fire_man

up et baisse du prix qui passe de 200 euros à 155 euros car mon prix de départ n'était pas cohèrent avec les nouveaux modèles

un grand merci a toi bonne journée

ok voilà chef le nouveau rapport : et les raccourcis sont revenus ========== PROCESSES ========== Process explorer.exe killed successfully. ========== REGISTRY ========== Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoInstrumentation deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\TrayNotify\\IconStreams deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\TrayNotify\\PastIconsStream deleted successfully. ========== COMMANDS ========== File delete failed. C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\etilqs_TARsQd3lM9qeqZVkn5u6 scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Perflib_Perfdata_2d0.dat scheduled to be deleted on reboot. User's Temp folder emptied. User's Temporary Internet Files folder emptied. User's Internet Explorer cache folder emptied. Local Service Temp folder emptied. Local Service Temporary Internet Files folder emptied. File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_670.dat scheduled to be deleted on reboot. Windows Temp folder emptied. Java cache emptied. File delete failed. C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\tp3w8gw1.default\Cache\_CACHE_001_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\tp3w8gw1.default\Cache\_CACHE_002_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\tp3w8gw1.default\Cache\_CACHE_003_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\tp3w8gw1.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\tp3w8gw1.default\urlclassifier3.sqlite scheduled to be deleted on reboot. FireFox cache emptied. Temp folders emptied. OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 02222009_152124 Files moved on Reboot... File C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\etilqs_TARsQd3lM9qeqZVkn5u6 not found! File C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Perflib_Perfdata_2d0.dat not found! File C:\WINDOWS\temp\Perflib_Perfdata_670.dat not found! C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\tp3w8gw1.default\Cache\_CACHE_001_ moved successfully. C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\tp3w8gw1.default\Cache\_CACHE_002_ moved successfully. C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\tp3w8gw1.default\Cache\_CACHE_003_ moved successfully. C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\tp3w8gw1.default\Cache\_CACHE_MAP_ moved successfully. C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\tp3w8gw1.default\urlclassifier3.sqlite moved successfully.

voici le rapport: SystemLook v1.0 by jpshortstuff (11.02.09) Log created at 14:52 on 22/02/2009 by Propriétaire (Administrator - Elevation successful) ========== reg ========== [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDriveTypeAutoRun"= 0x00000091 (145) "NoInstrumentation"= 0x00000001 (1) -=End Of File=-

hello, bah voila je vends mon Ampli Yamaha HTR-6040 pour passer à la gamme au dessus Type : Ampli intégré home cinéma Marque : Yamaha Modèle : HTR-6040 ou RX-V461 (c'est les mêmes! le miens c'est un 6040) Prix de vente : 155 euros FDPout Département où la marchandise est visible : 40 Mont de Marsan (possibilité de me déplacer mais pas à petaouchnoque Possibilité d'expédition : Oui Montant des frais d'expédition : 15 euros (Collisimo) État de la marchandise : Excellent, comme neuf Première main : Oui Facture disponible : Oui Date et lieu d'achat : 08/01 /2008, Comociné Garantie et date d'expiration : 2 ans, Janvier 2010 Emballage d'origine conservé : Non Documentations conservées : Oui( doc, télécommande, micro calibration) Description générale : En anglais Photo: si vous avez des questions n'hésitez pas Feedback: Ebay HFR

Hello, Juste pour savoir comment remettre la fonction qui permet aux programmes récemment utilisé de s'afficher dans le menu demarrer(au dessus de tout les programmes)? J'ai modifier le registre pour accelerer windows il y a quelques jours et depuis les derniers prog que j'utilise ne se mettent plus dans le menu demarrer Je sais pas où se trouve la clé à modifier dans le registre Merci d'avance

je vends mon processeur C2D T7300 cadencé à 2 Ghz, FSB 800 Mhz, 4 Mo de cache L2 fourni avec la boiboite+sticker intel, notice et la facture = garantie encore 2 ans. prix= 110 FDPIN (en vente sur d'autres forums) si vous avez des questions n'hésitez pas

ok vais tester ça

je veux bien mais je veut pas que ça soit une galère à configurer et que il n'y a pas de conflit avec ma neuf box V4

ok vais le désinstaller de toute façon il marchait pas ce programme sinon tout à l'air clean merci de ta part et du temps que tu m'as accordé

re, je post les 2 rapports que tu as demandé : info.txt logfile of random's system information tool 2008-09-10 11:50:01 Uninstall list -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf AbiWord 2.6.2-->C:\Program Files\AbiSuite2\UninstallAbiWord2.exe Acronis True Image Home-->MsiExec.exe /X{E5343B27-55DF-40BD-9FCF-A643C1331E8A} Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7} Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003} Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log Alone In The Dark-->"d:\Program Files\Atari\AITD\Uninstall\unins000.exe" Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe AusLogics Disk Defrag-->"C:\Program Files\Auslogics\AusLogics Disk Defrag\unins000.exe" Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE Canon PIXMA iP3000-->C:\WINDOWS\system32\CNMCP61.exe "-PRINTERNAMECanon PIXMA iP3000" "-HELPERDLLC:\BJPrinter\CNMWINDOWS\Canon PIXMA iP3000 Installer\Inst2\cnmis.dll" "-RCDLLC:\BJPrinter\CNMWINDOWS\Canon PIXMA iP3000 Installer\Inst2\cnmi040c.dll" CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe" ClearType Tuning Control Panel Applet-->MsiExec.exe /I{C9E4932C-8417-4E4C-A0E3-EE534810AB4D} Combined Community Codec Pack 2008-01-24-->"C:\Program Files\Combined Community Codec Pack\unins000.exe" Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe" Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe" Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Desk Drive-->MsiExec.exe /I{34A5E449-BE8B-4C1C-97CD-A234EEFA33A9} DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe" Easy Button-->C:\WINDOWS\UnInst32.exe CplBCL50.UNI e-Carte Bleue Banque Populaire-->"C:\Program Files\InstallShield Installation Information\{B0900CB5-8EC0-43B4-9DAC-A32FE52DC864}\setup.exe" -runfromtemp -l0x040c -removeonly FLV Player 1.3.3-->"C:\Program Files\FLVPlayer\uninstall.exe" foobar2000 v0.9.5.3-->"C:\Program Files\foobar2000\uninstall.exe" Fraps-->"C:\Program Files\Fraps\uninstall.exe" Gadwin PrintScreen-->C:\Program Files\Gadwin Systems\PrintScreen\Uninstall.exe Galerie de photos Windows Live-->MsiExec.exe /X{A70FA218-6598-4AC9-813D-63597C5DD068} High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe" HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" IsoBuster 2.2-->"C:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe" Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070} KTP Ware PS/2-x86 5.0.3.13-->rundll32.exe "C:\Program Files\Elantech\KTUninst.dll",KTech_Uninstall 0 Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall Logiciel Intel® PROSet/Wireless-->C:\WINDOWS\Installer\iProInst.exe Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Mass Effect-->C:\Program Files\Fichiers communs\BioWare\Uninstall Mass Effect.exe Maxtor Manager-->"C:\Program Files\InstallShield Installation Information\{4D36E953-4456-4F8F-BC44-90BC4AA59889}\setup.exe" -runfromtemp -l0x040c -removeonly Maxtor Manager-->MsiExec.exe /I{4D36E953-4456-4F8F-BC44-90BC4AA59889} mCore-->MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779} mDriver-->MsiExec.exe /I{A0F925BF-5C55-44C2-A4E7-5A4C59791C29} mDrWiFi-->MsiExec.exe /I{F6090A17-0967-4A8A-B3C3-422A1B514D49} mHelp-->MsiExec.exe /I{8C6BB412-D3A8-4AAE-A01B-35B681789D68} MicroBest Cracklock 3.8.4-->"C:\Program Files\Cracklock\unins000.exe" Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700} Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe" Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE} Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" mIWA-->MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F} mkv2vob-->MsiExec.exe /X{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D} mLogView-->MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7} mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5} Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe Mozilla Firefox (3.0.1)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5} mPfWiz-->MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9} mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83} mSCfg-->MsiExec.exe /I{829CD169-E692-48E8-9BDE-A3E8D8B65538} MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 6.0 Parser-->MsiExec.exe /I{AEB9948B-4FF2-47C9-990E-47014492A0FE} mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4} mZConfig-->MsiExec.exe /I{94658027-9F16-4509-BBD7-A59FE57C3023} Nero OEM-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL Notebook Hardware Control 2.0 Pre-Release-06-->C:\Program Files\Notebook Hardware Control\uninst.exe NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI Pack Vista Inspirat 2 1.0-->C:\WINDOWS\BricoPacks\Vista Inspirat 2\Remove.exe PowerDVD Ultra-->"C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -l0x00040c /z-uninstall QuickTime Alternative 2.6.0-->"C:\Program Files\QuickTime Alternative\unins000.exe" Real Alternative 1.7.5-->"C:\Program Files\Real Alternative\unins000.exe" Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{59F6A514-9813-47A3-948C-8A155460CC2A}\setup.exe" -l0x40c anything Security Update pour Microsoft .NET Framework 2.0 (KB928365)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {8056AC9E-49C5-4375-9ADE-B2F862C9DF51} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} Sleepy-->"C:\Program Files\Sleepy\uninstall.exe" Spelling Dictionaries Support For Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003} SPORE™-->"C:\Program Files\InstallShield Installation Information\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}\SPORESetup.exe" -runfromtemp -l0x040c -removeonly Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" Torrent Harvester-->C:\Program Files\Torrent Harvester\uninstall.exe TuneUp Utilities 2008-->MsiExec.exe /I{5888428E-699C-4E71-BF71-94EE06B497DA} TwonkyMedia-->C:\Program Files\TwonkyMedia\UninstallTwonkyMedia.exe USB Video Device-->C:\Program Files\InstallShield Installation Information\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}\setup.exe -runfromtemp -l0x0009 -removeonly VC_MergeModuleToMSI-->MsiExec.exe /I{900A92BA-19EF-4A34-86CF-7B6C85BDD971} VideoLAN VLC media player 0.8.6i-->C:\Program Files\VideoLAN\VLC\uninstall.exe WIDCOMM Bluetooth Software-->MsiExec.exe /X{84814E6B-2581-46EC-926A-823BD1C670F6} Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe" Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390} Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65} Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" Wireless Select Switch-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{065A7AFE-195D-4DFB-A4B2-A83842C0F79F} Wow Video&Audio utility-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{F408DA6B-DA75-4D95-B87D-49AFF0B4EBB0} XnView 1.91.5-->"C:\Program Files\XnView\unins000.exe" Zeb-Utility 1.2-->C:\Program Files\Zeb-Utility\Uninstal.exe Hosts File 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com Security center information AV: Avira AntiVir PersonalEdition Environment variables "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 10, GenuineIntel "PROCESSOR_REVISION"=0f0a "NUMBER_OF_PROCESSORS"=2 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP -----------------EOF----------------- ------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Logfile of random's system information tool (written by random/random) Run by HELLO at 2008-09-10 11:49:52 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 21 GB (46%) free of 45 GB Total RAM: 2046 MB (72% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:49:59, on 10/09/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Maxtor\Sync\SyncServices.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Compal\Wow Video&Audio\WVAMain.exe C:\Program Files\Elantech\ktp.exe C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\Program Files\Compal\Wireless Select Switch\WLSS.exe C:\Program Files\EzButton\CplBCL50.EXE C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Blue Onion Software\Desk Drive\DeskDrive.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\HELLO\Bureau\RSIT.exe C:\Program Files\Trend Micro\HijackThis\HELLO.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O4 - HKLM\..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start O4 - HKLM\..\Run: [Wow Video&Audio] C:\Program Files\Compal\Wow Video&Audio\WVAMain.exe O4 - HKLM\..\Run: [KTPWare] C:\Program Files\Elantech\ktp.exe O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [WLSS] C:\Program Files\Compal\Wireless Select Switch\WLSS.exe O4 - HKLM\..\Run: [CplBCL50] C:\Program Files\EzButton\CplBCL50.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [DeskDriveStartup] C:\Program Files\Blue Onion Software\Desk Drive\DeskDrive.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BTTray.lnk = ? O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O20 - AppInit_DLLs: CLKERN.DLL O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Program Files\Maxtor\Sync\SyncServices.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe -- End of file - 6899 bytes Registry dump [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-07-07 1562448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NVHotkey"=C:\WINDOWS\system32\nvHotkey.dll [2008-02-22 86016] "Wow Video&Audio"=C:\Program Files\Compal\Wow Video&Audio\WVAMain.exe [2007-05-03 951856] "KTPWare"=C:\Program Files\Elantech\ktp.exe [2007-02-14 647168] "IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2007-02-21 819200] "IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2007-02-21 970752] "WLSS"=C:\Program Files\Compal\Wireless Select Switch\WLSS.exe [2007-04-23 190000] "CplBCL50"=C:\Program Files\EzButton\CplBCL50.EXE [2004-06-15 401408] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-08-19 13537280] "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360] "DeskDriveStartup"=C:\Program Files\Blue Onion Software\Desk Drive\DeskDrive.exe [2008-09-04 62464] "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="CLKERN.DLL" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "authentication packages"=msv1_0 relog_ap [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Disabled:Firefox" "D:\Program Files\Mass Effect\MassEffectLauncher.exe"="D:\Program Files\Mass Effect\MassEffectLauncher.exe:*:Enabled:Mass Effect Launcher" "D:\Program Files\Mass Effect\Binaries\MassEffect.exe"="D:\Program Files\Mass Effect\Binaries\MassEffect.exe:*:Enabled:Mass Effect Game" "C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent" "C:\Program Files\TwonkyMedia\twonkymedia.exe"="C:\Program Files\TwonkyMedia\twonkymedia.exe:*:Enabled:TwonkyMedia" "C:\Program Files\TwonkyMedia\twonkymediaserver.exe"="C:\Program Files\TwonkyMedia\twonkymediaserver.exe:*:Enabled:TwonkyMediaServer" "C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe"="C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe:*:Enabled:Assistance à distance - Windows Messenger et voix" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cb31e6c0-144f-11dd-b117-0013e82da303}] shell\AutoRun\command - F:\InstallTomTomHOME.exe List of files/folders created in the last three months 2008-09-10 11:49:52 ----D---- C:\rsit 2008-09-10 11:31:24 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$ 2008-09-10 11:31:12 ----A---- C:\WINDOWS\imsins.BAK 2008-09-10 11:31:07 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$ 2008-09-09 17:59:17 ----D---- C:\Program Files\Trend Micro 2008-09-08 22:09:08 ----D---- C:\VundoFix Backups 2008-09-08 20:56:02 ----D---- C:\Documents and Settings\HELLO\Application Data\Malwarebytes 2008-09-08 20:55:58 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2008-09-08 20:55:58 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-09-08 17:09:59 ----A---- C:\WINDOWS\system32\XAudio2_1.dll 2008-09-08 17:09:59 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll 2008-09-08 17:09:59 ----A---- C:\WINDOWS\system32\xactengine3_1.dll 2008-09-08 17:09:56 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll 2008-09-08 17:09:55 ----A---- C:\WINDOWS\system32\D3DX9_38.dll 2008-09-08 17:09:55 ----A---- C:\WINDOWS\system32\d3dx10_38.dll 2008-09-08 17:09:55 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll 2008-09-08 17:08:43 ----D---- C:\WINDOWS\Logs 2008-09-08 10:19:26 ----A---- C:\WINDOWS\system32\tmp.txt 2008-09-08 10:07:32 ----D---- C:\Program Files\Blue Onion Software 2008-09-07 21:04:11 ----D---- C:\Documents and Settings\HELLO\Application Data\SPORE 2008-09-07 20:55:25 ----D---- C:\ProgramData 2008-09-07 13:10:23 ----A---- C:\WINDOWS\system32\javaws.exe 2008-09-07 13:10:23 ----A---- C:\WINDOWS\system32\javaw.exe 2008-09-07 13:10:23 ----A---- C:\WINDOWS\system32\java.exe 2008-09-07 13:09:44 ----D---- C:\Program Files\Java 2008-09-07 13:09:12 ----D---- C:\Program Files\Fichiers communs\Java 2008-09-07 10:44:59 ----D---- C:\Program Files\MSXML 4.0 2008-09-06 14:09:47 ----D---- C:\Program Files\Maxtor 2008-09-06 13:57:05 ----D---- C:\Documents and Settings\All Users\Application Data\Maxtor 2008-09-06 13:55:31 ----SHD---- C:\WINDOWS\ftpcache 2008-09-06 13:33:47 ----D---- C:\Program Files\Microsoft Office 2008-09-06 13:33:34 ----D---- C:\Program Files\MSECache 2008-09-05 18:26:22 ----D---- C:\Program Files\Avira 2008-09-05 18:26:22 ----D---- C:\Documents and Settings\All Users\Application Data\Avira 2008-08-31 22:35:39 ----A---- C:\WINDOWS\system32\nvwrszht.dll 2008-08-31 22:35:39 ----A---- C:\WINDOWS\system32\nvwrszhc.dll 2008-08-31 22:35:39 ----A---- C:\WINDOWS\system32\nvrszht.dll 2008-08-31 22:35:39 ----A---- C:\WINDOWS\system32\nvrszhc.dll 2008-08-31 22:35:38 ----A---- C:\WINDOWS\system32\nvwrstr.dll 2008-08-31 22:35:38 ----A---- C:\WINDOWS\system32\nvwrsth.dll 2008-08-31 22:35:38 ----A---- C:\WINDOWS\system32\nvwrssv.dll 2008-08-31 22:35:38 ----A---- C:\WINDOWS\system32\nvwrssl.dll 2008-08-31 22:35:38 ----A---- C:\WINDOWS\system32\nvrstr.dll 2008-08-31 22:35:38 ----A---- C:\WINDOWS\system32\nvrsth.dll 2008-08-31 22:35:38 ----A---- C:\WINDOWS\system32\nvrssv.dll 2008-08-31 22:35:38 ----A---- C:\WINDOWS\system32\nvrssl.dll 2008-08-31 22:35:37 ----A---- C:\WINDOWS\system32\nvwrssk.dll 2008-08-31 22:35:37 ----A---- C:\WINDOWS\system32\nvwrsru.dll 2008-08-31 22:35:37 ----A---- C:\WINDOWS\system32\nvwrsptb.dll 2008-08-31 22:35:37 ----A---- C:\WINDOWS\system32\nvwrspt.dll 2008-08-31 22:35:37 ----A---- C:\WINDOWS\system32\nvrssk.dll 2008-08-31 22:35:37 ----A---- C:\WINDOWS\system32\nvrsru.dll 2008-08-31 22:35:37 ----A---- C:\WINDOWS\system32\nvrsptb.dll 2008-08-31 22:35:37 ----A---- C:\WINDOWS\system32\nvrspt.dll 2008-08-31 22:35:36 ----A---- C:\WINDOWS\system32\nvwrspl.dll 2008-08-31 22:35:36 ----A---- C:\WINDOWS\system32\nvwrsno.dll 2008-08-31 22:35:36 ----A---- C:\WINDOWS\system32\nvwrsnl.dll 2008-08-31 22:35:36 ----A---- C:\WINDOWS\system32\nvrspl.dll 2008-08-31 22:35:36 ----A---- C:\WINDOWS\system32\nvrsno.dll 2008-08-31 22:35:36 ----A---- C:\WINDOWS\system32\nvrsnl.dll 2008-08-31 22:35:35 ----A---- C:\WINDOWS\system32\nvwrsko.dll 2008-08-31 22:35:35 ----A---- C:\WINDOWS\system32\nvwrsja.dll 2008-08-31 22:35:35 ----A---- C:\WINDOWS\system32\nvrsko.dll 2008-08-31 22:35:35 ----A---- C:\WINDOWS\system32\nvrsja.dll 2008-08-31 22:35:34 ----A---- C:\WINDOWS\system32\nvwrsit.dll 2008-08-31 22:35:34 ----A---- C:\WINDOWS\system32\nvwrshu.dll 2008-08-31 22:35:34 ----A---- C:\WINDOWS\system32\nvwrshe.dll 2008-08-31 22:35:34 ----A---- C:\WINDOWS\system32\nvwrsfr.dll 2008-08-31 22:35:34 ----A---- C:\WINDOWS\system32\nvrsit.dll 2008-08-31 22:35:34 ----A---- C:\WINDOWS\system32\nvrshu.dll 2008-08-31 22:35:34 ----A---- C:\WINDOWS\system32\nvrshe.dll 2008-08-31 22:35:34 ----A---- C:\WINDOWS\system32\nvrsfr.dll 2008-08-31 22:35:33 ----A---- C:\WINDOWS\system32\nvwrsfi.dll 2008-08-31 22:35:33 ----A---- C:\WINDOWS\system32\nvwrsesm.dll 2008-08-31 22:35:33 ----A---- C:\WINDOWS\system32\nvwrses.dll 2008-08-31 22:35:33 ----A---- C:\WINDOWS\system32\nvwrseng.dll 2008-08-31 22:35:33 ----A---- C:\WINDOWS\system32\nvrsfi.dll 2008-08-31 22:35:33 ----A---- C:\WINDOWS\system32\nvrsesm.dll 2008-08-31 22:35:33 ----A---- C:\WINDOWS\system32\nvrses.dll 2008-08-31 22:35:33 ----A---- C:\WINDOWS\system32\nvrseng.dll 2008-08-31 22:35:32 ----A---- C:\WINDOWS\system32\nvwrsel.dll 2008-08-31 22:35:32 ----A---- C:\WINDOWS\system32\nvwrsde.dll 2008-08-31 22:35:32 ----A---- C:\WINDOWS\system32\nvrsel.dll 2008-08-31 22:35:32 ----A---- C:\WINDOWS\system32\nvrsde.dll 2008-08-31 22:35:31 ----A---- C:\WINDOWS\system32\nvwrsda.dll 2008-08-31 22:35:31 ----A---- C:\WINDOWS\system32\nvwrscs.dll 2008-08-31 22:35:31 ----A---- C:\WINDOWS\system32\nvwrsar.dll 2008-08-31 22:35:31 ----A---- C:\WINDOWS\system32\nvrsda.dll 2008-08-31 22:35:31 ----A---- C:\WINDOWS\system32\nvrscs.dll 2008-08-31 22:35:31 ----A---- C:\WINDOWS\system32\nvrsar.dll 2008-08-31 22:35:30 ----D---- C:\WINDOWS\nview 2008-08-31 22:35:30 ----A---- C:\WINDOWS\system32\nwiz.exe 2008-08-31 22:35:30 ----A---- C:\WINDOWS\system32\nvwimg.dll 2008-08-31 22:35:30 ----A---- C:\WINDOWS\system32\nvwdmcpl.dll 2008-08-31 22:35:30 ----A---- C:\WINDOWS\system32\nvudisp.exe 2008-08-31 22:35:30 ----A---- C:\WINDOWS\system32\nvsysrot.dll 2008-08-31 22:35:30 ----A---- C:\WINDOWS\system32\nvshell.dll 2008-08-31 22:35:30 ----A---- C:\WINDOWS\system32\nvmccsrs.dll 2008-08-31 22:35:30 ----A---- C:\WINDOWS\system32\nview.dll 2008-08-31 22:35:30 ----A---- C:\WINDOWS\system32\nvgfx.dll 2008-08-31 22:35:30 ----A---- C:\WINDOWS\system32\nvexpbar.dll 2008-08-31 22:35:30 ----A---- C:\WINDOWS\system32\nvdspsch.exe 2008-08-31 22:35:30 ----A---- C:\WINDOWS\system32\nvcpluir.dll 2008-08-31 22:35:30 ----A---- C:\WINDOWS\system32\nvcplui.exe 2008-08-31 22:35:30 ----A---- C:\WINDOWS\system32\nvcolor.exe 2008-08-31 22:35:30 ----A---- C:\WINDOWS\system32\nvappbar.exe 2008-08-31 22:35:30 ----A---- C:\WINDOWS\system32\keystone.exe 2008-08-31 22:35:10 ----A---- C:\WINDOWS\system32\NVUNINST.EXE 2008-08-31 22:34:33 ----A---- C:\WINDOWS\system32\oemdspif.dll 2008-08-31 22:34:33 ----A---- C:\WINDOWS\system32\nvwssr.dll 2008-08-31 22:34:33 ----A---- C:\WINDOWS\system32\nvwss.dll 2008-08-31 22:34:29 ----A---- C:\WINDOWS\system32\nvwddi.dll 2008-08-31 22:34:29 ----A---- C:\WINDOWS\system32\nvvitvsr.dll 2008-08-31 22:34:29 ----A---- C:\WINDOWS\system32\nvvitvs.dll 2008-08-31 22:34:26 ----A---- C:\WINDOWS\system32\nvoglnt.dll 2008-08-31 22:34:26 ----A---- C:\WINDOWS\system32\nvnt4cpl.dll 2008-08-31 22:34:25 ----A---- C:\WINDOWS\system32\nvmoblsr.dll 2008-08-31 22:34:25 ----A---- C:\WINDOWS\system32\nvmobls.dll 2008-08-31 22:34:25 ----A---- C:\WINDOWS\system32\nvmctray.dll 2008-08-31 22:34:25 ----A---- C:\WINDOWS\system32\nvmccssr.dll 2008-08-31 22:34:25 ----A---- C:\WINDOWS\system32\nvmccss.dll 2008-08-31 22:34:24 ----A---- C:\WINDOWS\system32\nvmccs.dll 2008-08-31 22:34:24 ----A---- C:\WINDOWS\system32\nvgamesr.dll 2008-08-31 22:34:23 ----A---- C:\WINDOWS\system32\nvgames.dll 2008-08-31 22:34:23 ----A---- C:\WINDOWS\system32\nvdispsr.dll 2008-08-31 22:34:22 ----A---- C:\WINDOWS\system32\nvdisps.dll 2008-08-31 22:34:22 ----A---- C:\WINDOWS\system32\nvcuda.dll 2008-08-31 22:34:20 ----A---- C:\WINDOWS\system32\nvcpl.dll 2008-08-31 22:34:19 ----A---- C:\WINDOWS\system32\nvcodins.dll 2008-08-31 22:34:19 ----A---- C:\WINDOWS\system32\nvcod.dll 2008-08-31 22:34:19 ----A---- C:\WINDOWS\system32\nvapi.dll 2008-08-31 22:34:18 ----A---- C:\WINDOWS\system32\nvsvc32.exe 2008-08-28 13:02:47 ----D---- C:\Documents and Settings\HELLO\Application Data\gnupg 2008-08-26 19:04:55 ----D---- C:\Documents and Settings\All Users\Application Data\Trymedia 2008-08-26 17:59:14 ----D---- C:\Documents and Settings\HELLO\Application Data\TwonkyMedia 2008-08-26 17:58:31 ----D---- C:\Program Files\TwonkyMedia 2008-08-26 17:42:29 ----D---- C:\Program Files\CCleaner 2008-08-26 17:40:18 ----D---- C:\Program Files\mkv2vob 2008-08-23 12:20:09 ----A---- C:\WINDOWS\wininit.ini 2008-08-23 12:15:53 ----D---- C:\Program Files\uTorrent 2008-08-20 12:32:30 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition 2008-08-20 11:51:34 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$ 2008-08-13 21:06:19 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$ 2008-08-13 21:06:15 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$ 2008-08-13 21:06:10 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$ 2008-08-13 21:06:05 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$ 2008-08-13 21:05:02 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$ 2008-08-13 21:04:57 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$ 2008-08-13 21:04:53 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$ 2008-08-13 21:04:15 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$ 2008-08-13 21:04:02 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$ 2008-08-11 18:19:58 ----D---- C:\Program Files\Combined Community Codec Pack 2008-08-07 00:37:13 ----D---- C:\Program Files\Cracklock 2008-08-06 14:47:01 ----D---- C:\Documents and Settings\HELLO\Application Data\vlc 2008-07-28 11:40:12 ----A---- C:\WINDOWS\BricoPackFoldersDelete.cmd 2008-07-12 15:03:55 ----AC---- C:\WINDOWS\system32\rmoc3260.dll 2008-07-12 15:03:55 ----AC---- C:\WINDOWS\system32\pndx5032.dll 2008-07-12 15:03:55 ----AC---- C:\WINDOWS\system32\pndx5016.dll 2008-07-12 15:03:55 ----AC---- C:\WINDOWS\system32\pncrt.dll 2008-07-12 15:03:54 ----D---- C:\Program Files\Real Alternative 2008-07-12 15:03:54 ----D---- C:\Documents and Settings\HELLO\Application Data\Real 2008-07-12 15:03:54 ----D---- C:\Documents and Settings\All Users\Application Data\Real 2008-07-09 07:54:42 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$ 2008-07-09 07:53:39 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$ 2008-07-01 15:47:37 ----D---- C:\Documents and Settings\All Users\Application Data\TheaterTek 2008-06-22 19:28:41 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$ 2008-06-22 19:24:17 ----AC---- C:\WINDOWS\system32\cmdrvrmu.exe 2008-06-22 19:24:17 ----AC---- C:\WINDOWS\system32\cmdrvrmu.dll 2008-06-22 19:24:17 ----AC---- C:\WINDOWS\Cmudau.ini 2008-06-22 19:24:17 ----AC---- C:\WINDOWS\CmiUSB2Uninstall.exe 2008-06-22 19:24:17 ----A---- C:\WINDOWS\system32\a3d.dll 2008-06-16 21:40:18 ----D---- C:\Program Files\Microsoft Silverlight 2008-06-13 16:38:49 ----D---- C:\Documents and Settings\HELLO\Application Data\MSNInstaller 2008-06-12 19:37:27 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer 2008-06-12 19:37:21 ----D---- C:\Program Files\QuickTime Alternative 2008-06-12 18:58:29 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$ 2008-06-12 18:58:24 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$ 2008-06-12 18:58:20 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$ 2008-06-12 18:58:14 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$ List of drivers R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-06-27 75072] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 40576] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352] R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832] R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B};{95808DC4-FA4A-4C74-92FE-5B863F82066B}; \??\C:\Program Files\CyberLink\PowerDVD\000.fcl [] R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.6.0.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-04-26 21425] R2 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936] R2 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496] R2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2007-02-21 12416] R2 tifsfilter;Acronis True Image FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2008-04-26 44384] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [] R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2007-11-29 163328] R3 btaudio;Périphérique audio Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2006-10-15 329901] R3 BTKRNL;Enumérateur de bus Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2006-11-28 863402] R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952] R3 DKbFltr;Dritek HotKey Keyboard Filter Driver; C:\WINDOWS\System32\Drivers\DKbFltr.sys [2004-06-15 16512] R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-06-22 4432384] R3 Ktp;Elantech Touchpad; C:\WINDOWS\system32\DRIVERS\Ktp.sys [2006-11-18 27776] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288] R3 NETw4x32;Pilote de carte Intel® Wireless WiFi Link pour Windows XP 32 bits; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2007-02-25 2203520] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-08-19 6596192] R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984] R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000] S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720] S3 a5lzzjpw;a5lzzjpw; C:\WINDOWS\system32\drivers\a5lzzjpw.sys [] S3 BTDriver;Pilote de communications virtuelles Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys [2006-10-09 30459] S3 BTWDNDIS;Serveur d'accès au réseau local Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2006-10-15 149123] S3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2006-11-28 47907] S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-10-15 67672] S3 catchme;catchme; \??\C:\ComboFix\catchme.sys [] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 cmudau;C-Media USB Sound Interface; C:\WINDOWS\system32\drivers\cmudau.sys [] S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1; C:\WINDOWS\system32\drivers\libusb0.sys [2005-03-09 33792] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 MXOPSWD;Maxtor OneTouch Security Driver; C:\WINDOWS\system32\DRIVERS\mxopswd.sys [2007-05-03 22152] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 nhcDriverDevice;Notebook Hardware Control Driver; \??\C:\WINDOWS\system32\drivers\nhcDriver.sys [] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] List of services R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-06-12 68865] R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-08-07 149761] R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2006-12-11 266295] R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2007-02-21 643072] R2 Maxtor Sync Service;Maxtor Service; C:\Program Files\Maxtor\Sync\SyncServices.exe [2008-07-21 193888] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-08-19 159813] R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2007-02-21 327680] R2 S24EventMonitor;Intel® PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2007-02-21 983040] R2 UxTuneUp;TuneUp Extension de thème; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336] S3 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe [2007-10-07 427288] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-04-13 33632] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-04-13 68952] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 TryAndDecideService;Acronis Try And Decide Service; C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe [2007-10-08 493200] S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2008-06-27 355584] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-24 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336] S4 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] -----------------EOF----------------- merci d'avance

hello, hier j'ai utilisé l'application VundoFix.exe je pense que ça fait référence à ce que tu appel "outils spéciaux considérés riskwares" enfin je pense sinon merci de t'être penché sur mon rapport

hello je pense avoir attrapé un virus pour ma rentrée hier j'ai installé Malwarebytes' Anti-Malware et il a trouvé 2infections = Vundo et il les a normalement désinstallé je me suis dit que par précaution je vais suivre la procédure de près-nettoyage, donc (il faut savoir que mon anti virus de tout les jours c'est antivir) j'ai lancé l'analyse de l'anti virus qui a trouvé 7 infections, voir post: Avira AntiVir Personal Report file date: mardi 9 septembre 2008 12:25 Scanning for 1605041 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 3) [5.1.2600] Boot mode: Save mode Username: HELLO Computer name: GREG Version information: BUILD.DAT : 8.1.0.331 16934 Bytes 12/08/2008 11:46:00 AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 08:57:53 AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40 LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19 LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34 ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 13:54:15 ANTIVIR2.VDF : 7.0.6.94 2998784 Bytes 31/08/2008 07:47:24 ANTIVIR3.VDF : 7.0.6.132 270336 Bytes 09/09/2008 10:11:03 Engineversion : 8.1.1.28 AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21 AESCRIPT.DLL : 8.1.0.70 319866 Bytes 06/09/2008 07:47:29 AESCN.DLL : 8.1.0.23 119156 Bytes 10/07/2008 12:44:49 AERDL.DLL : 8.1.1.1 397683 Bytes 06/09/2008 07:47:29 AEPACK.DLL : 8.1.2.1 364917 Bytes 15/07/2008 12:58:35 AEOFFICE.DLL : 8.1.0.23 196987 Bytes 06/09/2008 07:47:28 AEHEUR.DLL : 8.1.0.51 1397111 Bytes 06/09/2008 07:47:28 AEHELP.DLL : 8.1.0.15 115063 Bytes 10/07/2008 12:44:48 AEGEN.DLL : 8.1.0.36 315764 Bytes 06/09/2008 07:47:26 AEEMU.DLL : 8.1.0.7 430452 Bytes 31/07/2008 08:33:21 AECORE.DLL : 8.1.1.11 172406 Bytes 06/09/2008 07:47:26 AEBB.DLL : 8.1.0.1 53617 Bytes 10/07/2008 12:44:48 AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:05 AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01 AVREP.DLL : 8.0.0.2 98344 Bytes 06/09/2008 07:47:25 AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:40 AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23 AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49 SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02 SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40 NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10 RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07 RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37 Configuration settings for the scan: Jobname..........................: Complete system scan Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp Logging..........................: low Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: on Scan boot sector.................: on Boot sectors.....................: C:, D:, Process scan.....................: on Scan registry....................: on Search for rootkits..............: on Scan all files...................: All files Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox, Macro heuristic..................: on File heuristic...................: medium Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR, Start of the scan: mardi 9 septembre 2008 12:25 Starting search for hidden objects. The driver could not be initialized. The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 13 processes with 13 modules were scanned Starting master boot sector scan: Master boot sector HD0 [iNFO] No virus was found! Start scanning boot sectors: Boot sector 'C:\' [iNFO] No virus was found! Boot sector 'D:\' [iNFO] No virus was found! Starting to scan the registry. The registry was scanned ( '56' files ). Starting the file scan: Begin scan in 'C:\' C:\pagefile.sys [WARNING] The file could not be opened! C:\WINDOWS\system32\drivers\sptd.sys [WARNING] The file could not be opened! Begin scan in 'D:\' <Documents> D:\System Volume Information\_restore{58B5F28E-DC21-4CD0-A819-54E6CBE4A983}\RP67\A0008926.exe [DETECTION] Contains recognition pattern of the SPR/Tool.Reboot.F program [NOTE] The file was deleted! D:\System Volume Information\_restore{58B5F28E-DC21-4CD0-A819-54E6CBE4A983}\RP67\A0008927.exe [DETECTION] Contains recognition pattern of the SPR/Tool.Hardoff.A program [NOTE] The file was deleted! D:\System Volume Information\_restore{58B5F28E-DC21-4CD0-A819-54E6CBE4A983}\RP67\A0008929.exe [DETECTION] Contains recognition pattern of the DR/Tool.Reboot.F.142 dropper D:\System Volume Information\_restore{58B5F28E-DC21-4CD0-A819-54E6CBE4A983}\RP67\A0008929.exe [0] Archive type: RAR SFX (self extracting) --> SmitfraudFix\Reboot.exe [DETECTION] Contains recognition pattern of the SPR/Tool.Reboot.F program --> SmitfraudFix\restart.exe [DETECTION] Contains recognition pattern of the SPR/Tool.Hardoff.A program [NOTE] The file was deleted! D:\System Volume Information\_restore{58B5F28E-DC21-4CD0-A819-54E6CBE4A983}\RP67\A0008952.exe [DETECTION] Contains recognition pattern of the SPR/Tool.Reboot.F program [NOTE] The file was deleted! D:\System Volume Information\_restore{58B5F28E-DC21-4CD0-A819-54E6CBE4A983}\RP67\A0008953.exe [DETECTION] Contains recognition pattern of the SPR/Tool.Hardoff.A program [NOTE] The file was deleted! End of the scan: mardi 9 septembre 2008 17:25 Used time: 4:59:13 Hour(s) The scan has been done completely. 4229 Scanning directories 145111 Files were scanned 7 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 5 files were deleted 0 files were repaired 0 files were moved to quarantine 0 files were renamed 2 Files cannot be scanned 145102 Files not concerned 987 Archives were scanned 2 Warnings 5 Notes et maintenant le rapport de hijackthis (comme je l'ai dit plus haut vu que j'utilise antivir tout les jours je l'ai pas désinstallé avant le scan de hijackthis): Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:59:45, on 09/09/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Maxtor\Sync\SyncServices.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Compal\Wow Video&Audio\WVAMain.exe C:\Program Files\Elantech\ktp.exe C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Blue Onion Software\Desk Drive\DeskDrive.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O4 - HKLM\..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start O4 - HKLM\..\Run: [Wow Video&Audio] C:\Program Files\Compal\Wow Video&Audio\WVAMain.exe O4 - HKLM\..\Run: [KTPWare] C:\Program Files\Elantech\ktp.exe O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [WLSS] C:\Program Files\Compal\Wireless Select Switch\WLSS.exe O4 - HKLM\..\Run: [CplBCL50] C:\Program Files\EzButton\CplBCL50.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [DeskDriveStartup] C:\Program Files\Blue Onion Software\Desk Drive\DeskDrive.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BTTray.lnk = ? O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O20 - AppInit_DLLs: CLKERN.DLL O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Program Files\Maxtor\Sync\SyncServices.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe -- End of file - 6720 bytes j'attend vos réponses avec joie comme d'habitude

mise en vente du GPS sur la bay ici: gps cm

up

hello, Je vends une carte mère Gigabyte P35-DS3P Rev 1.1 à 60 euros FDPin ou à 55 euros FDPout MP sur mont de marsan et alentour. en trés bonne état avec boite d'origine + notice + cd drivers + bundle complet + facture de Grosbill daté du 26/06/2007 donc encore sous garantie. et je vds également un GPS TomTom ONE V3 EUROPE 140 euros FDPin ou 130 MP sur mont de marsan et alentour état comme neuf avec boite d'origine + notice + cd drivers + cables + facture de Conforama du 11/04/2008 donc encore sous garantie. Petites précisions: -le gps a était échangé le 19/04 par conforama car il ne fonctionnait plus mais sur la facture ils ont juste marqué "échangé le 19/04/08" au stylo donc je sais pas trop si la date limite de garantie est le 11/04 ou le 19/04 2009. -d'autre part, l'écran tactile du gps est comme neuf car dès son achat j'ai mis un écran de protection dessus. photos sur demande, en vente également sur d'autres forums. si vous avez des questions n'hésitez pas

combien le lot cm + la ram en fdpin ? bundle complet des 2 articles ? facture? etc..

hi, j'espère d'ici là que j'aurais trouvé mon bonheur sinon je prend note de ta proposition

hello, bon je vais regarder overclocking-pc sinon j'ai mis des posts un peu partout j'attends d'avoir des propositions...

saluts les gens! je souhaite me monter une nouvelle tour et je cherche des pieces d'occaz en bon état avec facture si possible. j'habite à Mont de marsan et je peux également faire quelques kilomètres pour récupérer des pièces. j'accepte également les envoies alors je cherche: * une alimentation comme par exemple: * Antec Earthwatts 500 watts, * Antec Neo HE 430 watts, * Be Quiet Straight Power 400 watts, * Fortron Green 400 watts, * 2*1go en ddr2 800 ou plus pas très cher marque: gskill,Transcend aXeRAM, corsair, Crucial Ballistix Tracer etc... * une carte mere chipset p35 pas très cher également! * un core 2 duo Penryn ou alors un C2D pas trés vieux merci d'avance

muchas gracias amigo je pense que je vais avoir une petite explication avec mon pote bonne journée:-)

bah en fait j'ai deja effectué cette manipulation auparavant; malheureusement..... voila les 2 rapports: Logfile of HijackThis v1.99.1 Scan saved at 21:37:56, on 10/06/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Compal\Wow Video&Audio\WVAMain.exe C:\Program Files\Elantech\ktp.exe C:\Program Files\EzButton\CplBCL50.EXE C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe C:\WINDOWS\explorer.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O4 - HKLM\..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start O4 - HKLM\..\Run: [Wow Video&Audio] C:\Program Files\Compal\Wow Video&Audio\WVAMain.exe O4 - HKLM\..\Run: [KTPWare] C:\Program Files\Elantech\ktp.exe O4 - HKLM\..\Run: [CplBCL50] C:\Program Files\EzButton\CplBCL50.EXE O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl.sun.com/webapps/download/AutoDL?BundleId=19588 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing) O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - http://libusb-win32.sourceforge.net - C:\WINDOWS\system32\libusbd-nt.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe ET Avira AntiVir Personal Report file date: mardi 10 juin 2008 21:03 Scanning for 1321794 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 3) [5.1.2600] Boot mode: Normally booted Username: HELLO Computer name: GREG Version information: BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00 AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:56 AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:37 LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:23 LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:40 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34 ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 13:08:58 ANTIVIR2.VDF : 7.0.4.120 2206720 Bytes 01/06/2008 18:46:30 ANTIVIR3.VDF : 7.0.4.172 260096 Bytes 10/06/2008 18:46:31 Engineversion : 8.1.0.55 AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21 AESCRIPT.DLL : 8.1.0.40 266618 Bytes 10/06/2008 18:46:39 AESCN.DLL : 8.1.0.21 119156 Bytes 10/06/2008 18:46:39 AERDL.DLL : 8.1.0.20 418165 Bytes 10/06/2008 18:46:38 AEPACK.DLL : 8.1.1.5 364918 Bytes 10/06/2008 18:46:37 AEOFFICE.DLL : 8.1.0.18 192890 Bytes 10/06/2008 18:46:36 AEHEUR.DLL : 8.1.0.30 1253750 Bytes 10/06/2008 18:46:36 AEHELP.DLL : 8.1.0.15 115063 Bytes 10/06/2008 18:46:34 AEGEN.DLL : 8.1.0.28 307572 Bytes 10/06/2008 18:46:34 AEEMU.DLL : 8.1.0.6 430451 Bytes 10/06/2008 18:46:33 AECORE.DLL : 8.1.0.31 168310 Bytes 10/06/2008 18:46:32 AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:53 AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:50 AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:26:47 AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:49 AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23 AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:31 SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02 SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:39 NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10 RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:25 RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:11 Configuration settings for the scan: Jobname..........................: Local Hard Disks Configuration file...............: C:\Program Files\Avira\AntiVir PersonalEdition Classic\alldiscs.avp Logging..........................: low Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: on Scan boot sector.................: on Boot sectors.....................: C:, D:, Scan memory......................: on Process scan.....................: on Scan registry....................: on Search for rootkits..............: on Scan all files...................: All files Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox, Macro heuristic..................: on File heuristic...................: medium Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR, Start of the scan: mardi 10 juin 2008 21:03 Starting search for hidden objects. '34161' objects were checked, '0' hidden objects were found. The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'sched.exe' - '1' Module(s) have been scanned Scan process 'avgnt.exe' - '1' Module(s) have been scanned Scan process 'avguard.exe' - '1' Module(s) have been scanned Scan process 'ctfmon.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'firefox.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'Dot1XCfg.exe' - '1' Module(s) have been scanned Scan process 'iFrmewrk.exe' - '1' Module(s) have been scanned Scan process 'ZCfgSvc.exe' - '1' Module(s) have been scanned Scan process 'CplBCL50.EXE' - '1' Module(s) have been scanned Scan process 'KTP.EXE' - '1' Module(s) have been scanned Scan process 'WVAMain.exe' - '1' Module(s) have been scanned Scan process 'alg.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'RegSrvc.exe' - '1' Module(s) have been scanned Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned Scan process 'EvtEng.exe' - '1' Module(s) have been scanned Scan process 'spoolsv.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'S24EvMon.exe' - '1' Module(s) have been scanned Scan process 'btwdins.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 34 processes with 34 modules were scanned Starting master boot sector scan: Master boot sector HD0 [iNFO] No virus was found! Start scanning boot sectors: Boot sector 'C:\' [iNFO] No virus was found! Boot sector 'D:\' [iNFO] No virus was found! Starting to scan the registry. The registry was scanned ( '28' files ). Starting the file scan: Begin scan in 'C:\' C:\pagefile.sys [WARNING] The file could not be opened! C:\WINDOWS\system32\drivers\sptd.sys [WARNING] The file could not be opened! Begin scan in 'D:\' <Documents> End of the scan: mardi 10 juin 2008 21:16 Used time: 13:30 min The scan has been done completely. 3694 Scanning directories 127890 Files were scanned 0 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 0 files were deleted 0 files were repaired 0 files were moved to quarantine 0 files were renamed 2 Files cannot be scanned 127890 Files not concerned 735 Archives were scanned 2 Warnings 0 Notes 34161 Objects were scanned with rootkit scan 0 Hidden objects were found It is good????

ok je te post un rapport dès qu'il est fini + rapport hitjackthis peux tu me confirmer que je suis "propre"??? en tout cas merci beaucoup

bon voila le nouveau rapport de combofix, apparement tu veux également un post d'un antivirus comme antivir ou avg mais le quel tu me conseils personnellement? en attendant le post de l'antivirus..... ComboFix 08-06-09.7 - HELLO 2008-06-10 20:17:33.2 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.1554 [GMT 2:00] Endroit: C:\Documents and Settings\HELLO\Bureau\ComboFix.exe Command switches used :: C:\Documents and Settings\HELLO\Bureau\CFScript.txt * Création d'un nouveau point de restauration AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! FILE :: C:\WINDOWS\system32\jkkHYpnN.dll C:\WINDOWS\system32\yaywtsTN.dll C:\WINDOWS\wininit.ini . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\evslojrs.dll C:\WINDOWS\system32\klxouagv.dll C:\WINDOWS\system32\NTstwyay.ini C:\WINDOWS\system32\NTstwyay.ini2 C:\WINDOWS\system32\srjolsve.ini C:\WINDOWS\system32\srjolsve.tmp C:\WINDOWS\system32\ugifqlgy.dll C:\WINDOWS\system32\vgauoxlk.ini C:\WINDOWS\system32\yaywtsTN.dll C:\WINDOWS\system32\yglqfigu.ini C:\WINDOWS\wininit.ini . ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-05-10 to 2008-06-10 )))))))))))))))))))))))))))))))))))) . 2008-06-10 19:27 . 2008-06-10 20:06 <REP> d-------- C:\Hijackthis 2008-06-10 17:43 . 2008-06-10 19:25 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira 2008-06-10 15:59 . 2008-06-10 15:59 <REP> dr-h----- C:\Documents and Settings\HELLO\Application Data\SecuROM 2008-06-10 15:59 . 2008-06-10 15:59 107,888 --a------ C:\WINDOWS\system32\CmdLineExt.dll 2008-06-10 13:22 . 2008-06-10 13:22 <REP> d-------- C:\Program Files\Fichiers communs\BioWare 2008-06-06 21:17 . 2008-06-06 21:17 <REP> d-------- C:\Documents and Settings\HELLO\Application Data\vlc 2008-06-06 21:16 . 2008-06-06 21:16 <REP> d-------- C:\Program Files\VideoLAN 2008-05-30 14:09 . 2008-05-30 14:09 <REP> d-------- C:\Program Files\CCleaner 2008-05-28 19:09 . 2008-05-28 19:09 <REP> d-------- C:\Program Files\foobar2000 2008-05-19 18:19 . 2008-05-19 18:19 <REP> d-------- C:\Program Files\Auslogics 2008-05-19 18:19 . 2008-05-19 18:19 <REP> d-------- C:\Documents and Settings\HELLO\Application Data\Auslogics 2008-05-18 16:34 . 2008-05-18 16:34 <REP> d-------- C:\Program Files\Neoact 2008-05-18 16:34 . 2007-02-05 13:11 139,264 --a------ C:\WINDOWS\NeoUninstall.exe 2008-05-18 16:34 . 2008-05-18 16:34 26 --a------ C:\WINDOWS\neosetup.INI 2008-05-18 16:27 . 2008-05-18 16:31 120 --a------ C:\WINDOWS\csmash.ini 2008-05-18 16:01 . 2008-05-18 16:26 <REP> d-------- C:\Documents and Settings\HELLO\.xmoto 2008-05-17 16:15 . 2008-05-17 16:15 <REP> d-------- C:\Documents and Settings\All Users\Application Data\nView_Profiles 2008-05-17 16:14 . 2008-05-17 16:14 <REP> d-------- C:\WINDOWS\nvidia icons 2008-05-17 16:09 . 2008-05-02 12:46 13,529,088 --a------ C:\WINDOWS\system32\nvcpl.dll 2008-05-14 21:12 . 2008-05-14 21:12 <REP> d-------- C:\Program Files\DVD Shrink 2008-05-14 18:33 . 2004-05-14 16:53 462,848 --a------ C:\WINDOWS\system32\ltkrn13n.dll 2008-05-14 18:33 . 2004-05-14 16:53 450,560 --a------ C:\WINDOWS\system32\ltimg13n.dll 2008-05-14 18:33 . 2004-05-14 16:53 401,408 --a------ C:\WINDOWS\system32\lfcmp13n.dll 2008-05-14 18:33 . 2004-05-14 16:53 299,008 --a------ C:\WINDOWS\system32\ltdis13n.dll 2008-05-14 18:33 . 2004-01-12 02:09 206,336 --a------ C:\WINDOWS\system32\ltefx13n.dll 2008-05-14 18:33 . 2004-05-14 16:53 163,840 --a------ C:\WINDOWS\system32\ltfil13n.dll 2008-05-14 18:33 . 2003-11-04 15:10 69,632 --a------ C:\WINDOWS\system32\lfgif13n.dll 2008-05-14 18:33 . 2004-05-14 16:53 57,344 --a------ C:\WINDOWS\system32\lfbmp13n.dll 2008-05-14 16:30 . 2008-05-14 16:30 <REP> d-------- C:\Program Files\TomTom DesktopSuite . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-06-10 13:58 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP 2008-06-10 11:57 --------- d-----w C:\Documents and Settings\HELLO\Application Data\uTorrent 2008-06-05 16:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\Acronis 2008-06-04 20:03 --------- d-----w C:\Documents and Settings\HELLO\Application Data\foobar2000 2008-06-04 16:00 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-05-28 17:09 --------- d-----w C:\Program Files\TuneUp Utilities 2008 2008-05-21 22:23 --------- d-----w C:\Program Files\Intel 2008-05-19 16:19 --------- d-----w C:\Program Files\AusLogics Disk Defrag 2008-05-18 11:23 --------- d-----w C:\Documents and Settings\HELLO\Application Data\dvdcss 2008-05-11 16:40 --------- d-----w C:\Documents and Settings\HELLO\Application Data\XnView 2008-05-11 10:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\DVD Shrink 2008-05-05 18:50 22,528 ----a-w C:\WINDOWS\system32\drivers\nhcDriver.sys 2008-05-02 17:24 --------- d-----w C:\Program Files\Notebook Hardware Control 2008-05-02 10:46 6,554,496 ----a-w C:\WINDOWS\system32\drivers\nv4_mini.sys 2008-04-27 13:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ubisoft 2008-04-27 13:38 22,328 ----a-w C:\Documents and Settings\HELLO\Application Data\PnkBstrK.sys 2008-04-27 12:40 --------- d-----w C:\Documents and Settings\NetworkService\Application Data\Acronis 2008-04-27 12:03 --------- d-----w C:\Documents and Settings\HELLO\Application Data\Media Player Classic 2008-04-27 11:48 --------- d-----w C:\Documents and Settings\All Users\Application Data\TomTom 2008-04-26 16:46 441,760 ----a-w C:\WINDOWS\system32\drivers\timntr.sys 2008-04-26 16:46 44,384 ----a-w C:\WINDOWS\system32\drivers\tifsfilt.sys 2008-04-26 16:46 368,736 ----a-w C:\WINDOWS\system32\drivers\tdrpman.sys 2008-04-26 16:46 129,248 ----a-w C:\WINDOWS\system32\drivers\snapman.sys 2008-04-26 16:46 --------- d-----w C:\Program Files\Fichiers communs\Acronis 2008-04-26 16:46 --------- d-----w C:\Program Files\Acronis 2008-04-26 16:41 65,112 ----a-w C:\WINDOWS\BricoPackUninst.cmd 2008-04-26 16:41 6,114 ----a-w C:\WINDOWS\BricoPackFoldersDelete.cmd 2008-04-26 16:28 --------- d-----w C:\Program Files\Zeb-Utility 2008-04-26 15:07 --------- d-----w C:\Documents and Settings\HELLO\Application Data\TomTom 2008-04-26 15:06 --------- d-----w C:\Documents and Settings\LocalService\Application Data\Acronis 2008-04-26 14:20 --------- d-----w C:\Program Files\LibUSB-Win32-0.1.10.1 2008-04-26 14:01 --------- d-----w C:\Program Files\uTorrent 2008-04-26 13:54 --------- d-----w C:\Program Files\Windows Live 2008-04-26 13:32 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller 2008-04-26 13:24 --------- d-----w C:\Program Files\TomTom HOME 2 2008-04-26 13:23 --------- d-----w C:\Program Files\XnView 2008-04-26 13:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller 2008-04-26 11:20 --------- d-----w C:\Documents and Settings\HELLO\Application Data\TuneUp Software 2008-04-26 11:20 --------- d-----w C:\Documents and Settings\All Users\Application Data\TuneUp Software 2008-04-26 11:19 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard 2008-04-26 11:16 --------- d-----w C:\Program Files\AbiSuite2 2008-04-26 11:15 --------- d-----w C:\Program Files\Torrent Harvester 2008-04-26 11:15 --------- d-----w C:\Program Files\Sleepy 2008-04-26 11:13 --------- d-----w C:\Documents and Settings\HELLO\Application Data\CyberLink 2008-04-26 11:12 --------- d-----w C:\Program Files\Serials 2000 7.1 Plus 2008-04-26 11:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\CyberLink 2008-04-26 11:09 --------- d-----w C:\Program Files\Smart Projects 2008-04-26 11:08 --------- d-----w C:\Program Files\CyberLink 2008-04-26 11:05 --------- d-----w C:\Program Files\Real Alternative 2008-04-26 11:03 --------- d-----w C:\Program Files\QuickTime Alternative 2008-04-26 11:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer 2008-04-26 11:02 --------- d-----w C:\Program Files\FLVPlayer 2008-04-26 10:41 --------- d-----w C:\Program Files\DAEMON Tools Lite 2008-04-26 10:39 717,296 ----a-w C:\WINDOWS\system32\drivers\sptd.sys 2008-04-26 10:39 --------- d-----w C:\Documents and Settings\HELLO\Application Data\DAEMON Tools 2008-04-26 10:37 --------- d-----w C:\Documents and Settings\HELLO\Application Data\Ahead 2008-04-26 10:35 --------- d-----w C:\Program Files\Ahead 2008-04-26 10:32 --------- d-----w C:\Program Files\Fichiers communs\Ahead 2008-04-26 09:57 737,280 ----a-w C:\WINDOWS\iun6002.exe 2008-04-26 09:57 --------- d-----w C:\Program Files\FireTune 2008-04-26 09:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\Downloaded Installations 2008-04-26 07:35 --------- d-----w C:\Program Files\Windows Media Connect 2 2008-04-25 22:58 --------- d-----w C:\Program Files\AGEIA Technologies 2008-04-25 22:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-04-25 22:55 --------- d-----w C:\Program Files\Spybot - Search & Destroy 2008-04-25 22:51 --------- d-----w C:\Program Files\Fraps 2008-04-25 22:45 --------- d-----w C:\Program Files\Java 2008-04-25 22:44 --------- d-----w C:\Program Files\Gadwin Systems 2008-04-25 22:43 --------- d-----w C:\Program Files\Fichiers communs\Java 2008-04-25 22:37 --------- d-----w C:\Program Files\Fichiers communs\Adobe 2008-04-25 22:37 --------- d-----w C:\Program Files\e-Carte Bleue Banque Populaire 2008-04-25 22:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\ESET 2008-04-25 22:10 21,425 ----a-w C:\WINDOWS\system32\drivers\AegisP.sys 2008-04-25 22:10 --------- d-----w C:\WINDOWS\system32\config\systemprofile\Application Data\Intel 2008-04-25 22:10 --------- d-----w C:\Documents and Settings\NetworkService\Application Data\Intel 2008-04-25 22:10 --------- d-----w C:\Documents and Settings\LocalService\Application Data\Intel 2008-04-25 22:10 --------- d-----w C:\Documents and Settings\HELLO\Application Data\Intel 2008-04-25 22:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\Intel 2008-04-25 21:59 --------- d-----w C:\Documents and Settings\All Users\Application Data\XP32 2008-04-25 21:56 --------- d-----w C:\Program Files\EzButton 2008-04-25 21:55 --------- d-----w C:\Program Files\Fichiers communs\snp2uvc 2008-04-25 21:55 --------- d-----w C:\Documents and Settings\HELLO\Application Data\InstallShield 2008-04-25 21:54 --------- d-----w C:\Program Files\Elantech 2008-04-25 21:50 0 ---ha-w C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf 2008-04-25 21:50 --------- d-----w C:\Program Files\WIDCOMM 2008-04-25 21:49 --------- d-----w C:\Program Files\Compal 2008-04-25 21:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\Vista64 2008-04-25 21:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\Vista32 2008-04-25 21:48 --------- d-----w C:\Program Files\Fichiers communs\InstallShield 2008-04-25 21:47 315,392 ----a-w C:\WINDOWS\HideWin.exe 2008-04-25 21:47 --------- d-----w C:\Program Files\Realtek 2008-04-25 20:49 --------- d-----w C:\Program Files\microsoft frontpage 2008-04-25 20:47 --------- d-----w C:\Program Files\Services en ligne 2008-04-13 17:34 979,968 ----a-w C:\WINDOWS\explorer.exe 2008-04-13 17:34 40,840 ----a-w C:\WINDOWS\system32\drivers\termdd.sys 2008-04-13 17:34 32,866 ------w C:\WINDOWS\slrundll.exe 2008-04-13 17:34 288,256 ----a-w C:\WINDOWS\winhlp32.exe 2008-04-13 17:34 230,912 ----a-w C:\WINDOWS\regedit.exe 2008-04-13 17:34 21,896 ----a-w C:\WINDOWS\system32\drivers\tdtcp.sys 2008-04-13 17:34 156,672 ----a-w C:\WINDOWS\notepad.exe . ------- Sigcheck ------- 2008-04-13 19:34 979968 3efe912dd25d2586e6a0341db0a66f69 C:\WINDOWS\explorer.exe 2004-08-05 14:00 1036288 4c33e5b9a6197b6ed215f6cfba0a2daa C:\WINDOWS\$NtServicePackUninstall$\explorer.exe 2008-04-13 19:34 979968 3efe912dd25d2586e6a0341db0a66f69 C:\WINDOWS\ServicePackFiles\i386\explorer.exe . ((((((((((((((((((((((((((((( snapshot@2008-06-10_19.53.22.03 ))))))))))))))))))))))))))))))))))))))))) . - 2008-06-10 17:52:09 2,048 --s-a-w C:\WINDOWS\bootstat.dat + 2008-06-10 18:19:49 2,048 --s-a-w C:\WINDOWS\bootstat.dat - 2008-06-10 17:30:06 62,678 ----a-w C:\WINDOWS\system32\perfc009.dat + 2008-06-10 17:56:16 62,678 ----a-w C:\WINDOWS\system32\perfc009.dat - 2008-06-10 17:30:06 75,704 ----a-w C:\WINDOWS\system32\perfc00C.dat + 2008-06-10 17:56:16 75,704 ----a-w C:\WINDOWS\system32\perfc00C.dat - 2008-06-10 17:30:06 401,398 ----a-w C:\WINDOWS\system32\perfh009.dat + 2008-06-10 17:56:16 401,398 ----a-w C:\WINDOWS\system32\perfh009.dat - 2008-06-10 17:30:06 468,728 ----a-w C:\WINDOWS\system32\perfh00C.dat + 2008-06-10 17:56:16 468,728 ----a-w C:\WINDOWS\system32\perfh00C.dat - 2008-05-25 14:48:30 25,992 ----a-w C:\WINDOWS\system32\pgdfgsvc.exe + 2008-06-10 18:10:43 25,992 ----a-w C:\WINDOWS\system32\pgdfgsvc.exe . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NVHotkey"="nvHotkey.dll" [2008-02-22 09:46 86016 C:\WINDOWS\system32\nvhotkey.dll] "Wow Video&Audio"="C:\Program Files\Compal\Wow Video&Audio\WVAMain.exe" [2007-05-03 17:51 951856] "KTPWare"="C:\Program Files\Elantech\ktp.exe" [2007-02-14 04:11 647168] "CplBCL50"="C:\Program Files\EzButton\CplBCL50.EXE" [2004-06-15 14:11 401408] "IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [2007-02-21 11:19 819200] "IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2007-02-21 11:17 970752] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-05-02 12:46 13529088] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-13 19:34 15360] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 relog_ap [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "TomTomHOME.exe"="C:\Program Files\TomTom HOME 2\HOMERunner.exe" "DWQueuedReporting"="C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" "RTHDCPL"=RTHDCPL.EXE "Alcmtr"=ALCMTR.EXE "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" "Acronis Scheduler2 Service"="C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" "NvMediaCenter"=RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit "AcronisTimounterMonitor"=C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" "TrueImageMonitor.exe"=C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe "NotebookHardwareControl"="C:\Program Files\Notebook Hardware Control\nhc.exe" -quiet "nwiz"=nwiz.exe /install "WLSS"=C:\Program Files\Compal\Wireless Select Switch\WLSS.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\uTorrent\\uTorrent.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "C:\\Program Files\\Mozilla Firefox\\firefox.exe"= "D:\\Program Files\\Mass Effect\\MassEffectLauncher.exe"= "D:\\Program Files\\Mass Effect\\Binaries\\MassEffect.exe"= R0 EMSC;COMPAL Embedded System Control;C:\WINDOWS\system32\DRIVERS\EMSC.SYS [2007-03-14 10:16] R0 tdrpman;Acronis Try&Decide and Restore Points filter;C:\WINDOWS\system32\DRIVERS\tdrpman.sys [2008-04-26 18:46] R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B};{95808DC4-FA4A-4C74-92FE-5B863F82066B};C:\Program Files\CyberLink\PowerDVD\000.fcl [2007-09-19 21:37] R3 Ktp;Elantech Touchpad;C:\WINDOWS\system32\DRIVERS\Ktp.sys [2006-11-18 09:55] R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;C:\WINDOWS\system32\drivers\libusb0.sys [2005-03-09 20:50] S3 TryAndDecideService;Acronis Try And Decide Service;"C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe" [2007-10-08 11:19] S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-04-26 13:22] S3 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe [2008-04-13 19:34] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-06-10 20:20:04 Windows 5.1.2600 Service Pack 3 NTFS Balayage processus cach‚s ... Balayage cach‚ autostart entries ... Balayage des fichiers cach‚s ... Scan termin‚ avec succŠs Les fichiers cach‚s: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{95808DC4-FA4A-4C74-92FE-5B863F82066B}] "ImagePath"="\??\C:\Program Files\CyberLink\PowerDVD\000.fcl" . ------------------------ Other Running Processes ------------------------ . C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe . ************************************************************************** . Temps d'accomplissement: 2008-06-10 20:21:08 - machine was rebooted ComboFix-quarantined-files.txt 2008-06-10 18:21:05 ComboFix2.txt 2008-06-10 17:53:32 Pre-Run: 23,838,687,232 octets libres Post-Run: 23,821,242,368 octets libres 267 --- E O F --- 2008-05-28 16:50:20

hello, étant impatient, j'ai fait quelques recherches et j'ai donc lancé combo fix avant de voir ton post donc pour ces 2 lignes combo fix les a apparement supprimés O2 - BHO: (no name) - {DA244C53-7D03-42B8-92CF-87DD312907BC} - C:\WINDOWS\system32\jkkHYpnN.dll (file missing) O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing) je post les 2 rapports: ComboFix 08-06-09.7 - HELLO 2008-06-10 19:48:53.1 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.1581 [GMT 2:00] Endroit: C:\Documents and Settings\HELLO\Bureau\ComboFix.exe * Création d'un nouveau point de restauration AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\ammemewf.ini C:\WINDOWS\system32\cdkcgsvk.ini C:\WINDOWS\system32\doutvamw.dll C:\WINDOWS\system32\efswklux.ini C:\WINDOWS\system32\fvsbknuo.ini C:\WINDOWS\system32\fwememma.dll C:\WINDOWS\system32\jkwqjcrb.ini C:\WINDOWS\system32\kvsgckdc.dll C:\WINDOWS\system32\NnpYHkkj.ini C:\WINDOWS\system32\NnpYHkkj.ini2 C:\WINDOWS\system32\NTstwyay.ini C:\WINDOWS\system32\NTstwyay.ini2 C:\WINDOWS\system32\rYycIRqr.ini C:\WINDOWS\system32\rYycIRqr.ini2 C:\WINDOWS\system32\vylfdkip.ini C:\WINDOWS\system32\wmavtuod.ini C:\WINDOWS\system32\xulkwsfe.dll C:\WINDOWS\system32\xxyxVopO.dll . ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-05-10 to 2008-06-10 )))))))))))))))))))))))))))))))))))) . 2008-06-10 19:31 . 2008-06-10 19:31 605,184 --a------ C:\WINDOWS\system32\yaywtsTN.dll 2008-06-10 19:27 . 2008-06-10 19:29 <REP> d-------- C:\Hijackthis 2008-06-10 17:43 . 2008-06-10 19:25 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira 2008-06-10 15:59 . 2008-06-10 15:59 <REP> dr-h----- C:\Documents and Settings\HELLO\Application Data\SecuROM 2008-06-10 15:59 . 2008-06-10 15:59 107,888 --a------ C:\WINDOWS\system32\CmdLineExt.dll 2008-06-10 15:17 . 2008-06-10 19:21 211 --a------ C:\WINDOWS\wininit.ini 2008-06-10 13:22 . 2008-06-10 13:22 <REP> d-------- C:\Program Files\Fichiers communs\BioWare 2008-06-06 21:17 . 2008-06-06 21:17 <REP> d-------- C:\Documents and Settings\HELLO\Application Data\vlc 2008-06-06 21:16 . 2008-06-06 21:16 <REP> d-------- C:\Program Files\VideoLAN 2008-05-30 14:09 . 2008-05-30 14:09 <REP> d-------- C:\Program Files\CCleaner 2008-05-28 19:09 . 2008-05-28 19:09 <REP> d-------- C:\Program Files\foobar2000 2008-05-19 18:19 . 2008-05-19 18:19 <REP> d-------- C:\Program Files\Auslogics 2008-05-19 18:19 . 2008-05-19 18:19 <REP> d-------- C:\Documents and Settings\HELLO\Application Data\Auslogics 2008-05-18 16:34 . 2008-05-18 16:34 <REP> d-------- C:\Program Files\Neoact 2008-05-18 16:34 . 2007-02-05 13:11 139,264 --a------ C:\WINDOWS\NeoUninstall.exe 2008-05-18 16:34 . 2008-05-18 16:34 26 --a------ C:\WINDOWS\neosetup.INI 2008-05-18 16:27 . 2008-05-18 16:31 120 --a------ C:\WINDOWS\csmash.ini 2008-05-18 16:01 . 2008-05-18 16:26 <REP> d-------- C:\Documents and Settings\HELLO\.xmoto 2008-05-17 16:15 . 2008-05-17 16:15 <REP> d-------- C:\Documents and Settings\All Users\Application Data\nView_Profiles 2008-05-17 16:14 . 2008-05-17 16:14 <REP> d-------- C:\WINDOWS\nvidia icons 2008-05-17 16:09 . 2008-05-02 12:46 13,529,088 --a------ C:\WINDOWS\system32\nvcpl.dll 2008-05-14 21:12 . 2008-05-14 21:12 <REP> d-------- C:\Program Files\DVD Shrink 2008-05-14 18:33 . 2004-05-14 16:53 462,848 --a------ C:\WINDOWS\system32\ltkrn13n.dll 2008-05-14 18:33 . 2004-05-14 16:53 450,560 --a------ C:\WINDOWS\system32\ltimg13n.dll 2008-05-14 18:33 . 2004-05-14 16:53 401,408 --a------ C:\WINDOWS\system32\lfcmp13n.dll 2008-05-14 18:33 . 2004-05-14 16:53 299,008 --a------ C:\WINDOWS\system32\ltdis13n.dll 2008-05-14 18:33 . 2004-01-12 02:09 206,336 --a------ C:\WINDOWS\system32\ltefx13n.dll 2008-05-14 18:33 . 2004-05-14 16:53 163,840 --a------ C:\WINDOWS\system32\ltfil13n.dll 2008-05-14 18:33 . 2003-11-04 15:10 69,632 --a------ C:\WINDOWS\system32\lfgif13n.dll 2008-05-14 18:33 . 2004-05-14 16:53 57,344 --a------ C:\WINDOWS\system32\lfbmp13n.dll 2008-05-14 16:30 . 2008-05-14 16:30 <REP> d-------- C:\Program Files\TomTom DesktopSuite . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-06-10 13:58 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP 2008-06-10 11:57 --------- d-----w C:\Documents and Settings\HELLO\Application Data\uTorrent 2008-06-05 16:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\Acronis 2008-06-04 20:03 --------- d-----w C:\Documents and Settings\HELLO\Application Data\foobar2000 2008-06-04 16:00 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-05-28 17:09 --------- d-----w C:\Program Files\TuneUp Utilities 2008 2008-05-21 22:23 --------- d-----w C:\Program Files\Intel 2008-05-19 16:19 --------- d-----w C:\Program Files\AusLogics Disk Defrag 2008-05-18 11:23 --------- d-----w C:\Documents and Settings\HELLO\Application Data\dvdcss 2008-05-11 16:40 --------- d-----w C:\Documents and Settings\HELLO\Application Data\XnView 2008-05-11 10:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\DVD Shrink 2008-05-05 18:50 22,528 ----a-w C:\WINDOWS\system32\drivers\nhcDriver.sys 2008-05-02 17:24 --------- d-----w C:\Program Files\Notebook Hardware Control 2008-05-02 10:46 6,554,496 ----a-w C:\WINDOWS\system32\drivers\nv4_mini.sys 2008-04-27 13:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ubisoft 2008-04-27 13:38 22,328 ----a-w C:\Documents and Settings\HELLO\Application Data\PnkBstrK.sys 2008-04-27 12:40 --------- d-----w C:\Documents and Settings\NetworkService\Application Data\Acronis 2008-04-27 12:03 --------- d-----w C:\Documents and Settings\HELLO\Application Data\Media Player Classic 2008-04-27 11:48 --------- d-----w C:\Documents and Settings\All Users\Application Data\TomTom 2008-04-26 16:46 441,760 ----a-w C:\WINDOWS\system32\drivers\timntr.sys 2008-04-26 16:46 44,384 ----a-w C:\WINDOWS\system32\drivers\tifsfilt.sys 2008-04-26 16:46 368,736 ----a-w C:\WINDOWS\system32\drivers\tdrpman.sys 2008-04-26 16:46 129,248 ----a-w C:\WINDOWS\system32\drivers\snapman.sys 2008-04-26 16:46 --------- d-----w C:\Program Files\Fichiers communs\Acronis 2008-04-26 16:46 --------- d-----w C:\Program Files\Acronis 2008-04-26 16:41 65,112 ----a-w C:\WINDOWS\BricoPackUninst.cmd 2008-04-26 16:41 6,114 ----a-w C:\WINDOWS\BricoPackFoldersDelete.cmd 2008-04-26 16:28 --------- d-----w C:\Program Files\Zeb-Utility 2008-04-26 15:07 --------- d-----w C:\Documents and Settings\HELLO\Application Data\TomTom 2008-04-26 15:06 --------- d-----w C:\Documents and Settings\LocalService\Application Data\Acronis 2008-04-26 14:20 --------- d-----w C:\Program Files\LibUSB-Win32-0.1.10.1 2008-04-26 14:01 --------- d-----w C:\Program Files\uTorrent 2008-04-26 13:54 --------- d-----w C:\Program Files\Windows Live 2008-04-26 13:32 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller 2008-04-26 13:24 --------- d-----w C:\Program Files\TomTom HOME 2 2008-04-26 13:23 --------- d-----w C:\Program Files\XnView 2008-04-26 13:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller 2008-04-26 11:20 --------- d-----w C:\Documents and Settings\HELLO\Application Data\TuneUp Software 2008-04-26 11:20 --------- d-----w C:\Documents and Settings\All Users\Application Data\TuneUp Software 2008-04-26 11:19 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard 2008-04-26 11:16 --------- d-----w C:\Program Files\AbiSuite2 2008-04-26 11:15 --------- d-----w C:\Program Files\Torrent Harvester 2008-04-26 11:15 --------- d-----w C:\Program Files\Sleepy 2008-04-26 11:13 --------- d-----w C:\Documents and Settings\HELLO\Application Data\CyberLink 2008-04-26 11:12 --------- d-----w C:\Program Files\Serials 2000 7.1 Plus 2008-04-26 11:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\CyberLink 2008-04-26 11:09 --------- d-----w C:\Program Files\Smart Projects 2008-04-26 11:08 --------- d-----w C:\Program Files\CyberLink 2008-04-26 11:05 --------- d-----w C:\Program Files\Real Alternative 2008-04-26 11:03 --------- d-----w C:\Program Files\QuickTime Alternative 2008-04-26 11:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer 2008-04-26 11:02 --------- d-----w C:\Program Files\FLVPlayer 2008-04-26 10:41 --------- d-----w C:\Program Files\DAEMON Tools Lite 2008-04-26 10:39 717,296 ----a-w C:\WINDOWS\system32\drivers\sptd.sys 2008-04-26 10:39 --------- d-----w C:\Documents and Settings\HELLO\Application Data\DAEMON Tools 2008-04-26 10:37 --------- d-----w C:\Documents and Settings\HELLO\Application Data\Ahead 2008-04-26 10:35 --------- d-----w C:\Program Files\Ahead 2008-04-26 10:32 --------- d-----w C:\Program Files\Fichiers communs\Ahead 2008-04-26 09:57 737,280 ----a-w C:\WINDOWS\iun6002.exe 2008-04-26 09:57 --------- d-----w C:\Program Files\FireTune 2008-04-26 09:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\Downloaded Installations 2008-04-26 07:35 --------- d-----w C:\Program Files\Windows Media Connect 2 2008-04-25 22:58 --------- d-----w C:\Program Files\AGEIA Technologies 2008-04-25 22:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-04-25 22:55 --------- d-----w C:\Program Files\Spybot - Search & Destroy 2008-04-25 22:51 --------- d-----w C:\Program Files\Fraps 2008-04-25 22:45 --------- d-----w C:\Program Files\Java 2008-04-25 22:44 --------- d-----w C:\Program Files\Gadwin Systems 2008-04-25 22:43 --------- d-----w C:\Program Files\Fichiers communs\Java 2008-04-25 22:37 --------- d-----w C:\Program Files\Fichiers communs\Adobe 2008-04-25 22:37 --------- d-----w C:\Program Files\e-Carte Bleue Banque Populaire 2008-04-25 22:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\ESET 2008-04-25 22:10 21,425 ----a-w C:\WINDOWS\system32\drivers\AegisP.sys 2008-04-25 22:10 --------- d-----w C:\WINDOWS\system32\config\systemprofile\Application Data\Intel 2008-04-25 22:10 --------- d-----w C:\Documents and Settings\NetworkService\Application Data\Intel 2008-04-25 22:10 --------- d-----w C:\Documents and Settings\LocalService\Application Data\Intel 2008-04-25 22:10 --------- d-----w C:\Documents and Settings\HELLO\Application Data\Intel 2008-04-25 22:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\Intel 2008-04-25 21:59 --------- d-----w C:\Documents and Settings\All Users\Application Data\XP32 2008-04-25 21:56 --------- d-----w C:\Program Files\EzButton 2008-04-25 21:55 --------- d-----w C:\Program Files\Fichiers communs\snp2uvc 2008-04-25 21:55 --------- d-----w C:\Documents and Settings\HELLO\Application Data\InstallShield 2008-04-25 21:54 --------- d-----w C:\Program Files\Elantech 2008-04-25 21:50 0 ---ha-w C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf 2008-04-25 21:50 --------- d-----w C:\Program Files\WIDCOMM 2008-04-25 21:49 --------- d-----w C:\Program Files\Compal 2008-04-25 21:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\Vista64 2008-04-25 21:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\Vista32 2008-04-25 21:48 --------- d-----w C:\Program Files\Fichiers communs\InstallShield 2008-04-25 21:47 315,392 ----a-w C:\WINDOWS\HideWin.exe 2008-04-25 21:47 --------- d-----w C:\Program Files\Realtek 2008-04-25 20:49 --------- d-----w C:\Program Files\microsoft frontpage 2008-04-25 20:47 --------- d-----w C:\Program Files\Services en ligne 2008-04-13 17:34 979,968 ----a-w C:\WINDOWS\explorer.exe 2008-04-13 17:34 40,840 ----a-w C:\WINDOWS\system32\drivers\termdd.sys 2008-04-13 17:34 32,866 ------w C:\WINDOWS\slrundll.exe 2008-04-13 17:34 288,256 ----a-w C:\WINDOWS\winhlp32.exe 2008-04-13 17:34 230,912 ----a-w C:\WINDOWS\regedit.exe 2008-04-13 17:34 21,896 ----a-w C:\WINDOWS\system32\drivers\tdtcp.sys 2008-04-13 17:34 156,672 ----a-w C:\WINDOWS\notepad.exe . ------- Sigcheck ------- 2008-04-13 19:34 979968 3efe912dd25d2586e6a0341db0a66f69 C:\WINDOWS\explorer.exe 2004-08-05 14:00 1036288 4c33e5b9a6197b6ed215f6cfba0a2daa C:\WINDOWS\$NtServicePackUninstall$\explorer.exe 2008-04-13 19:34 979968 3efe912dd25d2586e6a0341db0a66f69 C:\WINDOWS\ServicePackFiles\i386\explorer.exe . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7885AECB-851F-45D1-9845-C2900AF43524}] 2008-06-10 19:31 605184 --a------ C:\WINDOWS\system32\yaywtsTN.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{DA244C53-7D03-42B8-92CF-87DD312907BC}] C:\WINDOWS\system32\jkkHYpnN.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-13 19:34 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NVHotkey"="nvHotkey.dll" [2008-02-22 09:46 86016 C:\WINDOWS\system32\nvhotkey.dll] "Wow Video&Audio"="C:\Program Files\Compal\Wow Video&Audio\WVAMain.exe" [2007-05-03 17:51 951856] "WLSS"="C:\Program Files\Compal\Wireless Select Switch\WLSS.exe" [2007-04-23 18:55 190000] "KTPWare"="C:\Program Files\Elantech\ktp.exe" [2007-02-14 04:11 647168] "CplBCL50"="C:\Program Files\EzButton\CplBCL50.EXE" [2004-06-15 14:11 401408] "IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [2007-02-21 11:19 819200] "IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2007-02-21 11:17 970752] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-05-02 12:46 13529088] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-13 19:34 15360] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 relog_ap [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "TomTomHOME.exe"="C:\Program Files\TomTom HOME 2\HOMERunner.exe" "DWQueuedReporting"="C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" "RTHDCPL"=RTHDCPL.EXE "Alcmtr"=ALCMTR.EXE "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" "Acronis Scheduler2 Service"="C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" "NvMediaCenter"=RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit "AcronisTimounterMonitor"=C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" "TrueImageMonitor.exe"=C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe "NotebookHardwareControl"="C:\Program Files\Notebook Hardware Control\nhc.exe" -quiet "nwiz"=nwiz.exe /install [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\uTorrent\\uTorrent.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "C:\\Program Files\\Mozilla Firefox\\firefox.exe"= "D:\\Program Files\\Mass Effect\\MassEffectLauncher.exe"= "D:\\Program Files\\Mass Effect\\Binaries\\MassEffect.exe"= R0 EMSC;COMPAL Embedded System Control;C:\WINDOWS\system32\DRIVERS\EMSC.SYS [2007-03-14 10:16] R0 tdrpman;Acronis Try&Decide and Restore Points filter;C:\WINDOWS\system32\DRIVERS\tdrpman.sys [2008-04-26 18:46] R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B};{95808DC4-FA4A-4C74-92FE-5B863F82066B};C:\Program Files\CyberLink\PowerDVD\000.fcl [2007-09-19 21:37] R3 Ktp;Elantech Touchpad;C:\WINDOWS\system32\DRIVERS\Ktp.sys [2006-11-18 09:55] R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;C:\WINDOWS\system32\drivers\libusb0.sys [2005-03-09 20:50] S3 TryAndDecideService;Acronis Try And Decide Service;"C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe" [2007-10-08 11:19] S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-04-26 13:22] S3 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe [2008-04-13 19:34] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-06-10 19:52:24 Windows 5.1.2600 Service Pack 3 NTFS Balayage processus cach‚s ... Balayage cach‚ autostart entries ... Balayage des fichiers cach‚s ... Scan termin‚ avec succŠs Les fichiers cach‚s: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{95808DC4-FA4A-4C74-92FE-5B863F82066B}] "ImagePath"="\??\C:\Program Files\CyberLink\PowerDVD\000.fcl" . ------------------------ Other Running Processes ------------------------ . C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe . ************************************************************************** . Temps d'accomplissement: 2008-06-10 19:53:32 - machine was rebooted ComboFix-quarantined-files.txt 2008-06-10 17:53:29 Pre-Run: 23,911,026,688 octets libres Post-Run: 23,834,816,512 octets libres 262 --- E O F --- 2008-05-28 16:50:20 ET Logfile of HijackThis v1.99.1 Scan saved at 19:58:25, on 10/06/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Compal\Wow Video&Audio\WVAMain.exe C:\Program Files\Compal\Wireless Select Switch\WLSS.exe C:\Program Files\Elantech\ktp.exe C:\Program Files\EzButton\CplBCL50.EXE C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe C:\WINDOWS\explorer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\rundll32.exe C:\Hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O4 - HKLM\..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start O4 - HKLM\..\Run: [Wow Video&Audio] C:\Program Files\Compal\Wow Video&Audio\WVAMain.exe O4 - HKLM\..\Run: [WLSS] C:\Program Files\Compal\Wireless Select Switch\WLSS.exe O4 - HKLM\..\Run: [KTPWare] C:\Program Files\Elantech\ktp.exe O4 - HKLM\..\Run: [CplBCL50] C:\Program Files\EzButton\CplBCL50.EXE O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [4c3a030f] rundll32.exe "C:\WINDOWS\system32\evslojrs.dll",b O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: BTTray.lnk = ? O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl.sun.com/webapps/download/AutoDL?BundleId=19588 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - http://libusb-win32.sourceforge.net - C:\WINDOWS\system32\libusbd-nt.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe merci d'avance