.acronis.com Port 80 j'ai essayé sous internet et sous mozilla les messages d'erreurs sont identiques

je ne parle pas de celui la :Le lien est direct pour télécharger l'outil de suppression de Norton : ftp://ftp.symantec.com/public/francais/re...emoval_Tool.exe mais je parle de acronis true image 11 en faisant une recharche sur google: http://fr.acronis.com/homecomputing/produc...CFQdLtAodYA1yZg

oui sur le site il n'y a pas de lien valable en francais et en chargement anglais ca ne fonctionne pas une fois le chargement fait

juste un petit renseignement je cherche a tester acronis true image impossible a charger !!!! je veux bien payer mais apres un test

OK et merci pour toute l'aide

bon maintenant tout est ok?

la connection tourne bien pas de pb mais pourquoi ds le dernier rapport il y des trucs comme: Norman 5.80.02 2008.08.29 - Panda 9.0.0.4 2008.08.30 - cela fait 3ans que je les ai virés

he voici Fichier flashax.exe reçu le 2008.08.30 18:44:37 (CET) Antivirus Version Dernière mise à jour Résultat AhnLab-V3 2008.8.29.0 2008.08.29 - AntiVir 7.8.1.23 2008.08.30 - Authentium 5.1.0.4 2008.08.30 - Avast 4.8.1195.0 2008.08.30 - AVG 8.0.0.161 2008.08.29 - BitDefender 7.2 2008.08.30 - CAT-QuickHeal 9.50 2008.08.29 - ClamAV 0.93.1 2008.08.30 - DrWeb 4.44.0.09170 2008.08.30 - eSafe 7.0.17.0 2008.08.28 - eTrust-Vet 31.6.6057 2008.08.29 - Ewido 4.0 2008.08.30 - F-Prot 4.4.4.56 2008.08.29 - F-Secure 7.60.13501.0 2008.08.30 - Fortinet 3.14.0.0 2008.08.30 - GData 19 2008.08.30 - Ikarus T3.1.1.34.0 2008.08.30 - K7AntiVirus 7.10.433 2008.08.30 - Kaspersky 7.0.0.125 2008.08.30 - McAfee 5373 2008.08.29 - Microsoft 1.3807 2008.08.25 - NOD32v2 3401 2008.08.30 - Norman 5.80.02 2008.08.29 - Panda 9.0.0.4 2008.08.30 - PCTools 4.4.2.0 2008.08.30 - Prevx1 V2 2008.08.30 - Rising 20.59.51.00 2008.08.30 - Sophos 4.33.0 2008.08.30 - Sunbelt 3.1.1592.1 2008.08.30 - Symantec 10 2008.08.30 - TheHacker 6.3.0.6.068 2008.08.30 - TrendMicro 8.700.0.1004 2008.08.29 - VBA32 3.12.8.4 2008.08.30 - ViRobot 2008.8.30.1357 2008.08.30 - VirusBuster 4.5.11.0 2008.08.30 - Webwasher-Gateway 6.6.2 2008.08.30 - Information additionnelle File size: 606848 bytes MD5...: a16126510106990df3e4445191adead8 SHA1..: 444b40b55c52b57472a6011ea7bdc5e2566e0242 SHA256: d3eb813e23cbbdc7c2b289e849064b1505f1d906b9c1d244d73a6f0702579598 SHA512: 7c5de3d51c9c3845237daf832cbff39b0d588826c1315ee944b528402c156a4e<br>945eb9f936fe0c9dcf455506a6c7b65bfe5aef39f02e91dbb4bbc3ffe9163df8 PEiD..: - TrID..: File type identification<br>Win32 Executable MS Visual C++ 4.x (58.5%)<br>InstallShield setup (18.7%)<br>Win32 Executable MS Visual C++ (generic) (16.3%)<br>Win32 Executable Generic (3.7%)<br>Win16/32 Executable Delphi generic (0.9%) PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x10065c0<br>timedatestamp.....: 0x32d64001 (Fri Jan 10 13:11:29 1997)<br>machinetype.......: 0x14c (I386)<br><br>( 4 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x1000 0xf78c 0xf800 6.50 76d3a10694feea19b07d36ef95096717<br>.data 0x11000 0x941c 0x3400 1.90 14ad842169a441882dfc3613c64c88d0<br>.rsrc 0x1b000 0x7e000 0x7dc00 7.95 29661ae0cb7392a9d3a623bd184011b6<br>.reloc 0x99000 0x1848 0x1a00 5.58 531fb64130d5b5539ef767bd8109c292<br><br>( 6 imports ) <br>> ADVAPI32.dll: RegDeleteValueA, EqualSid, AllocateAndInitializeSid, GetTokenInformation, OpenProcessToken, AdjustTokenPrivileges, LookupPrivilegeValueA, RegCloseKey, FreeSid, RegOpenKeyExA, RegSetValueExA, RegQueryValueExA, RegCreateKeyExA, RegOpenKeyA, RegQueryInfoKeyA<br>> KERNEL32.dll: lstrcatA, GetFileAttributesA, lstrlenA, lstrcmpiA, GetPrivateProfileStringA, GetCurrentProcess, GetPrivateProfileIntA, lstrcpyA, GetModuleFileNameA, RemoveDirectoryA, FindClose, FindNextFileA, DeleteFileA, SetFileAttributesA, lstrcmpA, FindFirstFileA, _lclose, _llseek, _lopen, GetWindowsDirectoryA, CreateDirectoryA, GetSystemDirectoryA, GlobalUnlock, GlobalFree, GlobalLock, GlobalAlloc, LoadResource, CreateMutexA, GetLastError, SetEvent, CreateEventA, SetCurrentDirectoryA, TerminateThread, ResetEvent, CreateThread, GetVersionExA, FormatMessageA, FreeLibrary, GetProcAddress, GetExitCodeProcess, WaitForSingleObject, CreateProcessA, GetTempPathA, LoadLibraryA, FreeResource, LockResource, SizeofResource, CreateFileA, ReadFile, WriteFile, LocalAlloc, SetFileTime, LocalFileTimeToFileTime, DosDateTimeToFileTime, GetTempFileNameA, GetSystemInfo, GetDiskFreeSpaceA, FindResourceA, GetDriveTypeA, GetVolumeInformationA, GetCurrentDirectoryA, LoadLibraryExA, GetModuleHandleA, GetStartupInfoA, GetCommandLineA, GetVersion, ExitProcess, TerminateProcess, LocalFree, UnhandledExceptionFilter, FreeEnvironmentStringsA, MultiByteToWideChar, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, WideCharToMultiByte, GetCPInfo, GetACP, GetOEMCP, SetHandleCount, GetFileType, GetStdHandle, DeleteCriticalSection, GetCurrentThreadId, TlsSetValue, TlsAlloc, SetLastError, TlsGetValue, HeapDestroy, HeapCreate, VirtualFree, InitializeCriticalSection, EnterCriticalSection, LeaveCriticalSection, LCMapStringA, LCMapStringW, GetStringTypeA, GetStringTypeW, HeapFree, HeapAlloc, VirtualAlloc, GetLocaleInfoA, GetLocaleInfoW, FlushFileBuffers, SetStdHandle, CloseHandle, lstrcpynA, SetFilePointer, RtlUnwind<br>> GDI32.dll: GetDeviceCaps<br>> USER32.dll: PeekMessageA, LoadStringA, GetDesktopWindow, wsprintfA, ExitWindowsEx, CharPrevA, CharNextA, SetWindowLongA, GetWindowLongA, CallWindowProcA, GetDlgItem, SetForegroundWindow, SetWindowTextA, SendDlgItemMessageA, GetDlgItemTextA, EnableWindow, SendMessageA, SetDlgItemTextA, DispatchMessageA, MsgWaitForMultipleObjects, MessageBoxA, SetWindowPos, ReleaseDC, GetDC, GetWindowRect, ShowWindow, DialogBoxIndirectParamA, MessageBeep, EndDialog<br>> COMCTL32.dll: -<br>> VERSION.dll: GetFileVersionInfoA, GetFileVersionInfoSizeA, VerQueryValueA<br><br>( 0 exports ) <br> packers (F-Prot): CAB Antivirus Version Dernière mise à jour Résultat AhnLab-V3 2008.8.29.0 2008.08.29 - AntiVir 7.8.1.23 2008.08.30 - Authentium 5.1.0.4 2008.08.30 - Avast 4.8.1195.0 2008.08.30 - AVG 8.0.0.161 2008.08.29 - BitDefender 7.2 2008.08.30 - CAT-QuickHeal 9.50 2008.08.29 - ClamAV 0.93.1 2008.08.30 - DrWeb 4.44.0.09170 2008.08.30 - eSafe 7.0.17.0 2008.08.28 - eTrust-Vet 31.6.6057 2008.08.29 - Ewido 4.0 2008.08.30 - F-Prot 4.4.4.56 2008.08.29 - F-Secure 7.60.13501.0 2008.08.30 - Fortinet 3.14.0.0 2008.08.30 - GData 19 2008.08.30 - Ikarus T3.1.1.34.0 2008.08.30 - K7AntiVirus 7.10.433 2008.08.30 - Kaspersky 7.0.0.125 2008.08.30 - McAfee 5373 2008.08.29 - Microsoft 1.3807 2008.08.25 - NOD32v2 3401 2008.08.30 - Norman 5.80.02 2008.08.29 - Panda 9.0.0.4 2008.08.30 - PCTools 4.4.2.0 2008.08.30 - Prevx1 V2 2008.08.30 - Rising 20.59.51.00 2008.08.30 - Sophos 4.33.0 2008.08.30 - Sunbelt 3.1.1592.1 2008.08.30 - Symantec 10 2008.08.30 - TheHacker 6.3.0.6.068 2008.08.30 - TrendMicro 8.700.0.1004 2008.08.29 - VBA32 3.12.8.4 2008.08.30 - ViRobot 2008.8.30.1357 2008.08.30 - VirusBuster 4.5.11.0 2008.08.30 - Webwasher-Gateway 6.6.2 2008.08.30 - Information additionnelle File size: 606848 bytes MD5...: a16126510106990df3e4445191adead8 SHA1..: 444b40b55c52b57472a6011ea7bdc5e2566e0242 SHA256: d3eb813e23cbbdc7c2b289e849064b1505f1d906b9c1d244d73a6f0702579598 SHA512: 7c5de3d51c9c3845237daf832cbff39b0d588826c1315ee944b528402c156a4e<br>945eb9f936fe0c9dcf455506a6c7b65bfe5aef39f02e91dbb4bbc3ffe9163df8 PEiD..: - TrID..: File type identification<br>Win32 Executable MS Visual C++ 4.x (58.5%)<br>InstallShield setup (18.7%)<br>Win32 Executable MS Visual C++ (generic) (16.3%)<br>Win32 Executable Generic (3.7%)<br>Win16/32 Executable Delphi generic (0.9%) PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x10065c0<br>timedatestamp.....: 0x32d64001 (Fri Jan 10 13:11:29 1997)<br>machinetype.......: 0x14c (I386)<br><br>( 4 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x1000 0xf78c 0xf800 6.50 76d3a10694feea19b07d36ef95096717<br>.data 0x11000 0x941c 0x3400 1.90 14ad842169a441882dfc3613c64c88d0<br>.rsrc 0x1b000 0x7e000 0x7dc00 7.95 29661ae0cb7392a9d3a623bd184011b6<br>.reloc 0x99000 0x1848 0x1a00 5.58 531fb64130d5b5539ef767bd8109c292<br><br>( 6 imports ) <br>> ADVAPI32.dll: RegDeleteValueA, EqualSid, AllocateAndInitializeSid, GetTokenInformation, OpenProcessToken, AdjustTokenPrivileges, LookupPrivilegeValueA, RegCloseKey, FreeSid, RegOpenKeyExA, RegSetValueExA, RegQueryValueExA, RegCreateKeyExA, RegOpenKeyA, RegQueryInfoKeyA<br>> KERNEL32.dll: lstrcatA, GetFileAttributesA, lstrlenA, lstrcmpiA, GetPrivateProfileStringA, GetCurrentProcess, GetPrivateProfileIntA, lstrcpyA, GetModuleFileNameA, RemoveDirectoryA, FindClose, FindNextFileA, DeleteFileA, SetFileAttributesA, lstrcmpA, FindFirstFileA, _lclose, _llseek, _lopen, GetWindowsDirectoryA, CreateDirectoryA, GetSystemDirectoryA, GlobalUnlock, GlobalFree, GlobalLock, GlobalAlloc, LoadResource, CreateMutexA, GetLastError, SetEvent, CreateEventA, SetCurrentDirectoryA, TerminateThread, ResetEvent, CreateThread, GetVersionExA, FormatMessageA, FreeLibrary, GetProcAddress, GetExitCodeProcess, WaitForSingleObject, CreateProcessA, GetTempPathA, LoadLibraryA, FreeResource, LockResource, SizeofResource, CreateFileA, ReadFile, WriteFile, LocalAlloc, SetFileTime, LocalFileTimeToFileTime, DosDateTimeToFileTime, GetTempFileNameA, GetSystemInfo, GetDiskFreeSpaceA, FindResourceA, GetDriveTypeA, GetVolumeInformationA, GetCurrentDirectoryA, LoadLibraryExA, GetModuleHandleA, GetStartupInfoA, GetCommandLineA, GetVersion, ExitProcess, TerminateProcess, LocalFree, UnhandledExceptionFilter, FreeEnvironmentStringsA, MultiByteToWideChar, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, WideCharToMultiByte, GetCPInfo, GetACP, GetOEMCP, SetHandleCount, GetFileType, GetStdHandle, DeleteCriticalSection, GetCurrentThreadId, TlsSetValue, TlsAlloc, SetLastError, TlsGetValue, HeapDestroy, HeapCreate, VirtualFree, InitializeCriticalSection, EnterCriticalSection, LeaveCriticalSection, LCMapStringA, LCMapStringW, GetStringTypeA, GetStringTypeW, HeapFree, HeapAlloc, VirtualAlloc, GetLocaleInfoA, GetLocaleInfoW, FlushFileBuffers, SetStdHandle, CloseHandle, lstrcpynA, SetFilePointer, RtlUnwind<br>> GDI32.dll: GetDeviceCaps<br>> USER32.dll: PeekMessageA, LoadStringA, GetDesktopWindow, wsprintfA, ExitWindowsEx, CharPrevA, CharNextA, SetWindowLongA, GetWindowLongA, CallWindowProcA, GetDlgItem, SetForegroundWindow, SetWindowTextA, SendDlgItemMessageA, GetDlgItemTextA, EnableWindow, SendMessageA, SetDlgItemTextA, DispatchMessageA, MsgWaitForMultipleObjects, MessageBoxA, SetWindowPos, ReleaseDC, GetDC, GetWindowRect, ShowWindow, DialogBoxIndirectParamA, MessageBeep, EndDialog<br>> COMCTL32.dll: -<br>> VERSION.dll: GetFileVersionInfoA, GetFileVersionInfoSizeA, VerQueryValueA<br><br>( 0 exports ) <br> packers (F-Prot): CAB

voici les deux fichiers temps desirés ils sont tout de meme sortis Logfile of random's system information tool (written by random/random) Run by alain at 2008-08-30 18:17:51 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 11 GB (29%) free of 39 GB Total RAM: 509 MB (46% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:18:03, on 30/08/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\brss01a.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Brother\ControlCenter3\brccMCtl.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\QuickTime\QTTask.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Brother\Brmfcmon\BrMfimon.exe C:\Program Files\Secunia\PSI (RC3)\psi.exe C:\Program Files\WinZip\WZQKPICK.EXE F:\Program Files\torrent\uTorrent.exe F:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\DAP\DAP.EXE C:\Documents and Settings\alain\Bureau\RSIT.exe C:\Documents and Settings\alain\Bureau\alain.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aliceadsl.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\WINDOWS\ASScrProlog.exe O4 - HKLM\..\Run: [brMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" O4 - HKLM\..\Run: [indexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NVMCTRAY.DLL,NvTaskbarInit O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Secunia PSI (RC3).lnk = C:\Program Files\Secunia\PSI (RC3)\psi.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://F:\OFFICE\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: http://www.aliceadsl.fr O15 - Trusted Zone: http://www.zebulon.fr O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab2.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1203294740609 O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownlo...iaSmartScan.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichier...ion_3_0_2_0.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe O23 - Service: GhostStartService - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: Norton Ghost - Symantec Corporation - F:\Program Files\ghost12\Agent\VProSvc.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 9768 bytes Scheduled tasks folder C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\Maintenance en 1 clic.job Registry dump [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Sign-in Helper - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-12-14 392240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2008-04-17 2436160] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll [2008-02-19 654320] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2008-04-17 2436160] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"=C:\WINDOWS\s [2008-08-30 801349632] "NeroFilterCheck"=C:\WINDOWS\s [2008-08-30 801349632] "nwiz"=C:\WINDOWS\s [2008-08-30 801349632] "NvMediaCenter"=C:\WINDOWS\s [2008-08-30 801349632] "ASUS Camera ScreenSaver"=C:\WINDOWS\A [2008-08-30 801349632] "BrMfcWnd"=C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2007-03-23 663552] "SSBkgdUpdate"=C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472] "PaperPort PTD"=C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2007-01-29 30248] "IndexSearch"=C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2007-01-29 46632] "PPort11reminder"=C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [2007-02-01 255528] "ControlCenter3"=C:\Program Files\Brother\ControlCenter3\brctrcen.exe [2007-12-21 86016] "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784] "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-05-27 413696] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "*___MsiRebootRequired___"=C:\WINDOWS\s [2008-08-30 801349632] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\s [2008-08-30 801349632] "NvMediaCenter"=C:\WINDOWS\s [2008-08-30 801349632] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-02-19 68856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2007-03-23 663552] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe [2007-12-21 86016] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD] C:\WINDOWS\s [2008-08-30 801349632] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2007-01-29 46632] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlus3] C:\Program Files\MessengerPlus! 3\MsgPlus.exe [2008-02-19 190024] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBJ] C:\Program Files\Ahead\Nero BackItUp\NBJ.exe [2006-09-15 2048000] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2007-01-29 30248] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck] C:\WINDOWS\s [2008-08-30 801349632] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PPort11reminder] C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [2007-02-01 255528] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\qttask.exe [2008-05-27 413696] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate] C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-02-19 68856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^alain^Menu Démarrer^Programmes^Démarrage^MagicDisc.lnk] C:\WINDOWS\s [2008-08-30 801349632] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE C:\Documents and Settings\alain\Menu Démarrer\Programmes\Démarrage Secunia PSI (RC3).lnk - C:\Program Files\Secunia\PSI (RC3)\psi.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="sockspy.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\s [2008-08-30 801349632] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=msapsspc.dll schannel.dll digest.dll msnsspc.dll [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Pinnacle\Studio 11\programs\PMSRegisterFile.exe"="C:\Program Files\Pinnacle\Studio 11\programs\PMSRegisterFile.exe:*:Disabled:PMSRegisterFile" "C:\Program Files\Pinnacle\Studio 11\programs\RM.exe"="C:\Program Files\Pinnacle\Studio 11\programs\RM.exe:*:Disabled:Render Manager" "C:\Program Files\Pinnacle\Studio 11\programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 11\programs\Studio.exe:*:Disabled:Studio" "C:\Program Files\Pinnacle\Studio 11\programs\umi.exe"="C:\Program Files\Pinnacle\Studio 11\programs\umi.exe:*:Disabled:umi" "F:\Program Files\torrent\uTorrent.exe"="F:\Program Files\torrent\uTorrent.exe:*:Enabled:µTorrent" "C:\Program Files\DAP\DAP.exe"="C:\Program Files\DAP\DAP.exe:*:Enabled:Download Accelerator Plus (DAP)" "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Disabled:maconfservice" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1a0d7b4d-e061-11dc-8954-003005350bf8}] shell\AutoRun\command - R:\InstallTomTomHOME.exe File associations .reg - open - regedit.exe "%1" %* .scr - open - "%1" %* List of files/folders created in the last three months 2008-08-30 18:11:21 ----D---- C:\rsit 2008-08-30 17:51:50 ----D---- C:\WINDOWS\LastGood 2008-08-30 10:54:25 ----D---- C:\Program Files\Sun 2008-08-30 10:54:04 ----A---- C:\WINDOWS\system32\javaws.exe 2008-08-30 10:54:04 ----A---- C:\WINDOWS\system32\javaw.exe 2008-08-30 10:54:04 ----A---- C:\WINDOWS\system32\java.exe 2008-08-30 10:45:41 ----D---- C:\Documents and Settings\alain\Application Data\vlc 2008-08-30 09:39:10 ----D---- C:\Documents and Settings\All Users\Application Data\WinZip 2008-08-30 09:33:09 ----D---- C:\Program Files\VideoLAN 2008-08-30 09:20:48 ----D---- C:\Documents and Settings\All Users\Application Data\Apple 2008-08-30 09:10:57 ----D---- C:\Program Files\Secunia 2008-08-30 00:23:46 ----A---- C:\WINDOWS\gmer.ini 2008-08-30 00:23:44 ----A---- C:\WINDOWS\gmer_uninstall.cmd 2008-08-30 00:23:44 ----A---- C:\WINDOWS\gmer.exe 2008-08-30 00:23:44 ----A---- C:\WINDOWS\gmer.dll 2008-08-29 18:41:02 ----D---- C:\Documents and Settings\alain\Application Data\AdobeUM 2008-08-29 18:32:27 ----D---- C:\Program Files\Windows Installer Clean Up 2008-08-29 18:32:09 ----D---- C:\Program Files\MSECACHE 2008-08-29 18:00:39 ----D---- C:\WINDOWS\system32\Adobe 2008-08-29 15:03:48 ----N---- C:\WINDOWS\system32\BrfxD05a.dll 2008-08-28 22:41:30 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft 2008-08-28 19:22:11 ----D---- C:\Program Files\Avira 2008-08-28 19:22:11 ----D---- C:\Documents and Settings\All Users\Application Data\Avira 2008-08-28 14:43:15 ----D---- C:\WINDOWS\ShellNew 2008-08-28 10:50:03 ----D---- C:\Documents and Settings\alain\Application Data\Talkback 2008-08-28 10:47:39 ----D---- C:\Documents and Settings\alain\Application Data\Thunderbird 2008-08-27 21:46:21 ----D---- C:\SDFix 2008-08-27 20:25:53 ----D---- C:\Documents and Settings\alain\Application Data\Malwarebytes 2008-08-27 20:25:37 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-08-27 20:25:36 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2008-08-27 12:35:10 ----D---- C:\Program Files\Mozilla Firefox 2008-08-27 10:28:43 ----A---- C:\WINDOWS\system32\BASSMOD.dll 2008-08-27 10:09:40 ----A---- C:\WINDOWS\system32\WkExt32.dll 2008-08-27 10:09:40 ----A---- C:\WINDOWS\system32\WibuXpm4J32.dll 2008-08-27 10:09:39 ----A---- C:\WINDOWS\system32\wibuKJni.dll 2008-08-27 10:09:38 ----A---- C:\WINDOWS\system32\WkDos.exe 2008-08-27 10:09:28 ----A---- C:\WINDOWS\system32\WkWin32.dll 2008-08-27 10:09:21 ----D---- C:\Program Files\WIBU-SYSTEMS 2008-08-27 10:09:21 ----D---- C:\Program Files\WIBUKEY 2008-08-27 10:07:31 ----D---- C:\Program Files\QuickTime 2008-08-27 10:05:40 ----D---- C:\Program Files\Apple Software Update 2008-08-27 10:05:15 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer 2008-08-26 19:57:07 ----SHD---- C:\found.001 2008-08-26 17:18:43 ----D---- C:\Program Files\Zone Labs 2008-08-26 13:17:40 ----D---- C:\Documents and Settings\alain\Application Data\Uniblue 2008-08-26 13:11:58 ----A---- C:\WINDOWS\PlotFlow.INI 2008-08-26 13:07:17 ----A---- C:\WINDOWS\IsUninst.exe 2008-08-26 10:23:45 ----HDC---- C:\WINDOWS\ie7 2008-08-26 10:05:29 ----HDC---- C:\WINDOWS\$NtUninstallKB953838$ 2008-08-25 18:22:46 ----D---- C:\Program Files\PowerQuest 2008-08-25 10:54:10 ----A---- C:\WINDOWS\system32\msvcp71.dll.gz 2008-08-25 10:54:10 ----A---- C:\WINDOWS\system32\mfc71.dll.gz 2008-08-24 22:09:51 ----D---- C:\Documents and Settings\alain\Application Data\Acronis 2008-08-24 21:24:43 ----D---- C:\Documents and Settings\All Users\Application Data\Acronis 2008-08-24 19:55:33 ----A---- C:\WINDOWS\system32\GEARAspi.dll 2008-08-24 19:02:48 ----D---- C:\Documents and Settings\alain\Application Data\Micro Application 2008-08-24 18:46:10 ----A---- C:\WINDOWS\system32\setupnt.dll 2008-08-22 20:19:14 ----D---- C:\Documentation en ligne 2008-08-22 20:16:40 ----D---- C:\$CTJTMP 2008-08-20 12:32:50 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$ 2008-08-20 12:31:40 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$ 2008-08-20 12:30:19 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$ 2008-08-20 12:28:49 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$ 2008-08-20 12:21:23 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$ 2008-08-20 12:19:50 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$ 2008-08-20 12:15:58 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$ 2008-08-02 13:57:51 ----A---- C:\WINDOWS\removeark.exe 2008-08-02 12:12:16 ----D---- C:\Program Files\SigmaTel 2008-08-01 19:20:02 ----A---- C:\fpnlogger.ini 2008-08-01 19:05:35 ----D---- C:\Zelio-program 2008-08-01 19:03:46 ----A---- C:\WINDOWS\ZelioSoft.ini 2008-07-21 20:34:24 ----R---- C:\WINDOWS\system32\BrDctF2S.dll 2008-07-21 20:34:24 ----R---- C:\WINDOWS\system32\BrDctF2L.dll 2008-07-21 20:34:24 ----R---- C:\WINDOWS\system32\BrDctF2.dll 2008-07-21 20:34:19 ----N---- C:\WINDOWS\system32\BroSNMP.dll 2008-07-21 20:32:16 ----A---- C:\WINDOWS\maxlink.ini 2008-07-16 01:10:49 ----A---- C:\WINDOWS\brmx2001.ini 2008-07-16 01:10:37 ----N---- C:\WINDOWS\system32\Pdrvinst.dll 2008-07-16 00:34:59 ----N---- C:\WINDOWS\system32\BrSti07a.dll 2008-07-12 14:35:59 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$ 2008-07-12 13:16:54 ----D---- C:\WINDOWS\system32\CatRoot_bak 2008-07-08 22:31:57 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$ 2008-07-05 00:37:13 ----SHD---- C:\found.000 2008-07-05 00:27:23 ----RSHD---- C:\cmdcons 2008-07-05 00:27:23 ----A---- C:\WINDOWS\UPGRADE.TXT 2008-07-05 00:27:21 ----D---- C:\WINDOWS\setup.pss 2008-07-05 00:26:51 ----D---- C:\WINDOWS\setupupd 2008-07-04 23:21:33 ----D---- C:\Program Files\sisagp 2008-07-04 23:12:22 ----D---- C:\Program Files\Realtek AC97 2008-07-04 23:12:22 ----A---- C:\WINDOWS\system32\RTLCPL.EXE 2008-07-04 23:12:20 ----A---- C:\WINDOWS\system32\RTLCPAPI.dll 2008-07-04 23:12:20 ----A---- C:\WINDOWS\SOUNDMAN.EXE 2008-07-04 23:12:18 ----A---- C:\WINDOWS\alcupd.exe 2008-07-04 23:12:18 ----A---- C:\WINDOWS\Alcrmv.exe 2008-07-04 22:28:27 ----D---- C:\Program Files\ma-config.com 2008-07-04 22:28:27 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com 2008-07-04 13:14:11 ----A---- C:\WINDOWS\system32\TuneUpDefragService.exe 2008-07-04 13:14:10 ----A---- C:\WINDOWS\system32\uxtuneup.dll 2008-07-04 11:34:55 ----A---- C:\WINDOWS\ASScrProlog.exe 2008-07-04 11:34:53 ----A---- C:\WINDOWS\LCD Demo.exe 2008-07-04 11:34:52 ----A---- C:\WINDOWS\ASUS LCD ScreenSaver Uninstaller.exe 2008-07-04 11:34:49 ----D---- C:\WINDOWS\Asus_LCD_ScreenSaver dir 2008-07-04 11:34:49 ----A---- C:\WINDOWS\impborl.dll 2008-07-04 11:34:49 ----A---- C:\WINDOWS\flashax.exe 2008-07-04 11:31:47 ----A---- C:\WINDOWS\Ascd_tmp.ini 2008-06-25 23:58:17 ----D---- C:\WINDOWS\pss 2008-06-23 21:07:51 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$ 2008-06-13 18:09:31 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$ 2008-06-13 18:08:29 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$ 2008-06-13 18:07:29 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$ 2008-06-13 18:06:26 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$ List of drivers R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\s [2008-08-30 801349632] R1 GhPciScan;GhostPciScanner; \??\C:\Program Files\Symantec\Norton Ghost 2003\ghpciscan.sys [] R1 InCDPass;InCDPass; C:\WINDOWS\S [2008-08-30 801349632] R1 incdrm;InCD Reader; C:\WINDOWS\s [2008-08-30 801349632] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\s [2008-08-30 801349632] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\s [2008-08-30 801349632] R1 KLIF;KLIF; C:\WINDOWS\s [2008-08-30 801349632] R1 LUMDriver;LUMDriver; \??\C:\WINDOWS\system32\drivers\LUMDriver.sys [] R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys [] R1 PQNTDrv;PQNTDrv; C:\WINDOWS\s [2008-08-30 801349632] R1 ssmdrv;ssmdrv; C:\WINDOWS\s [2008-08-30 801349632] R1 StarOpen;StarOpen; C:\WINDOWS\s [2008-08-30 801349632] R1 vsdatant;vsdatant; C:\WINDOWS\S [2008-08-30 801349632] R2 Aspi32;Aspi32; C:\WINDOWS\s [2008-08-30 801349632] R2 tifsfilter;Acronis True Image FS Filter; C:\WINDOWS\s [2008-08-30 801349632] R2 v2imount;Symantec V2i Mount Driver; C:\WINDOWS\s [2008-08-30 801349632] R2 WIBUKEY;WIBU-KEY Kernel Driver; C:\WINDOWS\S [2008-08-30 801349632] R3 AN983;ADMtek AN983/AN985/ADM951X 10/100Mbps Fast Ethernet Adapter; C:\WINDOWS\s [2008-08-30 801349632] R3 ASAPIW2K;ASAPIW2K; C:\WINDOWS\s [2008-08-30 801349632] R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [] R3 GEARAspiWDM;GearAspiWDM; C:\WINDOWS\s [2008-08-30 801349632] R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\s [2008-08-30 801349632] R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\s [2008-08-30 801349632] R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\s [2008-08-30 801349632] R3 mouhid;Pilote HID de souris; C:\WINDOWS\s [2008-08-30 801349632] R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\s [2008-08-30 801349632] R3 nv;nv; C:\WINDOWS\s [2008-08-30 801349632] R3 PSI;PSI; C:\WINDOWS\s [2008-08-30 801349632] R3 ReallusionVirtualAudio;Reallusion Virtual Audio; C:\WINDOWS\s [2008-08-30 801349632] R3 Slntamr;SmartLink AMR_PCI Driver; C:\WINDOWS\s [2008-08-30 801349632] R3 SlWdmSup;SlWdmSup; C:\WINDOWS\s [2008-08-30 801349632] R3 STAC97;Audio Driver (WDM) - SigmaTel CODEC; C:\WINDOWS\s [2008-08-30 801349632] R3 StillCam;Pilote d'appareil photo numérique série; C:\WINDOWS\s [2008-08-30 801349632] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\s [2008-08-30 801349632] R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\s [2008-08-30 801349632] R3 usbhub;Concentrateur USB2; C:\WINDOWS\s [2008-08-30 801349632] R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\s [2008-08-30 801349632] R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\s [2008-08-30 801349632] R3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\S [2008-08-30 801349632] R4 InCDfs;InCD File System; C:\WINDOWS\s [2008-08-30 801349632] S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\C:\WINDOWS\system32\drivers\NSDriver.sys [] S3 Ad-Watch Real-Time Scanner;AW Real-Time Scanner; \??\C:\WINDOWS\system32\drivers\AWRTPD.sys [] S3 Ad-Watch Registry Filter;Ad-Watch Registry Kernel Filter; \??\C:\WINDOWS\system32\drivers\AWRTRD.sys [] S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\s [2008-08-30 801349632] S3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\s [2008-08-30 801349632] S3 CamDrL;Logitech QuickCam Pro 3000(CamDrl); C:\WINDOWS\s [2008-08-30 801349632] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\s [2008-08-30 801349632] S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [] S3 gmer;gmer; C:\WINDOWS\S [2008-08-30 801349632] S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\s [2008-08-30 801349632] S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\s [2008-08-30 801349632] S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\s [2008-08-30 801349632] S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\s [2008-08-30 801349632] S3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\s [2008-08-30 801349632] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\s [2008-08-30 801349632] S3 Mtlstrm;Mtlstrm; C:\WINDOWS\s [2008-08-30 801349632] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\s [2008-08-30 801349632] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\s [2008-08-30 801349632] S3 NtMtlFax;NtMtlFax; C:\WINDOWS\s [2008-08-30 801349632] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\s [2008-08-30 801349632] S3 SlNtHal;SlNtHal; C:\WINDOWS\s [2008-08-30 801349632] S3 streamip;BDA IPSink; C:\WINDOWS\s [2008-08-30 801349632] S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\s [2008-08-30 801349632] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\s [2008-08-30 801349632] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\s [2008-08-30 801349632] S3 V90drv;v90drv; C:\WINDOWS\s [2008-08-30 801349632] S3 VProEventMonitor;Symantec Event Monitor Driver; C:\WINDOWS\s [2008-08-30 801349632] S3 WimFltr;WimFltr; C:\WINDOWS\s [2008-08-30 801349632] S3 WISTechVIDCAP;Dazzle DVC170; C:\WINDOWS\s [2008-08-30 801349632] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\s [2008-08-30 801349632] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\s [2008-08-30 801349632] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\s [2008-08-30 801349632] S4 IntelIde;IntelIde; C:\WINDOWS\s [2008-08-30 801349632] List of services R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-06-12 68865] R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-08-07 149761] R2 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2007-09-12 554352] R2 GhostStartService;GhostStartService; C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe [2002-08-14 200704] R2 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-07-12 137200] R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120] R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\s [2008-08-30 801349632] S2 Brother XP spl Service;BrSplService; C:\WINDOWS\s [2008-08-30 801349632] S2 Norton Ghost;Norton Ghost; F:\Program Files\ghost12\Agent\VProSvc.exe [2007-03-28 3290728] S2 UxTuneUp;TuneUp Extension de thème; C:\WINDOWS\S [2008-08-30 801349632] S2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\s [2008-08-30 801349632] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256] S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2007-09-12 2999664] S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2008-06-26 576680] S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\s [2008-08-30 801349632] S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\S [2008-08-30 801349632] S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\s [2008-08-30 801349632] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880] -----------------EOF----------------- info.txt logfile of random's system information tool 2008-08-30 18:32:38 Uninstall list -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7} Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001} Adobe SVG Viewer 3.0-->C:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Install.log Alice Auto-diagnostic-->C:\Program Files\TechCity Solutions\AliceSAV\uninstall.exe Apple Software Update-->MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F} Asus_LCD_ScreenSaver-->"C:\WINDOWS\ASUS LCD ScreenSaver Uninstaller.exe" Avery DesignPro-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2CC982C0-7EAE-11D4-ACC3-0050568AD318}\setup.exe" -uninst Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE BIAS SoundSoap PE 2.1-->MsiExec.exe /I{42442CA9-90E6-4011-BB55-7C263F6D5EC1} Brother BRAdmin Light 1.09-->C:\Program Files\InstallShield Installation Information\{DB75941E-30C4-4D97-B000-D17C764B998C}\Setup.exe -runfromtemp -l0x040c -removeonly -removeonly Brother Driver Deployment Wizard-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0ED38503-B69A-44B4-98BE-21BFF284A9B6}\setup.exe" -l0x40c -uninst -removeonly Brother MFL-Pro Suite-->"C:\Program Files\InstallShield Installation Information\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Setup.exe" -runfromtemp -l0x040c Brunin03.dll -removeonly Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" CrazyTalk Cam Suite-->C:\Program Files\InstallShield Installation Information\{D1504C77-1B19-4AF0-8DEC-946666123B55}\setup.exe -runfromtemp -l0x040c -removeonly /remove CrazyTalk v4.6 Messenger-->C:\Program Files\InstallShield Installation Information\{40B3D357-96DE-4889-A8F4-C533A39E3608}\setup.exe -runfromtemp -l0x040c -removeonly /remove DivX 5.0.2 Bundle-->C:\WINDOWS\unvise32.exe C:\Program Files\DivX\uninstal.log DivX Video Duplicator-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7CCFADC3-60C4-4DD2-A843-171FAFB9467A}\setup.exe" -l0x40c ControlPanel Download Accelerator Plus (DAP)-->C:\PROGRA~1\DAP\DAPREMOVE.EXE EVEREST Home Edition v2.20-->"F:\ENTRETIEN\EVEREST Home Edition\EVEREST Home Edition\unins000.exe" FaceFilter Studio Brother Edition-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F59205C8-E5FB-43F5-AAB2-16C1760D4F59}\Setup.exe" -l0x40c /uninstall Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29} Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll" HijackThis 2.0.2-->"C:\Documents and Settings\alain\Bureau\HijackThis.exe" /uninstall Hotfix for Microsoft .NET Framework 3.0 (KB932471)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {ECD292A0-0347-4244-8C24-5DBCE990FB40} /package {BAF78226-3200-4DB4-BE33-4D922A799840} Huge Pine USB to UART Driver -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F06FCDEC-5AB3-4927-A3E7-36AF98A8E05C}\setup.exe" -l0x40c -removeonly InCD-->C:\WINDOWS\NuNInst.exe /UNINSTALL IZArc 3.81-->"C:\Program Files\IZArc\unins000.exe" J2SE Runtime Environment 5.0-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150000} Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070} Java SE Runtime Environment 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000} Kit de Connexion Alice ADSL-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3A0221AD-D30B-4320-8F9B-1D0F0E6C6843}\setup.exe" -l0x40c ControlPanel L&H TTS3000 Français-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\LHTTSFRF.inf, Uninstall Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall LifeFrame2-->MsiExec.exe /I{1DBD1F12-ED93-49C0-A7CC-56CBDE488158} LiveReg (Symantec Corporation)-->C:\Program Files\Fichiers communs\Symantec Shared\LiveReg\VcSetup.exe /REMOVE LiveUpdate 3.2 (Symantec Corporation)-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U Ma-Config.com-->MsiExec.exe /X{06526E3A-92DD-4F45-90CD-902953F1A8D2} Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Messenger Plus! 3-->"C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /Remove Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700} Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA-->MsiExec.exe /I{3F7924B9-D148-3141-87B1-68F36043A940} Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28} Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - FRA-->MsiExec.exe /I{511DF669-2930-30C0-8EB6-552887E29EC8} Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783} Microsoft Baseline Security Analyzer 2.1-->MsiExec.exe /I{6AF5CAB9-FD0A-494F-8AA6-784D4B5D06C5} Microsoft Office XP Professional avec FrontPage-->MsiExec.exe /I{9028040C-6000-11D3-8CFE-0050048383C9} Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950749)-->"C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Mozilla Firefox (3.0.1)-->F:\Program Files\Mozilla Firefox\uninstall\helper.exe MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC} MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E} Nero 6-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL Nero BurnRights-->C:\WINDOWS\UNNeroBurnRights.exe /UNINSTALL Nero Digital-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL Nero Media Player-->C:\WINDOWS\UNNMP.exe /UNINSTALL NeroVision Express Content-->C:\WINDOWS\UNNVEContent.exe /UNINSTALL Norton Ghost-->MsiExec.exe /I{6975E810-C92F-45F0-0BFD-187B312F10E8} Norton Ghost-->MsiExec.exe /I{B0255743-165B-4BD5-8DA8-37DFB9930012} NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI NVIDIA Windows 2000/XP Display Drivers-->rundll32.exe C:\WINDOWS\system32\nvinstnt.dll,NvUninstallNT4 nv4_disp.inf OpenOffice.org Installer 1.0-->MsiExec.exe /X{3A2AF807-9F9F-43C9-A24A-17B617238B74} Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall PaperPort Image Printer-->MsiExec.exe /X{332CC6BF-E6C7-48EE-BA3D-435E576AD67F} Photo et imagerie HP 1.0 - HP PSC - HP OfficeJet-->C:\Program Files\Hewlett-Packard\Digital Imaging\AiODriver\Drivers\Uninst\fra\hposcr01.exe -forcereboot -datfile hposcr01.dat Photorécit 3 pour Windows-->MsiExec.exe /I{4F41AD68-89F2-4262-A32C-2F70B01FCE9E} Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe" Pinnacle Instant DVD Recorder-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}\Setup.exe" -l0x40c UNINSTALL Pinnacle Systems USB-2 Device Drivers-->MsiExec.exe /X{9870C7AE-7C6A-478D-9A75-35827382220F} PowerQuest BootMagic 8.0-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{B838AD63-FD0C-482C-B124-7116748BAC45} PowerQuest PartitionMagic 8.0-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{6BE2A4A4-99FB-48ED-AE1E-4E850389F804} proDAD Heroglyph 2.5-->"C:\Program Files\proDAD\Heroglyph-2.5\uninstall.exe" uninstall spcp PATHVERSION 2.5 MAINNAME Heroglyph proDAD Vitascene 1.0-->"C:\Program Files\proDAD\Vitascene-1.0\uninstall.exe" uninstall spcp PATHVERSION 1.0 MAINNAME Vitascene QuickTime-->MsiExec.exe /I{08CA9554-B5FE-4313-938F-D4A417B81175} ScanSoft PaperPort 11-->MsiExec.exe /I{B6C89654-A6A2-477C-873B-724EC1C56407} Secunia PSI (RC3)-->"C:\Program Files\Secunia\PSI (RC3)\uninstall.exe" Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} SiSAGP driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DC226AC9-0314-496C-BE6A-B6A132628466}\setup.exe" -l0x40c Smart Link 56K Voice Modem-->C:\WINDOWS\Modio\SLAMRNTV\slclean.exe Studio 11 Bonus DVD-->C:\Program Files\InstallShield Installation Information\{45A1BF92-700A-4408-B95E-79F462E3D67D}\setup.exe -runfromtemp -l0x040c UNINSTALL -removeonly Studio 11-->C:\Program Files\InstallShield Installation Information\{110B1ADF-2EAE-4E8F-B501-D2A1E6D8ED9D}\Setup2.exe -runfromtemp -l0x040c UNINSTALL -removeonly Studio Ultimate-->C:\Program Files\InstallShield Installation Information\{CC874CBB-BD87-4126-9465-AE73BB62D6E0}\setup.exe -runfromtemp -l0x040c -removeonly System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe TuneUp Utilities 2008-->MsiExec.exe /I{5888428E-699C-4E71-BF71-94EE06B497DA} VC_MergeModuleToMSI-->MsiExec.exe /I{900A92BA-19EF-4A34-86CF-7B6C85BDD971} VideoLAN VLC media player 0.8.6i-->C:\Program Files\VideoLAN\VLC\uninstall.exe VobSub v2.16 (Remove Only)-->"C:\Program Files\Gabest\VobSub\uninstall.exe" WD Diagnostics-->MsiExec.exe /X{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B} WIBU-KEY Setup (WIBU-KEY Remove)-->C:\Program Files\WIBUKEY\Setup\Setup32.exe /R:{00060000-0000-1004-8002-0000C06B5161} Windows Installer Clean Up-->MsiExec.exe /X{121634B0-2F4B-11D3-ADA3-00C04F52DD52} Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe" Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390} Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65} Windows Live Sign-in Assistant-->MsiExec.exe /I{0ED47137-C071-46CC-A243-E5E33271E10E} Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840} Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" WinZip 11.1-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5} Zelio-Soft-->C:\WINDOWS\ISUN040C.EXE -F"Q:\PROGRAM FILES\ZELIO\UNINST.ISU" Hosts File 127.0.0.1 localhost 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com Security center information AV: Avira AntiVir PersonalEdition FW: ZoneAlarm Firewall Environment variables "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "NUMBER_OF_PROCESSORS"=1 "OS"=Windows_NT "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;"C:\Program Files\Symantec\Norton Ghost 2003\";C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727;C:\Program Files\Samsung\Samsung PC Studio 3\;C:\Program Files\QuickTime\QTSystem\ "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 7, GenuineIntel "PROCESSOR_LEVEL"=15 "PROCESSOR_REVISION"=0207 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "tvdumpflags"=8 "windir"=%SystemRoot% "CLASSPATH"=.;C:\Program Files\Java\jre1.6.0\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre1.6.0\lib\ext\QTJava.zip -----------------EOF-----------------

la barre d'activite de random s systeù information tool reste plante au trois quart et dans gestinnaire de tache j'ai random s pas de reponse

en attente de reponse , ce qui est normal , je voudrais savoir si je peux utiliser internet et faire des manips ou tlechargement merci

fichier gmer GMER 1.0.14.14536 - http://www.gmer.net Rootkit scan 2008-08-30 00:33:03 Windows 5.1.2600 Service Pack 3 ---- Registry - GMER 1.0.14 ---- Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32 Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ThreadingModel Apartment Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@cd042efbbd7f7af1647644e76e06692b 0xC8 0x28 0x51 0xAF ... Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32 Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ThreadingModel Apartment Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@bca643cdc5c2726b20d2ecedcc62c59b 0x71 0x3B 0x04 0x66 ... Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32 Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ThreadingModel Apartment Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@2c81e34222e8052573023a60d06dd016 0xFF 0x7C 0x85 0xE0 ... Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32 Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ThreadingModel Apartment Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@2582ae41fb52324423be06337561aa48 0x6B 0x65 0x49 0x6A ... Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32 Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ThreadingModel Apartment Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@caaeda5fd7a9ed7697d9686d4b818472 0xCD 0x44 0xCD 0xB9 ... Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32 Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ThreadingModel Apartment Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@a4a1bcf2cc2b8bc3716b74b2b4522f5d 0x50 0x93 0xE5 0xAB ... Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32 Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ThreadingModel Apartment Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@4d370831d2c43cd13623e232fed27b7b 0xFB 0xA7 0x78 0xE6 ... Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32 Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ThreadingModel Apartment Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@1d68fe701cdea33e477eb204b76f993d 0x83 0x6C 0x56 0x8B ... Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32 Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ThreadingModel Apartment Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@1fac81b91d8e3c5aa4b0a51804d844a3 0xB2 0x46 0x9A 0xE2 ... Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32 Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ThreadingModel Apartment Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@f5f62a6129303efb32fbe080bb27835b 0x3D 0xCE 0xEA 0x26 ... Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32 Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ThreadingModel Apartment Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@fd4e2e1a3940b94dceb5a6a021f2e3c6 0x2A 0xB7 0xCC 0xB5 ... Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32 Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ThreadingModel Apartment Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@8a8aec57dd6508a385616fbc86791ec2 0xFA 0xEA 0x66 0x7F ... ---- EOF - GMER 1.0.14 ----

je comprend bien pas de pb voici le rapport d'un scan Avira AntiVir Personal Report file date: vendredi 29 août 2008 23:54 Scanning for 1582788 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 3) [5.1.2600] Boot mode: Normally booted Username: alain Computer name: ORDIALAIN Version information: BUILD.DAT : 8.1.0.331 16934 Bytes 12/08/2008 11:46:00 AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 08:57:53 AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40 LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19 LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34 ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 13:54:15 ANTIVIR2.VDF : 7.0.6.60 2802176 Bytes 24/08/2008 17:23:54 ANTIVIR3.VDF : 7.0.6.92 195584 Bytes 29/08/2008 17:23:02 Engineversion : 8.1.1.23 AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21 AESCRIPT.DLL : 8.1.0.68 315770 Bytes 28/08/2008 17:24:04 AESCN.DLL : 8.1.0.23 119156 Bytes 10/07/2008 12:44:49 AERDL.DLL : 8.1.0.20 418165 Bytes 24/04/2008 12:37:48 AEPACK.DLL : 8.1.2.1 364917 Bytes 15/07/2008 12:58:35 AEOFFICE.DLL : 8.1.0.22 192890 Bytes 28/08/2008 17:24:03 AEHEUR.DLL : 8.1.0.50 1388918 Bytes 28/08/2008 17:24:01 AEHELP.DLL : 8.1.0.15 115063 Bytes 10/07/2008 12:44:48 AEGEN.DLL : 8.1.0.36 315764 Bytes 28/08/2008 17:23:57 AEEMU.DLL : 8.1.0.7 430452 Bytes 31/07/2008 08:33:21 AECORE.DLL : 8.1.1.8 172406 Bytes 31/07/2008 08:33:21 AEBB.DLL : 8.1.0.1 53617 Bytes 10/07/2008 12:44:48 AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:05 AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01 AVREP.DLL : 8.0.0.2 98344 Bytes 28/08/2008 17:23:56 AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:40 AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23 AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49 SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02 SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40 NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10 RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07 RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37 Configuration settings for the scan: Jobname..........................: Rootkit search Configuration file...............: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\PROFILES\rootkit.avp Logging..........................: high Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: on Scan boot sector.................: on Process scan.....................: off Scan registry....................: off Search for rootkits..............: on Scan all files...................: All files Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Macro heuristic..................: on File heuristic...................: high Expanded search settings.........: 0x00300922 Start of the scan: vendredi 29 août 2008 23:54 Starting search for hidden objects. HKEY_USERS\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\parseautoexec [iNFO] The registry entry is invisible. HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32\threadingmodel [iNFO] The registry entry is invisible. HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32\cd042efbbd7f7af1647644e76e06692b [iNFO] The registry entry is invisible. HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32\threadingmodel [iNFO] The registry entry is invisible. HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32\bca643cdc5c2726b20d2ecedcc62c59b [iNFO] The registry entry is invisible. HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32\threadingmodel [iNFO] The registry entry is invisible. HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32\2c81e34222e8052573023a60d06dd016 [iNFO] The registry entry is invisible. HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32\threadingmodel [iNFO] The registry entry is invisible. HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32\2582ae41fb52324423be06337561aa48 [iNFO] The registry entry is invisible. HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32\threadingmodel [iNFO] The registry entry is invisible. HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32\caaeda5fd7a9ed7697d9686d4b818472 [iNFO] The registry entry is invisible. HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32\threadingmodel [iNFO] The registry entry is invisible. HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32\a4a1bcf2cc2b8bc3716b74b2b4522f5d [iNFO] The registry entry is invisible. HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32\threadingmodel [iNFO] The registry entry is invisible. HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32\4d370831d2c43cd13623e232fed27b7b [iNFO] The registry entry is invisible. HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32\threadingmodel [iNFO] The registry entry is invisible. HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32\1d68fe701cdea33e477eb204b76f993d [iNFO] The registry entry is invisible. HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32\threadingmodel [iNFO] The registry entry is invisible. HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32\1fac81b91d8e3c5aa4b0a51804d844a3 [iNFO] The registry entry is invisible. HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32\threadingmodel [iNFO] The registry entry is invisible. HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32\f5f62a6129303efb32fbe080bb27835b [iNFO] The registry entry is invisible. HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32\threadingmodel [iNFO] The registry entry is invisible. HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32\fd4e2e1a3940b94dceb5a6a021f2e3c6 [iNFO] The registry entry is invisible. HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32\threadingmodel [iNFO] The registry entry is invisible. HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32\8a8aec57dd6508a385616fbc86791ec2 [iNFO] The registry entry is invisible. '533416' objects were checked, '25' hidden objects were found. End of the scan: vendredi 29 août 2008 23:58 Used time: 04:18 Minute(s) The scan has been done completely. 0 Scanning directories 0 Files were scanned 0 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 0 files were deleted 0 files were repaired 0 files were moved to quarantine 0 files were renamed 0 Files cannot be scanned 0 Files not concerned 0 Archives were scanned 0 Warnings 0 Notes 533416 Objects were scanned with rootkit scan 25 Hidden objects were found A+

bonjour hello il y a quelqu'un ou vacances

Bonjour 9 fichiers en quarantaine et maintenant?

pour le scan y a t il un pb cela fait 20mn qu'il est sur scanned=12.1%

j'ai installer antivir il est en train de faire un scan general

pas de pb ou trouver le nouveau

pourquoi pas mais je dois désinstaller avt ou telecharger l'autre