yoyo55

de l aide svp

merci sheilla de ton aide la manip manuel je lai faite mais meme reponse du pc le message test est bien recu par la boite mais pas de renoi vers outloock et message d herreur

bonsoir a tous !! Suite a un formatage de mon disque C du aux problemes precedement exposes sur le forum j ai reinstalé outloock 2007. Pour mon compte il ny a pas eu de probleme mais pour le 2 compte l intalation automatique ne fonctionne pas , un message s affiche en me demandent un mot de passe reseau que je n est pas !! merci de vottre aide

bonjour a tous !!! voila suite un probleme recurant je voudrais formater ma partition d'exploitation © et impossible une fenetre s ouvre echec .... un membre pourait il m expliquer la manip a suicre pour formater seulement ma partition d'exploitation merci

re voila ! je pense qu on a fait le tour des problemes !! un grand merci pour toute l aide apporte!! @++

bonjour voila c est fait !! il me reste une petite question de temps en temps ma connexio internet se bloque ( clique sur un lien internet et puis tout se bloque ) sinon il ne ram plus !!

c'est bon tout est rentre dans l'ordre!! et pour mon log hijact?? il y aurai t il autre chose a faire pour affiner l'opération?? merci

re petite question : depuis la manip je n arive plus enregistrer des dossier sur ma cle usb . un message me dit disque proteger en ecriture.que faire?? Logfile of Trend Micro HijackThis v2.0 Scan saved at 16:26:46, on 24/04/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16827) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Acer\Acer eConsole\MediaServerService.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Microsoft LifeCam\MSCamS32.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Spyware Terminator\sp_rsser.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\RF Wireless Mouse\cm20.exe C:\PROGRA~1\WI1F86~1\MESSEN~1\msnmsgr.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe C:\Program Files\Windows Live\Messenger\wlcsdk.exe C:\Program Files\Microsoft Money\System\msmoney.exe C:\Program Files\Windows Live\Toolbar\wltuser.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\hijackthis\HiJackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [start RF Wireless Mouse] "C:\Program Files\RF Wireless Mouse\cm20.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [WinPatrol] "C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe" O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRA~1\WI1F86~1\MESSEN~1\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Crawler Search - tbr:iemenu O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/dow...llerControl.cab O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/a...gnerADP-1.1.cab O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\Acer\Acer eConsole\MediaServerService.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe -- End of file - 7149 bytes

bonjour Je viens de faire toute votre demarche et surprise , j'ai l'impression que cela fonctionne !!!!super!! cela viendrai de quoi ?? ily aurai t il autre chose a faire pour affiner l'opération?? merci

bonsoir merci de votre aide meme si le probleme n a pas etait resolu !! donc il faudrait que je formate ??? cordialement

DiagHelp version v1.4 - http://www.malekal.com excute le 23/04/2009 à 18:54:06,50 System information for \\LIONEL: Uptime: Error reading uptime Kernel version: Microsoft Windows XP, Uniprocessor Free Product type: Professional Product version: 5.1 Service pack: 3 Kernel build number: 2600 Registered organization: Registered owner: lionel.B Install date: 27/04/2006, 16:55:54 Activation status: Error reading status IE version: 7.0000 System root: C:\WINDOWS Processors: 1 Processor speed: 1.8 GHz Processor type: AMD Sempron Processor 3100+ Physical memory: 448 MB Video driver: VIA/S3G UniChrome Pro IGP Volume Type Format Label Size Free Free C: Fixed NTFS ACER 90.96 GB 68.85 GB 75.7% D: Fixed FAT32 ACERDATA 91.43 GB 71.78 GB 78.5% E: CD-ROM 0.0% F: Removable 0.0% G: Removable 0.0% H: Removable 0.0% I: Removable 0.0% J: Removable FAT CLE USB 480.10 MB 463.45 MB 96.5% C:\WINDOWS\System32\drivers\mbamswissarmy.sys -->06/04/2009 15:32:54 C:\WINDOWS\System32\drivers\mbam.sys -->06/04/2009 15:32:46 C:\WINDOWS\System32\drivers\ssidrv.sys -->02/04/2009 14:30:12 C:\WINDOWS\System32\drivers\sshrmd.sys -->02/04/2009 14:30:10 C:\WINDOWS\System32\drivers\ssfs0bbc.sys -->02/04/2009 14:30:08 C:\WINDOWS\System32\drivers\psi_mf.sys -->24/03/2009 13:03:08 C:\WINDOWS\System32\drivers\srv.sys -->11/12/2008 12:57:09 C:\WINDOWS\System32\wpa.dbl -->22/04/2009 22:18:25 C:\WINDOWS\System32\bdod.bin -->20/04/2009 22:16:31 C:\WINDOWS\System32\bdss.log -->20/04/2009 21:49:59 C:\WINDOWS\System32\PerfStringBackup.INI -->18/04/2009 03:21:11 C:\WINDOWS\System32\perfh00C.dat -->18/04/2009 03:21:11 C:\WINDOWS\System32\perfh009.dat -->18/04/2009 03:21:11 C:\WINDOWS\System32\perfc00C.dat -->18/04/2009 03:21:11 C:\WINDOWS\System32\perfc009.dat -->18/04/2009 03:21:11 C:\WINDOWS\System32\spupdsvc.inf -->18/04/2009 03:04:30 C:\WINDOWS\System32\streamhlp.dll -->15/04/2009 22:08:40 C:\WINDOWS\System32\edacded0_x.dat -->09/04/2009 23:18:29 C:\WINDOWS\System32\bcdadac7_x.xml -->09/04/2009 23:18:29 C:\WINDOWS\System32\javaws.exe -->08/04/2009 21:56:12 C:\WINDOWS\System32\javaw.exe -->08/04/2009 21:56:12 C:\WINDOWS\System32\javacpl.cpl -->08/04/2009 21:56:12 C:\WINDOWS\System32\java.exe -->08/04/2009 21:56:12 C:\WINDOWS\System32\deploytk.dll -->08/04/2009 21:56:12 C:\WINDOWS\System32\MRT.exe -->06/04/2009 16:57:24 C:\WINDOWS\System32\capicom.dll -->06/04/2009 13:26:46 C:\WINDOWS\System32\wrLZMA.dll -->02/04/2009 14:30:04 C:\WINDOWS\System32\SsiEfr.exe -->02/04/2009 14:29:56 C:\WINDOWS\System32\kernel32.dll -->21/03/2009 16:07:58 C:\WINDOWS\System32\FNTCACHE.DAT -->12/03/2009 18:57:00 C:\WINDOWS\System32\pdh.dll -->06/03/2009 16:20:52 C:\WINDOWS\System32\wininet.dll -->03/03/2009 02:13:06 C:\WINDOWS\WindowsUpdate.log -->23/04/2009 18:26:03 C:\WINDOWS\wiadebug.log -->23/04/2009 18:23:51 C:\WINDOWS\0.log -->22/04/2009 22:17:36 C:\WINDOWS\wiaservc.log -->22/04/2009 22:16:57 C:\WINDOWS\bootstat.dat -->22/04/2009 22:16:01 C:\WINDOWS\system.ini -->22/04/2009 21:07:32 C:\WINDOWS\vFind.exe -->21/04/2009 09:58:08 C:\WINDOWS\wmsetup.log -->20/04/2009 22:05:59 C:\WINDOWS\setupapi.log -->18/04/2009 11:18:46 C:\WINDOWS\tsoc.log -->18/04/2009 03:08:47 C:\WINDOWS\ocmsn.log -->18/04/2009 03:08:47 C:\WINDOWS\ocgen.log -->18/04/2009 03:08:47 C:\WINDOWS\ntdtcsetup.log -->18/04/2009 03:08:47 C:\WINDOWS\msgsocm.log -->18/04/2009 03:08:47 C:\WINDOWS\KB959426.log -->18/04/2009 03:08:47 Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 4820-7A50 Répertoire de C:\WINDOWS 18/04/2009 03:03 <REP> $hf_mig$ 04/05/2006 22:20 <REP> $MSI31Uninstall_KB893803v2$ 25/07/2008 11:16 <REP> $NtServicePackUninstall$ 03/12/2006 10:25 <REP> $NtServicePackUninstallIDNMitigationAPIs$ 03/12/2006 10:25 <REP> $NtServicePackUninstallNLSDownlevelMapping$ 16/02/2006 07:21 <REP> $NtUninstallKB867282$ 16/02/2006 07:21 <REP> $NtUninstallKB873333$ 16/02/2006 07:21 <REP> $NtUninstallKB873339$ 16/02/2006 07:21 <REP> $NtUninstallKB883939$ 16/02/2006 07:21 <REP> $NtUninstallKB885250$ 16/02/2006 07:21 <REP> $NtUninstallKB885835$ 16/02/2006 07:21 <REP> $NtUninstallKB885836$ 29/04/2006 00:32 <REP> $NtUninstallKB885884$ 04/05/2006 22:21 <REP> $NtUninstallKB886185$ 16/02/2006 07:21 <REP> $NtUninstallKB887472$ 04/05/2006 22:58 <REP> $NtUninstallKB887742$ 16/02/2006 07:21 <REP> $NtUninstallKB888113$ 16/02/2006 07:21 <REP> $NtUninstallKB888302$ 16/02/2006 07:21 <REP> $NtUninstallKB890046$ 16/02/2006 07:21 <REP> $NtUninstallKB890046_0$ 16/02/2006 07:21 <REP> $NtUninstallKB890047$ 16/02/2006 07:21 <REP> $NtUninstallKB890175$ 16/02/2006 07:21 <REP> $NtUninstallKB890859$ 16/02/2006 07:21 <REP> $NtUninstallKB890923$ 16/02/2006 07:21 <REP> $NtUninstallKB891781$ 16/02/2006 07:21 <REP> $NtUninstallKB893086$ 16/02/2006 07:21 <REP> $NtUninstallKB893357$ 16/02/2006 07:21 <REP> $NtUninstallKB893756$ 16/02/2006 07:21 <REP> $NtUninstallKB894391$ 16/02/2006 07:21 <REP> $NtUninstallKB896358$ 16/02/2006 07:21 <REP> $NtUninstallKB896422$ 16/02/2006 07:21 <REP> $NtUninstallKB896423$ 04/05/2006 22:58 <REP> $NtUninstallKB896424$ 16/02/2006 07:21 <REP> $NtUninstallKB896428$ 16/02/2006 07:21 <REP> $NtUninstallKB896727$ 16/02/2006 07:21 <REP> $NtUninstallKB898458$ 27/04/2006 23:29 <REP> $NtUninstallKB898461$ 16/02/2006 07:21 <REP> $NtUninstallKB899587$ 16/02/2006 07:21 <REP> $NtUninstallKB899588$ 16/02/2006 07:21 <REP> $NtUninstallKB899591$ 04/05/2006 22:58 <REP> $NtUninstallKB900485$ 04/05/2006 22:21 <REP> $NtUninstallKB900725$ 04/05/2006 22:58 <REP> $NtUninstallKB901017$ 04/05/2006 22:21 <REP> $NtUninstallKB901190$ 16/02/2006 07:21 <REP> $NtUninstallKB901214$ 04/05/2006 22:21 <REP> $NtUninstallKB902400$ 16/02/2006 07:21 <REP> $NtUninstallKB903235$ 04/05/2006 22:21 <REP> $NtUninstallKB904706$ 03/12/2006 10:24 <REP> $NtUninstallKB904942$ 04/05/2006 22:21 <REP> $NtUninstallKB905414$ 04/05/2006 22:21 <REP> $NtUninstallKB905749$ 04/05/2006 22:21 <REP> $NtUninstallKB908519$ 04/05/2006 22:21 <REP> $NtUninstallKB908531$ 04/05/2006 22:58 <REP> $NtUninstallKB910437$ 17/06/2006 08:17 <REP> $NtUninstallKB911280$ 04/05/2006 22:58 <REP> $NtUninstallKB911562$ 04/05/2006 22:58 <REP> $NtUninstallKB911564$ 04/05/2006 22:21 <REP> $NtUninstallKB911565$ 04/05/2006 22:21 <REP> $NtUninstallKB911567$ 04/05/2006 22:58 <REP> $NtUninstallKB911927$ 04/05/2006 22:21 <REP> $NtUninstallKB912812$ 04/05/2006 22:21 <REP> $NtUninstallKB912919$ 04/05/2006 22:21 <REP> $NtUninstallKB913446$ 17/05/2006 22:40 <REP> $NtUninstallKB913580$ 14/07/2006 03:01 <REP> $NtUninstallKB914388$ 17/06/2006 08:16 <REP> $NtUninstallKB914389$ 03/12/2006 10:24 <REP> $NtUninstallKB914440$ 03/12/2006 10:25 <REP> $NtUninstallKB915865$ 17/06/2006 08:17 <REP> $NtUninstallKB916281$ 14/07/2006 03:01 <REP> $NtUninstallKB916595$ 14/07/2006 03:01 <REP> $NtUninstallKB917159$ 17/06/2006 08:17 <REP> $NtUninstallKB917344$ 09/08/2006 09:43 <REP> $NtUninstallKB917422$ 17/06/2006 08:18 <REP> $NtUninstallKB917734_WMP9$ 17/06/2006 08:17 <REP> $NtUninstallKB917953$ 18/02/2007 10:49 <REP> $NtUninstallKB918118$ 17/06/2006 08:17 <REP> $NtUninstallKB918439$ 09/08/2006 09:43 <REP> $NtUninstallKB918899$ 14/09/2006 09:58 <REP> $NtUninstallKB919007$ 17/11/2006 09:23 <REP> $NtUninstallKB920213$ 09/08/2006 09:43 <REP> $NtUninstallKB920214$ 09/08/2006 09:43 <REP> $NtUninstallKB920670$ 09/08/2006 09:42 <REP> $NtUninstallKB920683$ 14/09/2006 09:59 <REP> $NtUninstallKB920685$ 14/09/2006 09:58 <REP> $NtUninstallKB920872$ 09/08/2006 09:43 <REP> $NtUninstallKB921398$ 29/08/2007 09:12 <REP> $NtUninstallKB921503$ 09/08/2006 09:43 <REP> $NtUninstallKB921883$ 14/09/2006 09:58 <REP> $NtUninstallKB922582$ 09/08/2006 09:43 <REP> $NtUninstallKB922616$ 17/11/2006 09:22 <REP> $NtUninstallKB922760$ 15/10/2006 09:16 <REP> $NtUninstallKB922819$ 15/10/2006 09:15 <REP> $NtUninstallKB923191$ 15/10/2006 09:16 <REP> $NtUninstallKB923414$ 18/04/2009 03:01 <REP> $NtUninstallKB923561$ 16/12/2006 15:16 <REP> $NtUninstallKB923689$ 16/12/2006 15:16 <REP> $NtUninstallKB923694$ 17/11/2006 09:24 <REP> $NtUninstallKB923980$ 15/10/2006 09:16 <REP> $NtUninstallKB924191$ 17/11/2006 09:23 <REP> $NtUninstallKB924270$ 15/10/2006 09:16 <REP> $NtUninstallKB924496$ 18/02/2007 10:50 <REP> $NtUninstallKB924667$ 16/12/2006 15:17 <REP> $NtUninstallKB925398_WMP64$ 16/12/2006 15:17 <REP> $NtUninstallKB925454$ 04/10/2006 13:51 <REP> $NtUninstallKB925486$ 04/04/2007 14:48 <REP> $NtUninstallKB925902$ 04/02/2007 23:46 <REP> $NtUninstallKB926239$ 16/12/2006 15:16 <REP> $NtUninstallKB926255$ 18/02/2007 10:49 <REP> $NtUninstallKB926436$ 18/02/2007 10:51 <REP> $NtUninstallKB927779$ 18/02/2007 10:51 <REP> $NtUninstallKB927802$ 23/05/2007 18:23 <REP> $NtUninstallKB927891$ 18/02/2007 10:51 <REP> $NtUninstallKB928255$ 18/02/2007 10:48 <REP> $NtUninstallKB928843$ 15/07/2007 13:58 <REP> $NtUninstallKB929123$ 15/03/2007 09:27 <REP> $NtUninstallKB929338$ 15/03/2007 09:28 <REP> $NtUninstallKB929399$ 11/01/2007 16:03 <REP> $NtUninstallKB929969$ 11/04/2007 16:23 <REP> $NtUninstallKB930178$ 09/05/2007 15:17 <REP> $NtUninstallKB930916$ 11/04/2007 16:23 <REP> $NtUninstallKB931261$ 11/04/2007 16:23 <REP> $NtUninstallKB931784$ 18/02/2007 10:50 <REP> $NtUninstallKB931836$ 11/04/2007 16:22 <REP> $NtUninstallKB932168$ 09/11/2008 23:07 <REP> $NtUninstallKB932823-v3$ 29/08/2007 09:10 <REP> $NtUninstallKB933360$ 14/10/2007 09:50 <REP> $NtUninstallKB933729$ 15/07/2007 13:56 <REP> $NtUninstallKB935839$ 15/07/2007 13:56 <REP> $NtUninstallKB935840$ 29/08/2007 09:12 <REP> $NtUninstallKB936021$ 29/08/2007 09:10 <REP> $NtUninstallKB936782_WMP11$ 11/09/2008 07:19 <REP> $NtUninstallKB938464$ 29/08/2007 09:12 <REP> $NtUninstallKB938828$ 29/08/2007 09:11 <REP> $NtUninstallKB938829$ 08/09/2007 08:55 <REP> $NtUninstallKB939683$ 14/10/2007 09:48 <REP> $NtUninstallKB941202$ 27/12/2007 18:28 <REP> $NtUninstallKB941568$ 27/12/2007 18:28 <REP> $NtUninstallKB941569$ 10/01/2008 16:58 <REP> $NtUninstallKB941644$ 09/11/2008 23:05 <REP> $NtUninstallKB941693$ 27/12/2007 18:28 <REP> $NtUninstallKB942763$ 09/11/2008 23:03 <REP> $NtUninstallKB943055$ 27/12/2007 18:27 <REP> $NtUninstallKB943460$ 10/01/2008 16:57 <REP> $NtUninstallKB943485$ 27/12/2007 18:28 <REP> $NtUninstallKB944653$ 09/11/2008 23:05 <REP> $NtUninstallKB945553$ 09/11/2008 23:03 <REP> $NtUninstallKB946026$ 09/11/2008 23:22 <REP> $NtUninstallKB946648$ 09/11/2008 23:05 <REP> $NtUninstallKB948590$ 10/04/2008 08:33 <REP> $NtUninstallKB948881$ 09/11/2008 23:06 <REP> $NtUninstallKB950749$ 12/06/2008 20:24 <REP> $NtUninstallKB950760$ 09/11/2008 23:20 <REP> $NtUninstallKB950762$ 09/11/2008 23:15 <REP> $NtUninstallKB950762_0$ 09/11/2008 23:22 <REP> $NtUninstallKB950974$ 09/11/2008 23:22 <REP> $NtUninstallKB951066$ 09/11/2008 23:22 <REP> $NtUninstallKB951072-v2$ 09/11/2008 23:20 <REP> $NtUninstallKB951376$ 09/11/2008 23:20 <REP> $NtUninstallKB951376-v2$ 09/11/2008 23:15 <REP> $NtUninstallKB951376-v2_0$ 09/11/2008 23:15 <REP> $NtUninstallKB951376_0$ 09/11/2008 23:20 <REP> $NtUninstallKB951698$ 09/11/2008 23:15 <REP> $NtUninstallKB951698_0$ 09/11/2008 23:20 <REP> $NtUninstallKB951748$ 09/11/2008 23:16 <REP> $NtUninstallKB951748_0$ 09/11/2008 23:20 <REP> $NtUninstallKB951978$ 18/04/2009 03:03 <REP> $NtUninstallKB952004$ 17/12/2008 11:53 <REP> $NtUninstallKB952069_WM9$ 09/11/2008 23:22 <REP> $NtUninstallKB952287$ 09/11/2008 23:22 <REP> $NtUninstallKB952954$ 29/08/2008 09:51 <REP> $NtUninstallKB953839$ 09/11/2008 23:22 <REP> $NtUninstallKB954154_WM11$ 09/11/2008 23:23 <REP> $NtUninstallKB954211$ 12/11/2008 19:52 <REP> $NtUninstallKB954459$ 17/12/2008 11:52 <REP> $NtUninstallKB954600$ 12/11/2008 19:51 <REP> $NtUninstallKB955069$ 17/12/2008 11:56 <REP> $NtUninstallKB955839$ 15/10/2008 22:04 <REP> $NtUninstallKB956391$ 18/04/2009 03:04 <REP> $NtUninstallKB956572$ 17/12/2008 11:52 <REP> $NtUninstallKB956802$ 09/11/2008 23:23 <REP> $NtUninstallKB956803$ 09/11/2008 23:23 <REP> $NtUninstallKB956841$ 09/11/2008 23:23 <REP> $NtUninstallKB957095$ 12/11/2008 19:52 <REP> $NtUninstallKB957097$ 09/11/2008 23:25 <REP> $NtUninstallKB958644$ 14/01/2009 23:04 <REP> $NtUninstallKB958687$ 12/03/2009 18:39 <REP> $NtUninstallKB958690$ 18/04/2009 03:08 <REP> $NtUninstallKB959426$ 12/03/2009 18:38 <REP> $NtUninstallKB959772_WM11$ 12/03/2009 18:39 <REP> $NtUninstallKB960225$ 12/02/2009 04:01 <REP> $NtUninstallKB960715$ 18/04/2009 03:01 <REP> $NtUninstallKB960803$ 18/04/2009 03:08 <REP> $NtUninstallKB961373$ 25/02/2009 22:41 <REP> $NtUninstallKB967715$ 04/02/2007 23:46 <REP> $NtUninstallMSCompPackV1$ 04/02/2007 23:44 <REP> $NtUninstallWMFDist11$ 04/02/2007 23:45 <REP> $NtUninstallwmp11$ 04/02/2007 23:43 <REP> $NtUninstallWudf01000$ 06/04/2008 23:22 38 019 hpothb07.dat 06/04/2008 23:22 343 587 hpothb07.tif 25/01/2007 15:30 <REP> ie7 18/04/2009 11:18 <REP> inf 22/04/2009 21:46 <REP> Installer 28/10/2007 14:34 <REP> msdownld.tmp 05/05/2006 00:10 <REP> PIF 29/03/2009 21:05 54 156 QTFont.qfn 04/04/2009 22:52 8 192 Thumbs.db 05/08/2004 07:00 49 102 winnt.bmp 05/08/2004 07:00 49 102 winnt256.bmp 7 fichier(s) 542 907 octets 203 Rép(s) 73 930 592 256 octets libres Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 4820-7A50 Répertoire de C:\WINDOWS\system32 18/04/2009 03:08 <REP> dllcache 09/04/2009 23:18 23 edacded0_x.dat 20/11/2004 01:38 26 112 InsD1211.exe 09/08/2007 23:00 10 022 KGyGaAvL.sys 20/11/2004 02:27 36 864 kill1211.exe 07/12/2005 07:07 1 024 NTIBUN4.dll 07/12/2005 07:06 1 024 NTICDMK7.dll 07/12/2005 07:06 1 024 NTIFCD3.dll 07/12/2005 07:06 1 024 NTIMP3.dll 07/12/2005 07:06 1 024 NTIMPEG2.dll 07/08/2003 10:51 24 576 reboot.exe 20/11/2004 03:42 26 112 RemD1211.exe 30/08/2004 02:37 44 032 rescan.exe 11/04/2007 20:12 4 212 zllictbl.dat 20 fichier(s) 181 794 octets 1 Rép(s) 73 930 579 968 octets libres winlogon.exe Verified: Signed svchost.exe Verified: Signed ws2_32.dll Verified: Signed user32.dll Verified: Signed tcpip.sys Verified: Signed ndis.sys Verified: Signed null.sys Verified: Signed userinit.exe kernel32.dll ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ explorer.exe pid: 1600 Command line: C:\WINDOWS\Explorer.EXE Base Size Version Path 0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll 0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll 0x76610000 0x84000 5.131.2600.5512 C:\WINDOWS\system32\CRYPTUI.dll 0x44080000 0xd0000 7.00.6000.16827 C:\WINDOWS\system32\WININET.dll 0x00400000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll 0x43e00000 0x45000 7.00.6000.16825 C:\WINDOWS\system32\iertutil.dll 0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll 0x753c0000 0x6b000 1.420.2600.5512 C:\WINDOWS\system32\USP10.dll 0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\comctl32.dll 0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll 0x44360000 0x5cd000 7.00.6000.16825 C:\WINDOWS\system32\ieframe.dll 0x45180000 0x127000 7.00.6000.16825 C:\WINDOWS\system32\urlmon.dll 0x76ac0000 0x11000 3.05.2284.0001 C:\WINDOWS\system32\ATL.DLL 0x442b0000 0x3c000 7.00.6000.16825 C:\WINDOWS\system32\webcheck.dll 0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll 0x164a0000 0x23000 5.02.5721.5145 C:\WINDOWS\system32\WPDShServiceObj.dll 0x7d200000 0x2bc000 3.01.4001.5512 C:\WINDOWS\system32\msi.dll 0x109c0000 0x2c000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceTypes.dll 0x10930000 0x49000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceApi.dll 0x01e50000 0xd000 C:\Program Files\RF Wireless Mouse\NoEdge.dll 0x01e70000 0x9000 C:\Program Files\RF Wireless Mouse\ASDll.dll 0x69270000 0x8d000 5.02.2600.5512 C:\WINDOWS\system32\fxsst.dll 0x61410000 0x72000 5.02.2600.5512 C:\WINDOWS\system32\FXSAPI.dll 0x5f800000 0x16000 1.01.1593.0000 C:\PROGRA~1\WIFD1F~1\MpShHook.dll 0x78130000 0x9b000 8.00.50727.1801 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1801_x-ww_5eed8217\MSVCR80.dll 0x7c420000 0x87000 8.00.50727.1801 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1801_x-ww_5eed8217\MSVCP80.dll 0x02f90000 0x1d6000 1.06.0002.0014 C:\PROGRA~1\SPYBOT~1\SDHelper.dll 0x43ff0000 0xa000 7.00.6000.16825 C:\WINDOWS\system32\jsproxy.dll 0x03d70000 0x4c000 9.01.0000.0163 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA 0x041f0000 0x2b000 C:\Program Files\WinRAR\rarext.dll 0x10000000 0x173000 1.01.0000.0006 C:\Program Files\Fichiers communs\Ahead\Lib\NeroDigitalExt.dll 0x7c140000 0x103000 7.10.3077.0000 C:\Program Files\Fichiers communs\Ahead\Lib\MFC71.DLL 0x7c340000 0x56000 7.10.3052.0004 C:\Program Files\Fichiers communs\Ahead\Lib\MSVCR71.dll 0x7c3a0000 0x7b000 7.10.3077.0000 C:\Program Files\Fichiers communs\Ahead\Lib\MSVCP71.dll 0x03ac0000 0x5b000 9.01.0000.0163 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ winlogon.exe pid: 704 Command line: winlogon.exe Base Size Version Path 0x01000000 0x82000 \??\C:\WINDOWS\system32\winlogon.exe 0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll 0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll 0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll 0x753c0000 0x6b000 1.420.2600.5512 C:\WINDOWS\system32\USP10.dll 0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\COMCTL32.dll 0x74730000 0x3d000 3.525.1132.0000 C:\WINDOWS\system32\ODBC32.dll 0x1f840000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll 0x01f40000 0x3b000 1.07.0018.0005 C:\WINDOWS\system32\WgaLogon.dll 0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll Contenu de Downloaded Program Files Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 4820-7A50 Répertoire de C:\WINDOWS\Downloaded Program Files 13/04/2009 10:34 <REP> . 13/04/2009 10:34 <REP> .. 31/03/2008 21:51 392 528 AdSignerADP.dll 12/12/2007 10:33 747 AdSignerADP.inf 31/03/2008 21:51 261 456 AdVerifierADP.dll 07/12/2005 06:42 65 desktop.ini 26/09/2008 19:08 3 204 368 EPUWALcontrol.dll 23/09/2008 20:02 539 EPUWALcontrol.inf 23/03/2007 13:17 1 292 erma.inf 09/10/2007 10:55 1 589 hardwaredetection.inf 18/01/2008 12:17 204 800 InstallerControl.dll 06/02/2009 12:26 367 LegitCheckControl.inf 18/01/2008 12:17 507 OSDED4D.OSD 27/03/2006 13:00 5 019 swflash.inf 12 fichier(s) 4 073 277 octets Total des fichiers listés : 12 fichier(s) 4 073 277 octets 2 Rép(s) 73 929 236 480 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues Export des clefs sensibles.. Liste des fichiers en exception sur le pare-feu XP SP2 "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Acer\\Acer eConsole\\MediaSync.exe"="C:\\Program Files\\Acer\\Acer eConsole\\MediaSync.exe:LocalSubNet:Enabled:Media Synchoronizer" "C:\\Program Files\\Acer\\Acer eConsole\\eConsole.exe"="C:\\Program Files\\Acer\\Acer eConsole\\eConsole.exe:LocalSubNet:Enabled:eConsole" "C:\\Program Files\\Acer\\Acer eConsole\\MediaServerService.exe"="C:\\Program Files\\Acer\\Acer eConsole\\MediaServerService.exe:LocalSubNet:Enabled:Acer Media Server" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" Export de la clef SharedTaskScheduler [sharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" exports des policies REGEDIT4 [system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 "DisableRegistryTools"=dword:00000000 Export des clefs sensibles.. Rechercher adresses sensibles dans le fichier HOSTS... catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-04-23 18:55:33 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden services & system hive ... scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden services: 0 hidden files: 0 Stealth MBR rootkit detector 0.2.4 by Gmer, http://www.gmer.net device: opened successfully user: MBR read successfully kernel: MBR read successfully user & kernel MBR OK copy of MBR has been found in sector 37 ! KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Process list by traversal of KiWaitListHead 4 - System 116 - jusched.exe 156 - qttask.exe 160 - kpf4ss.exe 184 - msnmsgr.exe 220 - GoogleToolbarNo 336 - svchost.exe 356 - iexplore.exe 556 - sp_rsser.exe 680 - csrss.exe 704 - winlogon.exe 748 - services.exe 760 - lsass.exe 828 - SpySweeper.exe 916 - svchost.exe 1012 - svchost.exe 1100 - svchost.exe 1304 - spoolsv.exe 1336 - cmd.exe 1368 - avguard.exe 1440 - kpf4gui.exe 1508 - wscntfy.exe 1600 - explorer.exe 1784 - MediaServerServ 1864 - sched.exe 1920 - CM20.EXE 1928 - MSCamS32.exe 1996 - avgnt.exe 2008 - SeaPort.exe 2056 - alg.exe 2544 - wlcomm.exe 2592 - kpf4gui.exe 2636 - wlcsdk.exe 3504 - wltuser.exe Total number of processes = 34 NOTE: Under WinXP, this will not show all processes. KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Driver/Module list by traversal of PsLoadedModuleList 804D7000 - \WINDOWS\system32\ntkrnlpa.exe 806D0000 - \WINDOWS\system32\hal.dll F7B76000 - \WINDOWS\system32\KDCOM.DLL F7A86000 - \WINDOWS\system32\BOOTVID.dll F7546000 - ACPI.sys F7B78000 - \WINDOWS\system32\DRIVERS\WMILIB.SYS F7535000 - pci.sys F7676000 - isapnp.sys F7686000 - sshrmd.sys F7696000 - ssfs0bbc.sys F7507000 - ssidrv.sys F74DA000 - \WINDOWS\system32\DRIVERS\NDIS.SYS F78F6000 - \WINDOWS\system32\DRIVERS\TDI.SYS F7C3E000 - pciide.sys F78FE000 - \WINDOWS\system32\DRIVERS\PCIIDEX.SYS F7B7A000 - viaide.sys F76A6000 - MountMgr.sys F74BB000 - ftdisk.sys F7906000 - PartMgr.sys F76B6000 - VolSnap.sys F74A3000 - atapi.sys F76C6000 - disk.sys F76D6000 - \WINDOWS\system32\DRIVERS\CLASSPNP.SYS F7483000 - fltmgr.sys F7471000 - sr.sys F76E6000 - PxHelp20.sys F745A000 - KSecDD.sys F73CD000 - Ntfs.sys F790E000 - viaagp1.sys F73B3000 - Mup.sys F76F6000 - gagp30kx.sys F7726000 - \SystemRoot\system32\DRIVERS\processr.sys F7340000 - \SystemRoot\system32\DRIVERS\vtmini.sys F732C000 - \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS F7318000 - \SystemRoot\system32\DRIVERS\FA311XP.SYS F7736000 - \SystemRoot\system32\DRIVERS\imapi.sys F793E000 - \SystemRoot\system32\drivers\Afc.sys F7746000 - \SystemRoot\system32\DRIVERS\cdrom.sys F7756000 - \SystemRoot\system32\DRIVERS\redbook.sys F72F5000 - \SystemRoot\system32\DRIVERS\ks.sys F7B82000 - \SystemRoot\system32\DRIVERS\NTIDrvr.sys F7956000 - \SystemRoot\system32\DRIVERS\usbuhci.sys F72D1000 - \SystemRoot\system32\DRIVERS\USBPORT.SYS F795E000 - \SystemRoot\system32\DRIVERS\usbehci.sys F6F42000 - \SystemRoot\system32\drivers\ALCXWDM.SYS F6F1E000 - \SystemRoot\system32\drivers\portcls.sys F7766000 - \SystemRoot\system32\drivers\drmk.sys F797E000 - \SystemRoot\system32\DRIVERS\fdc.sys F6F0D000 - \SystemRoot\system32\DRIVERS\serial.sys F7B1A000 - \SystemRoot\system32\DRIVERS\serenum.sys F6EF9000 - \SystemRoot\system32\DRIVERS\parport.sys F7776000 - \SystemRoot\system32\DRIVERS\i8042prt.sys F7996000 - \SystemRoot\system32\DRIVERS\mouclass.sys F79A6000 - \SystemRoot\system32\DRIVERS\kbdclass.sys F7CA1000 - \SystemRoot\system32\DRIVERS\audstub.sys F7786000 - \SystemRoot\system32\DRIVERS\rasl2tp.sys F7B22000 - \SystemRoot\system32\DRIVERS\ndistapi.sys F6EE2000 - \SystemRoot\system32\DRIVERS\ndiswan.sys F7796000 - \SystemRoot\system32\DRIVERS\raspppoe.sys F77A6000 - \SystemRoot\system32\DRIVERS\raspptp.sys F6ED1000 - \SystemRoot\system32\DRIVERS\psched.sys F77B6000 - \SystemRoot\system32\DRIVERS\msgpc.sys F79C6000 - \SystemRoot\system32\DRIVERS\ptilink.sys F79D6000 - \SystemRoot\system32\DRIVERS\raspti.sys F77C6000 - \SystemRoot\system32\DRIVERS\termdd.sys F7B88000 - \SystemRoot\system32\DRIVERS\swenum.sys F6DD3000 - \SystemRoot\system32\DRIVERS\update.sys F7B32000 - \SystemRoot\system32\DRIVERS\mssmbios.sys F77D6000 - \SystemRoot\System32\Drivers\NDProxy.SYS F77E6000 - \SystemRoot\system32\DRIVERS\usbhub.sys F7B8E000 - \SystemRoot\system32\DRIVERS\USBD.SYS F7B92000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS F7CD4000 - \SystemRoot\System32\Drivers\Null.SYS F7B96000 - \SystemRoot\System32\Drivers\Beep.SYS F7A0E000 - \SystemRoot\system32\DRIVERS\HIDPARSE.SYS F7A16000 - \SystemRoot\System32\drivers\vga.sys F7B9A000 - \SystemRoot\System32\Drivers\mnmdd.SYS F7B9E000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys F5D42000 - \SystemRoot\system32\drivers\fwdrv.sys F7A26000 - \SystemRoot\System32\Drivers\Msfs.SYS F7A36000 - \SystemRoot\System32\Drivers\Npfs.SYS F7387000 - \SystemRoot\system32\DRIVERS\rasacd.sys F5D2F000 - \SystemRoot\system32\DRIVERS\ipsec.sys F5CD6000 - \SystemRoot\system32\DRIVERS\tcpip.sys F5C86000 - \SystemRoot\system32\DRIVERS\netbt.sys F5C60000 - \SystemRoot\system32\DRIVERS\ipnat.sys F7836000 - \SystemRoot\system32\DRIVERS\wanarp.sys F5C3E000 - \SystemRoot\System32\drivers\afd.sys F7846000 - \SystemRoot\system32\DRIVERS\netbios.sys F7A46000 - \SystemRoot\System32\Drivers\StarOpen.SYS F7A56000 - \SystemRoot\system32\DRIVERS\ssmdrv.sys F5C1B000 - \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys F5BF0000 - \SystemRoot\system32\DRIVERS\rdbss.sys F5B80000 - \SystemRoot\system32\DRIVERS\mrxsmb.sys F5B6F000 - \SystemRoot\system32\drivers\khips.sys F7A76000 - \SystemRoot\system32\DRIVERS\USBSTOR.SYS F7876000 - \SystemRoot\System32\Drivers\Fips.SYS F5B5E000 - \SystemRoot\system32\DRIVERS\avipbb.sys F7BAA000 - \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys F5B3A000 - \SystemRoot\System32\Drivers\Fastfat.SYS F7966000 - \SystemRoot\system32\DRIVERS\usbccgp.sys F595C000 - \SystemRoot\system32\DRIVERS\VX1000.sys F78A6000 - \SystemRoot\system32\DRIVERS\STREAM.SYS F78B6000 - \SystemRoot\system32\drivers\usbaudio.sys F587C000 - \SystemRoot\System32\Drivers\dump_atapi.sys F7BC0000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS BF800000 - \SystemRoot\System32\win32k.sys F5CC2000 - \SystemRoot\System32\drivers\Dxapi.sys F79EE000 - \SystemRoot\System32\watchdog.sys BF9C3000 - \SystemRoot\System32\drivers\dxg.sys F7D45000 - \SystemRoot\System32\drivers\dxgthk.sys BF9D5000 - \SystemRoot\System32\vtdisp.dll ECE10000 - \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys ECD33000 - \SystemRoot\system32\drivers\wdmaud.sys ECE94000 - \SystemRoot\system32\drivers\sysaudio.sys ECD98000 - \SystemRoot\System32\Drivers\Cdfs.SYS EC791000 - \SystemRoot\system32\DRIVERS\srv.sys EBC40000 - \SystemRoot\system32\drivers\kmixer.sys F7C34000 - \??\C:\DOCUME~1\lionel.B\LOCALS~1\Temp\mbr.sys F7C70000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys Total number of drivers = 120 Liste des programmes installes 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) a-squared Free 2.0 Acer eConsole Acer eMode Management Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Reader 9.1 - Français Archiveur WinRAR Assistant de connexion Windows Live Atlas Routier Michelin Europe AutoUpdate Avira AntiVir Personal - Free Antivirus Barre d'outils Outlook de Windows Live (Windows Live Toolbar) BitDefender Free Edition v10 Bloqueur de fenêtres pop-up (Windows Live Toolbar) CCScore Change Extension Choice Guard CodeStuff Starter Complément Microsoft Word pour Microsoft Works Suite Correctif pour Lecteur Windows Media 11 (KB939683) Correctif pour Windows Internet Explorer 7 (KB947864) Correctif pour Windows XP (KB952287) CVitae 2.1.1 DivX DivX Player DropMyRights Détecteur de flux Windows Live Toolbar (Windows Live Toolbar) e-COMO EasyCleaner ESSBrwr ESSCDBK ESScore ESSgui ESSini ESSPCD ESSPDock ESSSONIC ESSTOOLS essvatgt Extension de Windows Live Toolbar (Windows Live Toolbar) Extension Système de Microsoft Money FairUse Wizard 2 fflink Google Toolbar for Internet Explorer HijackThis 2.0.2 Hotfix for Windows Media Format 11 SDK (KB929399) hp psc 1200 series Installation Windows Live Installation Windows Live Java 6 Update 13 jv16 PowerTools 1.3 jv16 PowerTools 2009 K9 Kaspersky Online Scanner kgcbaby kgcbase kgchday kgchlwn kgcinvt kgckids kgcmove kgcvday KSU Lecteur Windows Media 11 Macromedia Flash Player 8 Malwarebytes' Anti-Malware Menus intelligents (Windows Live Toolbar) Micro Application - Atlas Routier et Plans de ville Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 French Language Pack Microsoft .NET Framework 1.1 Hotfix (KB928366) Microsoft Application Error Reporting Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Internationalized Domain Names Mitigation APIs Microsoft LifeCam Microsoft Money Microsoft National Language Support Downlevel APIs Microsoft Office Access MUI (French) 2007 Microsoft Office Excel MUI (French) 2007 Microsoft Office InfoPath MUI (French) 2007 Microsoft Office Outlook MUI (French) 2007 Microsoft Office PowerPoint MUI (French) 2007 Microsoft Office Professional Plus 2007 Microsoft Office Professional Plus 2007 Microsoft Office Proof (Arabic) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (French) 2007 Microsoft Office Publisher MUI (French) 2007 Microsoft Office Shared MUI (French) 2007 Microsoft Office Word MUI (French) 2007 Microsoft Picture It! Photo 7.0 Microsoft Search Enhancement Pack Microsoft Silverlight Microsoft Sites publics français Microsoft Software Update for Web Folders (French) 12 Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Sync Framework Services Native v1.0 (x86) Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Works 7.0 Mise à jour critique pour Lecteur Windows Media 11 (KB959772) Mise à jour de sécurité pour Lecteur Windows Media (KB911564) Mise à jour de sécurité pour Lecteur Windows Media (KB952069) Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782) Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154) Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398) Mise à jour de sécurité pour Lecteur Windows Media 9 (KB911565) Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734) Mise à jour de sécurité pour Step by Step Interactive Training (KB898458) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027) Mise à jour de sécurité pour Windows XP (KB923561) Mise à jour de sécurité pour Windows XP (KB923689) Mise à jour de sécurité pour Windows XP (KB938464) Mise à jour de sécurité pour Windows XP (KB941569) Mise à jour de sécurité pour Windows XP (KB946648) Mise à jour de sécurité pour Windows XP (KB950760) Mise à jour de sécurité pour Windows XP (KB950762) Mise à jour de sécurité pour Windows XP (KB950974) Mise à jour de sécurité pour Windows XP (KB951066) Mise à jour de sécurité pour Windows XP (KB951376-v2) Mise à jour de sécurité pour Windows XP (KB951376) Mise à jour de sécurité pour Windows XP (KB951698) Mise à jour de sécurité pour Windows XP (KB951748) Mise à jour de sécurité pour Windows XP (KB952004) Mise à jour de sécurité pour Windows XP (KB952954) Mise à jour de sécurité pour Windows XP (KB953839) Mise à jour de sécurité pour Windows XP (KB954211) Mise à jour de sécurité pour Windows XP (KB954459) Mise à jour de sécurité pour Windows XP (KB954600) Mise à jour de sécurité pour Windows XP (KB955069) Mise à jour de sécurité pour Windows XP (KB956391) Mise à jour de sécurité pour Windows XP (KB956572) Mise à jour de sécurité pour Windows XP (KB956802) Mise à jour de sécurité pour Windows XP (KB956803) Mise à jour de sécurité pour Windows XP (KB956841) Mise à jour de sécurité pour Windows XP (KB957095) Mise à jour de sécurité pour Windows XP (KB957097) Mise à jour de sécurité pour Windows XP (KB958644) Mise à jour de sécurité pour Windows XP (KB958687) Mise à jour de sécurité pour Windows XP (KB958690) Mise à jour de sécurité pour Windows XP (KB959426) Mise à jour de sécurité pour Windows XP (KB960225) Mise à jour de sécurité pour Windows XP (KB960715) Mise à jour de sécurité pour Windows XP (KB960803) Mise à jour de sécurité pour Windows XP (KB961373) Mise à jour pour Windows XP (KB951072-v2) Mise à jour pour Windows XP (KB951978) Mise à jour pour Windows XP (KB955839) Mise à jour pour Windows XP (KB967715) MSVCRT MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB954430) Nero 6 Ultra Edition NeroVision Express 3 netbrdg Notifier NTI HomeVideo-Maker OfotoXMI OneCare Advisor (Windows Live Toolbar) OS Pack Works Suite Outil de téléchargement Windows Live Photo et imagerie HP 2.0 - All-in-One Photo et imagerie HP 2.0 - All-in-One Pilote Photo et imagerie HP 2.0 - hp psc 1200 series PIXresizer 1.0.9 PowerDVD PrintMaster Gold 4.00 QuickTime Realtek AC'97 Audio RF Wireless Device SAGEM F@st 800-840 Samsung PC Studio Secunia PSI Security Update for 2007 Microsoft Office System (KB951550) Security Update for 2007 Microsoft Office System (KB951944) Security Update for 2007 Microsoft Office System (KB960003) Security Update for CAPICOM (KB931906) Security Update for CAPICOM (KB931906) Security Update for Microsoft Office Excel 2007 (KB959997) Security Update for Microsoft Office PowerPoint 2007 (KB951338) Security Update for Microsoft Office Publisher 2007 (KB950114) Security Update for Microsoft Office system 2007 (KB954326) Security Update for Microsoft Office system 2007 (KB956828) Security Update for Microsoft Office Word 2007 (KB956358) Security Update for Visio 2007 (KB947590) Segoe UI SFR SHASTA skin0001 SKINXSDK Spy Sweeper Spy Sweeper Core Spybot - Search & Destroy Spyware Terminator staticcr Sélecteur d'installation de Microsoft Works Suite 2003 Sunbelt Personal Firewall TomTom HOME 2.5.2.60 tooltips Turbo Lister 2 Turbo Lister 2 Update for Microsoft Office Outlook 2007 (KB952142) Update for Office 2007 (KB946691) Update for Outlook 2007 Junk Email Filter (kb962871) UsbFix VC_MergeModuleToMSI VirtualDub 1.6.1 Fr Visual C++ 2008 x86 Runtime - (v9.0.30729) Visual C++ 2008 x86 Runtime - v9.0.30729.01 VPRINTOL WebFldrs XP Windows Defender Windows Genuine Advantage Notifications (KB905474) Windows Internet Explorer 7 Windows Live Call Windows Live Communications Platform Windows Live Favorites pour Windows Live Toolbar Windows Live Messenger Windows Live Toolbar Windows Media Format 11 runtime Windows Media Format 11 runtime Windows Media Player 11 Windows XP Service Pack 3 WinPatrol WIRELESS Wireless 802.11g USB Adapter Wireless 802.11g USB Adapter xp-AntiSpy 3.93 Zeb-Utility 1.2 Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 4820-7A50 Répertoire de C:\Program Files 18/04/2009 11:23 <REP> . 18/04/2009 11:23 <REP> .. 27/04/2006 16:58 <REP> Acer 15/03/2009 17:55 <REP> Adobe 04/05/2006 22:21 <REP> Ahead 27/04/2006 19:17 <REP> Alwil Software 18/04/2009 13:46 <REP> a-squared Free 03/05/2006 23:20 <REP> Astase 02/11/2007 21:04 <REP> Avira 16/02/2006 07:20 <REP> AvRack 19/01/2008 15:01 <REP> BillP Studios 27/12/2007 00:45 <REP> Change Extension 29/04/2006 10:17 <REP> CodeStuff 01/06/2006 17:58 <REP> ColiPoste 07/12/2005 06:41 <REP> ComPlus Applications 27/10/2008 00:06 <REP> CVitae 07/12/2005 07:08 <REP> CyberLink 19/08/2006 15:00 <REP> DivX 12/11/2004 10:41 57 344 DropMyRights.exe 22/11/2006 14:24 <REP> eBay 27/05/2006 15:45 <REP> Edu-Performance 09/11/2008 23:00 <REP> eMule 17/02/2007 14:56 <REP> ewido anti-malware 29/11/2006 03:36 <REP> FairUse Wizard 2 22/04/2009 20:55 <REP> Fichiers communs 14/01/2009 23:30 <REP> Google 17/02/2007 15:05 <REP> Grisoft 04/05/2006 22:32 <REP> Hewlett-Packard 16/04/2009 21:49 <REP> hijackthis 18/04/2009 03:08 <REP> Internet Explorer 14/09/2007 16:26 <REP> Inventel 08/04/2009 21:58 <REP> Java 04/05/2006 22:58 <REP> jv16 PowerTools 12/04/2009 09:48 <REP> jv16 PowerTools 2009 31/01/2008 18:25 <REP> KeirNet 27/12/2007 18:24 <REP> Kodak 22/04/2009 21:45 <REP> Lavasoft 12/04/2009 11:22 <REP> Malwarebytes' Anti-Malware 09/11/2008 23:22 <REP> Messenger 29/04/2006 09:52 <REP> Micro Application 30/12/2008 20:35 <REP> Microsoft 09/05/2007 15:18 <REP> Microsoft CAPICOM 2.1.0.2 28/04/2006 21:25 <REP> microsoft frontpage 27/12/2007 00:47 <REP> Microsoft LifeCam 12/04/2009 09:49 <REP> Microsoft Money 08/02/2008 18:25 <REP> Microsoft Office 17/05/2006 23:01 <REP> Microsoft Picture It! 7 04/03/2009 23:03 <REP> Microsoft Silverlight 27/03/2007 21:03 <REP> Microsoft Sites publics français 30/12/2008 20:36 <REP> Microsoft Sync Framework 09/11/2008 23:01 <REP> Microsoft Visual Studio 09/11/2008 23:02 <REP> Microsoft Works 27/04/2006 18:26 <REP> Microsoft Works Suite 2003 09/11/2008 23:01 <REP> Microsoft.NET 09/11/2008 23:20 <REP> Movie Maker 22/04/2009 21:55 <REP> Mozilla Firefox 08/02/2008 18:26 <REP> MSBuild 15/07/2007 16:42 <REP> MSN 16/02/2006 07:20 <REP> MSN Gaming Zone 17/11/2006 09:23 <REP> MSXML 4.0 09/11/2008 23:18 <REP> NetMeeting 17/05/2006 22:40 <REP> NewTech Infosystems 16/02/2006 07:20 <REP> Online Services 09/11/2008 23:18 <REP> Outlook Express 17/05/2006 22:39 <REP> PIXresizer 27/12/2007 18:29 <REP> QuickTime 16/02/2006 07:20 <REP> Realtek AC97 07/12/2005 06:54 <REP> Realtek Sound Manager 27/12/2007 00:48 <REP> RF Wireless Mouse 27/04/2006 18:06 <REP> SAGEM 09/11/2008 23:04 <REP> Samsung 09/04/2009 19:24 <REP> Secunia 23/04/2009 18:52 <REP> securite 03/10/2007 21:14 <REP> Services en ligne 18/04/2009 11:23 <REP> Softwin 30/03/2009 19:01 <REP> Spybot - Search & Destroy 09/11/2008 23:06 <REP> Spyware Terminator 02/06/2007 22:36 <REP> Sunbelt Software 15/07/2007 16:43 <REP> Symantec 06/10/2007 15:41 <REP> TELE2 06/12/2008 17:10 <REP> TomTom HOME 06/12/2008 17:12 <REP> TomTom HOME 2 27/04/2006 19:18 <REP> ToniArts 18/04/2009 11:15 <REP> TrojanHunter 5.0 17/05/2006 22:40 <REP> VirtualDub 15/09/2007 10:07 <REP> Wanadoo 15/04/2009 23:00 <REP> Webroot 12/04/2009 22:03 <REP> WinClamAVShield 13/04/2009 10:36 <REP> Windows Defender 21/03/2009 10:16 <REP> Windows Live 27/12/2007 18:23 <REP> Windows Live Favorites 30/12/2008 20:34 <REP> Windows Live SkyDrive 30/12/2008 20:36 <REP> Windows Live Toolbar 04/02/2007 23:45 <REP> Windows Media Connect 2 09/11/2008 23:18 <REP> Windows Media Player 09/11/2008 23:18 <REP> Windows NT 27/12/2007 00:50 <REP> WinRAR 16/02/2006 07:20 <REP> Wireless 802.11g USB Adapter 16/02/2006 07:20 <REP> xerox 27/04/2006 19:14 <REP> xp-AntiSpy 19/08/2006 14:49 <REP> XviD 14/05/2006 13:13 <REP> zeb protect 27/12/2007 18:28 <REP> Zeb-Utility 1 fichier(s) 57 344 octets 102 Rép(s) 73 928 650 752 octets libres Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 4820-7A50 Répertoire de C:\Program Files\fichiers communs 22/04/2009 20:55 <REP> . 22/04/2009 20:55 <REP> .. 15/03/2009 17:55 <REP> Adobe 04/05/2006 22:21 <REP> Ahead 27/04/2006 16:59 <REP> ArcSoft 09/11/2008 23:01 <REP> DESIGNER 28/04/2006 23:56 <REP> Hewlett-Packard 07/12/2005 07:08 <REP> InstallShield 07/12/2005 07:12 <REP> Java 27/12/2007 18:28 <REP> Kodak 06/03/2009 17:42 <REP> Microsoft Shared 16/02/2006 07:20 <REP> MSSoap 07/12/2005 07:06 <REP> muvee Technologies 16/02/2006 07:20 <REP> ODBC 16/02/2006 07:20 <REP> Services 18/04/2009 11:23 <REP> Softwin 16/02/2006 07:20 <REP> SpeechEngines 15/07/2007 16:43 <REP> Symantec Shared 09/11/2008 23:18 <REP> System 17/12/2008 10:15 <REP> Windows Live 0 fichier(s) 0 octets 20 Rép(s) 73 928 646 656 octets libres Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 4820-7A50 Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 09/11/2008 23:02 <REP> . 09/11/2008 23:02 <REP> .. 27/04/2006 18:31 <REP> 1033 09/11/2008 23:02 <REP> 1036 26/10/2006 20:49 970 528 MSONSEXT.DLL 26/10/2006 21:12 40 256 MSOSV.DLL 03/06/1999 13:09 122 937 MSOWS409.DLL 07/03/2001 08:00 127 033 MSOWS40c.DLL 29/01/2004 16:08 86 016 PKMWS.DLL 18/03/1999 06:37 593 977 RAGENT.DLL 6 fichier(s) 1 940 747 octets 4 Rép(s) 73 928 646 656 octets libres Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 4820-7A50 Répertoire de C:\ 24/05/2001 12:59 162 304 UNWISE.EXE 1 fichier(s) 162 304 octets 0 Rép(s) 73 928 646 656 octets libres Attention : C:\autorun.inf existe c:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\QuickTime 7.1.3.100\QuickTimeInstallerAdmin.exe c:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe c:\Documents and Settings\All Users\Application Data\Spyware Terminator\sp_rsdel.exe c:\Documents and Settings\celine\Application Data\U3\temp\cleanup.exe c:\Documents and Settings\celine\Application Data\U3\temp\Launchpad Removal.exe c:\Documents and Settings\emilie.M.LIONEL\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe c:\Documents and Settings\emilie.M.LIONEL\Application Data\MSNInstaller\msnauins.exe c:\Documents and Settings\lionel.B\.housecall\getMac.exe c:\Documents and Settings\lionel.B\.housecall\patch.exe c:\Documents and Settings\lionel.B\.housecall\tsc.exe c:\Documents and Settings\lionel.B\Application Data\Adobe\Acrobat\7.0\Updater\AdbeRdr709_en_US.exe c:\Documents and Settings\lionel.B\Application Data\Adobe\Acrobat\7.0\Updater\AdbeRdr710_en_US.exe c:\Documents and Settings\lionel.B\Application Data\LimeWire\.NetworkShare\LimeWireWin4.10.5.exe c:\Documents and Settings\lionel.B\Application Data\Microsoft\Installer\{69640730-B830-4C24-BB5C-222DA1260548}\ARPPRODUCTICON.exe c:\Documents and Settings\lionel.B\Application Data\Microsoft\Installer\{B72B0ECE-F41E-4EC4-AA37-1A00640680BF}\_1773C0A4E004EB4D3ECAE5.exe c:\Documents and Settings\lionel.B\Application Data\Microsoft\Installer\{B72B0ECE-F41E-4EC4-AA37-1A00640680BF}\_6FEFF9B68218417F98F549.exe c:\Documents and Settings\lionel.B\Application Data\Microsoft\Installer\{B72B0ECE-F41E-4EC4-AA37-1A00640680BF}\_C96AC1B409367E02762E8D.exe c:\Documents and Settings\lionel.B\Application Data\Microsoft\Installer\{BFD080F6-3BF0-40E1-9507-9CA969C35870}\ARPPRODUCTICON.exe c:\Documents and Settings\lionel.B\Application Data\Microsoft\Installer\{BFD080F6-3BF0-40E1-9507-9CA969C35870}\NewShortcut1_E659E0EE10E649B7869660F38D0EB174.exe c:\Documents and Settings\lionel.B\Application Data\Microsoft\Installer\{BFD080F6-3BF0-40E1-9507-9CA969C35870}\NewShortcut2_8315396A5EA1419DBEC4978284BDF556.exe c:\Documents and Settings\lionel.B\Application Data\Microsoft\Services Windows Live\Raccourci Galerie de Photos Windows Live.exe c:\Documents and Settings\lionel.B\Application Data\Microsoft\Services Windows Live\Raccourci Windows Live Messenger.exe c:\Documents and Settings\lionel.B\Application Data\U3\temp\cleanup.exe c:\Documents and Settings\lionel.B\Application Data\U3\temp\Launchpad Removal.exe c:\Documents and Settings\lionel.B\Bureau\ComboFix.exe c:\Documents and Settings\lionel.B\Bureau\DiagHelp\catchme.exe c:\Documents and Settings\lionel.B\Bureau\DiagHelp\diff.exe c:\Documents and Settings\lionel.B\Bureau\DiagHelp\dumphive.exe c:\Documents and Settings\lionel.B\Bureau\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\lionel.B\Bureau\DiagHelp\find2.exe c:\Documents and Settings\lionel.B\Bureau\DiagHelp\Fport.exe c:\Documents and Settings\lionel.B\Bureau\DiagHelp\grep.exe c:\Documents and Settings\lionel.B\Bureau\DiagHelp\gzip.exe c:\Documents and Settings\lionel.B\Bureau\DiagHelp\KProcCheck.exe c:\Documents and Settings\lionel.B\Bureau\DiagHelp\LFiles.exe c:\Documents and Settings\lionel.B\Bureau\DiagHelp\LISTDLLS.exe c:\Documents and Settings\lionel.B\Bureau\DiagHelp\mbr.exe c:\Documents and Settings\lionel.B\Bureau\DiagHelp\md5sums.exe c:\Documents and Settings\lionel.B\Bureau\DiagHelp\Psinfo.exe c:\Documents and Settings\lionel.B\Bureau\DiagHelp\pslist.exe c:\Documents and Settings\lionel.B\Bureau\DiagHelp\sigcheck.exe c:\Documents and Settings\lionel.B\Bureau\DiagHelp\streams.exe c:\Documents and Settings\lionel.B\Bureau\DiagHelp\swreg.exe c:\Documents and Settings\lionel.B\Bureau\DiagHelp\tar.exe c:\Documents and Settings\lionel.B\Incomplete\T-5916992-ewido-setup.exe c:\Documents and Settings\lionel.B\Local Settings\Application Data\Adobe\Reader 9.0\Setup Files\Setup.exe c:\Documents and Settings\lionel.B\Local Settings\temp\jkos-lionel.B\binaries\ScanningProcess.exe c:\Documents and Settings\lionel.B\Mes documents\Ma musique\pagedefrag_2.21_fr\pagedfrg.exe c:\Documents and Settings\lionel.B\Mes documents\TomTom\HOME\Backup\TomTom\Backup01\InternalMemory\InstallTomTomHOME.exe c:\Documents and Settings\lionel.B\Shared\ewidoguard.exe c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aecore.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aeemu.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aegen.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aehelp.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aeheur.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aeoffice.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aepack.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aerdl.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aescn.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aescript.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aevdf.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\avewin32.dll c:\Documents and Settings\All Users\Application Data\Grisoft\AVG Anti-Spyware 7.5\Downloads\help.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll c:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Default\MpEngine.dll c:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{4B25CFCD-5C4C-4FF7-8A0B-9D1ABBDB1F6E}\mpengine.dll c:\Documents and Settings\celine\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\celine\Application Data\Sun\Java\Deployment\cache\6.0\15\4e09eacf-5616cd43-n\Decora-D3D.dll c:\Documents and Settings\celine\Application Data\Sun\Java\Deployment\cache\6.0\33\258cea61-77ba1270-n\jmc.dll c:\Documents and Settings\celine\Application Data\Sun\Java\Deployment\cache\6.0\33\258cea61-77ba1270-n\msvcp71.dll c:\Documents and Settings\celine\Application Data\Sun\Java\Deployment\cache\6.0\33\258cea61-77ba1270-n\msvcr71.dll c:\Documents and Settings\celine\Application Data\Sun\Java\Deployment\cache\6.0\45\4f710eed-61835d18-n\gluegen-rt.dll c:\Documents and Settings\celine\Application Data\Sun\Java\Deployment\cache\6.0\50\5b902232-74c7263f-n\Decora-SSE.dll c:\Documents and Settings\celine\Application Data\Sun\Java\Deployment\cache\6.0\62\6baea4fe-3863f588-n\jogl.dll c:\Documents and Settings\celine\Application Data\Sun\Java\Deployment\cache\6.0\62\6baea4fe-3863f588-n\jogl_awt.dll c:\Documents and Settings\celine\Application Data\Sun\Java\Deployment\cache\6.0\62\6baea4fe-3863f588-n\jogl_cg.dll c:\Documents and Settings\lionel.B\Application Data\Microsoft\IdentityCRL\PROD\ppcrlconfig.dll c:\Documents and Settings\lionel.B\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\lionel.B\Application Data\Microsoft\Services Windows Live\Services Windows Live.dll c:\Documents and Settings\lionel.B\Application Data\Sun\Java\Deployment\cache\6.0\15\4e09eacf-5bb73974-n\Decora-D3D.dll c:\Documents and Settings\lionel.B\Application Data\Sun\Java\Deployment\cache\6.0\33\258cea61-3ca6db27-n\jmc.dll c:\Documents and Settings\lionel.B\Application Data\Sun\Java\Deployment\cache\6.0\33\258cea61-3ca6db27-n\msvcp71.dll c:\Documents and Settings\lionel.B\Application Data\Sun\Java\Deployment\cache\6.0\33\258cea61-3ca6db27-n\msvcr71.dll c:\Documents and Settings\lionel.B\Application Data\Sun\Java\Deployment\cache\6.0\45\4f710eed-6cc71924-n\gluegen-rt.dll c:\Documents and Settings\lionel.B\Application Data\Sun\Java\Deployment\cache\6.0\50\5b902232-5ea02bea-n\Decora-SSE.dll c:\Documents and Settings\lionel.B\Application Data\Sun\Java\Deployment\cache\6.0\62\6baea4fe-56281cb9-n\jogl.dll c:\Documents and Settings\lionel.B\Application Data\Sun\Java\Deployment\cache\6.0\62\6baea4fe-56281cb9-n\jogl_awt.dll c:\Documents and Settings\lionel.B\Application Data\Sun\Java\Deployment\cache\6.0\62\6baea4fe-56281cb9-n\jogl_cg.dll c:\Documents and Settings\lionel.B\Application Data\Sun\Java\jre1.6.0_13\lzma.dll c:\Documents and Settings\lionel.B\Application Data\TomTom\HOME\Profiles\4jkk4fva.default\extensions\Navcore.7.831.8706@tomtom.com\7-831-8706-1.dll ****** Fin du rapport DiagHelp Veuillez svp envoyer le fichier C:\upload_moi_LIONEL.tar.gz a l'adresse http://upload.malekal.com

la mise a jour ne veut pas partir + ventilo a fond

bonsoir ComboFix 09-04-23.02 - lionel.B 22/04/2009 20:51.1 - NTFSx86 Lancé depuis: c:\documents and settings\lionel.B\Bureau\ComboFix.exe . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\lionel.B\Application Data\Microsoft\SystemCertificates\Request c:\windows\pack.epk . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_poof ((((((((((((((((((((((((((((( Fichiers créés du 2009-03-22 au 2009-04-22 )))))))))))))))))))))))))))))))))))) . 2009-04-21 20:12 . 2009-04-21 20:12 -------- d-sh--w c:\documents and settings\lionel.B\UserData 2009-04-21 14:59 . 2009-04-21 14:59 12697600 ----a-w C:\upload_moi_LIONEL.tar.gz 2009-04-19 13:03 . 2009-04-19 13:03 -------- d-sha-r C:\autorun.inf 2009-04-19 11:00 . 2009-04-19 13:03 -------- d-----w C:\UsbFix 2009-04-18 09:32 . 2009-04-18 09:32 -------- d-----w c:\documents and settings\lionel.B\Application Data\Bitdefender 2009-04-18 09:27 . 2009-04-20 20:16 81984 ----a-w c:\windows\system32\bdod.bin 2009-04-18 09:23 . 2009-04-18 09:24 -------- d-----w c:\documents and settings\All Users\Application Data\BitDefender 2009-04-18 01:04 . 2009-04-18 01:04 150 ----a-w c:\windows\system32\spupdsvc.inf 2009-04-17 04:21 . 2009-02-06 10:10 227840 ------w c:\windows\system32\dllcache\wmiprvse.exe 2009-04-17 04:21 . 2009-03-06 14:20 286720 ------w c:\windows\system32\dllcache\pdh.dll 2009-04-17 04:21 . 2009-02-09 11:23 111104 ------w c:\windows\system32\dllcache\services.exe 2009-04-17 04:21 . 2009-02-09 10:53 473600 ------w c:\windows\system32\dllcache\fastprox.dll 2009-04-17 04:21 . 2009-02-09 10:53 401408 ------w c:\windows\system32\dllcache\rpcss.dll 2009-04-17 04:21 . 2009-02-09 10:53 735744 ------w c:\windows\system32\dllcache\lsasrv.dll 2009-04-17 04:21 . 2009-02-09 10:53 685568 ------w c:\windows\system32\dllcache\advapi32.dll 2009-04-17 04:21 . 2009-02-09 10:53 453120 ------w c:\windows\system32\dllcache\wmiprvsd.dll 2009-04-17 04:21 . 2009-02-09 10:53 739840 ------w c:\windows\system32\dllcache\ntdll.dll 2009-04-17 04:20 . 2008-12-16 12:31 354304 ------w c:\windows\system32\dllcache\winhttp.dll 2009-04-17 04:20 . 2009-03-27 06:54 1203922 ------w c:\windows\system32\dllcache\sysmain.sdb 2009-04-17 04:20 . 2008-04-21 21:15 219136 ------w c:\windows\system32\dllcache\wordpad.exe 2009-04-15 21:00 . 2009-04-15 21:16 -------- d-----w c:\documents and settings\All Users\Application Data\Webroot 2009-04-15 21:00 . 2009-04-15 21:00 -------- d-----w c:\documents and settings\lionel.B\Application Data\Webroot 2009-04-15 21:00 . 2009-04-06 11:32 1563008 ----a-w c:\windows\WRSetup.dll 2009-04-15 20:59 . 2009-04-15 20:59 164 ----a-w c:\windows\install.dat 2009-04-15 20:17 . 2009-04-15 20:17 -------- d-----w c:\documents and settings\lionel.B\Application Data\TrojanHunter 2009-04-15 05:21 . 2009-04-14 20:57 15688 ----a-w c:\windows\system32\lsdelete.exe 2009-04-14 21:21 . 2009-04-14 21:21 -------- d-----w c:\documents and settings\LocalService\Bureau 2009-04-14 20:57 . 2009-04-14 20:56 64160 ----a-w c:\windows\system32\drivers\Lbd.sys 2009-04-14 20:55 . 2009-04-14 20:55 -------- dc-h--w c:\documents and settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800} 2009-04-14 20:55 . 2009-04-14 20:57 -------- d-----w c:\documents and settings\All Users\Application Data\Lavasoft 2009-04-09 21:18 . 2009-04-09 21:18 23 --sha-w c:\windows\system32\edacded0_x.dat 2009-04-09 21:18 . 2009-04-09 21:18 23 ----a-w c:\windows\system32\bcdadac7_x.xml 2009-04-08 19:56 . 2009-04-08 19:56 73728 ----a-w c:\windows\system32\javacpl.cpl 2009-04-08 19:56 . 2009-04-08 19:56 410984 ----a-w c:\windows\system32\deploytk.dll 2009-04-07 20:20 . 2009-04-16 19:52 -------- d-----w C:\rsit 2009-04-04 20:52 . 2009-04-04 20:52 8192 --sha-w c:\windows\Thumbs.db 2009-04-02 12:30 . 2009-04-02 12:30 176752 ----a-w c:\windows\system32\drivers\ssidrv.sys 2009-04-02 12:30 . 2009-04-02 12:30 23152 ----a-w c:\windows\system32\drivers\sshrmd.sys 2009-04-02 12:30 . 2009-04-02 12:30 29808 ----a-w c:\windows\system32\drivers\ssfs0bbc.sys 2009-03-29 19:05 . 2009-03-29 19:05 54156 ---ha-w c:\windows\QTFont.qfn 2009-03-29 19:05 . 2009-03-29 19:05 1409 ----a-w c:\windows\QTFont.for 2009-03-24 11:03 . 2009-03-24 11:03 7808 ----a-w c:\windows\system32\drivers\psi_mf.sys . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-04-22 19:01 . 2009-04-15 21:03 1340 ----a-w C:\aaw7boot.log 2009-04-22 15:17 . 2008-11-09 21:07 -------- d-----r c:\program files\securite 2009-04-22 15:11 . 2006-04-29 08:01 336315 ----a-w C:\hpfr3425.log 2009-04-22 15:11 . 2006-04-29 08:01 525 ----a-w C:\hpfr3420.xml 2009-04-21 15:00 . 2007-10-13 07:37 69462 ----a-w C:\resultat.txt 2009-04-19 13:03 . 2009-04-19 12:58 3106 ----a-w C:\UsbFix.txt 2009-04-18 11:46 . 2006-08-01 21:19 -------- d-----w c:\program files\a-squared Free 2009-04-18 10:37 . 2008-08-07 06:20 347 ----a-w C:\TB.txt 2009-04-18 09:23 . 2009-04-18 09:21 -------- d-----w c:\program files\Fichiers communs\Softwin 2009-04-18 09:23 . 2009-04-18 09:23 -------- d-----w c:\program files\Softwin 2009-04-18 09:20 . 2007-06-11 13:54 -------- d-----w c:\documents and settings\lionel.B\Application Data\Samsung 2009-04-18 09:20 . 2005-12-07 05:15 -------- d--h--w c:\program files\InstallShield Installation Information 2009-04-18 09:15 . 2009-04-15 20:08 -------- d-----w c:\program files\TrojanHunter 5.0 2009-04-18 01:21 . 2005-12-07 05:00 65362 ----a-w c:\windows\system32\perfc00C.dat 2009-04-18 01:21 . 2005-12-07 05:00 449322 ----a-w c:\windows\system32\perfh00C.dat 2009-04-18 01:03 . 2008-02-08 16:12 -------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help 2009-04-15 21:00 . 2009-04-15 21:00 -------- d-----w c:\program files\Webroot 2009-04-14 20:55 . 2006-04-27 17:09 -------- d-----w c:\program files\Lavasoft 2009-04-13 08:36 . 2009-04-13 08:36 -------- d-----w c:\program files\Windows Defender 2009-04-12 20:03 . 2008-02-10 17:41 -------- d-----w c:\program files\WinClamAVShield 2009-04-12 20:02 . 2008-01-23 19:07 -------- d-----w c:\documents and settings\lionel.B\Application Data\Spyware Terminator 2009-04-12 09:22 . 2008-08-06 19:36 -------- d-----w c:\program files\Malwarebytes' Anti-Malware 2009-04-12 07:49 . 2008-01-23 19:07 -------- d-----w c:\documents and settings\All Users\Application Data\Spyware Terminator 2009-04-12 07:49 . 2006-04-27 16:50 -------- d-----w c:\program files\Microsoft Money 2009-04-12 07:48 . 2009-04-09 21:18 -------- d-----w c:\program files\jv16 PowerTools 2009 2009-04-09 17:24 . 2009-04-09 17:24 -------- d-----w c:\program files\Secunia 2009-04-08 19:58 . 2009-04-08 19:58 7656 ----a-w C:\JavaRa.log 2009-04-08 19:58 . 2005-12-07 05:13 -------- d-----w c:\program files\Java 2009-04-06 13:32 . 2008-08-06 19:36 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys 2009-04-06 13:32 . 2008-08-06 19:36 15504 ----a-w c:\windows\system32\drivers\mbam.sys 2009-03-30 17:01 . 2006-04-27 17:10 -------- d-----w c:\program files\Spybot - Search & Destroy 2009-03-21 14:07 . 2009-03-21 14:07 1054720 ------w c:\windows\system32\dllcache\kernel32.dll 2009-03-21 08:16 . 2008-12-17 08:25 -------- d-----w c:\program files\Windows Live 2009-03-15 15:55 . 2005-12-07 05:02 -------- d-----w c:\program files\Fichiers communs\Adobe 2009-03-08 10:51 . 2006-04-27 17:10 -------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-03-06 14:20 . 2004-08-05 05:00 286720 ------w c:\windows\system32\pdh.dll 2009-03-04 21:03 . 2009-03-04 21:03 -------- d-----w c:\program files\Microsoft Silverlight 2009-03-03 00:13 . 2005-07-03 02:16 826368 ----a-w c:\windows\system32\wininet.dll 2009-03-03 00:13 . 2005-07-03 02:16 826368 ----a-w c:\windows\system32\dllcache\wininet.dll 2009-02-28 04:54 . 2004-08-05 05:00 636072 ----a-w c:\windows\system32\dllcache\iexplore.exe 2009-02-20 10:20 . 2007-05-09 13:05 13824 ------w c:\windows\system32\dllcache\ieudinit.exe 2009-02-20 10:20 . 2004-08-05 05:00 70656 ----a-w c:\windows\system32\dllcache\ie4uinit.exe 2009-02-20 05:14 . 2004-08-05 05:00 161792 ----a-w c:\windows\system32\dllcache\ieakui.dll 2009-02-12 07:48 . 2006-11-08 20:50 97712 ----a-w c:\documents and settings\celine\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-02-10 17:06 . 2008-10-15 19:30 2068096 ------w c:\windows\system32\dllcache\ntkrnlpa.exe 2009-02-10 17:06 . 2005-03-02 18:07 2068096 ------w c:\windows\system32\ntkrnlpa.exe 2009-02-09 14:05 . 2008-10-15 19:30 1846912 ------w c:\windows\system32\dllcache\win32k.sys 2009-02-09 14:05 . 2005-03-02 18:07 1846912 ----a-w c:\windows\system32\win32k.sys 2009-02-09 11:24 . 2008-10-15 19:30 2191104 ------w c:\windows\system32\dllcache\ntoskrnl.exe 2009-02-09 11:24 . 2005-03-02 18:08 2191104 ------w c:\windows\system32\ntoskrnl.exe 2009-02-09 11:23 . 2008-10-15 19:30 2025984 ------w c:\windows\system32\dllcache\ntkrpamp.exe 2009-02-09 11:23 . 2008-10-15 19:30 2147328 ------w c:\windows\system32\dllcache\ntkrnlmp.exe 2009-02-09 11:23 . 2004-08-05 05:00 111104 ----a-w c:\windows\system32\services.exe 2009-02-09 10:53 . 2004-10-28 01:24 735744 ----a-w c:\windows\system32\lsasrv.dll 2009-02-09 10:53 . 2005-04-28 19:32 401408 ----a-w c:\windows\system32\rpcss.dll 2009-02-09 10:53 . 2004-08-05 05:00 739840 ----a-w c:\windows\system32\ntdll.dll 2009-02-09 10:53 . 2004-08-05 05:00 685568 ----a-w c:\windows\system32\advapi32.dll 2009-02-06 17:52 . 2009-02-06 17:52 49504 ----a-w c:\windows\system32\sirenacm.dll 2009-02-06 10:39 . 2004-08-05 05:00 35328 ----a-w c:\windows\system32\dllcache\sc.exe 2009-02-06 10:39 . 2004-08-05 05:00 35328 ------w c:\windows\system32\sc.exe 2009-02-03 19:58 . 2009-02-03 19:58 56832 ------w c:\windows\system32\dllcache\secur32.dll 2009-02-03 19:58 . 2004-08-05 05:00 56832 ----a-w c:\windows\system32\secur32.dll 2009-01-11 21:41 . 2008-04-06 21:32 655 ---ha-w c:\documents and settings\lionel.B\hpothb07.dat 2008-04-06 21:35 . 2008-08-29 07:03 0 ---ha-w c:\documents and settings\TEMP\Application Data\hpothb07.dat 2008-04-06 21:35 . 2008-08-29 07:03 0 ---ha-w c:\documents and settings\TEMP\hpothb07.dat 2008-04-06 21:35 . 2008-04-06 21:35 0 ---ha-w c:\documents and settings\Default User\hpothb07.dat 2008-04-06 21:32 . 2008-04-06 21:32 196 ---ha-w c:\documents and settings\emilie.M.LIONEL\Application Data\hpothb07.dat 2008-04-06 21:31 . 2008-04-06 21:19 341 ---ha-w c:\documents and settings\emilie.M.LIONEL\hpothb07.dat 2008-02-09 12:08 . 2006-05-06 17:30 97328 ----a-w c:\documents and settings\lionel.B\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2006-12-05 15:19 . 2006-12-05 15:19 75016 ----a-w c:\documents and settings\emilie.M.LIONEL\Application Data\GDIPFONTCACHEV1.DAT 2006-07-29 13:55 . 2006-05-20 13:35 75016 ----a-w c:\documents and settings\emilie.M.LIONEL\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2006-05-17 21:03 . 2006-05-07 06:52 75016 ----a-w c:\documents and settings\LocalService\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2006-04-28 22:31 . 2006-04-28 22:31 131 ------w c:\documents and settings\lionel.B\Local Settings\Application Data\fusioncache.dat 2005-12-07 04:59 . 2008-08-29 07:03 135 ----a-w c:\documents and settings\TEMP\Local Settings\Application Data\fusioncache.dat 2005-12-07 04:59 . 2006-05-05 14:29 135 ----a-w c:\documents and settings\celine\Local Settings\Application Data\fusioncache.dat 2005-12-07 04:59 . 2006-04-27 20:34 135 ----a-w c:\documents and settings\emilie.M.LIONEL\Local Settings\Application Data\fusioncache.dat 2005-12-07 04:59 . 2006-04-27 17:47 135 ------w c:\documents and settings\celine.B\Local Settings\Application Data\fusioncache.dat 2004-11-12 08:41 . 2004-11-12 08:41 57344 ------w c:\program files\DropMyRights.exe 2007-08-09 21:00 . 2006-12-02 14:57 10022 --sha-w c:\windows\system32\KGyGaAvL.sys 2008-07-25 11:22 . 2008-07-25 11:22 32768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008072520080726\index.dat . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\progra~1\WI1F86~1\MESSEN~1\msnmsgr.exe" [2009-02-06 3885408] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-15 68856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Start RF Wireless Mouse"="c:\program files\RF Wireless Mouse\cm20.exe" [2002-01-31 61440] "avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-07-17 266497] "WinPatrol"="c:\program files\BillP Studios\WinPatrol\winpatrol.exe" [2005-12-12 222784] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-04-08 148888] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-09-01 282624] c:\documents and settings\TEMP\Menu D‚marrer\Programmes\D‚marrage\ prf3A.tmp [2008-8-29 0] c:\documents and settings\emilie.M.LIONEL\Menu D‚marrer\Programmes\D‚marrage\ Event Reminder.lnk - c:\pmw\PMREMIND.EXE [1997-11-3 254128] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0\0lsdelete\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService] @="Service" [HKLM\~\startupfolder\C:^Documents and Settings^celine^Menu Démarrer^Programmes^Démarrage^desktop.ini] backup=c:\windows\pss\desktop.iniStartup [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2009-03-24 7808] R4 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2009-04-14 951632] R4 spupdsvc;Windows Service Pack Installer update service;c:\windows\system32\spupdsvc.exe [2008-07-09 26488] R4 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [2006-11-03 13592] R4 WRConsumerService;Webroot Client Service;c:\program files\Webroot\WebrootSecurity\WRConsumerService.exe [2009-04-15 1181040] S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2009-04-14 64160] S0 ssfs0bbc;ssfs0bbc;c:\windows\system32\DRIVERS\ssfs0bbc.sys [2009-04-02 29808] S1 fwdrv;Firewall Driver;c:\windows\system32\drivers\fwdrv.sys [2007-04-26 302000] S1 khips;Kerio HIPS Driver;c:\windows\system32\drivers\khips.sys [2007-04-26 72624] S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2008-05-04 141312] S2 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656] S2 SPF4;Sunbelt Personal Firewall 4;c:\program files\Sunbelt Software\Personal Firewall\kpf4ss.exe [2007-04-26 1234480] . Contenu du dossier 'Tâches planifiées' 2009-04-14 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 20:56] 2006-04-28 c:\windows\Tasks\FRU Task 2003-04-06 08:52ewlett-Packard2003-04-06 08:52p psc 1200 series5E771253C1676EBED677BF361FDFC537825E15B8146261661.job - c:\program files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-05 22:52] 2007-10-27 c:\windows\Tasks\Microsoft_Hardware_Launch_LifeExp_exe.job - c:\program files\Microsoft LifeCam\LifeExp.exe [2007-05-17 21:45] 2007-10-27 c:\windows\Tasks\Microsoft_Hardware_Launch_vVX1000_exe.job - c:\windows\vVX1000.exe [2007-10-27 21:46] 2009-04-19 c:\windows\Tasks\MP Scheduled Scan.job - c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20] . . ------- Examen supplémentaire ------- . uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Connection Wizard,ShellNext = iexplore uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: &eBay Search IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx IE: Crawler Search - tbr:iemenu IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000 DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} - hxxps://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.1.cab FF - ProfilePath - c:\documents and settings\lionel.B\Application Data\Mozilla\Firefox\Profiles\foqfckpk.default\ FF - prefs.js: browser.search.selectedEngine - Live Search FF - prefs.js: browser.startup.homepage - hxxp://fr.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA5&q= . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-04-22 21:07 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'explorer.exe'(3704) c:\program files\RF Wireless Mouse\NoEdge.dll c:\program files\RF Wireless Mouse\ASDll.dll c:\windows\system32\eappprxy.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Autres processus actifs ------------------------ . c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe c:\program files\Acer\Acer eConsole\MediaServerService.exe c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe c:\program files\Microsoft LifeCam\MSCamS32.exe c:\program files\Spyware Terminator\sp_rsser.exe c:\program files\Webroot\WebrootSecurity\SpySweeper.exe c:\program files\Sunbelt Software\Personal Firewall\kpf4gui.exe c:\windows\system32\wscntfy.exe c:\program files\Sunbelt Software\Personal Firewall\kpf4gui.exe c:\program files\Windows Live\Contacts\wlcomm.exe c:\program files\Windows Live\Messenger\wlcsdk.exe . ************************************************************************** . Heure de fin: 2009-04-22 21:11 - La machine a redémarré ComboFix-quarantined-files.txt 2009-04-22 19:11 Avant-CF: 73 424 416 768 octets libres Après-CF: 73 824 948 224 octets libres WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect 260 --- E O F --- 2009-04-18 01:08

bonsoir je n arrive pas asupprimer autorun.inf de plus l anti virus plante pendant sa mise a jour que faire ??

bonjour DiagHelp version v1.4 - http://www.malekal.com excute le 21/04/2009 à 16:55:28,17 System information for \\LIONEL: Uptime: Error reading uptime Kernel version: Microsoft Windows XP, Uniprocessor Free Product type: Professional Product version: 5.1 Service pack: 3 Kernel build number: 2600 Registered organization: Registered owner: lionel.B Install date: 27/04/2006, 16:55:54 Activation status: Error reading status IE version: 7.0000 System root: C:\WINDOWS Processors: 1 Processor speed: 1.8 GHz Processor type: AMD Sempron Processor 3100+ Physical memory: 448 MB Video driver: VIA/S3G UniChrome Pro IGP Volume Type Format Label Size Free Free C: Fixed NTFS ACER 90.96 GB 68.57 GB 75.4% D: Fixed FAT32 ACERDATA 91.43 GB 71.78 GB 78.5% E: CD-ROM 0.0% F: Removable 0.0% G: Removable 0.0% H: Removable 0.0% I: Removable 0.0% J: Removable FAT CLE USB 480.10 MB 462.59 MB 96.4% C:\WINDOWS\System32\drivers\Lbd.sys -->14/04/2009 22:56:59 C:\WINDOWS\System32\drivers\mbamswissarmy.sys -->06/04/2009 15:32:54 C:\WINDOWS\System32\drivers\mbam.sys -->06/04/2009 15:32:46 C:\WINDOWS\System32\drivers\ssidrv.sys -->02/04/2009 14:30:12 C:\WINDOWS\System32\drivers\sshrmd.sys -->02/04/2009 14:30:10 C:\WINDOWS\System32\drivers\ssfs0bbc.sys -->02/04/2009 14:30:08 C:\WINDOWS\System32\drivers\psi_mf.sys -->24/03/2009 13:03:08 C:\WINDOWS\System32\bdod.bin -->20/04/2009 22:16:31 C:\WINDOWS\System32\wpa.dbl -->20/04/2009 22:04:06 C:\WINDOWS\System32\bdss.log -->20/04/2009 21:49:59 C:\WINDOWS\System32\PerfStringBackup.INI -->18/04/2009 03:21:11 C:\WINDOWS\System32\perfh00C.dat -->18/04/2009 03:21:11 C:\WINDOWS\System32\perfh009.dat -->18/04/2009 03:21:11 C:\WINDOWS\System32\perfc00C.dat -->18/04/2009 03:21:11 C:\WINDOWS\System32\perfc009.dat -->18/04/2009 03:21:11 C:\WINDOWS\System32\spupdsvc.inf -->18/04/2009 03:04:30 C:\WINDOWS\System32\streamhlp.dll -->15/04/2009 22:08:40 C:\WINDOWS\System32\lsdelete.exe -->14/04/2009 22:57:07 C:\WINDOWS\System32\edacded0_x.dat -->09/04/2009 23:18:29 C:\WINDOWS\System32\bcdadac7_x.xml -->09/04/2009 23:18:29 C:\WINDOWS\System32\javaws.exe -->08/04/2009 21:56:12 C:\WINDOWS\System32\javaw.exe -->08/04/2009 21:56:12 C:\WINDOWS\System32\javacpl.cpl -->08/04/2009 21:56:12 C:\WINDOWS\System32\java.exe -->08/04/2009 21:56:12 C:\WINDOWS\System32\deploytk.dll -->08/04/2009 21:56:12 C:\WINDOWS\System32\MRT.exe -->06/04/2009 16:57:24 C:\WINDOWS\System32\capicom.dll -->06/04/2009 13:26:46 C:\WINDOWS\System32\wrLZMA.dll -->02/04/2009 14:30:04 C:\WINDOWS\System32\SsiEfr.exe -->02/04/2009 14:29:56 C:\WINDOWS\System32\kernel32.dll -->21/03/2009 16:07:58 C:\WINDOWS\System32\FNTCACHE.DAT -->12/03/2009 18:57:00 C:\WINDOWS\System32\pdh.dll -->06/03/2009 16:20:52 C:\WINDOWS\WindowsUpdate.log -->21/04/2009 16:48:33 C:\WINDOWS\wiadebug.log -->20/04/2009 22:21:40 C:\WINDOWS\wmsetup.log -->20/04/2009 22:05:59 C:\WINDOWS\0.log -->19/04/2009 15:25:39 C:\WINDOWS\wiaservc.log -->19/04/2009 15:24:19 C:\WINDOWS\bootstat.dat -->19/04/2009 15:23:12 C:\WINDOWS\setupapi.log -->18/04/2009 11:18:46 C:\WINDOWS\tsoc.log -->18/04/2009 03:08:47 C:\WINDOWS\ocmsn.log -->18/04/2009 03:08:47 C:\WINDOWS\ocgen.log -->18/04/2009 03:08:47 C:\WINDOWS\ntdtcsetup.log -->18/04/2009 03:08:47 C:\WINDOWS\msgsocm.log -->18/04/2009 03:08:47 C:\WINDOWS\KB959426.log -->18/04/2009 03:08:47 C:\WINDOWS\imsins.log -->18/04/2009 03:08:47 C:\WINDOWS\iis6.log -->18/04/2009 03:08:47 Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 4820-7A50 Répertoire de C:\WINDOWS 18/04/2009 03:03 <REP> $hf_mig$ 04/05/2006 22:20 <REP> $MSI31Uninstall_KB893803v2$ 25/07/2008 11:16 <REP> $NtServicePackUninstall$ 03/12/2006 10:25 <REP> $NtServicePackUninstallIDNMitigationAPIs$ 03/12/2006 10:25 <REP> $NtServicePackUninstallNLSDownlevelMapping$ 16/02/2006 07:21 <REP> $NtUninstallKB867282$ 16/02/2006 07:21 <REP> $NtUninstallKB873333$ 16/02/2006 07:21 <REP> $NtUninstallKB873339$ 16/02/2006 07:21 <REP> $NtUninstallKB883939$ 16/02/2006 07:21 <REP> $NtUninstallKB885250$ 16/02/2006 07:21 <REP> $NtUninstallKB885835$ 16/02/2006 07:21 <REP> $NtUninstallKB885836$ 29/04/2006 00:32 <REP> $NtUninstallKB885884$ 04/05/2006 22:21 <REP> $NtUninstallKB886185$ 16/02/2006 07:21 <REP> $NtUninstallKB887472$ 04/05/2006 22:58 <REP> $NtUninstallKB887742$ 16/02/2006 07:21 <REP> $NtUninstallKB888113$ 16/02/2006 07:21 <REP> $NtUninstallKB888302$ 16/02/2006 07:21 <REP> $NtUninstallKB890046$ 16/02/2006 07:21 <REP> $NtUninstallKB890046_0$ 16/02/2006 07:21 <REP> $NtUninstallKB890047$ 16/02/2006 07:21 <REP> $NtUninstallKB890175$ 16/02/2006 07:21 <REP> $NtUninstallKB890859$ 16/02/2006 07:21 <REP> $NtUninstallKB890923$ 16/02/2006 07:21 <REP> $NtUninstallKB891781$ 16/02/2006 07:21 <REP> $NtUninstallKB893086$ 16/02/2006 07:21 <REP> $NtUninstallKB893357$ 16/02/2006 07:21 <REP> $NtUninstallKB893756$ 16/02/2006 07:21 <REP> $NtUninstallKB894391$ 16/02/2006 07:21 <REP> $NtUninstallKB896358$ 16/02/2006 07:21 <REP> $NtUninstallKB896422$ 16/02/2006 07:21 <REP> $NtUninstallKB896423$ 04/05/2006 22:58 <REP> $NtUninstallKB896424$ 16/02/2006 07:21 <REP> $NtUninstallKB896428$ 16/02/2006 07:21 <REP> $NtUninstallKB896727$ 16/02/2006 07:21 <REP> $NtUninstallKB898458$ 27/04/2006 23:29 <REP> $NtUninstallKB898461$ 16/02/2006 07:21 <REP> $NtUninstallKB899587$ 16/02/2006 07:21 <REP> $NtUninstallKB899588$ 16/02/2006 07:21 <REP> $NtUninstallKB899591$ 04/05/2006 22:58 <REP> $NtUninstallKB900485$ 04/05/2006 22:21 <REP> $NtUninstallKB900725$ 04/05/2006 22:58 <REP> $NtUninstallKB901017$ 04/05/2006 22:21 <REP> $NtUninstallKB901190$ 16/02/2006 07:21 <REP> $NtUninstallKB901214$ 04/05/2006 22:21 <REP> $NtUninstallKB902400$ 16/02/2006 07:21 <REP> $NtUninstallKB903235$ 04/05/2006 22:21 <REP> $NtUninstallKB904706$ 03/12/2006 10:24 <REP> $NtUninstallKB904942$ 04/05/2006 22:21 <REP> $NtUninstallKB905414$ 04/05/2006 22:21 <REP> $NtUninstallKB905749$ 04/05/2006 22:21 <REP> $NtUninstallKB908519$ 04/05/2006 22:21 <REP> $NtUninstallKB908531$ 04/05/2006 22:58 <REP> $NtUninstallKB910437$ 17/06/2006 08:17 <REP> $NtUninstallKB911280$ 04/05/2006 22:58 <REP> $NtUninstallKB911562$ 04/05/2006 22:58 <REP> $NtUninstallKB911564$ 04/05/2006 22:21 <REP> $NtUninstallKB911565$ 04/05/2006 22:21 <REP> $NtUninstallKB911567$ 04/05/2006 22:58 <REP> $NtUninstallKB911927$ 04/05/2006 22:21 <REP> $NtUninstallKB912812$ 04/05/2006 22:21 <REP> $NtUninstallKB912919$ 04/05/2006 22:21 <REP> $NtUninstallKB913446$ 17/05/2006 22:40 <REP> $NtUninstallKB913580$ 14/07/2006 03:01 <REP> $NtUninstallKB914388$ 17/06/2006 08:16 <REP> $NtUninstallKB914389$ 03/12/2006 10:24 <REP> $NtUninstallKB914440$ 03/12/2006 10:25 <REP> $NtUninstallKB915865$ 17/06/2006 08:17 <REP> $NtUninstallKB916281$ 14/07/2006 03:01 <REP> $NtUninstallKB916595$ 14/07/2006 03:01 <REP> $NtUninstallKB917159$ 17/06/2006 08:17 <REP> $NtUninstallKB917344$ 09/08/2006 09:43 <REP> $NtUninstallKB917422$ 17/06/2006 08:18 <REP> $NtUninstallKB917734_WMP9$ 17/06/2006 08:17 <REP> $NtUninstallKB917953$ 18/02/2007 10:49 <REP> $NtUninstallKB918118$ 17/06/2006 08:17 <REP> $NtUninstallKB918439$ 09/08/2006 09:43 <REP> $NtUninstallKB918899$ 14/09/2006 09:58 <REP> $NtUninstallKB919007$ 17/11/2006 09:23 <REP> $NtUninstallKB920213$ 09/08/2006 09:43 <REP> $NtUninstallKB920214$ 09/08/2006 09:43 <REP> $NtUninstallKB920670$ 09/08/2006 09:42 <REP> $NtUninstallKB920683$ 14/09/2006 09:59 <REP> $NtUninstallKB920685$ 14/09/2006 09:58 <REP> $NtUninstallKB920872$ 09/08/2006 09:43 <REP> $NtUninstallKB921398$ 29/08/2007 09:12 <REP> $NtUninstallKB921503$ 09/08/2006 09:43 <REP> $NtUninstallKB921883$ 14/09/2006 09:58 <REP> $NtUninstallKB922582$ 09/08/2006 09:43 <REP> $NtUninstallKB922616$ 17/11/2006 09:22 <REP> $NtUninstallKB922760$ 15/10/2006 09:16 <REP> $NtUninstallKB922819$ 15/10/2006 09:15 <REP> $NtUninstallKB923191$ 15/10/2006 09:16 <REP> $NtUninstallKB923414$ 18/04/2009 03:01 <REP> $NtUninstallKB923561$ 16/12/2006 15:16 <REP> $NtUninstallKB923689$ 16/12/2006 15:16 <REP> $NtUninstallKB923694$ 17/11/2006 09:24 <REP> $NtUninstallKB923980$ 15/10/2006 09:16 <REP> $NtUninstallKB924191$ 17/11/2006 09:23 <REP> $NtUninstallKB924270$ 15/10/2006 09:16 <REP> $NtUninstallKB924496$ 18/02/2007 10:50 <REP> $NtUninstallKB924667$ 16/12/2006 15:17 <REP> $NtUninstallKB925398_WMP64$ 16/12/2006 15:17 <REP> $NtUninstallKB925454$ 04/10/2006 13:51 <REP> $NtUninstallKB925486$ 04/04/2007 14:48 <REP> $NtUninstallKB925902$ 04/02/2007 23:46 <REP> $NtUninstallKB926239$ 16/12/2006 15:16 <REP> $NtUninstallKB926255$ 18/02/2007 10:49 <REP> $NtUninstallKB926436$ 18/02/2007 10:51 <REP> $NtUninstallKB927779$ 18/02/2007 10:51 <REP> $NtUninstallKB927802$ 23/05/2007 18:23 <REP> $NtUninstallKB927891$ 18/02/2007 10:51 <REP> $NtUninstallKB928255$ 18/02/2007 10:48 <REP> $NtUninstallKB928843$ 15/07/2007 13:58 <REP> $NtUninstallKB929123$ 15/03/2007 09:27 <REP> $NtUninstallKB929338$ 15/03/2007 09:28 <REP> $NtUninstallKB929399$ 11/01/2007 16:03 <REP> $NtUninstallKB929969$ 11/04/2007 16:23 <REP> $NtUninstallKB930178$ 09/05/2007 15:17 <REP> $NtUninstallKB930916$ 11/04/2007 16:23 <REP> $NtUninstallKB931261$ 11/04/2007 16:23 <REP> $NtUninstallKB931784$ 18/02/2007 10:50 <REP> $NtUninstallKB931836$ 11/04/2007 16:22 <REP> $NtUninstallKB932168$ 09/11/2008 23:07 <REP> $NtUninstallKB932823-v3$ 29/08/2007 09:10 <REP> $NtUninstallKB933360$ 14/10/2007 09:50 <REP> $NtUninstallKB933729$ 15/07/2007 13:56 <REP> $NtUninstallKB935839$ 15/07/2007 13:56 <REP> $NtUninstallKB935840$ 29/08/2007 09:12 <REP> $NtUninstallKB936021$ 29/08/2007 09:10 <REP> $NtUninstallKB936782_WMP11$ 11/09/2008 07:19 <REP> $NtUninstallKB938464$ 29/08/2007 09:12 <REP> $NtUninstallKB938828$ 29/08/2007 09:11 <REP> $NtUninstallKB938829$ 08/09/2007 08:55 <REP> $NtUninstallKB939683$ 14/10/2007 09:48 <REP> $NtUninstallKB941202$ 27/12/2007 18:28 <REP> $NtUninstallKB941568$ 27/12/2007 18:28 <REP> $NtUninstallKB941569$ 10/01/2008 16:58 <REP> $NtUninstallKB941644$ 09/11/2008 23:05 <REP> $NtUninstallKB941693$ 27/12/2007 18:28 <REP> $NtUninstallKB942763$ 09/11/2008 23:03 <REP> $NtUninstallKB943055$ 27/12/2007 18:27 <REP> $NtUninstallKB943460$ 10/01/2008 16:57 <REP> $NtUninstallKB943485$ 27/12/2007 18:28 <REP> $NtUninstallKB944653$ 09/11/2008 23:05 <REP> $NtUninstallKB945553$ 09/11/2008 23:03 <REP> $NtUninstallKB946026$ 09/11/2008 23:22 <REP> $NtUninstallKB946648$ 09/11/2008 23:05 <REP> $NtUninstallKB948590$ 10/04/2008 08:33 <REP> $NtUninstallKB948881$ 09/11/2008 23:06 <REP> $NtUninstallKB950749$ 12/06/2008 20:24 <REP> $NtUninstallKB950760$ 09/11/2008 23:20 <REP> $NtUninstallKB950762$ 09/11/2008 23:15 <REP> $NtUninstallKB950762_0$ 09/11/2008 23:22 <REP> $NtUninstallKB950974$ 09/11/2008 23:22 <REP> $NtUninstallKB951066$ 09/11/2008 23:22 <REP> $NtUninstallKB951072-v2$ 09/11/2008 23:20 <REP> $NtUninstallKB951376$ 09/11/2008 23:20 <REP> $NtUninstallKB951376-v2$ 09/11/2008 23:15 <REP> $NtUninstallKB951376-v2_0$ 09/11/2008 23:15 <REP> $NtUninstallKB951376_0$ 09/11/2008 23:20 <REP> $NtUninstallKB951698$ 09/11/2008 23:15 <REP> $NtUninstallKB951698_0$ 09/11/2008 23:20 <REP> $NtUninstallKB951748$ 09/11/2008 23:16 <REP> $NtUninstallKB951748_0$ 09/11/2008 23:20 <REP> $NtUninstallKB951978$ 18/04/2009 03:03 <REP> $NtUninstallKB952004$ 17/12/2008 11:53 <REP> $NtUninstallKB952069_WM9$ 09/11/2008 23:22 <REP> $NtUninstallKB952287$ 09/11/2008 23:22 <REP> $NtUninstallKB952954$ 29/08/2008 09:51 <REP> $NtUninstallKB953839$ 09/11/2008 23:22 <REP> $NtUninstallKB954154_WM11$ 09/11/2008 23:23 <REP> $NtUninstallKB954211$ 12/11/2008 19:52 <REP> $NtUninstallKB954459$ 17/12/2008 11:52 <REP> $NtUninstallKB954600$ 12/11/2008 19:51 <REP> $NtUninstallKB955069$ 17/12/2008 11:56 <REP> $NtUninstallKB955839$ 15/10/2008 22:04 <REP> $NtUninstallKB956391$ 18/04/2009 03:04 <REP> $NtUninstallKB956572$ 17/12/2008 11:52 <REP> $NtUninstallKB956802$ 09/11/2008 23:23 <REP> $NtUninstallKB956803$ 09/11/2008 23:23 <REP> $NtUninstallKB956841$ 09/11/2008 23:23 <REP> $NtUninstallKB957095$ 12/11/2008 19:52 <REP> $NtUninstallKB957097$ 09/11/2008 23:25 <REP> $NtUninstallKB958644$ 14/01/2009 23:04 <REP> $NtUninstallKB958687$ 12/03/2009 18:39 <REP> $NtUninstallKB958690$ 18/04/2009 03:08 <REP> $NtUninstallKB959426$ 12/03/2009 18:38 <REP> $NtUninstallKB959772_WM11$ 12/03/2009 18:39 <REP> $NtUninstallKB960225$ 12/02/2009 04:01 <REP> $NtUninstallKB960715$ 18/04/2009 03:01 <REP> $NtUninstallKB960803$ 18/04/2009 03:08 <REP> $NtUninstallKB961373$ 25/02/2009 22:41 <REP> $NtUninstallKB967715$ 04/02/2007 23:46 <REP> $NtUninstallMSCompPackV1$ 04/02/2007 23:44 <REP> $NtUninstallWMFDist11$ 04/02/2007 23:45 <REP> $NtUninstallwmp11$ 04/02/2007 23:43 <REP> $NtUninstallWudf01000$ 06/04/2008 23:22 38 019 hpothb07.dat 06/04/2008 23:22 343 587 hpothb07.tif 25/01/2007 15:30 <REP> ie7 18/04/2009 11:18 <REP> inf 18/04/2009 11:32 <REP> Installer 28/10/2007 14:34 <REP> msdownld.tmp 05/05/2006 00:10 <REP> PIF 29/03/2009 21:05 54 156 QTFont.qfn 04/04/2009 22:52 8 192 Thumbs.db 05/08/2004 07:00 49 102 winnt.bmp 05/08/2004 07:00 49 102 winnt256.bmp 7 fichier(s) 542 907 octets 203 Rép(s) 73 629 048 832 octets libres Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 4820-7A50 Répertoire de C:\WINDOWS\system32 18/04/2009 03:08 <REP> dllcache 09/04/2009 23:18 23 edacded0_x.dat 20/11/2004 01:38 26 112 InsD1211.exe 09/08/2007 23:00 10 022 KGyGaAvL.sys 20/11/2004 02:27 36 864 kill1211.exe 07/12/2005 07:07 1 024 NTIBUN4.dll 07/12/2005 07:06 1 024 NTICDMK7.dll 07/12/2005 07:06 1 024 NTIFCD3.dll 07/12/2005 07:06 1 024 NTIMP3.dll 07/12/2005 07:06 1 024 NTIMPEG2.dll 07/08/2003 10:51 24 576 reboot.exe 20/11/2004 03:42 26 112 RemD1211.exe 30/08/2004 02:37 44 032 rescan.exe 11/04/2007 20:12 4 212 zllictbl.dat 20 fichier(s) 181 794 octets 1 Rép(s) 73 629 036 544 octets libres winlogon.exe Verified: Signed svchost.exe Verified: Signed ws2_32.dll Verified: Signed user32.dll Verified: Signed tcpip.sys Verified: Signed ndis.sys Verified: Signed null.sys Verified: Signed userinit.exe kernel32.dll ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ explorer.exe pid: 1856 Command line: C:\WINDOWS\Explorer.EXE Base Size Version Path 0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll 0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll 0x76610000 0x84000 5.131.2600.5512 C:\WINDOWS\system32\CRYPTUI.dll 0x44080000 0xd0000 7.00.6000.16827 C:\WINDOWS\system32\WININET.dll 0x00400000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll 0x43e00000 0x45000 7.00.6000.16825 C:\WINDOWS\system32\iertutil.dll 0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll 0x753c0000 0x6b000 1.420.2600.5512 C:\WINDOWS\system32\USP10.dll 0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\comctl32.dll 0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll 0x44360000 0x5cd000 7.00.6000.16825 C:\WINDOWS\system32\ieframe.dll 0x45180000 0x127000 7.00.6000.16825 C:\WINDOWS\system32\urlmon.dll 0x76ac0000 0x11000 3.05.2284.0001 C:\WINDOWS\system32\ATL.DLL 0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll 0x5f800000 0x16000 1.01.1593.0000 C:\PROGRA~1\WIFD1F~1\MpShHook.dll 0x78130000 0x9b000 8.00.50727.1801 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1801_x-ww_5eed8217\MSVCR80.dll 0x7c420000 0x87000 8.00.50727.1801 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1801_x-ww_5eed8217\MSVCP80.dll 0x442b0000 0x3c000 7.00.6000.16825 C:\WINDOWS\system32\webcheck.dll 0x164a0000 0x23000 5.02.5721.5145 C:\WINDOWS\system32\WPDShServiceObj.dll 0x7d200000 0x2bc000 3.01.4001.5512 C:\WINDOWS\system32\msi.dll 0x109c0000 0x2c000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceTypes.dll 0x10930000 0x49000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceApi.dll 0x02be0000 0xd000 C:\Program Files\RF Wireless Mouse\NoEdge.dll 0x02c00000 0x9000 C:\Program Files\RF Wireless Mouse\ASDll.dll 0x69270000 0x8d000 5.02.2600.5512 C:\WINDOWS\system32\fxsst.dll 0x61410000 0x72000 5.02.2600.5512 C:\WINDOWS\system32\FXSAPI.dll 0x03630000 0x1d6000 1.06.0002.0014 C:\PROGRA~1\SPYBOT~1\SDHelper.dll 0x43ff0000 0xa000 7.00.6000.16825 C:\WINDOWS\system32\jsproxy.dll 0x03e80000 0x4c000 9.01.0000.0163 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA 0x4eb80000 0x1a6000 5.01.3102.5581 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\gdiplus.dll 0x74730000 0x3d000 3.525.1132.0000 C:\WINDOWS\system32\ODBC32.dll 0x1f840000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll 0x01590000 0x2b000 C:\Program Files\WinRAR\rarext.dll 0x10000000 0x36000 1.00.0000.0060 c:\program files\change extension\pmchangeext.dll 0x00d20000 0x12000 1.00.0000.0002 C:\Program Files\Softwin\BitDefender10\bdshelxt.dll 0x7c340000 0x56000 7.10.3052.0004 C:\WINDOWS\system32\MSVCR71.dll 0x03b90000 0x7d000 6.01.0000.0110 C:\PROGRA~1\Webroot\WEBROO~1\SSCtxMnu.dll 0x01e00000 0x2e000 1.01.0000.0015 C:\Program Files\Spyware Terminator\sptcontmenu.dll 0x01700000 0x12000 7.00.0000.0015 C:\Program Files\Avira\AntiVir PersonalEdition Classic\shlext.dll 0x04ad0000 0x102000 7.10.3077.0000 C:\Program Files\Avira\AntiVir PersonalEdition Classic\MFC71U.DLL 0x01ec0000 0x12000 1.01.0000.0000 C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll 0x01ee0000 0x17000 1.00.0000.0001 C:\Program Files\Lavasoft\Ad-Aware\ShellExt.dll 0x78480000 0x8e000 9.00.30729.0001 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\MSVCP90.dll 0x78520000 0xa3000 9.00.30729.0001 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\MSVCR90.dll 0x78e20000 0x2a000 9.00.30729.0001 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_d01483b2\ATL90.DLL 0x03d60000 0x3a000 3.00.0000.0063 C:\PROGRA~1\A-SQUA~1\A2FREE~1.DLL 0x03e10000 0x29000 11.00.0000.0716 C:\Program Files\Microsoft Money\System\mnyside.dll 0x03b10000 0x11000 11.00.0000.0716 C:\Program Files\Microsoft Money\System\misstub.dll 0x04e50000 0x173000 1.01.0000.0006 C:\Program Files\Fichiers communs\Ahead\Lib\NeroDigitalExt.dll 0x7c140000 0x103000 7.10.3077.0000 C:\Program Files\Fichiers communs\Ahead\Lib\MFC71.DLL 0x7c3a0000 0x7b000 7.10.3077.0000 C:\Program Files\Fichiers communs\Ahead\Lib\MSVCP71.dll 0x04fd0000 0x5b000 9.01.0000.0163 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll ------------------------------------------------------------------------------ explorer.exe pid: 3092 Command line: C:\WINDOWS\Explorer.EXE Base Size Version Path 0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll 0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll 0x76610000 0x84000 5.131.2600.5512 C:\WINDOWS\system32\CRYPTUI.dll 0x44080000 0xd0000 7.00.6000.16827 C:\WINDOWS\system32\WININET.dll 0x00400000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll 0x43e00000 0x45000 7.00.6000.16825 C:\WINDOWS\system32\iertutil.dll 0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll 0x753c0000 0x6b000 1.420.2600.5512 C:\WINDOWS\system32\USP10.dll 0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\comctl32.dll 0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll 0x76ac0000 0x11000 3.05.2284.0001 C:\WINDOWS\system32\ATL.DLL 0x44360000 0x5cd000 7.00.6000.16825 C:\WINDOWS\system32\ieframe.dll 0x45180000 0x127000 7.00.6000.16825 C:\WINDOWS\system32\urlmon.dll 0x5f800000 0x16000 1.01.1593.0000 C:\PROGRA~1\WIFD1F~1\MpShHook.dll 0x78130000 0x9b000 8.00.50727.1801 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1801_x-ww_5eed8217\MSVCR80.dll 0x7c420000 0x87000 8.00.50727.1801 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1801_x-ww_5eed8217\MSVCP80.dll 0x442b0000 0x3c000 7.00.6000.16825 C:\WINDOWS\system32\webcheck.dll 0x7d200000 0x2bc000 3.01.4001.5512 C:\WINDOWS\system32\msi.dll 0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll 0x164a0000 0x23000 5.02.5721.5145 C:\WINDOWS\system32\WPDShServiceObj.dll 0x109c0000 0x2c000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceTypes.dll 0x10930000 0x49000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceApi.dll 0x10000000 0xd000 1.02.0000.0000 C:\Program Files\BillP Studios\WinPatrol\PATROLPRO.DLL 0x69270000 0x8d000 5.02.2600.5512 C:\WINDOWS\system32\fxsst.dll 0x61410000 0x72000 5.02.2600.5512 C:\WINDOWS\system32\FXSAPI.dll 0x00c30000 0xd000 C:\Program Files\RF Wireless Mouse\NoEdge.dll 0x00c50000 0x9000 C:\Program Files\RF Wireless Mouse\ASDll.dll ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ winlogon.exe pid: 716 Command line: winlogon.exe Base Size Version Path 0x01000000 0x82000 \??\C:\WINDOWS\system32\winlogon.exe 0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll 0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll 0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll 0x753c0000 0x6b000 1.420.2600.5512 C:\WINDOWS\system32\USP10.dll 0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\COMCTL32.dll 0x74730000 0x3d000 3.525.1132.0000 C:\WINDOWS\system32\ODBC32.dll 0x1f840000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll 0x02070000 0x3b000 1.07.0018.0005 C:\WINDOWS\system32\WgaLogon.dll 0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll ------------------------------------------------------------------------------ winlogon.exe pid: 3032 Command line: winlogon.exe Base Size Version Path 0x01000000 0x82000 \??\C:\WINDOWS\system32\winlogon.exe 0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll 0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll 0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll 0x753c0000 0x6b000 1.420.2600.5512 C:\WINDOWS\system32\USP10.dll 0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\COMCTL32.dll 0x74730000 0x3d000 3.525.1132.0000 C:\WINDOWS\system32\ODBC32.dll 0x1f840000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll 0x00ca0000 0x3b000 1.07.0018.0005 C:\WINDOWS\system32\WgaLogon.dll 0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll Contenu de Downloaded Program Files Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 4820-7A50 Répertoire de C:\WINDOWS\Downloaded Program Files 13/04/2009 10:34 <REP> . 13/04/2009 10:34 <REP> .. 31/03/2008 21:51 392 528 AdSignerADP.dll 12/12/2007 10:33 747 AdSignerADP.inf 31/03/2008 21:51 261 456 AdVerifierADP.dll 07/12/2005 06:42 65 desktop.ini 26/09/2008 19:08 3 204 368 EPUWALcontrol.dll 23/09/2008 20:02 539 EPUWALcontrol.inf 23/03/2007 13:17 1 292 erma.inf 09/10/2007 10:55 1 589 hardwaredetection.inf 18/01/2008 12:17 204 800 InstallerControl.dll 06/02/2009 12:26 367 LegitCheckControl.inf 18/01/2008 12:17 507 OSDED4D.OSD 27/03/2006 13:00 5 019 swflash.inf 12 fichier(s) 4 073 277 octets Total des fichiers listés : 12 fichier(s) 4 073 277 octets 2 Rép(s) 73 627 955 200 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues Export des clefs sensibles.. Liste des fichiers en exception sur le pare-feu XP SP2 "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Acer\\Acer eConsole\\MediaSync.exe"="C:\\Program Files\\Acer\\Acer eConsole\\MediaSync.exe:LocalSubNet:Enabled:Media Synchoronizer" "C:\\Program Files\\Acer\\Acer eConsole\\eConsole.exe"="C:\\Program Files\\Acer\\Acer eConsole\\eConsole.exe:LocalSubNet:Enabled:eConsole" "C:\\Program Files\\Acer\\Acer eConsole\\MediaServerService.exe"="C:\\Program Files\\Acer\\Acer eConsole\\MediaServerService.exe:LocalSubNet:Enabled:Acer Media Server" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" Export de la clef SharedTaskScheduler [sharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" exports des policies REGEDIT4 [system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 Export des clefs sensibles.. Rechercher adresses sensibles dans le fichier HOSTS... 127.0.0.1 www.activexupdate.com 127.0.0.1 activexupdate.com 127.0.0.1 www.antispywareupdates.net 127.0.0.1 antispywareupdates.net 127.0.0.1 www.avpcheckupdate.com 127.0.0.1 avpcheckupdate.com 127.0.0.1 client.exeupdate.com 127.0.0.1 www.eupdatepage.com 127.0.0.1 eupdatepage.com 127.0.0.1 www.exeupdate.com 127.0.0.1 exeupdate.com 127.0.0.1 www.flwupdate.com 127.0.0.1 flwupdate.com 127.0.0.1 www.hotwinupdates.com 127.0.0.1 hotwinupdates.com 127.0.0.1 www.lavasoftupdate.com 127.0.0.1 lavasoftupdate.com 127.0.0.1 www.malwarewipeupdate.com 127.0.0.1 malwarewipeupdate.com 127.0.0.1 www.movupdate.com 127.0.0.1 movupdate.com 127.0.0.1 www.mpegupdate.com 127.0.0.1 mpegupdate.com 127.0.0.1 www.msupdate.net 127.0.0.1 msupdate.net 127.0.0.1 www.msupdater.net 127.0.0.1 msupdater.net 127.0.0.1 www.necessaryupdates.com 127.0.0.1 necessaryupdates.com 127.0.0.1 newupdates.lzio.com 127.0.0.1 redirect.msupdate.net 127.0.0.1 search.keyword.exeupdate.com 127.0.0.1 www.securityupdatesite.com 127.0.0.1 securityupdatesite.com 127.0.0.1 settings.updatemysettings.com 127.0.0.1 www.spyaxeupdate.com 127.0.0.1 spyaxeupdate.com 127.0.0.1 www.spyfalconupdate.com 127.0.0.1 spyfalconupdate.com 127.0.0.1 www.systemupdates.net 127.0.0.1 systemupdates.net 127.0.0.1 trial.updates.winsoftware.com 127.0.0.1 update.680180.net 127.0.0.1 update.shareaza.com 127.0.0.1 www.updatemysettings.com 127.0.0.1 updatemysettings.com 127.0.0.1 updates.spywarequake.com 127.0.0.1 www.updatesantivirus.com 127.0.0.1 updatesantivirus.com 127.0.0.1 www.urgentsystemupdate.biz 127.0.0.1 urgentsystemupdate.biz 127.0.0.1 www.urgentsystemupdate.com 127.0.0.1 urgentsystemupdate.com 127.0.0.1 windupdates.com 127.0.0.1 www.aviupdate.com 127.0.0.1 aviupdate.com 127.0.0.1 www.registryupdate.org 127.0.0.1 registryupdate.org 127.0.0.1 www.xp-vista-update.net 127.0.0.1 xp-vista-update.net 127.0.0.1 www.plupdate.com 127.0.0.1 plupdate.com 127.0.0.1 www.bsplupdate.com 127.0.0.1 bsplupdate.com 127.0.0.1 www.liveprotectionupdate.cn 127.0.0.1 liveprotectionupdate.cn 127.0.0.1 www.updatemics.com 127.0.0.1 updatemics.com 127.0.0.1 www.pandaantivirus-2007.com 127.0.0.1 pandaantivirus-2007.com 127.0.0.1 www.pandadownload-now.com 127.0.0.1 pandadownload-now.com 127.0.0.1 www.panda-hq.com 127.0.0.1 panda-hq.com catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-04-21 16:57:14 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden services & system hive ... scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden services: 0 hidden files: 0 Stealth MBR rootkit detector 0.2.4 by Gmer, http://www.gmer.net device: opened successfully user: MBR read successfully kernel: MBR read successfully user & kernel MBR OK copy of MBR has been found in sector 37 ! KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Process list by traversal of KiWaitListHead 4 - System 112 - WinPatrol.exe 284 - iexplore.exe 472 - MediaServerServ 640 - CM20.EXE 692 - csrss.exe 716 - winlogon.exe 760 - services.exe 772 - lsass.exe 832 - kpf4gui.exe 888 - avgnt.exe 924 - svchost.exe 1020 - svchost.exe 1144 - msnmsgr.exe 1172 - svchost.exe 1248 - GoogleToolbarNo 1264 - sched.exe 1364 - MSCamS32.exe 1420 - spoolsv.exe 1424 - SeaPort.exe 1484 - avguard.exe 1552 - kpf4ss.exe 1768 - xcommsvr.exe 1840 - sp_rsser.exe 1856 - explorer.exe 1980 - svchost.exe 2012 - SpySweeper.exe 2036 - ctfmon.exe 2140 - wscntfy.exe 2164 - wlcomm.exe 2212 - wlcsdk.exe 2224 - avgnt.exe 2444 - kpf4gui.exe 2668 - GoogleToolbarNo 2992 - kpf4gui.exe 3024 - alg.exe 3032 - winlogon.exe 3092 - explorer.exe 3300 - wltuser.exe 3344 - wscntfy.exe 3388 - cmd.exe 3444 - CM20.EXE 3484 - bdss.exe 3688 - csrss.exe Total number of processes = 44 NOTE: Under WinXP, this will not show all processes. KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Driver/Module list by traversal of PsLoadedModuleList 804D7000 - \WINDOWS\system32\ntkrnlpa.exe 806D0000 - \WINDOWS\system32\hal.dll F7B76000 - \WINDOWS\system32\KDCOM.DLL F7A86000 - \WINDOWS\system32\BOOTVID.dll F7546000 - ACPI.sys F7B78000 - \WINDOWS\system32\DRIVERS\WMILIB.SYS F7535000 - pci.sys F7676000 - isapnp.sys F7686000 - sshrmd.sys F7696000 - ssfs0bbc.sys F7507000 - ssidrv.sys F74DA000 - \WINDOWS\system32\DRIVERS\NDIS.SYS F78F6000 - \WINDOWS\system32\DRIVERS\TDI.SYS F7C3E000 - pciide.sys F78FE000 - \WINDOWS\system32\DRIVERS\PCIIDEX.SYS F7B7A000 - viaide.sys F76A6000 - MountMgr.sys F74BB000 - ftdisk.sys F7906000 - PartMgr.sys F76B6000 - VolSnap.sys F74A3000 - atapi.sys F76C6000 - disk.sys F76D6000 - \WINDOWS\system32\DRIVERS\CLASSPNP.SYS F7483000 - fltmgr.sys F7471000 - sr.sys F76E6000 - Lbd.sys F76F6000 - PxHelp20.sys F745A000 - KSecDD.sys F73CD000 - Ntfs.sys F790E000 - viaagp1.sys F73B3000 - Mup.sys F7706000 - gagp30kx.sys F7736000 - \SystemRoot\system32\DRIVERS\processr.sys F7340000 - \SystemRoot\system32\DRIVERS\vtmini.sys F732C000 - \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS F7318000 - \SystemRoot\system32\DRIVERS\FA311XP.SYS F7746000 - \SystemRoot\system32\DRIVERS\imapi.sys F793E000 - \SystemRoot\system32\drivers\Afc.sys F7756000 - \SystemRoot\system32\DRIVERS\cdrom.sys F7766000 - \SystemRoot\system32\DRIVERS\redbook.sys F72F5000 - \SystemRoot\system32\DRIVERS\ks.sys F7B82000 - \SystemRoot\system32\DRIVERS\NTIDrvr.sys F7956000 - \SystemRoot\system32\DRIVERS\usbuhci.sys F72D1000 - \SystemRoot\system32\DRIVERS\USBPORT.SYS F795E000 - \SystemRoot\system32\DRIVERS\usbehci.sys F6F42000 - \SystemRoot\system32\drivers\ALCXWDM.SYS F6F1E000 - \SystemRoot\system32\drivers\portcls.sys F7776000 - \SystemRoot\system32\drivers\drmk.sys F797E000 - \SystemRoot\system32\DRIVERS\fdc.sys F6F0D000 - \SystemRoot\system32\DRIVERS\serial.sys F7B1E000 - \SystemRoot\system32\DRIVERS\serenum.sys F6EF9000 - \SystemRoot\system32\DRIVERS\parport.sys F7786000 - \SystemRoot\system32\DRIVERS\i8042prt.sys F7996000 - \SystemRoot\system32\DRIVERS\mouclass.sys F79A6000 - \SystemRoot\system32\DRIVERS\kbdclass.sys F7D5C000 - \SystemRoot\system32\DRIVERS\audstub.sys F7796000 - \SystemRoot\system32\DRIVERS\rasl2tp.sys F7B26000 - \SystemRoot\system32\DRIVERS\ndistapi.sys F6EE2000 - \SystemRoot\system32\DRIVERS\ndiswan.sys F77A6000 - \SystemRoot\system32\DRIVERS\raspppoe.sys F77B6000 - \SystemRoot\system32\DRIVERS\raspptp.sys F6E31000 - \SystemRoot\system32\DRIVERS\psched.sys F77C6000 - \SystemRoot\system32\DRIVERS\msgpc.sys F79C6000 - \SystemRoot\system32\DRIVERS\ptilink.sys F79D6000 - \SystemRoot\system32\DRIVERS\raspti.sys F77D6000 - \SystemRoot\system32\DRIVERS\termdd.sys F7B88000 - \SystemRoot\system32\DRIVERS\swenum.sys F6DD3000 - \SystemRoot\system32\DRIVERS\update.sys F7B36000 - \SystemRoot\system32\DRIVERS\mssmbios.sys F77E6000 - \SystemRoot\System32\Drivers\NDProxy.SYS F77F6000 - \SystemRoot\system32\DRIVERS\usbhub.sys F7B8E000 - \SystemRoot\system32\DRIVERS\USBD.SYS F7B92000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS F7D8F000 - \SystemRoot\System32\Drivers\Null.SYS F7B96000 - \SystemRoot\System32\Drivers\Beep.SYS F7A0E000 - \SystemRoot\system32\DRIVERS\HIDPARSE.SYS F7A16000 - \SystemRoot\System32\drivers\vga.sys F7B9A000 - \SystemRoot\System32\Drivers\mnmdd.SYS F7B9E000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys F5D42000 - \SystemRoot\system32\drivers\fwdrv.sys F7A26000 - \SystemRoot\System32\Drivers\Msfs.SYS F7A36000 - \SystemRoot\System32\Drivers\Npfs.SYS F7383000 - \SystemRoot\system32\DRIVERS\rasacd.sys F5D2F000 - \SystemRoot\system32\DRIVERS\ipsec.sys F5CD6000 - \SystemRoot\system32\DRIVERS\tcpip.sys F5C86000 - \SystemRoot\system32\DRIVERS\netbt.sys F5C60000 - \SystemRoot\system32\DRIVERS\ipnat.sys F7816000 - \SystemRoot\system32\DRIVERS\wanarp.sys F5C3E000 - \SystemRoot\System32\drivers\afd.sys F7826000 - \SystemRoot\system32\DRIVERS\netbios.sys F7A46000 - \SystemRoot\System32\Drivers\StarOpen.SYS F7A56000 - \SystemRoot\system32\DRIVERS\ssmdrv.sys F5C1B000 - \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys F5BF0000 - \SystemRoot\system32\DRIVERS\rdbss.sys F5B80000 - \SystemRoot\system32\DRIVERS\mrxsmb.sys F5B6F000 - \SystemRoot\system32\drivers\khips.sys F7A76000 - \SystemRoot\system32\DRIVERS\USBSTOR.SYS F7836000 - \SystemRoot\System32\Drivers\Fips.SYS F5B5E000 - \SystemRoot\system32\DRIVERS\avipbb.sys F7BAA000 - \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys F5B12000 - \SystemRoot\System32\Drivers\Fastfat.SYS F794E000 - \SystemRoot\system32\DRIVERS\usbccgp.sys F5934000 - \SystemRoot\system32\DRIVERS\VX1000.sys F7866000 - \SystemRoot\system32\DRIVERS\STREAM.SYS F7876000 - \SystemRoot\system32\drivers\usbaudio.sys F587C000 - \SystemRoot\System32\Drivers\dump_atapi.sys F7BAE000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS BF800000 - \SystemRoot\System32\win32k.sys F7B42000 - \SystemRoot\System32\drivers\Dxapi.sys F799E000 - \SystemRoot\System32\watchdog.sys BF9C3000 - \SystemRoot\System32\drivers\dxg.sys F7DBC000 - \SystemRoot\System32\drivers\dxgthk.sys ECCF7000 - \SystemRoot\system32\drivers\wdmaud.sys ED014000 - \SystemRoot\system32\drivers\sysaudio.sys ECC95000 - \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys ECBF5000 - \SystemRoot\System32\Drivers\Cdfs.SYS EC769000 - \SystemRoot\system32\DRIVERS\srv.sys BFF50000 - \SystemRoot\System32\TSDDD.dll BF9D5000 - \SystemRoot\System32\vtdisp.dll F7C00000 - \??\C:\DOCUME~1\lionel.B\LOCALS~1\Temp\mbr.sys F7D03000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys Total number of drivers = 121 Liste des programmes installes 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) a-squared Free 2.0 Acer eConsole Acer eMode Management Ad-Aware Ad-Aware Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Reader 9.1 - Français Archiveur WinRAR Assistant de connexion Windows Live Atlas Routier Michelin Europe AutoUpdate Avira AntiVir Personal - Free Antivirus Barre d'outils Outlook de Windows Live (Windows Live Toolbar) BitDefender Free Edition v10 Bloqueur de fenêtres pop-up (Windows Live Toolbar) CCScore Change Extension Choice Guard CodeStuff Starter Complément Microsoft Word pour Microsoft Works Suite Correctif pour Lecteur Windows Media 11 (KB939683) Correctif pour Windows Internet Explorer 7 (KB947864) Correctif pour Windows XP (KB952287) CVitae 2.1.1 DivX DivX Player DropMyRights Détecteur de flux Windows Live Toolbar (Windows Live Toolbar) e-COMO EasyCleaner ESSBrwr ESSCDBK ESScore ESSgui ESSini ESSPCD ESSPDock ESSSONIC ESSTOOLS essvatgt Extension de Windows Live Toolbar (Windows Live Toolbar) Extension Système de Microsoft Money FairUse Wizard 2 fflink Google Toolbar for Internet Explorer HijackThis 2.0.2 Hotfix for Windows Media Format 11 SDK (KB929399) hp psc 1200 series Installation Windows Live Installation Windows Live Java 6 Update 13 jv16 PowerTools 1.3 jv16 PowerTools 2009 K9 Kaspersky Online Scanner kgcbaby kgcbase kgchday kgchlwn kgcinvt kgckids kgcmove kgcvday KSU Lecteur Windows Media 11 Macromedia Flash Player 8 Malwarebytes' Anti-Malware Menus intelligents (Windows Live Toolbar) Micro Application - Atlas Routier et Plans de ville Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 French Language Pack Microsoft .NET Framework 1.1 Hotfix (KB928366) Microsoft Application Error Reporting Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Internationalized Domain Names Mitigation APIs Microsoft LifeCam Microsoft Money Microsoft National Language Support Downlevel APIs Microsoft Office Access MUI (French) 2007 Microsoft Office Excel MUI (French) 2007 Microsoft Office InfoPath MUI (French) 2007 Microsoft Office Outlook MUI (French) 2007 Microsoft Office PowerPoint MUI (French) 2007 Microsoft Office Professional Plus 2007 Microsoft Office Professional Plus 2007 Microsoft Office Proof (Arabic) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (French) 2007 Microsoft Office Publisher MUI (French) 2007 Microsoft Office Shared MUI (French) 2007 Microsoft Office Word MUI (French) 2007 Microsoft Picture It! Photo 7.0 Microsoft Search Enhancement Pack Microsoft Silverlight Microsoft Sites publics français Microsoft Software Update for Web Folders (French) 12 Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Sync Framework Services Native v1.0 (x86) Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Works 7.0 Mise à jour critique pour Lecteur Windows Media 11 (KB959772) Mise à jour de sécurité pour Lecteur Windows Media (KB911564) Mise à jour de sécurité pour Lecteur Windows Media (KB952069) Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782) Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154) Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398) Mise à jour de sécurité pour Lecteur Windows Media 9 (KB911565) Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734) Mise à jour de sécurité pour Step by Step Interactive Training (KB898458) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027) Mise à jour de sécurité pour Windows XP (KB923561) Mise à jour de sécurité pour Windows XP (KB923689) Mise à jour de sécurité pour Windows XP (KB938464) Mise à jour de sécurité pour Windows XP (KB941569) Mise à jour de sécurité pour Windows XP (KB946648) Mise à jour de sécurité pour Windows XP (KB950760) Mise à jour de sécurité pour Windows XP (KB950762) Mise à jour de sécurité pour Windows XP (KB950974) Mise à jour de sécurité pour Windows XP (KB951066) Mise à jour de sécurité pour Windows XP (KB951376-v2) Mise à jour de sécurité pour Windows XP (KB951376) Mise à jour de sécurité pour Windows XP (KB951698) Mise à jour de sécurité pour Windows XP (KB951748) Mise à jour de sécurité pour Windows XP (KB952004) Mise à jour de sécurité pour Windows XP (KB952954) Mise à jour de sécurité pour Windows XP (KB953839) Mise à jour de sécurité pour Windows XP (KB954211) Mise à jour de sécurité pour Windows XP (KB954459) Mise à jour de sécurité pour Windows XP (KB954600) Mise à jour de sécurité pour Windows XP (KB955069) Mise à jour de sécurité pour Windows XP (KB956391) Mise à jour de sécurité pour Windows XP (KB956572) Mise à jour de sécurité pour Windows XP (KB956802) Mise à jour de sécurité pour Windows XP (KB956803) Mise à jour de sécurité pour Windows XP (KB956841) Mise à jour de sécurité pour Windows XP (KB957095) Mise à jour de sécurité pour Windows XP (KB957097) Mise à jour de sécurité pour Windows XP (KB958644) Mise à jour de sécurité pour Windows XP (KB958687) Mise à jour de sécurité pour Windows XP (KB958690) Mise à jour de sécurité pour Windows XP (KB959426) Mise à jour de sécurité pour Windows XP (KB960225) Mise à jour de sécurité pour Windows XP (KB960715) Mise à jour de sécurité pour Windows XP (KB960803) Mise à jour de sécurité pour Windows XP (KB961373) Mise à jour pour Windows XP (KB951072-v2) Mise à jour pour Windows XP (KB951978) Mise à jour pour Windows XP (KB955839) Mise à jour pour Windows XP (KB967715) MSVCRT MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB954430) Nero 6 Ultra Edition NeroVision Express 3 netbrdg Notifier NTI HomeVideo-Maker OfotoXMI OneCare Advisor (Windows Live Toolbar) OS Pack Works Suite Outil de téléchargement Windows Live Photo et imagerie HP 2.0 - All-in-One Photo et imagerie HP 2.0 - All-in-One Pilote Photo et imagerie HP 2.0 - hp psc 1200 series PIXresizer 1.0.9 PowerDVD PrintMaster Gold 4.00 QuickTime Realtek AC'97 Audio RF Wireless Device SAGEM F@st 800-840 Samsung PC Studio Secunia PSI Security Update for 2007 Microsoft Office System (KB951550) Security Update for 2007 Microsoft Office System (KB951944) Security Update for 2007 Microsoft Office System (KB960003) Security Update for CAPICOM (KB931906) Security Update for CAPICOM (KB931906) Security Update for Microsoft Office Excel 2007 (KB959997) Security Update for Microsoft Office PowerPoint 2007 (KB951338) Security Update for Microsoft Office Publisher 2007 (KB950114) Security Update for Microsoft Office system 2007 (KB954326) Security Update for Microsoft Office system 2007 (KB956828) Security Update for Microsoft Office Word 2007 (KB956358) Security Update for Visio 2007 (KB947590) Segoe UI SFR SHASTA skin0001 SKINXSDK Spy Sweeper Spy Sweeper Core Spybot - Search & Destroy Spyware Terminator staticcr Sélecteur d'installation de Microsoft Works Suite 2003 Sunbelt Personal Firewall TomTom HOME 2.5.2.60 tooltips Turbo Lister 2 Turbo Lister 2 Update for Microsoft Office Outlook 2007 (KB952142) Update for Office 2007 (KB946691) Update for Outlook 2007 Junk Email Filter (kb962871) UsbFix VC_MergeModuleToMSI VirtualDub 1.6.1 Fr Visual C++ 2008 x86 Runtime - (v9.0.30729) Visual C++ 2008 x86 Runtime - v9.0.30729.01 VPRINTOL WebFldrs XP Windows Defender Windows Genuine Advantage Notifications (KB905474) Windows Internet Explorer 7 Windows Live Call Windows Live Communications Platform Windows Live Favorites pour Windows Live Toolbar Windows Live Messenger Windows Live Toolbar Windows Media Format 11 runtime Windows Media Format 11 runtime Windows Media Player 11 Windows XP Service Pack 3 WinPatrol WIRELESS Wireless 802.11g USB Adapter Wireless 802.11g USB Adapter xp-AntiSpy 3.93 Zeb-Utility 1.2 Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 4820-7A50 Répertoire de C:\Program Files 18/04/2009 11:23 <REP> . 18/04/2009 11:23 <REP> .. 27/04/2006 16:58 <REP> Acer 15/03/2009 17:55 <REP> Adobe 04/05/2006 22:21 <REP> Ahead 27/04/2006 19:17 <REP> Alwil Software 18/04/2009 13:46 <REP> a-squared Free 03/05/2006 23:20 <REP> Astase 02/11/2007 21:04 <REP> Avira 16/02/2006 07:20 <REP> AvRack 19/01/2008 15:01 <REP> BillP Studios 27/12/2007 00:45 <REP> Change Extension 29/04/2006 10:17 <REP> CodeStuff 01/06/2006 17:58 <REP> ColiPoste 07/12/2005 06:41 <REP> ComPlus Applications 27/10/2008 00:06 <REP> CVitae 07/12/2005 07:08 <REP> CyberLink 19/08/2006 15:00 <REP> DivX 12/11/2004 10:41 57 344 DropMyRights.exe 22/11/2006 14:24 <REP> eBay 27/05/2006 15:45 <REP> Edu-Performance 09/11/2008 23:00 <REP> eMule 17/02/2007 14:56 <REP> ewido anti-malware 29/11/2006 03:36 <REP> FairUse Wizard 2 18/04/2009 11:21 <REP> Fichiers communs 14/01/2009 23:30 <REP> Google 17/02/2007 15:05 <REP> Grisoft 04/05/2006 22:32 <REP> Hewlett-Packard 16/04/2009 21:49 <REP> hijackthis 18/04/2009 03:08 <REP> Internet Explorer 14/09/2007 16:26 <REP> Inventel 08/04/2009 21:58 <REP> Java 04/05/2006 22:58 <REP> jv16 PowerTools 12/04/2009 09:48 <REP> jv16 PowerTools 2009 31/01/2008 18:25 <REP> KeirNet 27/12/2007 18:24 <REP> Kodak 14/04/2009 22:55 <REP> Lavasoft 12/04/2009 11:22 <REP> Malwarebytes' Anti-Malware 09/11/2008 23:22 <REP> Messenger 29/04/2006 09:52 <REP> Micro Application 30/12/2008 20:35 <REP> Microsoft 09/05/2007 15:18 <REP> Microsoft CAPICOM 2.1.0.2 28/04/2006 21:25 <REP> microsoft frontpage 27/12/2007 00:47 <REP> Microsoft LifeCam 12/04/2009 09:49 <REP> Microsoft Money 08/02/2008 18:25 <REP> Microsoft Office 17/05/2006 23:01 <REP> Microsoft Picture It! 7 04/03/2009 23:03 <REP> Microsoft Silverlight 27/03/2007 21:03 <REP> Microsoft Sites publics français 30/12/2008 20:36 <REP> Microsoft Sync Framework 09/11/2008 23:01 <REP> Microsoft Visual Studio 09/11/2008 23:02 <REP> Microsoft Works 27/04/2006 18:26 <REP> Microsoft Works Suite 2003 09/11/2008 23:01 <REP> Microsoft.NET 09/11/2008 23:20 <REP> Movie Maker 21/04/2009 00:08 <REP> Mozilla Firefox 08/02/2008 18:26 <REP> MSBuild 15/07/2007 16:42 <REP> MSN 16/02/2006 07:20 <REP> MSN Gaming Zone 17/11/2006 09:23 <REP> MSXML 4.0 09/11/2008 23:18 <REP> NetMeeting 17/05/2006 22:40 <REP> NewTech Infosystems 16/02/2006 07:20 <REP> Online Services 09/11/2008 23:18 <REP> Outlook Express 17/05/2006 22:39 <REP> PIXresizer 27/12/2007 18:29 <REP> QuickTime 16/02/2006 07:20 <REP> Realtek AC97 07/12/2005 06:54 <REP> Realtek Sound Manager 27/12/2007 00:48 <REP> RF Wireless Mouse 27/04/2006 18:06 <REP> SAGEM 09/11/2008 23:04 <REP> Samsung 09/04/2009 19:24 <REP> Secunia 19/04/2009 13:59 <REP> securite 03/10/2007 21:14 <REP> Services en ligne 18/04/2009 11:23 <REP> Softwin 30/03/2009 19:01 <REP> Spybot - Search & Destroy 09/11/2008 23:06 <REP> Spyware Terminator 02/06/2007 22:36 <REP> Sunbelt Software 15/07/2007 16:43 <REP> Symantec 06/10/2007 15:41 <REP> TELE2 06/12/2008 17:10 <REP> TomTom HOME 06/12/2008 17:12 <REP> TomTom HOME 2 27/04/2006 19:18 <REP> ToniArts 18/04/2009 11:15 <REP> TrojanHunter 5.0 17/05/2006 22:40 <REP> VirtualDub 15/09/2007 10:07 <REP> Wanadoo 15/04/2009 23:00 <REP> Webroot 12/04/2009 22:03 <REP> WinClamAVShield 13/04/2009 10:36 <REP> Windows Defender 21/03/2009 10:16 <REP> Windows Live 27/12/2007 18:23 <REP> Windows Live Favorites 30/12/2008 20:34 <REP> Windows Live SkyDrive 30/12/2008 20:36 <REP> Windows Live Toolbar 04/02/2007 23:45 <REP> Windows Media Connect 2 09/11/2008 23:18 <REP> Windows Media Player 09/11/2008 23:18 <REP> Windows NT 27/12/2007 00:50 <REP> WinRAR 16/02/2006 07:20 <REP> Wireless 802.11g USB Adapter 16/02/2006 07:20 <REP> xerox 27/04/2006 19:14 <REP> xp-AntiSpy 19/08/2006 14:49 <REP> XviD 14/05/2006 13:13 <REP> zeb protect 27/12/2007 18:28 <REP> Zeb-Utility 1 fichier(s) 57 344 octets 102 Rép(s) 73 614 962 688 octets libres Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 4820-7A50 Répertoire de C:\Program Files\fichiers communs 18/04/2009 11:21 <REP> . 18/04/2009 11:21 <REP> .. 15/03/2009 17:55 <REP> Adobe 04/05/2006 22:21 <REP> Ahead 27/04/2006 16:59 <REP> ArcSoft 09/11/2008 23:01 <REP> DESIGNER 28/04/2006 23:56 <REP> Hewlett-Packard 07/12/2005 07:08 <REP> InstallShield 07/12/2005 07:12 <REP> Java 27/12/2007 18:28 <REP> Kodak 06/03/2009 17:42 <REP> Microsoft Shared 16/02/2006 07:20 <REP> MSSoap 07/12/2005 07:06 <REP> muvee Technologies 16/02/2006 07:20 <REP> ODBC 16/02/2006 07:20 <REP> Services 18/04/2009 11:23 <REP> Softwin 16/02/2006 07:20 <REP> SpeechEngines 15/07/2007 16:43 <REP> Symantec Shared 09/11/2008 23:18 <REP> System 17/12/2008 10:15 <REP> Windows Live 0 fichier(s) 0 octets 20 Rép(s) 73 614 962 688 octets libres Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 4820-7A50 Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 09/11/2008 23:02 <REP> . 09/11/2008 23:02 <REP> .. 27/04/2006 18:31 <REP> 1033 09/11/2008 23:02 <REP> 1036 26/10/2006 20:49 970 528 MSONSEXT.DLL 26/10/2006 21:12 40 256 MSOSV.DLL 03/06/1999 13:09 122 937 MSOWS409.DLL 07/03/2001 08:00 127 033 MSOWS40c.DLL 29/01/2004 16:08 86 016 PKMWS.DLL 18/03/1999 06:37 593 977 RAGENT.DLL 6 fichier(s) 1 940 747 octets 4 Rép(s) 73 614 958 592 octets libres Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 4820-7A50 Répertoire de C:\ 24/05/2001 12:59 162 304 UNWISE.EXE 1 fichier(s) 162 304 octets 0 Rép(s) 73 614 958 592 octets libres Attention : C:\autorun.inf existe c:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\QuickTime 7.1.3.100\QuickTimeInstallerAdmin.exe c:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWService.exe c:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWTray.exe c:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-Aware.exe c:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-AwareAdmin.exe c:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-AwareCommand.exe c:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\lsdelete.exe c:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\ThreatWork.exe c:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Drivers\32\AAWDriverTool.exe c:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Drivers\64\AAWDriverTool.exe c:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe c:\Documents and Settings\All Users\Application Data\Spyware Terminator\sp_rsdel.exe c:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe c:\Documents and Settings\celine\Application Data\U3\temp\cleanup.exe c:\Documents and Settings\celine\Application Data\U3\temp\Launchpad Removal.exe c:\Documents and Settings\emilie.M.LIONEL\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe c:\Documents and Settings\emilie.M.LIONEL\Application Data\MSNInstaller\msnauins.exe c:\Documents and Settings\lionel.B\.housecall\getMac.exe c:\Documents and Settings\lionel.B\.housecall\patch.exe c:\Documents and Settings\lionel.B\.housecall\tsc.exe c:\Documents and Settings\lionel.B\Application Data\Adobe\Acrobat\7.0\Updater\AdbeRdr709_en_US.exe c:\Documents and Settings\lionel.B\Application Data\Adobe\Acrobat\7.0\Updater\AdbeRdr710_en_US.exe c:\Documents and Settings\lionel.B\Application Data\LimeWire\.NetworkShare\LimeWireWin4.10.5.exe c:\Documents and Settings\lionel.B\Application Data\Microsoft\Installer\{69640730-B830-4C24-BB5C-222DA1260548}\ARPPRODUCTICON.exe c:\Documents and Settings\lionel.B\Application Data\Microsoft\Installer\{B72B0ECE-F41E-4EC4-AA37-1A00640680BF}\_1773C0A4E004EB4D3ECAE5.exe c:\Documents and Settings\lionel.B\Application Data\Microsoft\Installer\{B72B0ECE-F41E-4EC4-AA37-1A00640680BF}\_6FEFF9B68218417F98F549.exe c:\Documents and Settings\lionel.B\Application Data\Microsoft\Installer\{B72B0ECE-F41E-4EC4-AA37-1A00640680BF}\_C96AC1B409367E02762E8D.exe c:\Documents and Settings\lionel.B\Application Data\Microsoft\Installer\{BFD080F6-3BF0-40E1-9507-9CA969C35870}\ARPPRODUCTICON.exe c:\Documents and Settings\lionel.B\Application Data\Microsoft\Installer\{BFD080F6-3BF0-40E1-9507-9CA969C35870}\NewShortcut1_E659E0EE10E649B7869660F38D0EB174.exe c:\Documents and Settings\lionel.B\Application Data\Microsoft\Installer\{BFD080F6-3BF0-40E1-9507-9CA969C35870}\NewShortcut2_8315396A5EA1419DBEC4978284BDF556.exe c:\Documents and Settings\lionel.B\Application Data\Microsoft\Services Windows Live\Raccourci Galerie de Photos Windows Live.exe c:\Documents and Settings\lionel.B\Application Data\Microsoft\Services Windows Live\Raccourci Windows Live Messenger.exe c:\Documents and Settings\lionel.B\Application Data\U3\temp\cleanup.exe c:\Documents and Settings\lionel.B\Application Data\U3\temp\Launchpad Removal.exe c:\Documents and Settings\lionel.B\Bureau\DiagHelp\catchme.exe c:\Documents and Settings\lionel.B\Bureau\DiagHelp\diff.exe c:\Documents and Settings\lionel.B\Bureau\DiagHelp\dumphive.exe c:\Documents and Settings\lionel.B\Bureau\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\lionel.B\Bureau\DiagHelp\find2.exe c:\Documents and Settings\lionel.B\Bureau\DiagHelp\Fport.exe c:\Documents and Settings\lionel.B\Bureau\DiagHelp\grep.exe c:\Documents and Settings\lionel.B\Bureau\DiagHelp\gzip.exe c:\Documents and Settings\lionel.B\Bureau\DiagHelp\KProcCheck.exe c:\Documents and Settings\lionel.B\Bureau\DiagHelp\LFiles.exe c:\Documents and Settings\lionel.B\Bureau\DiagHelp\LISTDLLS.exe c:\Documents and Settings\lionel.B\Bureau\DiagHelp\mbr.exe c:\Documents and Settings\lionel.B\Bureau\DiagHelp\md5sums.exe c:\Documents and Settings\lionel.B\Bureau\DiagHelp\Psinfo.exe c:\Documents and Settings\lionel.B\Bureau\DiagHelp\pslist.exe c:\Documents and Settings\lionel.B\Bureau\DiagHelp\sigcheck.exe c:\Documents and Settings\lionel.B\Bureau\DiagHelp\streams.exe c:\Documents and Settings\lionel.B\Bureau\DiagHelp\swreg.exe c:\Documents and Settings\lionel.B\Bureau\DiagHelp\tar.exe c:\Documents and Settings\lionel.B\Incomplete\T-5916992-ewido-setup.exe c:\Documents and Settings\lionel.B\Local Settings\Application Data\Adobe\Reader 9.0\Setup Files\Setup.exe c:\Documents and Settings\lionel.B\Local Settings\Temporary Internet Files\Content.IE5\ILH2EO33\TCPOptimizer[1].exe c:\Documents and Settings\lionel.B\Mes documents\Ma musique\pagedefrag_2.21_fr\pagedfrg.exe c:\Documents and Settings\lionel.B\Mes documents\TomTom\HOME\Backup\TomTom\Backup01\InternalMemory\InstallTomTomHOME.exe c:\Documents and Settings\lionel.B\Shared\ewidoguard.exe c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aecore.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aeemu.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aegen.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aehelp.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aeheur.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aeoffice.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aepack.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aerdl.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aescn.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aescript.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aevdf.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\avewin32.dll c:\Documents and Settings\All Users\Application Data\Grisoft\AVG Anti-Spyware 7.5\Downloads\help.dll c:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\CEAPI.dll c:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\lavalicense.dll c:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\lavamessage.dll c:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\PrivacyClean.dll c:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Resources.dll c:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\RPAPI.dll c:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\savapibridge.dll c:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\ShellExt.dll c:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\UpdateManager.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll c:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Default\MpEngine.dll c:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{4B25CFCD-5C4C-4FF7-8A0B-9D1ABBDB1F6E}\mpengine.dll c:\Documents and Settings\celine\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\celine\Application Data\Sun\Java\Deployment\cache\6.0\15\4e09eacf-5616cd43-n\Decora-D3D.dll c:\Documents and Settings\celine\Application Data\Sun\Java\Deployment\cache\6.0\33\258cea61-77ba1270-n\jmc.dll c:\Documents and Settings\celine\Application Data\Sun\Java\Deployment\cache\6.0\33\258cea61-77ba1270-n\msvcp71.dll c:\Documents and Settings\celine\Application Data\Sun\Java\Deployment\cache\6.0\33\258cea61-77ba1270-n\msvcr71.dll c:\Documents and Settings\celine\Application Data\Sun\Java\Deployment\cache\6.0\45\4f710eed-61835d18-n\gluegen-rt.dll c:\Documents and Settings\celine\Application Data\Sun\Java\Deployment\cache\6.0\50\5b902232-74c7263f-n\Decora-SSE.dll c:\Documents and Settings\celine\Application Data\Sun\Java\Deployment\cache\6.0\62\6baea4fe-3863f588-n\jogl.dll c:\Documents and Settings\celine\Application Data\Sun\Java\Deployment\cache\6.0\62\6baea4fe-3863f588-n\jogl_awt.dll c:\Documents and Settings\celine\Application Data\Sun\Java\Deployment\cache\6.0\62\6baea4fe-3863f588-n\jogl_cg.dll c:\Documents and Settings\lionel.B\Application Data\Microsoft\IdentityCRL\PROD\ppcrlconfig.dll c:\Documents and Settings\lionel.B\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\lionel.B\Application Data\Microsoft\Services Windows Live\Services Windows Live.dll c:\Documents and Settings\lionel.B\Application Data\Sun\Java\Deployment\cache\6.0\15\4e09eacf-5bb73974-n\Decora-D3D.dll c:\Documents and Settings\lionel.B\Application Data\Sun\Java\Deployment\cache\6.0\33\258cea61-3ca6db27-n\jmc.dll c:\Documents and Settings\lionel.B\Application Data\Sun\Java\Deployment\cache\6.0\33\258cea61-3ca6db27-n\msvcp71.dll c:\Documents and Settings\lionel.B\Application Data\Sun\Java\Deployment\cache\6.0\33\258cea61-3ca6db27-n\msvcr71.dll c:\Documents and Settings\lionel.B\Application Data\Sun\Java\Deployment\cache\6.0\45\4f710eed-6cc71924-n\gluegen-rt.dll c:\Documents and Settings\lionel.B\Application Data\Sun\Java\Deployment\cache\6.0\50\5b902232-5ea02bea-n\Decora-SSE.dll c:\Documents and Settings\lionel.B\Application Data\Sun\Java\Deployment\cache\6.0\62\6baea4fe-56281cb9-n\jogl.dll c:\Documents and Settings\lionel.B\Application Data\Sun\Java\Deployment\cache\6.0\62\6baea4fe-56281cb9-n\jogl_awt.dll c:\Documents and Settings\lionel.B\Application Data\Sun\Java\Deployment\cache\6.0\62\6baea4fe-56281cb9-n\jogl_cg.dll c:\Documents and Settings\lionel.B\Application Data\Sun\Java\jre1.6.0_13\lzma.dll c:\Documents and Settings\lionel.B\Application Data\TomTom\HOME\Profiles\4jkk4fva.default\extensions\Navcore.7.831.8706@tomtom.com\7-831-8706-1.dll ****** Fin du rapport DiagHelp Veuillez svp envoyer le fichier C:\upload_moi_LIONEL.tar.gz a l'adresse http://upload.malekal.com

re comme que je n 'est que la version free je n est aucun moyen d avoir le rapport ni de "copier/coller" le contenu il m'indique 2 menaces importante : crawler parental control et sdbot qui utiliser mes ram !! de plus mon pc bloque souvent ( l'image se fige ,plus aucun control pendant 1 a 2 minutes)

bonsoir poster hier a 17h 10 spy weepeer m'annonce toujours les memes menace !! s'agirait il que de l'intox pour acheter la version payante?? pour le rapport voila : Malwarebytes' Anti-Malware 1.36 Version de la base de données: 2015 Windows 5.1.2600 Service Pack 3 20/04/2009 21:11:11 mbam-log-2009-04-20 (21-11-11).txt Type de recherche: Examen complet (C:\|D:\|) Eléments examinés: 191064 Temps écoulé: 45 minute(s), 22 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)

ok et maientenant ??

spy weepeer m'annonce toujours les memes menace !! s'agirait il que de l'intox pour acheter la version payante??

re je vais refaire un scan avec spy .. aviez vous trouvez des bestioles ?? je trouve mon systeme un peu lourd est il possible de le faire un peu fondre ?? merci encore de l aide apporte!!

petite question ,?? pourquoi apres la desinf..,il ya anti vir +resident ad aware qui ont deparu de la barre des taches ?? merci

############################## [ UsbFix V3.010 ] ############################## [ Processus actifs ] C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\logonui.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\system32\userinit.exe C:\WINDOWS\Explorer.EXE ################## [ Fichiers # Dossiers infectieux ] ################## [ Registre # Clés Run infectieuses ] # -> Not Found ! ################## [ Registre # Startup ] HKCU_Main: "Search Page"="http://www.google.com" HKCU_Main: "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome" HKCU_Main: "Window Title"="" HKLM_logon: "Userinit"="C:\\WINDOWS\\system32\\userinit.exe," HKLM_logon: "DefaultUserName"="" HKLM_logon: "AltDefaultUserName"="lionel.B" HKLM_logon: "LegalNoticeCaption"="" HKLM_logon: "LegalNoticeText"="" HKLM_Run: Start RF Wireless Mouse="C:\Program Files\RF Wireless Mouse\cm20.exe" HKLM_Run: avgnt="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min HKLM_Run: WinPatrol="C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe" HKLM_Run: SunJavaUpdateSched="C:\Program Files\Java\jre6\bin\jusched.exe" HKLM_Run: QuickTime Task="C:\Program Files\QuickTime\qttask.exe" -atboottime HKLM_Run: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents= HKCU_Run: msnmsgr="C:\PROGRA~1\WI1F86~1\MESSEN~1\msnmsgr.exe" /background HKCU_Run: swg=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe ################## [ Registre # Mountpoints2 ] Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{62a90aa2-c3a4-11dd-b61b-00184d71c88a}\Shell\AutoRun\command Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{6e709ab9-0716-11dd-b5d7-00184d71c88a}\Shell\AutoRun\command Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{75571c98-031c-11dd-b5d5-00184d71c88a}\Shell\AutoRun\command Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{ab9917ce-b226-11db-b552-4d6564696130}\Shell\AutoRun\command Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{cd7f9fe2-bfd4-11dc-b5c2-00184d71c88a}\Shell\AutoRun\command Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{f2466140-6338-11dd-b5f7-00184d71c88a}\Shell\AutoRun\command ################## [ Listing des fichiers présent ] C:\AUTOEXEC.BAT C:\NTDETECT.COM C:\UNWISE.EXE C:\boot.ini J:\Desktop.ini ################## [ Vaccination ] # C:\autorun.inf -> Folder created by UsbFix. # D:\autorun.inf -> Folder created by UsbFix. # J:\autorun.inf -> Folder created by UsbFix. ################## [ ! Fin du rapport # UsbFix V3.010 ! ]

re ############################## [ UsbFix V3.010 ] ############################## [ Processus actifs ] C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Acer\Acer eConsole\MediaServerService.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Microsoft LifeCam\MSCamS32.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\RF Wireless Mouse\cm20.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\QuickTime\qttask.exe C:\PROGRA~1\WI1F86~1\MESSEN~1\msnmsgr.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\WINDOWS\system32\wbem\unsecapp.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe C:\Program Files\Windows Live\Messenger\wlcsdk.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Windows Live\Toolbar\wltuser.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\Softwin\BitDefender10\vsserv.exe ################## [ Registre # Startup ] HKCU_Main: "Search Page"="http://www.google.com" HKCU_Main: "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" HKLM_logon: "Userinit"="C:\\WINDOWS\\system32\\userinit.exe," HKLM_logon: "DefaultUserName"="lionel.B" HKLM_logon: "AltDefaultUserName"="lionel.B" HKLM_logon: "LegalNoticeCaption"="" HKLM_logon: "LegalNoticeText"="" HKLM_Run: Start RF Wireless Mouse="C:\Program Files\RF Wireless Mouse\cm20.exe" HKLM_Run: avgnt="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min HKLM_Run: WinPatrol="C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe" HKLM_Run: SunJavaUpdateSched="C:\Program Files\Java\jre6\bin\jusched.exe" HKLM_Run: QuickTime Task="C:\Program Files\QuickTime\qttask.exe" -atboottime HKLM_Run: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents= HKCU_Run: msnmsgr="C:\PROGRA~1\WI1F86~1\MESSEN~1\msnmsgr.exe" /background HKCU_Run: swg=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe ################## [ Informations ] # -> ( Value | Good = 0x0 Bad = 0x1 ) # HKCU\SOFTWARE\...\Policies\System "DisableRegedit" = (0x0) # HKCU\SOFTWARE\...\Policies\System "DisableRegistryTools" = (0x0) # HKCU\SOFTWARE\...\Policies\System "DisableTaskMgr" = (0x0) # HKLM\SOFTWARE\...\Policies\System "DisableRegedit" = (0x0) # HKLM\SOFTWARE\...\Policies\System "DisableRegistryTools" = (0x0) # HKLM\SOFTWARE\...\Policies\System "DisableTaskMgr" = (0x0) ################## [ Fichiers # Dossiers infectieux ] ################## [ Registre # Clés Run infectieuses ] # -> Not Found ! ################## [ Registre # Mountpoints2 ] HKCU\Software\Microsoft\....\MountPoints2\{62a90aa2-c3a4-11dd-b61b-00184d71c88a}\Shell\AutoRun\command HKCU\Software\Microsoft\....\MountPoints2\{6e709ab9-0716-11dd-b5d7-00184d71c88a}\Shell\AutoRun\command HKCU\Software\Microsoft\....\MountPoints2\{75571c98-031c-11dd-b5d5-00184d71c88a}\Shell\AutoRun\command HKCU\Software\Microsoft\....\MountPoints2\{ab9917ce-b226-11db-b552-4d6564696130}\Shell\AutoRun\command HKCU\Software\Microsoft\....\MountPoints2\{cd7f9fe2-bfd4-11dc-b5c2-00184d71c88a}\Shell\AutoRun\command HKCU\Software\Microsoft\....\MountPoints2\{f2466140-6338-11dd-b5f7-00184d71c88a}\Shell\AutoRun\command ################## [ ! Fin du rapport # UsbFix V3.010 ! ]

PEAR SVP MERCI

bonsoir et merci Logfile of random's system information tool 1.06 (written by random/random) Run by lionel.B at 2009-04-16 21:49:12 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 61 GB (66%) free of 93 GB Total RAM: 447 MB (21% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:49:38, on 16/04/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Acer\Acer eConsole\MediaServerService.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Microsoft LifeCam\MSCamS32.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\WINDOWS\Explorer.EXE C:\Program Files\RF Wireless Mouse\cm20.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Windows Live\Messenger\wlcsdk.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe C:\Program Files\Windows Live\Toolbar\wltuser.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\securite\RSIT.exe C:\Program Files\hijackthis\lionel.B.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [start RF Wireless Mouse] "C:\Program Files\RF Wireless Mouse\cm20.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [WinPatrol] "C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRA~1\WI1F86~1\MESSEN~1\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Crawler Search - tbr:iemenu O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/dow...llerControl.cab O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/a...gnerADP-1.1.cab O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\Acer\Acer eConsole\MediaServerService.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc. (www.webroot.com) - C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe -- End of file - 7508 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1146261661.job C:\WINDOWS\tasks\Microsoft_Hardware_Launch_LifeExp_exe.job C:\WINDOWS\tasks\Microsoft_Hardware_Launch_rundll32_exe.job C:\WINDOWS\tasks\Microsoft_Hardware_Launch_vVX1000_exe.job C:\WINDOWS\tasks\MP Scheduled Scan.job C:\WINDOWS\tasks\Nouvelle Tâche.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{243B17DE-77C7-46BF-B94B-0B5F309A0E64}] C:\Program Files\Microsoft Money\System\mnyside.dll [2002-07-17 163906] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2008-12-04 92504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-01-14 251504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2009-01-14 657904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}] Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2009-01-14 522224] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-04-08 35840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-04-08 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-01-14 251504] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Start RF Wireless Mouse"=C:\Program Files\RF Wireless Mouse\cm20.exe [2002-01-31 61440] "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-07-17 266497] "WinPatrol"=C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe [2005-12-13 222784] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-04-08 148888] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"=C:\PROGRA~1\WI1F86~1\MESSEN~1\msnmsgr.exe [2009-02-06 3885408] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-15 68856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^celine^Menu Démarrer^Programmes^Démarrage^desktop.ini] [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WebrootSpySweeperService] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WRConsumerService] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=95000000 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Acer\Acer eConsole\MediaSync.exe"="C:\Program Files\Acer\Acer eConsole\MediaSync.exe:LocalSubNet:Enabled:Media Synchoronizer" "C:\Program Files\Acer\Acer eConsole\eConsole.exe"="C:\Program Files\Acer\Acer eConsole\eConsole.exe:LocalSubNet:Enabled:eConsole" "C:\Program Files\Acer\Acer eConsole\MediaServerService.exe"="C:\Program Files\Acer\Acer eConsole\MediaServerService.exe:LocalSubNet:Enabled:Acer Media Server" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{62a90aa2-c3a4-11dd-b61b-00184d71c88a}] shell\AutoRun\command - K:\InstallTomTomHOME.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6e709ab9-0716-11dd-b5d7-00184d71c88a}] shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL NoLimit.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{75571c98-031c-11dd-b5d5-00184d71c88a}] shell\AutoRun\command - K:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ab9917ce-b226-11db-b552-4d6564696130}] shell\AutoRun\command - J:\LaunchU3.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cd7f9fe2-bfd4-11dc-b5c2-00184d71c88a}] shell\AutoRun\command - K:\InstallTomTomHOME.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f2466140-6338-11dd-b5f7-00184d71c88a}] shell\AutoRun\command - K:\InstallTomTomHOME.exe ======File associations====== .reg - open - regedit.exe "%1" %* ======List of files/folders created in the last 1 months====== 2009-04-15 23:01:29 ----A---- C:\WINDOWS\isRS-000.tmp 2009-04-15 23:00:15 ----D---- C:\Program Files\Webroot 2009-04-15 23:00:15 ----D---- C:\Documents and Settings\lionel.B\Application Data\Webroot 2009-04-15 23:00:15 ----D---- C:\Documents and Settings\All Users\Application Data\Webroot 2009-04-15 23:00:15 ----A---- C:\WINDOWS\WRSetup.dll 2009-04-15 22:17:08 ----D---- C:\Documents and Settings\lionel.B\Application Data\TrojanHunter 2009-04-15 22:08:31 ----R---- C:\WINDOWS\system32\streamhlp.dll 2009-04-15 22:08:31 ----D---- C:\Program Files\TrojanHunter 5.0 2009-04-15 07:21:47 ----A---- C:\WINDOWS\system32\lsdelete.exe 2009-04-14 22:55:41 ----HDC---- C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800} 2009-04-14 22:55:26 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft 2009-04-13 10:36:10 ----D---- C:\Program Files\Windows Defender 2009-04-09 23:18:19 ----D---- C:\Program Files\jv16 PowerTools 2009 2009-04-09 19:24:21 ----D---- C:\Program Files\Secunia 2009-04-08 21:56:29 ----A---- C:\WINDOWS\system32\javaws.exe 2009-04-08 21:56:29 ----A---- C:\WINDOWS\system32\javaw.exe 2009-04-08 21:56:29 ----A---- C:\WINDOWS\system32\java.exe 2009-04-08 21:56:29 ----A---- C:\WINDOWS\system32\deploytk.dll 2009-04-07 22:20:55 ----D---- C:\rsit 2009-04-02 14:30:04 ----A---- C:\WINDOWS\system32\wrLZMA.dll 2009-04-02 14:29:56 ----A---- C:\WINDOWS\system32\SsiEfr.exe ======List of files/folders modified in the last 1 months====== 2009-04-16 21:49:15 ----D---- C:\Program Files\hijackthis 2009-04-16 21:45:46 ----D---- C:\WINDOWS\temp 2009-04-15 23:21:02 ----AD---- C:\WINDOWS 2009-04-15 23:17:23 ----RD---- C:\Program Files\securite 2009-04-15 23:07:39 ----SD---- C:\WINDOWS\Tasks 2009-04-15 23:01:29 ----A---- C:\WINDOWS\win.ini 2009-04-15 23:01:28 ----AD---- C:\WINDOWS\system32 2009-04-15 23:00:52 ----SHD---- C:\WINDOWS\Installer 2009-04-15 23:00:52 ----D---- C:\Config.Msi 2009-04-15 23:00:31 ----AD---- C:\WINDOWS\system32\drivers 2009-04-15 23:00:30 ----HD---- C:\WINDOWS\inf 2009-04-15 23:00:15 ----RD---- C:\Program Files 2009-04-15 22:44:02 ----D---- C:\Program Files\Mozilla Firefox 2009-04-15 22:09:08 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2009-04-14 23:48:11 ----D---- C:\WINDOWS\system32\CatRoot2 2009-04-14 22:57:16 ----DC---- C:\WINDOWS\system32\DRVSTORE 2009-04-14 22:55:26 ----D---- C:\Program Files\Lavasoft 2009-04-14 22:55:17 ----D---- C:\WINDOWS\WinSxS 2009-04-13 10:34:24 ----SD---- C:\WINDOWS\Downloaded Program Files 2009-04-12 22:03:31 ----D---- C:\Program Files\WinClamAVShield 2009-04-12 22:02:27 ----D---- C:\Documents and Settings\lionel.B\Application Data\Spyware Terminator 2009-04-12 11:22:31 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-04-12 10:49:48 ----D---- C:\Program Files\a-squared Free 2009-04-12 09:49:27 ----D---- C:\Documents and Settings\All Users\Application Data\Spyware Terminator 2009-04-12 09:49:22 ----D---- C:\Program Files\Microsoft Money 2009-04-10 22:33:41 ----D---- C:\Program Files\Internet Explorer 2009-04-08 21:58:20 ----D---- C:\Program Files\Java 2009-04-06 13:26:46 ----A---- C:\WINDOWS\system32\capicom.dll 2009-04-04 22:56:00 ----D---- C:\WINDOWS\system32\FxsTmp 2009-04-04 22:52:41 ----A---- C:\WINDOWS\NeroDigital.ini 2009-04-04 22:52:37 ----D---- C:\Toolbar SD 2009-04-04 22:52:37 ----AD---- C:\VALUEADD 2009-04-04 22:52:35 ----D---- C:\pmw 2009-04-03 16:04:53 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help 2009-03-30 19:07:11 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-03-30 19:01:31 ----D---- C:\Program Files\Spybot - Search & Destroy 2009-03-21 10:16:53 ----D---- C:\Program Files\Windows Live ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-11-25 75072] R1 fwdrv;Firewall Driver; C:\WINDOWS\system32\drivers\fwdrv.sys [2007-04-26 302000] R1 khips;Kerio HIPS Driver; C:\WINDOWS\system32\drivers\khips.sys [2007-04-26 72624] R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352] R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632] R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-09-22 3727680] R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [] R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2005-12-07 6144] R3 RTL8023xp;NETGEAR FA311v2 PCI Adapter; C:\WINDOWS\system32\DRIVERS\FA311XP.SYS [2006-01-25 78720] R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 viagfx;viagfx; C:\WINDOWS\system32\DRIVERS\vtmini.sys [2005-05-13 172544] R3 VX1000;VX-1000; C:\WINDOWS\system32\DRIVERS\VX1000.sys [2007-04-10 1966312] S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys [2003-03-25 46455] S3 adiusbaw;USB ADSL WAN Adapter; C:\WINDOWS\system32\DRIVERS\adiusbaw.sys [2003-03-27 127145] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2003-03-09 51024] S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2003-03-09 16080] S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2003-03-09 21456] S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2009-03-24 7808] S3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 58320] S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-01-24 6064] S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-01-24 84512] S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2005-12-22 80272] S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2005-12-22 10864] S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2005-12-22 137884] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 SymEvent;SymEvent; C:\WINDOWS\system32\drivers\SymEvent.sys [2004-12-20 110352] S3 USB_RNDIS;Inventel Gateway; C:\WINDOWS\system32\DRIVERS\usb8023.sys [2008-04-13 12800] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S3 ZD1211U(ZyDAS);ZyDAS ZD1211 IEEE 802.11b+g Wireless LAN Driver (USB)(ZyDAS); C:\WINDOWS\system32\DRIVERS\zd1211u.sys [2004-09-29 247296] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Acer Media Server;Acer Media Server; C:\Program Files\Acer\Acer eConsole\MediaServerService.exe [2005-09-21 438272] R2 AntiVirScheduler;AntiVir PersonalEdition Classic Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-23 68865] R2 AntiVirService;AntiVir PersonalEdition Classic Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-23 151297] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-04-14 951632] R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2007-05-17 271720] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656] R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2008-05-04 606720] R2 SPF4;Sunbelt Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe [2007-04-26 1234480] R2 WebrootSpySweeperService;Moteur Webroot Spy Sweeper; C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe [2009-04-02 4048240] R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592] R4 WRConsumerService;Webroot Client Service; C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe [2009-04-15 1181040] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768] S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-14 137200] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2003-03-09 65795] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S4 a2free;a-squared Free Service; C:\Program Files\a-squared Free\a2service.exe [2009-03-07 425080] S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-04-08 152984] S4 spupdsvc;Windows Service Pack Installer update service; C:\WINDOWS\system32\spupdsvc.exe [2007-07-27 26488] -----------------EOF----------------- info.txt logfile of random's system information tool 1.06 2009-04-07 22:21:20 ======Uninstall list====== -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} Acer eConsole-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EC028E6B-F3F1-4192-B63E-A7C97302ED5A}\setup.exe" -l0x40c Acer eMode Management-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{65CDEC30-4BF4-48FB-8059-9FC480E4E94F}\setup.exe" -l0x40c Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 9.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001} Archiveur WinRAAR-->C:\Program Files\WinRAR\uninstall.exe a-squared Free 2.0-->"C:\Program Files\a-squared Free\unins000.exe" Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2} Atlas Routier Michelin Europe-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{794C908B-4BBE-40BF-B87C-A05C8B733F71}/setup.exe" Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE Barre d'outils Outlook de Windows Live (Windows Live Toolbar)-->MsiExec.exe /X{6E15BEDF-7EB5-4010-998E-B430DB4EFE45} Bloqueur de fenêtres pop-up (Windows Live Toolbar)-->MsiExec.exe /X{A425C250-A0E1-4D78-B1C1-A5CBC7385E7C} CCScore-->MsiExec.exe /I{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992} Change Extension-->C:\WINDOWS\AMUninst01c.exe C:\Program Files\Change Extension\Instlog.lsl Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E} CodeStuff Starter-->"C:\Program Files\CodeStuff\Starter\unStarter.exe" Complément Microsoft Word pour Microsoft Works Suite-->MsiExec.exe /I{F6B1CD0F-DB2D-4666-A168-C46390AD8C4A} Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe" Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe" Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" CVitae 2.1.1-->"C:\Program Files\CVitae\uninstall.exe" Détecteur de flux Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{EFFCB0F1-CFEC-48D4-B793-EBFCAE852976} DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER DivX-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC DropMyRights-->MsiExec.exe /I{E5B72007-07C9-4E67-B29E-696073F45704} EasyCleaner-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F5346614-B7C4-4E94-826A-E2363155233D}\setup.exe" -l0x9 -removeonly e-COMO-->"C:\Program Files\ColiPoste\e-COMO\Uninstall.exe" "C:\Program Files\ColiPoste\e-COMO\install.log" ESSBrwr-->MsiExec.exe /I{643EAE81-920C-4931-9F0B-4B343B225CA6} ESSCDBK-->MsiExec.exe /I{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD} ESScore-->MsiExec.exe /I{42938595-0D83-404D-9F73-F8177FDD531A} ESSgui-->MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A} ESSini-->MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765} ESSPCD-->MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5} ESSPDock-->MsiExec.exe /I{FCDB1C92-03C6-4C76-8625-371224256091} ESSSONIC-->MsiExec.exe /I{073F22CE-9A5B-4A40-A604-C7270AC6BF34} ESSTOOLS-->MsiExec.exe /I{8A502E38-29C9-49FA-BCFA-D727CA062589} essvatgt-->MsiExec.exe /I{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F} Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C52BA20C2D} Extension Système de Microsoft Money-->MsiExec.exe /I{02CA7E66-1AD1-4DE9-BA9E-86A0EEB019C7} FairUse Wizard 2-->C:\Program Files\FairUse Wizard 2\UnInstall_14333.exe fflink-->MsiExec.exe /I{608D2A3C-6889-4C11-9B54-A42F45ACBFDB} Formation à Microsoft Excel 2000-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Edu-Performance\gpfxl2k\Uninst.isu" Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0531C63A913CC9D1.exe" /uninstall HijackThis 2.0.2-->"C:\Documents and Settings\lionel.B\Mes documents\telechargements\HijackThis.exe" /uninstall Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" hp psc 1200 series-->MsiExec.exe /X{C900EF06-2E76-49C7-8DB0-41F629B21DC5} Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D} J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060} jv16 PowerTools 1.3-->"C:\Program Files\jv16 PowerTools\unins000.exe" K9-->"C:\Program Files\KeirNet\K9\uninstall.exe" kgcbaby-->MsiExec.exe /I{E18B549C-5D15-45DA-8D8F-8FD2BD946344} kgcbase-->MsiExec.exe /I{F22C222C-3CE2-4A4B-A83F-AF4681371ABE} kgchday-->MsiExec.exe /I{11F3F858-4131-4FFA-A560-3FE282933B6E} kgchlwn-->MsiExec.exe /I{03EDED24-8375-407D-A721-4643D9768BE1} kgcinvt-->MsiExec.exe /I{9BD54685-1496-46A5-AB62-357CD140ED8B} kgckids-->MsiExec.exe /I{693C08A7-9E76-43FF-B11E-9A58175474C4} kgcmove-->MsiExec.exe /I{A1588373-1D86-4D44-86C9-78ABD190F9CC} kgcvday-->MsiExec.exe /I{8A8664E1-84C8-4936-891C-BC1F07797549} KSU-->MsiExec.exe /I{B997C2A0-4383-41BF-B76E-9B8B7ECFB267} Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall Macromedia Flash Player 8-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\swflash.inf,DefaultUninstall,5 Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929} Micro Application - Atlas Routier et Plans de ville-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F64ACA50-5148-11D6-839E-000102DA18BF}/setup.exe" Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700} Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft LifeCam-->MsiExec.exe /X{968D41C3-25BB-4632-A6DF-2E1C8F0143A4} Microsoft Money-->MsiExec.exe /I{01A2E33A-8ADA-42D1-9173-8F65149E952F} Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE} Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE} Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE} Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE} Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE} Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE} Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE} Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE} Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE} Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE} Microsoft Picture It! Photo 7.0-->MsiExec.exe /I{369B36BE-3D64-4641-9AEA-808D436FE132} Microsoft Search Enhancement Pack-->MsiExec.exe /I{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft Sites publics français-->MsiExec.exe /I{B72B0ECE-F41E-4EC4-AA37-1A00640680BF} Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5} Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB} Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Works 7.0-->MsiExec.exe /I{64D114CE-4234-45C2-B60A-2B07D5A48F72} Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 9 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F} MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} Nero 6 Ultra Edition-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL NeroVision Express 3-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL netbrdg-->MsiExec.exe /I{4537EA4B-F603-4181-89FB-2953FC695AB1} Notifier-->MsiExec.exe /I{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2} NTI HomeVideo-Maker-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B8A6F713-D72D-47AD-A92D-B5C0E13F98C1}\setup.exe" -l0x40c OfotoXMI-->MsiExec.exe /I{B162D0A6-9A1D-4B7C-91A5-88FB48113C45} OneCare Advisor (Windows Live Toolbar)-->MsiExec.exe /X{F242B06B-517F-4D62-B654-16B11564A912} Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Photo et imagerie HP 2.0 - All-in-One Pilote-->MsiExec.exe /X{6ECB39BD-73C2-44DD-B1A0-898207C58D8B} Photo et imagerie HP 2.0 - All-in-One-->MsiExec.exe /X{9867A917-5D17-40DE-83BA-BEA5293194B1} Photo et imagerie HP 2.0 - hp psc 1200 series-->C:\Program Files\Hewlett-Packard\Digital Imaging\{7C8BB31C-E09E-4c7d-BBF1-45E33B467FE1}\Setup\hpzscr01.exe -datfile hposcr02.dat -forcereboot PIXresizer 1.0.9-->"C:\Program Files\PIXresizer\unins000.exe" PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall PrintMaster Gold 4.00-->c:\pmw\msrun.exe QuickTime-->MsiExec.exe /I{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8} Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x40c -removeonly RF Wireless Device-->C:\Program Files\InstallShield Installation Information\{6D9258A8-A3A0-11D5-87D4-00055D0100B6}\setup.exe SAGEM F@st 800-840-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}\setup.exe" -l0x40c SAMSUNG CDMA Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe SAMSUNG Mobile Composite Device Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\6\SSBCUninstall.exe Samsung Mobile phone USB driver Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe Samsung PC Studio 3 USB Driver Installer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}\setup.exe" -l0x40c -removeonly Samsung PC Studio 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -l0x40c -removeonly Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85} Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7} Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2} Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B} Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77} Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85} Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F} Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC} Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C} Security Update for Visio 2007 (KB947590)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6BAD036C-261F-4BEF-96CF-C20678D07A41} Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} Sélecteur d'installation de Microsoft Works Suite 2003-->C:\Program Files\Microsoft Works Suite 2003\Setup\Launcher.exe E:\ SFR-->MsiExec.exe /I{DB02F716-6275-42E9-B8D2-83BA2BF5100B} SHASTA-->MsiExec.exe /I{605A4E39-613C-4A12-B56F-DEFBE6757237} skin0001-->MsiExec.exe /I{5316DFC9-CE99-4458-9AB3-E8726EDE0210} SKINXSDK-->MsiExec.exe /I{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F} Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" Spyware Terminator-->"C:\Program Files\Spyware Terminator\unins000.exe" staticcr-->MsiExec.exe /I{8943CE61-53BD-475E-90E1-A580869E98A2} Sunbelt Personal Firewall-->MsiExec.exe /X{BFD080F6-3BF0-40E1-9507-9CA969C35870} TomTom HOME 2.5.2.60-->C:\Program Files\TomTom HOME 2\Uninstall TomTom HOME.exe tooltips-->MsiExec.exe /I{E79987F0-0E34-42CC-B8FF-6C860AEEB26A} Turbo Lister 2-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{69640730-B830-4C24-BB5C-222DA1260548} Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756} Update for Office 2007 (KB946691)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278} Update for Outlook 2007 Junk Email Filter (kb962871)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {297857BF-4011-449B-BD74-DB64D182821C} VC_MergeModuleToMSI-->MsiExec.exe /I{900A92BA-19EF-4A34-86CF-7B6C85BDD971} VirtualDub 1.6.1 Fr-->C:\Program Files\VirtualDub\UnInstall_VirtualDub.exe VPRINTOL-->MsiExec.exe /I{999D43F4-9709-4887-9B1A-83EBB15A8370} Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live Favorites pour Windows Live Toolbar-->MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66} Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C} Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353} Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" WinPatrol-->C:\WINDOWS\unin040c.exe -f"C:\Program Files\BillP Studios\WinPatrol\DeIsL1.isu" -c"C:\Program Files\BillP Studios\WinPatrol\_ISREG32.DLL" Wireless 802.11g USB Adapter-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{703FBBAA-ED01-498D-86D5-559C4725CD63} /l1036 WIRELESS-->MsiExec.exe /I{F9593CFB-D836-49BC-BFF1-0E669A411D9F} xp-AntiSpy 3.93-->C:\Program Files\xp-AntiSpy\uninst.exe Zeb-Utility 1.2-->C:\Program Files\Zeb-Utility\Uninstal.exe =====HijackThis Backups===== R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 [2007-11-02] O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [2007-11-02] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = [2007-11-02] O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) [2007-11-02] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/ [2007-11-02] R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ [2007-11-02] O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll [2007-11-02] R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/ [2007-11-02] O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2007-11-02] R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris [2007-11-02] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 [2007-11-02] O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab [2007-11-02] O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll [2007-11-02] O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE [2007-11-02] R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.google.fr/keyword/%s [2007-11-02] O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1146263576265 [2007-11-02] O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab [2007-11-02] O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - https://safe.tele2.com/inc/accounthelper.cab [2007-11-02] O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab [2007-11-02] O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab [2007-11-02] O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [2007-11-02] O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file) [2007-12-16] ======Hosts File====== 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com ======Security center information====== AV: Avira AntiVir PersonalEdition FW: Sunbelt Personal Firewall ======System event log====== Computer Name: LIONEL Event Code: 26 Message: Application popup : Windows : Des utilisateurs ont ouvert une session sur cet ordinateur. La fermeture de Windows peut provoquer la perte de données. Voulez-vous vraiment continuer ? Record Number: 25901 Source Name: Application Popup Time Written: 20081211223252.000000+060 Event Type: Informations User: Computer Name: LIONEL Event Code: 26 Message: Application popup : kpf4gui.exe - L'initialisation de la DLL a échoué : L'application n'a pas pu s'initialiser car la station de travail est en train d'être arrêtée. Record Number: 25900 Source Name: Application Popup Time Written: 20081211222230.000000+060 Event Type: Informations User: Computer Name: LIONEL Event Code: 18 Message: Prêt pour l'installation : les mises à jour suivantes ont été téléchargées et sont prêtes pour l'installation. L'installation de ces mises à jour est actuellement planifiée pour le ?vendredi ?12 ?décembre ?2008 à 03:00 : - Mise à jour de sécurité pour Microsoft Office System 2007 (KB956828) - Mise à jour de sécurité pour Windows XP (KB956802) - Mise à jour de sécurité pour Windows XP (KB954600) - Mise à jour pour le filtre de courrier indésirable de Microsoft Office Outlook 2007 (KB958619) - Mise à jour de sécurité pour Windows XP Service Pack 3 (KB952069) - Mise à jour de sécurité pour Microsoft Office Word 2007 (KB956358) - Outil de suppression de logiciels malveillants Windows - décembre 2008 (KB890830) - Mise à jour de sécurité cumulative pour Internet Explorer 7 pour Windows XP (KB958215) - Mise à jour pour Windows XP (KB955839) - Mise à jour de sécurité pour Microsoft Office Excel 2007 (KB958437) - Mise à jour de sécurité pour Microsoft Office System 2007 (KB958439) Record Number: 25899 Source Name: Windows Update Agent Time Written: 20081211191136.000000+060 Event Type: Informations User: Computer Name: LIONEL Event Code: 18 Message: Prêt pour l'installation : les mises à jour suivantes ont été téléchargées et sont prêtes pour l'installation. L'installation de ces mises à jour est actuellement planifiée pour le ?vendredi ?12 ?décembre ?2008 à 03:00 : - Mise à jour de sécurité pour Microsoft Office System 2007 (KB956828) - Mise à jour de sécurité pour Windows XP (KB956802) - Mise à jour de sécurité pour Windows XP (KB954600) - Mise à jour pour le filtre de courrier indésirable de Microsoft Office Outlook 2007 (KB958619) - Mise à jour de sécurité pour Windows XP Service Pack 3 (KB952069) - Mise à jour de sécurité pour Microsoft Office Word 2007 (KB956358) - Outil de suppression de logiciels malveillants Windows - décembre 2008 (KB890830) - Mise à jour de sécurité cumulative pour Internet Explorer 7 pour Windows XP (KB958215) - Mise à jour de sécurité pour Microsoft Office Excel 2007 (KB958437) - Mise à jour de sécurité pour Microsoft Office System 2007 (KB958439) Record Number: 25898 Source Name: Windows Update Agent Time Written: 20081211191130.000000+060 Event Type: Informations User: Computer Name: LIONEL Event Code: 18 Message: Prêt pour l'installation : les mises à jour suivantes ont été téléchargées et sont prêtes pour l'installation. L'installation de ces mises à jour est actuellement planifiée pour le ?vendredi ?12 ?décembre ?2008 à 03:00 : - Mise à jour de sécurité pour Microsoft Office System 2007 (KB956828) - Mise à jour de sécurité pour Windows XP (KB954600) - Mise à jour pour le filtre de courrier indésirable de Microsoft Office Outlook 2007 (KB958619) - Mise à jour de sécurité pour Windows XP Service Pack 3 (KB952069) - Mise à jour de sécurité pour Microsoft Office Word 2007 (KB956358) - Outil de suppression de logiciels malveillants Windows - décembre 2008 (KB890830) - Mise à jour de sécurité cumulative pour Internet Explorer 7 pour Windows XP (KB958215) - Mise à jour de sécurité pour Microsoft Office Excel 2007 (KB958437) - Mise à jour de sécurité pour Microsoft Office System 2007 (KB958439) Record Number: 25897 Source Name: Windows Update Agent Time Written: 20081211191130.000000+060 Event Type: Informations User: =====Application event log===== Computer Name: LIONEL Event Code: 11707 Message: Product: MSXML 4.0 SP2 (KB954430) -- Installation completed successfully. Record Number: 5712 Source Name: MsiInstaller Time Written: 20081112185058.000000+060 Event Type: Informations User: LIONEL\lionel.B Computer Name: LIONEL Event Code: 102 Message: msnmsgr (360) \\.\C:\Documents and Settings\lionel.B\Local Settings\Application Data\Microsoft\Messenger\lionel.berlie@hotmail.fr\SharingMetadata\Working\database_3C4C_7733_4820_7A50\dfsr.db: Le moteur de base de données a démarré une nouvelle instance (0). Record Number: 5711 Source Name: ESENT Time Written: 20081112174910.000000+060 Event Type: Informations User: Computer Name: LIONEL Event Code: 100 Message: msnmsgr (360) Le moteur de base de données 5.01.2600.5512 est démarré. Record Number: 5710 Source Name: ESENT Time Written: 20081112174910.000000+060 Event Type: Informations User: Computer Name: LIONEL Event Code: 101 Message: msnmsgr (360) Le moteur de base de données est arrêté. Record Number: 5709 Source Name: ESENT Time Written: 20081112174544.000000+060 Event Type: Informations User: Computer Name: LIONEL Event Code: 103 Message: msnmsgr (360) \\.\C:\Documents and Settings\lionel.B\Local Settings\Application Data\Microsoft\Messenger\lionel.berlie@hotmail.fr\SharingMetadata\Working\database_3C4C_7733_4820_7A50\dfsr.db: Le moteur de base de données a arrêté une instance (0). Record Number: 5708 Source Name: ESENT Time Written: 20081112174544.000000+060 Event Type: Informations User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;;C:\Program Files;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Samsung\Samsung PC Studio 3\ "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 44 Stepping 2, AuthenticAMD "PROCESSOR_REVISION"=2c02 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "CLASSPATH"=.;C:\Program Files\Java\jre1.5.0_06\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre1.5.0_06\lib\ext\QTJava.zip -----------------EOF-----------------