Aller au contenu

bullbizar

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    365

  • Inscription

  • Dernière visite

  • Jours gagnés

    3

Tout ce qui a été posté par bullbizar

  1. bullbizar
    Bonsoir, Merci de te casser la tête encore avec moi. Le point de restauration a été créé et je te joins le rapport : # DelFix v8.6 - Rapport créé le 26/10/2011 à 19:03:37 # Mis à jour le 13/10/11 à 18h par Xplode # Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits) # Nom d'utilisateur : User - BEL (Administrateur) # Exécuté depuis : C:\Documents and Settings\User\Mes documents\Téléchargements\delfix.exe # Option [suppression] ~~~~~~ Dossiers(s) ~~~~~~ Supprimé : C:\Documents and Settings\User\Bureau\RK_Quarantine ~~~~~~ Fichier(s) ~~~~~~ Supprimé : C:\AdwCleaner[R1].txt Supprimé : C:\AdwCleaner[s1].txt Supprimé : C:\Documents and Settings\User\Bureau\adwcleaner.exe Supprimé : C:\Documents and Settings\User\Bureau\hijackthis.log Supprimé : C:\Documents and Settings\User\Bureau\RogueKiller.exe Supprimé : C:\Documents and Settings\User\Mes documents\Téléchargements\HiJackThis.exe Supprimé : C:\Documents and Settings\User\Mes documents\Téléchargements\hijackthis.log ~~~~~~ Registre ~~~~~~ Clé Supprimée : HKLM\SOFTWARE\AdwCleaner Clé Supprimée : HKLM\SOFTWARE\TrendMicro\Hijackthis ~~~~~~ Autres ~~~~~~ -> Prefetch Vidé ************************* DelFix[s1].txt - [1104 octets] - [26/10/2011 19:03:37] ########## EOF - C:\DelFix[s1].txt - [1228 octets] ########## Merci encore et bonne soirée.
  2. bullbizar
    Bonjour Bernard, Bonjour à toutes et à tous, Mon PC répond super bien et je crois que je ne suis plus "infecté"!!!!!! Merci pour votre aide, vos conseils et vos efforts pour aider les néophytes que nous sommes. Bon courage et bonne continuation.
  3. bullbizar
    Salut Bernard, Tout à fait;J'ai tout suivi pour MBAM, pour AdwCleaner, je te joins le nouveau rapport : # AdwCleaner v1.312 - Rapport créé le 23/10/2011 à 18:02:47 # Mis à jour le 18/10/11 à 21h par Xplode # Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits) # Nom d'utilisateur : User - BEL (Droits Limités) # Exécuté depuis : C:\Documents and Settings\User\Bureau\adwcleaner.exe # Option [suppression] ***** [KillNav] ***** # firefox.exe [PID:3840] -> Tué ***** [Processus] ***** Tué : [PID:2020] DATAMN~1.EXE ***** [services] ***** ***** [Fichiers / Dossiers] ***** Dossier Supprimé : C:\Documents and Settings\All Users\Application Data\Babylon Dossier Supprimé : C:\Documents and Settings\User\Application Data\Babylon Dossier Supprimé : C:\Documents and Settings\User\Application Data\searchquband Dossier Supprimé : C:\Documents and Settings\User\Application Data\Searchqutoolbar Dossier Supprimé : C:\Documents and Settings\User\Application Data\Toolbar4 Dossier Supprimé : C:\Documents and Settings\User\Local Settings\Application Data\Babylon Dossier Supprimé : C:\Program Files\Windows Searchqu Toolbar Dossier Supprimé : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\4y8l2ubw.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} Dossier Supprimé : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\4y8l2ubw.default\extensions\ffxtlbr@babylon.com Dossier Supprimé : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\4y8l2ubw.default\searchqutoolbar Fichier Supprimé : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml Fichier Supprimé : C:\Program Files\Mozilla Firefox\searchplugins\SearchResults.xml FichierSupprimé : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\4y8l2ubw.default\searchplugins\SearchResults.xml ***** [Registre] ***** Clé Supprimée : HKLM\SOFTWARE\Babylon Clé Supprimée : HKLM\SOFTWARE\SearchquMediabarTb Clé Supprimée : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler Clé Supprimée : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1 Clé Supprimée : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard Clé Supprimée : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1 Clé Supprimée : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils Clé Supprimée : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1 Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1 Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1 Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbRequest Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1 Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbTask Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1 Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1 Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1 Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1 Clé Supprimée : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook Clé Supprimée : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1 Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escort.DLL Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079a25-328f-4bd4-be04-00955acaa0a7} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4f12-8568-69135F087DB0} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079a25-328f-4bd4-be04-00955acaa0a7} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0} Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{99079a25-328f-4bd4-be04-00955acaa0a7}] Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [DataMngr] ***** [Navigateurs] ***** -\\ Internet Explorer v8.0.6001.18702 [OK] Le registre ne contient aucune entrée illégitime. -\\ Mozilla Firefox v6.0.2 (fr) Profil : 4y8l2ubw.default Fichier : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\4y8l2ubw.default\prefs.js Supprimée : user_pref("extensions.BabylonToolbar.keyWordUrl", "hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=8c9399f8000000000000e0699534f354&tlver=1.4.35.10&affID=100842"); Supprimée : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_FFUP"); Supprimée : user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); Supprimée : user_pref("extensions.enabledAddons", "{b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.5,jqs@sun.com:1.0,searchpredict@speedbit.com:1.0.1.0,{0329E7D6-6F54-462D-93F6-F5C3118BADF2}:2.4.2,{99079a25-328f-4bd4-be04-00955acaa0a7}:4.4.1.00,{1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0,ffxtlbr@babylon.com:1.1.9,{20a82645-c095-46ed-80e3-08825760534b}:0.0.0,{972ce4c6-7e08-4474-a285-3208198ce6fd}:7.0.1"); Supprimée : user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"jqs@sun.com\":{\"descriptor\":\"C:\\\\Program Files\\\\Java\\\\jre6\\\\lib\\\\deploy\\\\jqs\\\\ff\",\"mtime\":1264424832750},\"searchpredict@speedbit.com\":{\"descriptor\":\"C:\\\\Program Files\\\\SearchPredict\\\\PRFireFox\",\"mtime\":1316206726125},\"{0329E7D6-6F54-462D-93F6-F5C3118BADF2}\":{\"descriptor\":\"C:\\\\Program Files\\\\SpeedBit Video Downloader\\\\SPFireFox\",\"mtime\":1316206728390},\"{20a82645-c095-46ed-80e3-08825760534b}\":{\"descriptor\":\"C:\\\\WINDOWS\\\\Microsoft.NET\\\\Framework\\\\v3.5\\\\Windows Presentation Foundation\\\\DotNetAssistantExtension\",\"mtime\":1318800638750}}},{\"name\":\"app-global\",\"addons\":{\"{1FD91A9C-410C-4090-BBCC-55D3450EF433}\":{\"descriptor\":\"C:\\\\Program Files\\\\SearchCore for Browsers\\\\SearchCore for Browsers\\\\FirefoxExtension\",\"mtime\":1318323229281},\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1319212049052}}},{\"name\":\"winreg-app-user\",\"addons\":{\"mozilla_cc@internetdownloadmanager.com\":{\"descriptor\":\"C:\\\\Documents and Settings\\\\User\\\\Application Data\\\\IDM\\\\idmmzcc3\",\"mtime\":1302106232234}}},{\"name\":\"app-profile\",\"addons\":{\"ffxtlbr@babylon.com\":{\"descriptor\":\"C:\\\\Documents and Settings\\\\User\\\\Application Data\\\\Mozilla\\\\Firefox\\\\Profiles\\\\4y8l2ubw.default\\\\extensions\\\\ffxtlbr@babylon.com\",\"mtime\":1318441649703},\"{99079a25-328f-4bd4-be04-00955acaa0a7}\":{\"descriptor\":\"C:\\\\Documents and Settings\\\\User\\\\Application Data\\\\Mozilla\\\\Firefox\\\\Profiles\\\\4y8l2ubw.default\\\\extensions\\\\{99079a25-328f-4bd4-be04-00955acaa0a7}\",\"mtime\":1318323228187},\"{b9db16a4-6edc-47ec-a1f4-b86292ed211d}\":{\"descriptor\":\"C:\\\\Documents and Settings\\\\User\\\\Application Data\\\\Mozilla\\\\Firefox\\\\Profiles\\\\4y8l2ubw.default\\\\extensions\\\\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}\",\"mtime\":1317932822366}}}]"); Supprimée : user_pref("keyword.URL", "hxxp://www.searchqu.com/web?src=ffb&appid=0&systemid=414&sr=0&q="); -\\ Google Chrome v [impossible d'obtenir la version] Fichier : C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences [OK] Le fichier ne contient aucune entrée illégitime. ************************* AdwCleaner[R1].txt - [11598 octets] - [22/10/2011 17:11:06] AdwCleaner[s1].txt - [11597 octets] - [23/10/2011 18:02:47] ************************* Dossier Temporaire : 35 dossier(s)et 107 fichier(s) supprimés ########## EOF - C:\AdwCleaner[s1].txt - [11820 octets] ########## La machine est meilleure, question exécution des programmes et autres, par contre je note une certaine lenteur pour l'ouverture de Firefox et ce malgré que je l'ai "optimisé" selon l'astuce du site. Mais, ce n'est pas trop important, du moment que je me débarrasse d'éventuelles infections. Bonne soirée.
  4. bullbizar
    Bonsoir Bernard, Tout d'abord je te remercie pour ton aide, ainsi que les personnes qui ont pris la peine de lire mon post. Comme convenu, je te joins les deux (02) rapports de scan demandés : # AdwCleaner v1.312 - Rapport créé le 22/10/2011 à 17:11:06 # Mis à jour le 18/10/11 à 21h par Xplode # Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits) # Nom d'utilisateur : User - BEL (Droits Limités) # Exécuté depuis : C:\Documents and Settings\User\Bureau\adwcleaner.exe # Option [Recherche] ***** [Processus] ***** Présent : [PID:2044] DATAMN~1.EXE ***** [services] ***** ***** [Fichiers / Dossiers] ***** Dossier Présent : C:\Documents and Settings\All Users\Application Data\Babylon Dossier Présent : C:\Documents and Settings\User\Application Data\Babylon Dossier Présent : C:\Documents and Settings\User\Application Data\searchquband Dossier Présent : C:\Documents and Settings\User\Application Data\Searchqutoolbar Dossier Présent : C:\Documents and Settings\User\Application Data\Toolbar4 Dossier Présent : C:\Documents and Settings\User\Local Settings\Application Data\Babylon Dossier Présent : C:\Program Files\Windows Searchqu Toolbar Dossier Présent : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\4y8l2ubw.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} Dossier Présent : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\4y8l2ubw.default\extensions\ffxtlbr@babylon.com Dossier Présent : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\4y8l2ubw.default\searchqutoolbar Fichier Présent : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml Fichier Présent : C:\Program Files\Mozilla Firefox\searchplugins\SearchResults.xml Fichier Présent : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\4y8l2ubw.default\searchplugins\SearchResults.xml ***** [Registre] ***** Clé Présente : HKLM\SOFTWARE\Babylon Clé Présente : HKLM\SOFTWARE\SearchquMediabarTb Clé Présente : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler Clé Présente : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1 Clé Présente : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard Clé Présente : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1 Clé Présente : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils Clé Présente : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1 Clé Présente : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager Clé Présente : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1 Clé Présente : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager Clé Présente : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1 Clé Présente : HKLM\SOFTWARE\Classes\TbHelper.TbRequest Clé Présente : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1 Clé Présente : HKLM\SOFTWARE\Classes\TbHelper.TbTask Clé Présente : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1 Clé Présente : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper Clé Présente : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1 Clé Présente : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier Clé Présente : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1 Clé Présente : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl Clé Présente : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1 Clé Présente : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook Clé Présente : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1 Clé Présente : HKLM\SOFTWARE\Classes\AppID\escort.DLL Clé Présente : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL Clé Présente : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE Clé Présente : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB} Clé Présente : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E} Clé Présente : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291} Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115} Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515} Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87} Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115} Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0} Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7} Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B} Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1} Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8} Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F} Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C} Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052} Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5} Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5} Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70} Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0} Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0} Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B} Clé Présente : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921} Clé Présente : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778} Clé Présente : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC} Clé Présente : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F} Clé Présente : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979} Clé Présente : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B} Clé Présente : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE} Clé Présente : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29} Clé Présente : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC} Clé Présente : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659} Clé Présente : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47} Clé Présente : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C} Clé Présente : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6} Clé Présente : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F} Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705} Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9} Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15} Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D} Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148} Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C} Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E} Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079a25-328f-4bd4-be04-00955acaa0a7} Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4f12-8568-69135F087DB0} Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079a25-328f-4bd4-be04-00955acaa0a7} Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7} Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0} Valeur Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{99079a25-328f-4bd4-be04-00955acaa0a7}] Valeur Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [DataMngr] ***** [Navigateurs] ***** -\\ Internet Explorer v8.0.6001.18702 [OK] Le registre ne contient aucune entrée illégitime. -\\ Mozilla Firefox v6.0.2 (fr) Profil : 4y8l2ubw.default Fichier : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\4y8l2ubw.default\prefs.js Présente : user_pref("extensions.BabylonToolbar.keyWordUrl", "hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=8c9399f8000000000000e0699534f354&tlver=1.4.35.10&affID=100842"); Présente : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_FFUP"); Présente : user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); Présente : user_pref("extensions.enabledAddons", "{b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.5,jqs@sun.com:1.0,searchpredict@speedbit.com:1.0.1.0,{0329E7D6-6F54-462D-93F6-F5C3118BADF2}:2.4.2,{99079a25-328f-4bd4-be04-00955acaa0a7}:4.4.1.00,{1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0,ffxtlbr@babylon.com:1.1.9,{20a82645-c095-46ed-80e3-08825760534b}:0.0.0,{972ce4c6-7e08-4474-a285-3208198ce6fd}:7.0.1"); Présente : user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"jqs@sun.com\":{\"descriptor\":\"C:\\\\Program Files\\\\Java\\\\jre6\\\\lib\\\\deploy\\\\jqs\\\\ff\",\"mtime\":1264424832750},\"searchpredict@speedbit.com\":{\"descriptor\":\"C:\\\\Program Files\\\\SearchPredict\\\\PRFireFox\",\"mtime\":1316206726125},\"{0329E7D6-6F54-462D-93F6-F5C3118BADF2}\":{\"descriptor\":\"C:\\\\Program Files\\\\SpeedBit Video Downloader\\\\SPFireFox\",\"mtime\":1316206728390},\"{20a82645-c095-46ed-80e3-08825760534b}\":{\"descriptor\":\"C:\\\\WINDOWS\\\\Microsoft.NET\\\\Framework\\\\v3.5\\\\Windows Presentation Foundation\\\\DotNetAssistantExtension\",\"mtime\":1318800638750}}},{\"name\":\"app-global\",\"addons\":{\"{1FD91A9C-410C-4090-BBCC-55D3450EF433}\":{\"descriptor\":\"C:\\\\Program Files\\\\SearchCore for Browsers\\\\SearchCore for Browsers\\\\FirefoxExtension\",\"mtime\":1318323229281},\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1319212049052}}},{\"name\":\"winreg-app-user\",\"addons\":{\"mozilla_cc@internetdownloadmanager.com\":{\"descriptor\":\"C:\\\\Documents and Settings\\\\User\\\\Application Data\\\\IDM\\\\idmmzcc3\",\"mtime\":1302106232234}}},{\"name\":\"app-profile\",\"addons\":{\"ffxtlbr@babylon.com\":{\"descriptor\":\"C:\\\\Documents and Settings\\\\User\\\\Application Data\\\\Mozilla\\\\Firefox\\\\Profiles\\\\4y8l2ubw.default\\\\extensions\\\\ffxtlbr@babylon.com\",\"mtime\":1318441649703},\"{99079a25-328f-4bd4-be04-00955acaa0a7}\":{\"descriptor\":\"C:\\\\Documents and Settings\\\\User\\\\Application Data\\\\Mozilla\\\\Firefox\\\\Profiles\\\\4y8l2ubw.default\\\\extensions\\\\{99079a25-328f-4bd4-be04-00955acaa0a7}\",\"mtime\":1318323228187},\"{b9db16a4-6edc-47ec-a1f4-b86292ed211d}\":{\"descriptor\":\"C:\\\\Documents and Settings\\\\User\\\\Application Data\\\\Mozilla\\\\Firefox\\\\Profiles\\\\4y8l2ubw.default\\\\extensions\\\\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}\",\"mtime\":1317932822366}}}]"); Présente : user_pref("keyword.URL", "hxxp://www.searchqu.com/web?src=ffb&appid=0&systemid=414&sr=0&q="); -\\ Google Chrome v [impossible d'obtenir la version] Fichier : C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences [OK] Le fichier ne contient aucune entrée illégitime. ************************* AdwCleaner[R1].txt - [11467 octets] - [22/10/2011 17:11:06] ########## EOF - C:\AdwCleaner[R1].txt - [11596 octets] ########## Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Version de la base de données: 7999 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 22/10/2011 17:04:20 mbam-log-2011-10-22 (17-04-14).txt Type d'examen: Examen rapide Elément(s) analysé(s): 162491 Temps écoulé: 6 minute(s), 6 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 9 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): c:\documents and settings\User\Bureau\car_town_points_coins_hack_v2_0_exe_rar_downloader.exe (Adware.EasyDownloads) -> No action taken. c:\documents and settings\User\local settings\Temp\0.4247850081820146exe (Trojan.FakeAlert) -> No action taken. c:\documents and settings\User\local settings\Temp\0.45156771752305425exe (Trojan.FakeAlert) -> No action taken. c:\documents and settings\User\local settings\Temp\0.9048534624487867exe (Trojan.FakeAlert) -> No action taken. c:\documents and settings\User\local settings\Temp\wpbt0.dll (Trojan.FakeAlert) -> No action taken. c:\documents and settings\User\local settings\Temp\jar_cache476046540781232720.tmp (Trojan.FakeAlert) -> No action taken. c:\documents and settings\User\local settings\Temp\jar_cache5161885881825433734.tmp (Trojan.FakeAlert) -> No action taken. c:\documents and settings\User\local settings\Temp\jar_cache6055508104655906821.tmp (Trojan.FakeAlert) -> No action taken. c:\documents and settings\User\local settings\temporary internet files\Content.IE5\Y9I2UPIB\contacts[1].exe (Trojan.FakeAlert) -> No action taken. Merci et à plus tard!!!
  5. bullbizar
    Bonjour, Suite à un soudain ralentissement de la machine depuis quelques jours et devant mon incapacité à analyser le problème; Je fais appel à vos compétences afin d'analyser mon log hijackthis et m'orienter éventuellement par la suite. Je vous remercie par avance et vous joint ci_après mon log : Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:56:49, on 21/10/2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\PROGRA~1\SEARCH~2\SEARCH~1\DATAMN~1.EXE C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\KaraokeSer.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\World of Warcraft\Launcher.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Documents and Settings\User\Mes documents\Téléchargements\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Hotmail, Messenger, Actualité, Sport, People, Femmes - MSN France R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Hotmail, Messenger, Actualité, Sport, People, Femmes - MSN France R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: LinkAirBrowserHelper HistoryTriggerBHO - {21A88CB9-84D2-4020-A2D1-B25A21034884} - C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: SearchPredictObj Class - {389943B0-C3A2-4E69-82CB-8596A84CB3DC} - C:\Program Files\SearchPredict\SearchPredict.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SBCONVERT - {92A9ACF4-9333-43AE-9698-DB283326F87F} - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI9130~1\Datamngr\ToolBar\searchqudtx.dll O2 - BHO: SearchCore for Browsers - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~1\SEARCH~2\SEARCH~1\BROWSE~1.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: GrabberObj Class - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\SpeedBit Video Downloader\Toolbar\grabber.dll O3 - Toolbar: SpeedBit Video Downloader - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI9130~1\Datamngr\ToolBar\searchqudtx.dll O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [biosNotice] C:\Program Files\BIOSTAR\BiosNotice\BiosNotice.exe O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1 O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\SEARCH~2\SEARCH~1\DATAMN~1.EXE O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RESEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O20 - AppInit_DLLs: C:\PROGRA~1\SEARCH~2\SEARCH~1\datamngr.dll C:\PROGRA~1\SEARCH~2\SEARCH~1\IEBHO.dll O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: VIA Karaoke digital mixer Service (KaraokeService) - VIA Technologies, Inc. - C:\WINDOWS\system32\KaraokeSer.exe O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe -- End of file - 8427 bytes Bonne soirée et à bientôt.
  6. bullbizar
    Salut Thanos, Merci pour tes conseils qui me seront fort utiles à ne pas douter; mais ça me faire de la lecture ..... Merci encore pour tous les efforts que tu déploies pour le confort d'autrui. Bon courage et à ciao bonsoir!!!!
  7. bullbizar
    Salut; Quel écervelé........que je suis. Je te poste le nouveau rapport MBAM. Merci et à bientôt Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Version de la base de données: 5590 Windows 5.1.2600 Service Pack 2 Internet Explorer 8.0.6001.18702 26/01/2011 22:32:57 mbam-log-2011-01-26 (22-32-57).txt Type d'examen: Examen complet (C:\|D:\|) Elément(s) analysé(s): 270152 Temps écoulé: 3 heure(s), 55 minute(s), 49 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 1 Elément(s) de données du Registre infecté(s): 3 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 6 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ForceClassicControlPanel (Hijack.ControlPanelStyle) -> Value: ForceClassicControlPanel -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): c:\system volume information\_restore{d94a209a-92b7-4305-a1dd-2d9f1f42301a}\RP187\A0286543.exe (Rogue.Eorezo) -> Quarantined and deleted successfully. c:\system volume information\_restore{d94a209a-92b7-4305-a1dd-2d9f1f42301a}\RP187\A0286544.exe (Rogue.Eorezo) -> Quarantined and deleted successfully. c:\system volume information\_restore{d94a209a-92b7-4305-a1dd-2d9f1f42301a}\RP187\A0286545.exe (Rogue.Eorezo) -> Quarantined and deleted successfully. c:\system volume information\_restore{d94a209a-92b7-4305-a1dd-2d9f1f42301a}\RP187\A0286546.dll (Rogue.Eorezo) -> Quarantined and deleted successfully. d:\WINDOWS\system32\calc.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully. d:\WINDOWS\explorer.backup (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
  8. bullbizar
    Salut Thanos, J'ai suivi tes instructions à la lettre , c'est vrai que le PC démarre plus vite Pour le rapport, je ne savais pas trop quoi copier , tu le trouveras ci-après. Bonne soirée et à plus. Additional information Show all MD5 : ce5d5e0cb88a0e61740134214fc61886 SHA1 : 140798b9295ba03153664dd8f90e9898b588a797 SHA256: 2950709bbdf4bdc71359789125546359f25e9e99cef15ba3950ec55a4c03221b ssdeep: 3072:smZWXyaiedMbrN6pnoX1RZzFPvI1Uk1B:sSNaPM4loR5y1 File size : 146944 bytes First seen: 2011-01-25 18:16:00 Last seen : 2011-01-25 18:16:00 TrID: Win64 Executable Generic (59.6%) Win32 Executable MS Visual C++ (generic) (26.2%) Win32 Executable Generic (5.9%) Win32 Dynamic Link Library (generic) (5.2%) Generic Win/DOS Executable (1.3%) sigcheck: publisher....: Microsoft Corporation copyright....: © Microsoft Corporation. Tous droits r_serv_s. product......: Syst_me d_exploitation Microsoft_ Windows_ description..: Application Calculatrice de Windows original name: CALC.EXE internal name: CALC file version.: 5.1.2600.0 (xpclient.010817-1148) comments.....: n/a signers......: - signing date.: - verified.....: Unsigned PEInfo: PE structure information [[ basic data ]] entrypointaddress: 0x12475 timedatestamp....: 0x3B7D8410 (Fri Aug 17 20:52:32 2001) machinetype......: 0x14c (I386) [[ 3 section(s) ]] name, viradd, virsiz, rawdsiz, ntropy, md5 .text, 0x1000, 0x126B0, 0x12800, 6.19, 4817489ba1b6d7f59adb6f919c2ae9c9 .data, 0x14000, 0x101C, 0xA00, 3.59, 8e8381392a4f163121ab9e1cfbe54486 .rsrc, 0x16000, 0x1078F, 0x10800, 5.23, 35d1abded563c42f5a175b266d60db6b [[ 6 import(s) ]] SHELL32.dll: ShellAboutW msvcrt.dll: __CxxFrameHandler, _CxxThrowException, wcstoul, toupper, wcschr, memmove, wcslen, _wcsrev, _c_exit, _exit, _XcptFilter, _cexit, exit, _acmdln, __getmainargs, _initterm, __setusermatherr, _adjust_fdiv, __p__commode, __p__fmode, __set_app_type, __3@YAXPAX@Z, __1type_info@@UAE@XZ, _controlfp, _except_handler3, _terminate@@YAXXZ ADVAPI32.dll: RegOpenKeyExA, RegQueryValueExA, RegCloseKey KERNEL32.dll: GetModuleHandleA, LoadLibraryA, GetProcAddress, GlobalCompact, GlobalAlloc, GlobalFree, GlobalReAlloc, lstrcmpW, Sleep, WriteProfileStringW, GetStartupInfoA, GlobalSize, GlobalUnlock, CreateEventW, CreateThread, ResetEvent, lstrcpynW, SetEvent, WaitForSingleObject, CloseHandle, lstrcatW, lstrlenW, LocalReAlloc, LocalFree, LocalAlloc, GetProfileStringW, GlobalLock, GetCommandLineW, lstrcpyW, GetProfileIntW GDI32.dll: SetBkColor, SetTextColor, SetBkMode USER32.dll: GetMenu, SetDlgItemInt, GetWindowTextW, CheckDlgButton, HideCaret, CallWindowProcW, DrawTextW, WinHelpW, PostQuitMessage, GetDlgCtrlID, ScreenToClient, ChildWindowFromPoint, DefWindowProcW, IsClipboardFormatAvailable, EnableMenuItem, TrackPopupMenuEx, GetDesktopWindow, OpenClipboard, GetClipboardData, CharNextA, CloseClipboard, GetSysColor, DialogBoxParamW, EndDialog, MessageBeep, GetSubMenu, CheckRadioButton, SetWindowTextW, SetFocus, SetCursor, CharNextW, RegisterClassExW, GetSysColorBrush, LoadCursorW, LoadIconW, InvalidateRect, UpdateWindow, ShowWindow, SendMessageW, SetDlgItemTextW, CheckMenuItem, CheckMenuRadioItem, SetWindowPos, OffsetRect, MapWindowPoints, GetClientRect, EnableWindow, LoadMenuW, SetWindowLongW, GetWindowLongW, CreateDialogParamW, GetDlgItem, DestroyMenu, DestroyWindow, SetMenu, GetWindowRect, SystemParametersInfoW, DispatchMessageW, TranslateMessage, TranslateAcceleratorW, IsChild, IsDialogMessageW, GetMessageW, LoadAcceleratorsW, CreateWindowExW, MessageBoxW, LoadStringW, SetProcessDefaultLayout, GetProcessDefaultLayout ExifTool: file metadata CharacterSet: Unicode CodeSize: 75776 CompanyName: Microsoft Corporation EntryPoint: 0x12475 FileDescription: Application Calculatrice de Windows FileFlagsMask: 0x003f FileOS: Windows NT 32-bit FileSize: 144 kB FileSubtype: 0 FileType: Win32 EXE FileVersion: 5.1.2600.0 (xpclient.010817-1148) FileVersionNumber: 5.1.2600.0 ImageVersion: 5.1 InitializedDataSize: 70144 InternalName: CALC LanguageCode: French LegalCopyright: Microsoft Corporation. Tous droits r serv s. LinkerVersion: 7.0 MIMEType: application/octet-stream MachineType: Intel 386 or later, and compatibles OSVersion: 5.1 ObjectFileType: Executable application OriginalFilename: CALC.EXE PEType: PE32 ProductName: Syst me d'exploitation Microsoft Windows ProductVersion: 5.1.2600.0 ProductVersionNumber: 5.1.2600.0 Subsystem: Windows GUI SubsystemVersion: 4.0 TimeStamp: 2001:08:17 22:52:32+02:00 UninitializedDataSize: 0
  9. bullbizar
    Salut Thanos, Je te joins le rapport MBAM demandé, tout le reste a été exécuté avec succès. D'ailleurs, j'ai désinstallé pas mal d'autres programmes style torrent. J'attends que tu me dises quoi désactiver de la liste de démarrage. Merci et bonne soirée. Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Version de la base de données: 5590 Windows 5.1.2600 Service Pack 2 Internet Explorer 8.0.6001.18702 24/01/2011 21:01:40 mbam-log-2011-01-24 (21-01-20).txt Type d'examen: Examen complet (C:\|D:\|) Elément(s) analysé(s): 269782 Temps écoulé: 2 heure(s), 27 minute(s), 17 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 1 Elément(s) de données du Registre infecté(s): 3 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 6 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ForceClassicControlPanel (Hijack.ControlPanelStyle) -> Value: ForceClassicControlPanel -> No action taken. Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken. Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): c:\system volume information\_restore{d94a209a-92b7-4305-a1dd-2d9f1f42301a}\RP187\A0286543.exe (Rogue.Eorezo) -> No action taken. c:\system volume information\_restore{d94a209a-92b7-4305-a1dd-2d9f1f42301a}\RP187\A0286544.exe (Rogue.Eorezo) -> No action taken. c:\system volume information\_restore{d94a209a-92b7-4305-a1dd-2d9f1f42301a}\RP187\A0286545.exe (Rogue.Eorezo) -> No action taken. c:\system volume information\_restore{d94a209a-92b7-4305-a1dd-2d9f1f42301a}\RP187\A0286546.dll (Rogue.Eorezo) -> No action taken. d:\WINDOWS\system32\calc.exe (Trojan.Agent.Gen) -> No action taken. d:\WINDOWS\explorer.backup (Heuristics.Reserved.Word.Exploit) -> No action taken.
  10. bullbizar
    Salut Thanos, Je t'envoie les 2 rapports. Merci et à bientôt. info.txt logfile of random's system information tool 1.08 2011-01-23 19:02:49 ======Uninstall list====== -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0E43DFBD-71CF-4F61-B341-7C128FBC6AC2} -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 D:\WINDOWS\INF\PCHealth.inf ACDSee 9 Gestionnaire de photos-->MsiExec.exe /I{91A06334-CB8D-422A-9699-251217674FD4} Adobe Flash Player 10 Plugin-->D:\WINDOWS\system32\Macromed\Flash\FlashUtil10l_Plugin.exe -maintain plugin Adobe Flash Player 9 ActiveX-->D:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete Adobe Flash Player ActiveX-->D:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Reader 9.1-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A91000000001} Adobe Shockwave Player-->MsiExec.exe /X{43BFB9E2-169C-46A9-BB81-141A37FD9750} Advanced Registry Tracer-->D:\Program Files\ElcomSoft\Advanced Registry Tracer\uninstall.exe Archiveur WinRAR-->D:\Program Files\WinRAR\uninstall.exe Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7} Audio Utilities Collection-->rundll32.exe advpack.dll,LaunchINFSection D:\WINDOWS\INF\AEncoder.inf,AEncUninstall Avira AntiVir Personal - Free Antivirus-->D:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE BitComet 0.85-->D:\Program Files\BitComet\uninst.exe CloneCD-->"D:\Program Files\SlySoft\CloneCD\ccd-uninst.exe" /D="D:\Program Files\SlySoft\CloneCD" Conduit Engine-->D:\PROGRA~2\CONDUI~1\ConduitEngineUninstall.exe DVD Decrypter 3.5.4.0-->MsiExec.exe /I{6406E9DB-A9E0-4DB8-A3A8-ED86959AD481} DVDFab Platinum 3.0.5.5-->"D:\Program Files\DVDFab Platinum 3\unins000.exe" FlashFXP v3-->"D:\Program Files\FlashFXP\Uninstall.exe" "D:\Program Files\FlashFXP\install.log" -u FLV Player 1.3.3-->"D:\Program Files\FLVPlayer\uninstall.exe" Free Download Manager 3.0-->"D:\Program Files\Free Download Manager\unins000.exe" Galerie de photos Windows Live-->MsiExec.exe /X{1EE04769-91C4-4A06-92B7-FCAFE6BABDD9} HashTab Shell Extension 1.11 for x32-->D:\Program Files\HashTab Shell Extension\uninst.exe Installation Windows Live-->D:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{133742BA-6F46-4D3E-85AF-78631D9AD8B8} J2SE Development Kit 5.0 Update 11-->MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0150110} J2SE Runtime Environment 5.0 Update 11-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110} Java 6 Update 23-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216023FF} Java 6 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040} Junk Mail filter update-->MsiExec.exe /I{8E5233E1-7495-44FB-8DEB-4BE906D59619} Media Player Classic fr-->"D:\Program Files\Media Player Classic\uninstall.exe" Messenger Plus Live FR package Toolbar-->D:\PROGRA~2\MESSEN~2\UNWISE.EXE /U D:\PROGRA~2\MESSEN~2\INSTALL.LOG Messenger Plus! Live-->"D:\Program Files\Messenger Plus! Live\Uninstall.exe" Microsoft .NET Framework 2.0 with Security Updates-->MsiExec.exe /X{7131646D-CD3C-40F4-97B9-CD9E4E6262EF} Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE} Microsoft Office Enterprise 2007-->"D:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE} Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE} Microsoft Office Groove MUI (French) 2007-->MsiExec.exe /X{90120000-00BA-040C-0000-0000000FF1CE} Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE} Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE} Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE} Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE} Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE} Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE} Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE} Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} mIRC-->"D:\Program Files\mIRC\mirc.exe" -uninstall Mise à jour de sécurité pour Windows XP (KB923789)-->D:\WINDOWS\system32\MacroMed\Flash\genuinst.exe D:\WINDOWS\system32\MacroMed\Flash\KB923789.inf Mozilla Firefox (3.6.13)-->D:\Program Files\Mozilla Firefox\uninstall\helper.exe Mozilla Thunderbird (1.5)-->D:\Program Files\Mozilla Thunderbird\uninstall\uninstall.exe /ua "1.5 (fr)" MSFN Codec Pack 3.0-->rundll32.exe advpack.dll,LaunchINFSection D:\WINDOWS\INF\codec.inf, DefaultUninstall,3 MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F} MSXML 6.0 Parser (KB927977)-->MsiExec.exe /I{025B7033-5D4A-4B72-A1C2-84BE4BE2F72F} Nero 7 Lite 7.7.5.1-->"D:\Program Files\Nero\unins000.exe" NVIDIA Drivers-->D:\WINDOWS\system32\nvudisp.exe UninstallGUI Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Paint.NET v3.05-->MsiExec.exe /X{6A8DEA40-B4AA-4687-B9F8-4E8185E65B05} PowerDVD-->RunDll32 D:\PROGRA~2\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall QuickPar 0.9-->D:\Program Files\QuickPar\uninst.exe QuickTime Alternative 1.78-->"D:\Program Files\QuickTime Alternative\unins000.exe" Real Alternative 1.52 Lite-->"D:\Program Files\Real Alternative\unins000.exe" Realtek AC'97 Audio-->Alcrmv.exe -r -m Right Click Image Converter-->"D:\Program Files\Kristanix\Right Click Image Converter\uninstall.exe" Security Update pour Microsoft .NET Framework 2.0 (KB917283)-->D:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {967B098A-042D-4367-BAC9-8BC11684174F} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} Security Update pour Microsoft .NET Framework 2.0 (KB922770)-->D:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {0E92DD42-76F5-4EF2-B381-F9C1D72BE23D} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} Seven Remix XP 2.41-->D:\WINDOWS\NiwradSoft Shell Pack\uninst.exe SiS 900 PCI Fast Ethernet Adapter Driver-->D:\WINDOWS\SiS\900\Uninst.exe TMPGEnc Plus 2.5-->D:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{2A1E27FF-BE53-45B4-950F-060236E98E3D} Unlocker 1.8.5-->D:\Program Files\Unlocker\uninst.exe VLC media player 1.0.5-->D:\Program Files\VideoLAN\VLC\uninstall.exe Winamp AudioPlayer-->MsiExec.exe /I{4F271C7A-5629-4849-B34A-6ACCDCDA5A05} Windows Imaging Component-->"D:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe" Windows Internet Explorer 8-->"D:\WINDOWS\ie8\spuninst\spuninst.exe" Windows Live Call-->MsiExec.exe /I{B3B487E7-6171-4376-9074-B28082CEB504} Windows Live Communications Platform-->MsiExec.exe /I{3175E049-F9A9-4A3D-8F19-AC9FB04514D1} Windows Live FolderShare-->MsiExec.exe /X{76810709-A7D3-468D-9167-A1780C1E766C} Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818} Windows Live Messenger-->MsiExec.exe /X{445B183D-F4F1-45C8-B9DB-F11355CA657B} Securitycenter WMI appears to be broken ======System event log====== Computer Name: SWEET-BE198A33A Event Code: 1003 Message: Votre ordinateur n'a pas pu renouveler son adresse à partir du réseau (à partir du serveur DHCP) pour la carte réseau dont l'adresse réseau est 00016C155973. Il s'est produit l'erreur suivante : Le délai de temporisation de sémaphore a expiré. . Votre ordinateur va continuer à essayer d'obtenir sa propre adresse auprès du serveur d'adresse réseau (DHCP). Record Number: 193 Source Name: Dhcp Time Written: 20110123182430.000000+060 Event Type: warning User: Computer Name: SWEET-BE198A33A Event Code: 1002 Message: Le bail de l'adresse IP 192.168.1.2 pour la carte réseau dont l'adresse réseau est 00016C155973 a été refusé par le serveur DHCP 192.168.1.1 (celui-ci a envoyé un message DHCPNACK). Record Number: 189 Source Name: Dhcp Time Written: 20110123182226.000000+060 Event Type: error User: Computer Name: SWEET-BE198A33A Event Code: 1003 Message: Votre ordinateur n'a pas pu renouveler son adresse à partir du réseau (à partir du serveur DHCP) pour la carte réseau dont l'adresse réseau est 00016C155973. Il s'est produit l'erreur suivante : L'opération a été annulée par l'utilisateur. . Votre ordinateur va continuer à essayer d'obtenir sa propre adresse auprès du serveur d'adresse réseau (DHCP). Record Number: 188 Source Name: Dhcp Time Written: 20110123182225.000000+060 Event Type: warning User: Computer Name: SWEET-BE198A33A Event Code: 1002 Message: Le bail de l'adresse IP 192.168.1.3 pour la carte réseau dont l'adresse réseau est 00016C155973 a été refusé par le serveur DHCP 192.168.1.1 (celui-ci a envoyé un message DHCPNACK). Record Number: 168 Source Name: Dhcp Time Written: 20110123164914.000000+060 Event Type: error User: Computer Name: SWEET-BE198A33A Event Code: 1002 Message: Le bail de l'adresse IP 192.168.1.3 pour la carte réseau dont l'adresse réseau est 00016C155973 a été refusé par le serveur DHCP 192.168.1.1 (celui-ci a envoyé un message DHCPNACK). Record Number: 145 Source Name: Dhcp Time Written: 20110123122419.000000+060 Event Type: error User: =====Application event log===== Computer Name: SWEET-BE198A33A Event Code: 5603 Message: Un fournisseur, Rsop Planning Mode Provider, était inscrit dans l'espace de noms WMI, root\RSOP, mais n'a pas spécifié la propriété HostingModel. Ce fournisseur sera exécuté avec le compte LocalSystem. Ce compte bénéficie de privilèges et le fournisseur peut provoquer une violation de sécurité s'il ne représente pas correctement les demandes utilisateur. Vérifiez que le comportement sécuritaire du fournisseur a été contrôlé, et mettez à jour la propriété HostingModel de l'inscription du fournisseur vers un compte disposant du moins d'autorisations possible pour la fonctionnalité requise. Record Number: 15 Source Name: WinMgmt Time Written: 20110122173939.000000+060 Event Type: warning User: AUTORITE NT\SYSTEM Computer Name: SWEET-BE198A33A Event Code: 5603 Message: Un fournisseur, Rsop Planning Mode Provider, était inscrit dans l'espace de noms WMI, root\RSOP, mais n'a pas spécifié la propriété HostingModel. Ce fournisseur sera exécuté avec le compte LocalSystem. Ce compte bénéficie de privilèges et le fournisseur peut provoquer une violation de sécurité s'il ne représente pas correctement les demandes utilisateur. Vérifiez que le comportement sécuritaire du fournisseur a été contrôlé, et mettez à jour la propriété HostingModel de l'inscription du fournisseur vers un compte disposant du moins d'autorisations possible pour la fonctionnalité requise. Record Number: 14 Source Name: WinMgmt Time Written: 20110122173939.000000+060 Event Type: warning User: AUTORITE NT\SYSTEM Computer Name: SWEET-BE198A33A Event Code: 63 Message: Un fournisseur, CmdTriggerConsumer, a été enregistré dans l'espace de noms WMI, Root\cimv2, afin d'utiliser le compte LocalSystem. Ce compte bénéficie de privilèges et le fournisseur peut provoquer une violation de sécurité s'il ne représente pas correctement les demandes utilisateur. Record Number: 13 Source Name: WinMgmt Time Written: 20110122173708.000000+060 Event Type: warning User: AUTORITE NT\SYSTEM Computer Name: SWEET-BE198A33A Event Code: 63 Message: Un fournisseur, CmdTriggerConsumer, a été enregistré dans l'espace de noms WMI, Root\cimv2, afin d'utiliser le compte LocalSystem. Ce compte bénéficie de privilèges et le fournisseur peut provoquer une violation de sécurité s'il ne représente pas correctement les demandes utilisateur. Record Number: 12 Source Name: WinMgmt Time Written: 20110122173708.000000+060 Event Type: warning User: AUTORITE NT\SYSTEM Computer Name: SWEET-BE198A33A Event Code: 63 Message: Un fournisseur, HiPerfCooker_v1, a été enregistré dans l'espace de noms WMI, Root\WMI, afin d'utiliser le compte LocalSystem. Ce compte bénéficie de privilèges et le fournisseur peut provoquer une violation de sécurité s'il ne représente pas correctement les demandes utilisateur. Record Number: 11 Source Name: WinMgmt Time Written: 20110122173706.000000+060 Event Type: warning User: AUTORITE NT\SYSTEM ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 9, GenuineIntel "PROCESSOR_REVISION"=0409 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP -----------------EOF----------------- Logfile of random's system information tool 1.08 (written by random/random) Run by Administrateur at 2011-01-23 19:02:29 Microsoft Windows XP Professionnel Service Pack 2 System drive D: has 4 GB (10%) free of 40 GB Total RAM: 511 MB (44% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:02:46, on 23/01/2011 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: D:\WINDOWS\System32\smss.exe D:\WINDOWS\system32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\Explorer.EXE D:\WINDOWS\system32\spoolsv.exe D:\Program Files\Avira\AntiVir Desktop\sched.exe D:\WINDOWS\SOUNDMAN.EXE D:\Program Files\CyberLink\PowerDVD\PDVDServ.exe D:\Program Files\Unlocker\UnlockerAssistant.exe D:\Program Files\Avira\AntiVir Desktop\avgnt.exe D:\Program Files\Fichiers communs\Java\Java Update\jusched.exe D:\WINDOWS\system32\ctfmon.exe D:\Program Files\DAEMON Tools\daemon.exe D:\Program Files\Windows Live\Messenger\msnmsgr.exe D:\Program Files\Free Download Manager\fdm.exe D:\Documents and Settings\Administrateur\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe D:\Program Files\Avira\AntiVir Desktop\avguard.exe D:\Program Files\Java\jre6\bin\jqs.exe D:\WINDOWS\system32\nvsvc32.exe D:\WINDOWS\system32\svchost.exe D:\Program Files\Windows Live\Contacts\wlcomm.exe D:\Program Files\Mozilla Firefox\firefox.exe D:\Documents and Settings\Administrateur\Bureau\RSIT.exe D:\Program Files\trend micro\Administrateur.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Messenger Plus Live FR package Toolbar - {9c961ae2-9075-45a8-b020-75f0c8461305} - D:\Program Files\Messenger_Plus_Live_FR_package\tbMess.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - D:\Program Files\ConduitEngine\ConduitEngine.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Program Files\BitComet\tools\BitCometBHO_1.1.3.19.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Messenger Plus Live FR package - {9c961ae2-9075-45a8-b020-75f0c8461305} - D:\Program Files\Messenger_Plus_Live_FR_package\tbMess.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - D:\Program Files\Free Download Manager\iefdm2.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - D:\PROGRA~2\FlashFXP\IEFlash.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Messenger Plus Live FR package Toolbar - {9c961ae2-9075-45a8-b020-75f0c8461305} - D:\Program Files\Messenger_Plus_Live_FR_package\tbMess.dll O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - D:\Program Files\ConduitEngine\ConduitEngine.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [RemoteControl] "D:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "D:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [DAEMON Tools] "%ProgramFiles%\DAEMON Tools\daemon.exe\" -lang 1033 O4 - HKLM\..\Run: [unlockerAssistant] "D:\Program Files\Unlocker\UnlockerAssistant.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] D:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "D:\Program Files\Fichiers communs\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [DAEMON Tools] "D:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Free Download Manager] "D:\Program Files\Free Download Manager\fdm.exe" -autorun O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RESEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE RESEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user') O4 - Startup: Notification de cadeaux MSN.lnk = D:\Documents and Settings\Administrateur\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe O8 - Extra context menu item: Download all links using BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Download all videos using BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: Download link using &BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://D:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Télécharger avec Free Download Manager - file://D:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://D:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://D:\Program Files\Free Download Manager\dlfvideo.htm O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - D:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - D:\WINDOWS\System32\dmadmin.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - D:\WINDOWS\system32\services.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - D:\WINDOWS\system32\imapi.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - D:\WINDOWS\system32\mnmsrvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - D:\WINDOWS\system32\services.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - D:\WINDOWS\system32\sessmgr.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - D:\WINDOWS\System32\SCardSvr.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - D:\WINDOWS\system32\smlogsvc.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - D:\WINDOWS\System32\vssvc.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - D:\WINDOWS\system32\wbem\wmiapsrv.exe O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - D:\Program Files\Windows Media Player\WMPNetwk.exe -- End of file - 9518 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}] Conduit Engine - D:\Program Files\ConduitEngine\ConduitEngine.dll [2010-11-13 3913000] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}] BitComet Helper - D:\Program Files\BitComet\tools\BitCometBHO_1.1.3.19.dll [2007-03-19 398912] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9c961ae2-9075-45a8-b020-75f0c8461305}] Messenger Plus Live FR package Toolbar - D:\Program Files\Messenger_Plus_Live_FR_package\tbMess.dll [2010-11-13 3913000] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}] FDMIECookiesBHO Class - D:\Program Files\Free Download Manager\iefdm2.dll [2008-12-30 98304] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - D:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-01-22 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E5A1691B-D188-4419-AD02-90002030B8EE}] FlashFXP Helper for Internet Explorer - D:\PROGRA~2\FlashFXP\IEFlash.dll [2006-03-31 191096] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-01-22 79648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {9c961ae2-9075-45a8-b020-75f0c8461305} - Messenger Plus Live FR package Toolbar - D:\Program Files\Messenger_Plus_Live_FR_package\tbMess.dll [2010-11-13 3913000] {30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - D:\Program Files\ConduitEngine\ConduitEngine.dll [2010-11-13 3913000] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SoundMan"=D:\WINDOWS\SOUNDMAN.EXE [2006-11-17 577536] "NvCplDaemon"=D:\WINDOWS\system32\NvCpl.dll [2006-10-22 7700480] "RemoteControl"=D:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2006-12-06 69216] "LanguageShortcut"=D:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-12-05 54832] "DAEMON Tools"=D:\Program Files\DAEMON Tools\daemon.exe [2006-11-12 157592] "UnlockerAssistant"=D:\Program Files\Unlocker\UnlockerAssistant.exe [2006-09-07 15872] "IMJPMIG8.1"=D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-04 208952] "MSPY2002"=D:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-04 59392] "PHIME2002ASync"=D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168] "PHIME2002A"=D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168] "avgnt"=D:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] "Adobe Reader Speed Launcher"=D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696] "SunJavaUpdateSched"=D:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [2010-05-14 248552] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=D:\WINDOWS\system32\ctfmon.exe [2004-08-04 40448] "DAEMON Tools"=D:\Program Files\DAEMON Tools\daemon.exe [2006-11-12 157592] "msnmsgr"=D:\Program Files\Windows Live\Messenger\msnmsgr.exe [2010-04-16 3872080] "Free Download Manager"=D:\Program Files\Free Download Manager\fdm.exe [2010-04-28 3727411] D:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage Notification de cadeaux MSN.lnk - D:\Documents and Settings\Administrateur\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\wpdshserviceobj.dll [2007-04-02 133632] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 "ForceClassicControlPanel"=1 "NoResolveTrack"=1 "NoResolveSearch"=1 "NoInstrumentation"=1 "NoStartMenuMFUprogramsList"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "D:\Program Files\FlashFXP\FlashFXP.exe"="D:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3" "D:\Program Files\MSN Messenger\livecall.exe"="D:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "D:\Program Files\Windows Live\Messenger\wlcsdk.exe"="D:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "D:\Program Files\Windows Live\Messenger\msnmsgr.exe"="D:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "D:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="D:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "D:\Program Files\FlashFXP\FlashFXP.exe"="D:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3" "D:\Program Files\MSN Messenger\livecall.exe"="D:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "D:\Program Files\Windows Live\Messenger\wlcsdk.exe"="D:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "D:\Program Files\Windows Live\Messenger\msnmsgr.exe"="D:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "D:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="D:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare" ======List of files/folders created in the last 1 months====== 2011-01-23 19:02:29 ----D---- D:\rsit 2011-01-23 19:02:29 ----D---- D:\Program Files\trend micro 2011-01-23 18:54:23 ----D---- D:\Program Files\Windows Live Safety Center 2011-01-23 17:01:19 ----A---- D:\WINDOWS\NeroDigital.ini 2011-01-23 13:16:01 ----D---- D:\Documents and Settings\Administrateur\Application Data\Screenshot Sender 2011-01-23 13:14:04 ----A---- D:\WINDOWS\system32\d3dx9_32.dll 2011-01-23 13:13:58 ----D---- D:\Program Files\Microsoft SQL Server Compact Edition 2011-01-23 13:13:36 ----HD---- D:\WINDOWS\$NtUninstallWIC$ 2011-01-23 13:12:37 ----D---- D:\Program Files\Microsoft 2011-01-23 13:12:19 ----D---- D:\Program Files\Windows Live SkyDrive 2011-01-23 12:40:27 ----D---- D:\Program Files\Conduit 2011-01-23 12:40:25 ----D---- D:\Program Files\ConduitEngine 2011-01-23 12:40:20 ----D---- D:\Program Files\Messenger_Plus_Live_FR_package 2011-01-23 12:38:55 ----D---- D:\Program Files\Windows Live 2011-01-22 23:08:01 ----D---- D:\Documents and Settings\Administrateur\Application Data\Talkback 2011-01-22 22:56:14 ----HD---- D:\Program Files\Uninstall Information 2011-01-22 22:52:02 ----A---- D:\WINDOWS\system32\uxtheme.dll.backup 2011-01-22 22:51:44 ----HD---- D:\WINDOWS\NiwradSoft Shell Pack 2011-01-22 22:32:22 ----D---- D:\Documents and Settings\Administrateur\Application Data\Free Download Manager 2011-01-22 22:32:18 ----D---- D:\Documents and Settings\All Users\Application Data\FreeDownloadManager.ORG 2011-01-22 22:32:16 ----D---- D:\Program Files\Free Download Manager 2011-01-22 21:58:19 ----A---- D:\WINDOWS\system32\spupdsvc.exe 2011-01-22 21:56:22 ----HD---- D:\WINDOWS\ie8 2011-01-22 20:43:51 ----D---- D:\Program Files\Fichiers communs\Windows Live 2011-01-22 20:42:05 ----A---- D:\WINDOWS\system32\drivers\USBSTOR.SYS 2011-01-22 19:31:23 ----D---- D:\Documents and Settings\All Users\Application Data\Sun 2011-01-22 19:31:07 ----A---- D:\WINDOWS\system32\javaws.exe 2011-01-22 19:31:07 ----A---- D:\WINDOWS\system32\javaw.exe 2011-01-22 19:31:07 ----A---- D:\WINDOWS\system32\java.exe 2011-01-22 19:31:07 ----A---- D:\WINDOWS\system32\deployJava1.dll 2011-01-22 19:27:03 ----D---- D:\Documents and Settings\Administrateur\Application Data\Adobe 2011-01-22 19:22:03 ----D---- D:\Documents and Settings\All Users\Application Data\Messenger Plus! 2011-01-22 19:16:53 ----A---- D:\WINDOWS\system32\drivers\MSTEE.sys 2011-01-22 19:16:50 ----A---- D:\WINDOWS\system32\drivers\NdisIP.sys 2011-01-22 19:16:48 ----A---- D:\WINDOWS\system32\drivers\StreamIP.sys 2011-01-22 19:16:47 ----A---- D:\WINDOWS\system32\drivers\SLIP.sys 2011-01-22 19:16:45 ----A---- D:\WINDOWS\system32\drivers\WSTCODEC.SYS 2011-01-22 19:16:42 ----A---- D:\WINDOWS\system32\drivers\NABTSFEC.sys 2011-01-22 19:16:40 ----A---- D:\WINDOWS\system32\drivers\CCDECODE.sys 2011-01-22 19:16:33 ----A---- D:\WINDOWS\system32\vfwwdm32.dll 2011-01-22 19:16:33 ----A---- D:\WINDOWS\system32\drivers\usbvideo.sys 2011-01-22 19:15:51 ----A---- D:\WINDOWS\system32\drivers\usbccgp.sys 2011-01-22 18:24:22 ----D---- D:\Documents and Settings\Administrateur\Application Data\Sun 2011-01-22 18:21:01 ----D---- D:\Documents and Settings\Administrateur\Application Data\vlc 2011-01-22 18:20:51 ----D---- D:\Program Files\Fichiers communs\Adobe 2011-01-22 18:20:51 ----D---- D:\Program Files\Adobe 2011-01-22 18:18:51 ----D---- D:\Program Files\VideoLAN 2011-01-22 18:16:03 ----A---- D:\WINDOWS\system32\drivers\avipbb.sys 2011-01-22 18:16:03 ----A---- D:\WINDOWS\system32\drivers\avgntmgr.sys 2011-01-22 18:16:03 ----A---- D:\WINDOWS\system32\drivers\avgntflt.sys 2011-01-22 18:16:03 ----A---- D:\WINDOWS\system32\drivers\avgntdd.sys 2011-01-22 18:16:02 ----A---- D:\WINDOWS\system32\drivers\ssmdrv.sys 2011-01-22 18:16:01 ----D---- D:\Program Files\Avira 2011-01-22 18:16:01 ----D---- D:\Documents and Settings\All Users\Application Data\Avira 2011-01-22 18:12:35 ----A---- D:\WINDOWS\system32\c_g18030.dll 2011-01-22 18:12:34 ----A---- D:\WINDOWS\system32\kbd101a.dll 2011-01-22 18:12:28 ----A---- D:\WINDOWS\system32\kbdnecNT.dll 2011-01-22 18:12:28 ----A---- D:\WINDOWS\system32\kbdnecAT.dll 2011-01-22 18:12:28 ----A---- D:\WINDOWS\system32\kbdnec95.dll 2011-01-22 18:12:28 ----A---- D:\WINDOWS\system32\kbdlk41j.dll 2011-01-22 18:12:28 ----A---- D:\WINDOWS\system32\kbdlk41a.dll 2011-01-22 18:12:28 ----A---- D:\WINDOWS\system32\f3ahvoas.dll 2011-01-22 18:12:27 ----A---- D:\WINDOWS\system32\kbdibm02.dll 2011-01-22 18:12:27 ----A---- D:\WINDOWS\system32\kbdax2.dll 2011-01-22 18:12:27 ----A---- D:\WINDOWS\system32\kbd106n.dll 2011-01-22 18:12:27 ----A---- D:\WINDOWS\system32\kbd101.dll 2011-01-22 18:12:13 ----A---- D:\WINDOWS\system32\c_is2022.dll 2011-01-22 18:12:11 ----A---- D:\WINDOWS\system32\uniime.dll 2011-01-22 18:12:04 ----A---- D:\WINDOWS\system32\imjp81k.dll 2011-01-22 18:12:01 ----A---- D:\WINDOWS\system32\kbdkor.dll 2011-01-22 18:12:01 ----A---- D:\WINDOWS\system32\kbdjpn.dll 2011-01-22 18:12:01 ----A---- D:\WINDOWS\system32\kbd106.dll 2011-01-22 18:12:01 ----A---- D:\WINDOWS\system32\kbd103.dll 2011-01-22 18:12:01 ----A---- D:\WINDOWS\system32\kbd101c.dll 2011-01-22 18:12:00 ----A---- D:\WINDOWS\system32\kbd101b.dll 2011-01-22 18:11:59 ----RA---- D:\WINDOWS\system32\kbdarmw.dll 2011-01-22 18:11:59 ----RA---- D:\WINDOWS\system32\kbdarme.dll 2011-01-22 18:11:58 ----RA---- D:\WINDOWS\system32\kbdgeo.dll 2011-01-22 18:11:57 ----RA---- D:\WINDOWS\system32\kbdintel.dll 2011-01-22 18:11:57 ----RA---- D:\WINDOWS\system32\kbdintam.dll 2011-01-22 18:11:57 ----RA---- D:\WINDOWS\system32\kbdinpun.dll 2011-01-22 18:11:57 ----RA---- D:\WINDOWS\system32\kbdinmar.dll 2011-01-22 18:11:57 ----RA---- D:\WINDOWS\system32\kbdinkan.dll 2011-01-22 18:11:57 ----RA---- D:\WINDOWS\system32\kbdinhin.dll 2011-01-22 18:11:57 ----RA---- D:\WINDOWS\system32\kbdinguj.dll 2011-01-22 18:11:57 ----RA---- D:\WINDOWS\system32\kbdindev.dll 2011-01-22 18:11:56 ----RA---- D:\WINDOWS\system32\kbdvntc.dll 2011-01-22 18:11:56 ----A---- D:\WINDOWS\system32\c_iscii.dll 2011-01-22 18:11:53 ----RA---- D:\WINDOWS\system32\kbdurdu.dll 2011-01-22 18:11:53 ----RA---- D:\WINDOWS\system32\kbdsyr2.dll 2011-01-22 18:11:53 ----RA---- D:\WINDOWS\system32\kbdsyr1.dll 2011-01-22 18:11:53 ----RA---- D:\WINDOWS\system32\kbddiv2.dll 2011-01-22 18:11:53 ----RA---- D:\WINDOWS\system32\kbddiv1.dll 2011-01-22 18:11:52 ----RA---- D:\WINDOWS\system32\kbdfa.dll 2011-01-22 18:11:52 ----RA---- D:\WINDOWS\system32\kbda3.dll 2011-01-22 18:11:52 ----RA---- D:\WINDOWS\system32\kbda2.dll 2011-01-22 18:11:52 ----RA---- D:\WINDOWS\system32\kbda1.dll 2011-01-22 18:11:52 ----A---- D:\WINDOWS\system32\kbdusa.dll 2011-01-22 18:11:48 ----RA---- D:\WINDOWS\system32\kbdheb.dll 2011-01-22 18:11:41 ----RA---- D:\WINDOWS\system32\kbdth3.dll 2011-01-22 18:11:41 ----RA---- D:\WINDOWS\system32\kbdth2.dll 2011-01-22 18:11:41 ----RA---- D:\WINDOWS\system32\kbdth1.dll 2011-01-22 18:11:41 ----RA---- D:\WINDOWS\system32\kbdth0.dll 2011-01-22 18:11:41 ----A---- D:\WINDOWS\system32\ftlx041e.dll 2011-01-22 18:09:54 ----A---- D:\WINDOWS\system32\wmpns.dll 2011-01-22 18:07:38 ----D---- D:\Documents and Settings\Administrateur\Application Data\Thunderbird 2011-01-22 18:07:35 ----A---- D:\WINDOWS\ReplacerUndo.txt 2011-01-22 18:07:35 ----A---- D:\WINDOWS\rebuild.exe 2011-01-22 18:05:05 ----D---- D:\WINDOWS\system_backup 2011-01-22 18:04:37 ----D---- D:\Program Files\Eclipse 2011-01-22 18:04:34 ----D---- D:\Program Files\FLVPlayer 2011-01-22 18:04:32 ----D---- D:\Program Files\Kristanix 2011-01-22 18:04:30 ----D---- D:\Program Files\Unlocker 2011-01-22 18:04:26 ----D---- D:\Program Files\mIRC 2011-01-22 18:04:24 ----D---- D:\Program Files\ElcomSoft 2011-01-22 18:04:21 ----D---- D:\Documents and Settings\Administrateur\Application Data\Macromedia 2011-01-22 18:04:10 ----D---- D:\Program Files\NewsSearcher 2011-01-22 18:03:59 ----D---- D:\Documents and Settings\Administrateur\Application Data\NewsLeecher 2011-01-22 18:03:46 ----D---- D:\Program Files\Chrono 2011-01-22 18:03:44 ----D---- D:\Program Files\DAEMON Tools 2011-01-22 18:03:42 ----A---- D:\WINDOWS\system32\WNASPI32.DLL 2011-01-22 18:03:41 ----A---- D:\WINDOWS\system32\drivers\ASPI32.SYS 2011-01-22 18:03:34 ----D---- D:\Documents and Settings\All Users\Application Data\Adobe 2011-01-22 18:02:58 ----D---- D:\Documents and Settings\All Users\Application Data\ACD Systems 2011-01-22 18:02:57 ----D---- D:\Program Files\Fichiers communs\ACD Systems 2011-01-22 18:02:57 ----D---- D:\Program Files\ACD Systems 2011-01-22 18:02:54 ----A---- D:\WINDOWS\system32\drivers\pfc.sys 2011-01-22 18:01:19 ----D---- D:\Program Files\Paint.NET 2011-01-22 18:01:00 ----D---- D:\Program Files\Winamp 2011-01-22 18:00:51 ----D---- D:\Program Files\HashTab Shell Extension 2011-01-22 18:00:49 ----D---- D:\Program Files\Xtremsplit 2011-01-22 18:00:45 ----D---- D:\Program Files\Messenger Plus! Live 2011-01-22 18:00:35 ----D---- D:\WINDOWS\system32\DRVSTORE 2011-01-22 18:00:30 ----D---- D:\Program Files\MSN Messenger 2011-01-22 18:00:22 ----D---- D:\Documents and Settings\Administrateur\Application Data\Media Player Classic 2011-01-22 18:00:20 ----D---- D:\Program Files\Media Player Classic 2011-01-22 18:00:11 ----D---- D:\Documents and Settings\Administrateur\Application Data\Vso 2011-01-22 18:00:11 ----A---- D:\WINDOWS\system32\drivers\pcouffin.sys 2011-01-22 18:00:11 ----A---- D:\Documents and Settings\Administrateur\Application Data\pcouffin.sys 2011-01-22 18:00:11 ----A---- D:\Documents and Settings\Administrateur\Application Data\ezpinst.exe 2011-01-22 18:00:08 ----D---- D:\Program Files\DVDFab Platinum 3 2011-01-22 18:00:06 ----D---- D:\Program Files\CD-R 2011-01-22 17:59:50 ----N---- D:\WINDOWS\system32\msxml3a.dll 2011-01-22 17:59:21 ----D---- D:\Program Files\CyberLink 2011-01-22 17:59:17 ----D---- D:\Program Files\Pegasys Inc 2011-01-22 17:59:10 ----HD---- D:\Program Files\InstallShield Installation Information 2011-01-22 17:59:04 ----D---- D:\Program Files\Fichiers communs\InstallShield 2011-01-22 17:58:46 ----D---- D:\Program Files\Real Alternative 2011-01-22 17:58:46 ----D---- D:\Documents and Settings\All Users\Application Data\Real 2011-01-22 17:58:46 ----D---- D:\Documents and Settings\Administrateur\Application Data\Real 2011-01-22 17:58:46 ----A---- D:\WINDOWS\system32\rmoc3260.dll 2011-01-22 17:58:46 ----A---- D:\WINDOWS\system32\pndx5032.dll 2011-01-22 17:58:46 ----A---- D:\WINDOWS\system32\pndx5016.dll 2011-01-22 17:58:46 ----A---- D:\WINDOWS\system32\pncrt.dll 2011-01-22 17:58:35 ----D---- D:\Documents and Settings\All Users\Application Data\Apple Computer 2011-01-22 17:58:30 ----D---- D:\Program Files\QuickTime Alternative 2011-01-22 17:58:26 ----A---- D:\WINDOWS\system32\xvidvfw.dll 2011-01-22 17:58:25 ----A---- D:\WINDOWS\system32\xvidcore.dll 2011-01-22 17:58:24 ----A---- D:\WINDOWS\system32\WMV9VCM.dll 2011-01-22 17:58:23 ----A---- D:\WINDOWS\system32\VSFilter.dll 2011-01-22 17:58:23 ----A---- D:\WINDOWS\system32\vp7vfw.dll 2011-01-22 17:58:23 ----A---- D:\WINDOWS\system32\vorbisfile.dll 2011-01-22 17:58:22 ----A---- D:\WINDOWS\system32\vorbisenc.dll 2011-01-22 17:58:22 ----A---- D:\WINDOWS\system32\vorbis.dll 2011-01-22 17:58:22 ----A---- D:\WINDOWS\system32\qt-dx331.dll 2011-01-22 17:58:22 ----A---- D:\WINDOWS\system32\OggDS.dll 2011-01-22 17:58:22 ----A---- D:\WINDOWS\system32\ogg.dll 2011-01-22 17:58:21 ----A---- D:\WINDOWS\system32\Ir50_lcs.dll 2011-01-22 17:58:19 ----A---- D:\WINDOWS\system32\GSpot.exe 2011-01-22 17:58:19 ----A---- D:\WINDOWS\system32\DivXsm.exe 2011-01-22 17:58:19 ----A---- D:\WINDOWS\system32\divxconfig.exe 2011-01-22 17:58:17 ----D---- D:\WINDOWS\LastGood 2011-01-22 17:58:16 ----A---- D:\WINDOWS\system32\vobsub.dll 2011-01-22 17:58:09 ----D---- D:\Program Files\SlySoft 2011-01-22 17:57:40 ----D---- D:\Documents and Settings\All Users\Application Data\Nero 2011-01-22 17:57:39 ----A---- D:\WINDOWS\system32\TwnLib4.dll 2011-01-22 17:57:39 ----A---- D:\WINDOWS\system32\imagXRA7.dll 2011-01-22 17:57:39 ----A---- D:\WINDOWS\system32\imagXR7.dll 2011-01-22 17:57:39 ----A---- D:\WINDOWS\system32\imagXpr7.dll 2011-01-22 17:57:39 ----A---- D:\WINDOWS\system32\imagX7.dll 2011-01-22 17:57:38 ----D---- D:\Program Files\Nero 2011-01-22 17:57:38 ----D---- D:\Program Files\Fichiers communs\Ahead 2011-01-22 17:55:00 ----D---- D:\Program Files\Java 2011-01-22 17:54:59 ----D---- D:\Program Files\Fichiers communs\Java 2011-01-22 17:54:50 ----D---- D:\Program Files\WinRAR 2011-01-22 17:54:25 ----RSD---- D:\WINDOWS\assembly 2011-01-22 17:54:10 ----D---- D:\WINDOWS\Microsoft.NET 2011-01-22 17:53:49 ----AD---- D:\Program Files\PuTTY 2011-01-22 17:53:47 ----D---- D:\Program Files\QuickPar 2011-01-22 17:53:44 ----D---- D:\Program Files\BitComet 2011-01-22 17:53:36 ----D---- D:\Documents and Settings\Administrateur\Application Data\FlashFXP 2011-01-22 17:53:32 ----D---- D:\Program Files\FlashFXP 2011-01-22 17:53:24 ----D---- D:\Program Files\Mozilla Firefox 2011-01-22 17:53:16 ----D---- D:\Documents and Settings\Administrateur\Application Data\Mozilla 2011-01-22 17:53:13 ----D---- D:\Program Files\Mozilla Thunderbird 2011-01-22 17:52:23 ----D---- D:\Program Files\Microsoft Works 2011-01-22 17:52:05 ----D---- D:\Program Files\Microsoft Visual Studio 2011-01-22 17:52:05 ----D---- D:\Program Files\Fichiers communs\DESIGNER 2011-01-22 17:49:24 ----D---- D:\WINDOWS\SHELLNEW 2011-01-22 17:49:12 ----D---- D:\Program Files\Microsoft Office 2011-01-22 17:49:12 ----D---- D:\Documents and Settings\All Users\Application Data\Microsoft Help 2011-01-22 17:48:58 ----RHD---- D:\MSOCache 2011-01-22 17:48:24 ----A---- D:\WPI_Log.txt 2011-01-22 17:42:42 ----SD---- D:\Documents and Settings\Administrateur\Application Data\Microsoft 2011-01-22 17:42:42 ----ASH---- D:\Documents and Settings\Administrateur\Application Data\desktop.ini 2011-01-22 17:42:41 ----SHD---- D:\WINDOWS\CSC 2011-01-22 17:42:34 ----SD---- D:\WINDOWS\system32\Microsoft 2011-01-22 17:42:34 ----D---- D:\WINDOWS\Prefetch 2011-01-22 17:42:33 ----A---- D:\WINDOWS\SchedLgU.Txt 2011-01-22 17:41:08 ----A---- D:\WINDOWS\system32\drivers\sptd.sys 2011-01-22 17:40:47 ----HD---- D:\WINDOWS\$hf_mig$ 2011-01-22 17:40:45 ----N---- D:\WINDOWS\system32\tzchange.exe 2011-01-22 17:40:37 ----N---- D:\WINDOWS\system32\spmsg.dll 2011-01-22 17:40:26 ----D---- D:\Program Files\MSXML 4.0 2011-01-22 17:40:12 ----A---- D:\WINDOWS\control.ini 2011-01-22 17:39:59 ----A---- D:\WINDOWS\OEWABLog.txt 2011-01-22 17:39:55 ----A---- D:\WINDOWS\system32\mapi32.dll 2011-01-22 17:39:51 ----D---- D:\WINDOWS\system32\dllcache 2011-01-22 17:38:48 ----RAH---- D:\WINDOWS\system32\logonui.exe.manifest 2011-01-22 17:38:43 ----RAH---- D:\WINDOWS\system32\cdplayer.exe.manifest 2011-01-22 17:38:36 ----HD---- D:\Program Files\WindowsUpdate 2011-01-22 17:38:31 ----D---- D:\Program Files\Services en ligne 2011-01-22 17:38:17 ----D---- D:\WINDOWS\system32\DirectX 2011-01-22 17:38:09 ----A---- D:\WINDOWS\system32\atrace.dll 2011-01-22 17:38:07 ----A---- D:\WINDOWS\system32\desktop.ini 2011-01-22 17:38:07 ----A---- D:\WINDOWS\desktop.ini 2011-01-22 17:38:02 ----A---- D:\WINDOWS\system32\nmevtmsg.dll 2011-01-22 17:38:01 ----A---- D:\WINDOWS\system32\acctres.dll 2011-01-22 17:38:00 ----D---- D:\Program Files\Fichiers communs\Services 2011-01-22 17:37:58 ----SD---- D:\WINDOWS\Tasks 2011-01-22 17:37:58 ----A---- D:\WINDOWS\system32\icfgnt5.dll 2011-01-22 17:37:57 ----D---- D:\Program Files\Fichiers communs\MSSoap 2011-01-22 17:37:55 ----D---- D:\WINDOWS\system32\Macromed 2011-01-22 17:37:52 ----A---- D:\WINDOWS\system32\wuweb.dll 2011-01-22 17:37:52 ----A---- D:\WINDOWS\system32\wucltui.dll 2011-01-22 17:37:52 ----A---- D:\WINDOWS\system32\wuauserv.dll 2011-01-22 17:37:52 ----A---- D:\WINDOWS\system32\wuaueng1.dll 2011-01-22 17:37:51 ----A---- D:\WINDOWS\system32\wups.dll 2011-01-22 17:37:51 ----A---- D:\WINDOWS\system32\wuaueng.dll 2011-01-22 17:37:51 ----A---- D:\WINDOWS\system32\wuauclt1.exe 2011-01-22 17:37:51 ----A---- D:\WINDOWS\system32\wuauclt.exe 2011-01-22 17:37:51 ----A---- D:\WINDOWS\system32\wuapi.dll 2011-01-22 17:37:51 ----A---- D:\WINDOWS\system32\qmgrprxy.dll 2011-01-22 17:37:51 ----A---- D:\WINDOWS\system32\bitsprx3.dll 2011-01-22 17:37:51 ----A---- D:\WINDOWS\system32\bitsprx2.dll 2011-01-22 17:37:50 ----A---- D:\WINDOWS\system32\qmgr.dll 2011-01-22 17:37:47 ----D---- D:\Program Files\Movie Maker 2011-01-22 17:37:46 ----A---- D:\WINDOWS\system32\safrslv.dll 2011-01-22 17:37:46 ----A---- D:\WINDOWS\system32\safrdm.dll 2011-01-22 17:37:46 ----A---- D:\WINDOWS\system32\safrcdlg.dll 2011-01-22 17:37:46 ----A---- D:\WINDOWS\system32\racpldlg.dll 2011-01-22 17:37:42 ----A---- D:\WINDOWS\system32\fltMc.exe 2011-01-22 17:37:42 ----A---- D:\WINDOWS\system32\fltlib.dll 2011-01-22 17:37:42 ----A---- D:\WINDOWS\system32\drivers\fltMgr.sys 2011-01-22 17:37:41 ----D---- D:\WINDOWS\system32\Restore 2011-01-22 17:37:41 ----A---- D:\WINDOWS\system32\srsvc.dll 2011-01-22 17:37:41 ----A---- D:\WINDOWS\system32\srrstr.dll 2011-01-22 17:37:41 ----A---- D:\WINDOWS\system32\srclient.dll 2011-01-22 17:37:41 ----A---- D:\WINDOWS\system32\drivers\sr.sys 2011-01-22 17:37:40 ----A---- D:\WINDOWS\system32\nmmkcert.dll 2011-01-22 17:37:40 ----A---- D:\WINDOWS\system32\msconf.dll 2011-01-22 17:37:40 ----A---- D:\WINDOWS\system32\mnmsrvc.exe 2011-01-22 17:37:40 ----A---- D:\WINDOWS\system32\mnmdd.dll 2011-01-22 17:37:40 ----A---- D:\WINDOWS\system32\isrdbg32.dll 2011-01-22 17:37:40 ----A---- D:\WINDOWS\system32\ils.dll 2011-01-22 17:37:38 ----D---- D:\Program Files\NetMeeting 2011-01-22 17:37:37 ----A---- D:\WINDOWS\system32\msoert2.dll 2011-01-22 17:37:37 ----A---- D:\WINDOWS\system32\msoeacct.dll 2011-01-22 17:37:36 ----A---- D:\WINDOWS\system32\inetres.dll 2011-01-22 17:37:36 ----A---- D:\WINDOWS\system32\inetcomm.dll 2011-01-22 17:37:34 ----D---- D:\Program Files\Outlook Express 2011-01-22 17:37:34 ----A---- D:\WINDOWS\system32\schedsvc.dll 2011-01-22 17:37:34 ----A---- D:\WINDOWS\system32\mstinit.exe 2011-01-22 17:37:34 ----A---- D:\WINDOWS\system32\mstask.dll 2011-01-22 17:37:34 ----A---- D:\WINDOWS\system32\icwphbk.dll 2011-01-22 17:37:33 ----A---- D:\WINDOWS\system32\isign32.dll 2011-01-22 17:37:33 ----A---- D:\WINDOWS\system32\inetcfg.dll 2011-01-22 17:37:33 ----A---- D:\WINDOWS\system32\icwdial.dll 2011-01-22 17:37:28 ----D---- D:\Program Files\Fichiers communs\System 2011-01-22 17:37:27 ----D---- D:\Program Files\Internet Explorer 2011-01-22 17:36:29 ----D---- D:\Program Files\ComPlus Applications 2011-01-22 17:36:26 ----A---- D:\WINDOWS\vbaddin.ini 2011-01-22 17:36:26 ----A---- D:\WINDOWS\vb.ini 2011-01-22 17:36:20 ----D---- D:\WINDOWS\Registration 2011-01-22 17:35:36 ----D---- D:\Program Files\Multimedia 2011-01-22 17:35:33 ----D---- D:\Program Files\Desktop 2011-01-22 17:35:16 ----D---- D:\WINDOWS\icon_TMP 2011-01-22 17:35:14 ----A---- D:\WINDOWS\system32\wrap_oal.dll 2011-01-22 17:35:14 ----A---- D:\WINDOWS\system32\W95INF32.DLL 2011-01-22 17:35:14 ----A---- D:\WINDOWS\system32\W95INF16.DLL 2011-01-22 17:35:14 ----A---- D:\WINDOWS\system32\vcompd.dll 2011-01-22 17:35:14 ----A---- D:\WINDOWS\system32\vcomp.dll 2011-01-22 17:35:13 ----A---- D:\WINDOWS\system32\Vbrun300.dll 2011-01-22 17:35:13 ----A---- D:\WINDOWS\system32\vbrun200.dll 2011-01-22 17:35:13 ----A---- D:\WINDOWS\system32\vbrun100.dll 2011-01-22 17:35:13 ----A---- D:\WINDOWS\system32\Vb40032.dll 2011-01-22 17:35:12 ----A---- D:\WINDOWS\system32\Vb40016.dll 2011-01-22 17:35:12 ----A---- D:\WINDOWS\system32\OpenAL32.dll 2011-01-22 17:35:11 ----A---- D:\WINDOWS\system32\msvcrtd.dll 2011-01-22 17:35:11 ----A---- D:\WINDOWS\system32\msvcr80d.dll 2011-01-22 17:35:11 ----A---- D:\WINDOWS\system32\msvcr80.dll 2011-01-22 17:35:11 ----A---- D:\WINDOWS\system32\msvcr71d.dll 2011-01-22 17:35:10 ----A---- D:\WINDOWS\system32\msvcr71.dll 2011-01-22 17:35:10 ----A---- D:\WINDOWS\system32\MSVCR70d.dll 2011-01-22 17:35:10 ----A---- D:\WINDOWS\system32\msvcr70.dll 2011-01-22 17:35:10 ----A---- D:\WINDOWS\system32\msvcp80d.dll 2011-01-22 17:35:10 ----A---- D:\WINDOWS\system32\msvcp80.dll 2011-01-22 17:35:09 ----A---- D:\WINDOWS\system32\msvcp71d.dll 2011-01-22 17:35:09 ----A---- D:\WINDOWS\system32\msvcp71.dll 2011-01-22 17:35:09 ----A---- D:\WINDOWS\system32\MSVCP70.DLL 2011-01-22 17:35:09 ----A---- D:\WINDOWS\system32\MSVCP60D.DLL 2011-01-22 17:35:09 ----A---- D:\WINDOWS\system32\msvcm80d.dll 2011-01-22 17:35:09 ----A---- D:\WINDOWS\system32\msvcm80.dll 2011-01-22 17:35:08 ----A---- D:\WINDOWS\system32\MSVCIRTD.DLL 2011-01-22 17:35:08 ----A---- D:\WINDOWS\system32\msvci70.dll 2011-01-22 17:35:08 ----A---- D:\WINDOWS\system32\MSSTKPRP.DLL 2011-01-22 17:35:08 ----A---- D:\WINDOWS\system32\msstdfmt.dll 2011-01-22 17:35:06 ----A---- D:\WINDOWS\system32\MMVCR70.dll 2011-01-22 17:35:06 ----A---- D:\WINDOWS\system32\MMVCP70.dll 2011-01-22 17:35:06 ----A---- D:\WINDOWS\system32\mfcm80ud.dll 2011-01-22 17:35:05 ----A---- D:\WINDOWS\system32\mfcm80u.dll 2011-01-22 17:35:05 ----A---- D:\WINDOWS\system32\mfcm80d.dll 2011-01-22 17:35:05 ----A---- D:\WINDOWS\system32\mfcm80.dll 2011-01-22 17:35:05 ----A---- D:\WINDOWS\system32\mfc80ud.dll 2011-01-22 17:35:05 ----A---- D:\WINDOWS\system32\mfc80u.dll 2011-01-22 17:35:04 ----A---- D:\WINDOWS\system32\mfc80ENU.dll 2011-01-22 17:35:04 ----A---- D:\WINDOWS\system32\mfc80d.dll 2011-01-22 17:35:03 ----A---- D:\WINDOWS\system32\mfc80.dll 2011-01-22 17:35:03 ----A---- D:\WINDOWS\system32\mfc71u.dll 2011-01-22 17:35:03 ----A---- D:\WINDOWS\system32\mfc71.dll 2011-01-22 17:35:03 ----A---- D:\WINDOWS\system32\mfc70u.dll 2011-01-22 17:35:02 ----A---- D:\WINDOWS\system32\mfc70.dll 2011-01-22 17:35:02 ----A---- D:\WINDOWS\system32\mfc42d.dll 2011-01-22 17:35:01 ----A---- D:\WINDOWS\system32\libmmd.dll 2011-01-22 17:35:00 ----A---- D:\WINDOWS\system32\AutoItX3.dll 2011-01-22 17:35:00 ----A---- D:\WINDOWS\system32\ATL80.dll 2011-01-22 17:35:00 ----A---- D:\WINDOWS\system32\atl71.dll 2011-01-22 17:35:00 ----A---- D:\WINDOWS\system32\atl70.dll 2011-01-22 17:34:42 ----D---- D:\Program Files\Windows Media Connect 2 2011-01-22 17:34:41 ----D---- D:\Program Files\Windows Media Player 2011-01-22 17:34:38 ----D---- D:\Program Files\MSN Gaming Zone 2011-01-22 17:34:38 ----A---- D:\WINDOWS\system32\write.exe 2011-01-22 17:34:30 ----A---- D:\WINDOWS\system32\sndvol32.exe 2011-01-22 17:34:30 ----A---- D:\WINDOWS\system32\hticons.dll 2011-01-22 17:34:30 ----A---- D:\WINDOWS\system32\avwav.dll 2011-01-22 17:34:30 ----A---- D:\WINDOWS\system32\avmeter.dll 2011-01-22 17:34:29 ----A---- D:\WINDOWS\system32\winchat.exe 2011-01-22 17:34:29 ----A---- D:\WINDOWS\system32\avtapi.dll 2011-01-22 17:34:24 ----A---- D:\WINDOWS\system32\getuname.dll 2011-01-22 17:34:23 ----A---- D:\WINDOWS\system32\winmine.exe 2011-01-22 17:34:23 ----A---- D:\WINDOWS\system32\sol.exe 2011-01-22 17:34:23 ----A---- D:\WINDOWS\system32\charmap.exe 2011-01-22 17:34:23 ----A---- D:\WINDOWS\system32\calc.exe 2011-01-22 17:34:22 ----A---- D:\WINDOWS\system32\usrlogon.cmd 2011-01-22 17:34:22 ----A---- D:\WINDOWS\system32\tsshutdn.exe 2011-01-22 17:34:22 ----A---- D:\WINDOWS\system32\tslabels.ini 2011-01-22 17:34:22 ----A---- D:\WINDOWS\system32\tskill.exe 2011-01-22 17:34:22 ----A---- D:\WINDOWS\system32\tsdiscon.exe 2011-01-22 17:34:22 ----A---- D:\WINDOWS\system32\tscon.exe 2011-01-22 17:34:22 ----A---- D:\WINDOWS\system32\shadow.exe 2011-01-22 17:34:22 ----A---- D:\WINDOWS\system32\rwinsta.exe 2011-01-22 17:34:22 ----A---- D:\WINDOWS\system32\reset.exe 2011-01-22 17:34:22 ----A---- D:\WINDOWS\system32\mshearts.exe 2011-01-22 17:34:22 ----A---- D:\WINDOWS\system32\freecell.exe 2011-01-22 17:34:21 ----A---- D:\WINDOWS\system32\regini.exe 2011-01-22 17:34:21 ----A---- D:\WINDOWS\system32\rdpcfgex.dll 2011-01-22 17:34:21 ----A---- D:\WINDOWS\system32\qwinsta.exe 2011-01-22 17:34:21 ----A---- D:\WINDOWS\system32\qappsrv.exe 2011-01-22 17:34:21 ----A---- D:\WINDOWS\system32\msg.exe 2011-01-22 17:34:21 ----A---- D:\WINDOWS\system32\msdtcprf.ini 2011-01-22 17:34:21 ----A---- D:\WINDOWS\system32\logoff.exe 2011-01-22 17:34:21 ----A---- D:\WINDOWS\system32\cdmodem.dll 2011-01-22 17:34:20 ----A---- D:\WINDOWS\system32\stclient.dll 2011-01-22 17:34:20 ----A---- D:\WINDOWS\system32\mtxlegih.dll 2011-01-22 17:34:20 ----A---- D:\WINDOWS\system32\mtxex.dll 2011-01-22 17:34:20 ----A---- D:\WINDOWS\system32\mtxdm.dll 2011-01-22 17:34:20 ----A---- D:\WINDOWS\system32\dcomcnfg.exe 2011-01-22 17:34:20 ----A---- D:\WINDOWS\system32\comsnap.dll 2011-01-22 17:34:20 ----A---- D:\WINDOWS\system32\comrepl.dll 2011-01-22 17:34:20 ----A---- D:\WINDOWS\system32\comaddin.dll 2011-01-22 17:34:15 ----A---- D:\WINDOWS\system32\wmimgmt.msc 2011-01-22 17:34:14 ----A---- D:\WINDOWS\system32\sndrec32.exe 2011-01-22 17:34:14 ----A---- D:\WINDOWS\system32\mplay32.exe 2011-01-22 17:34:14 ----A---- D:\WINDOWS\system32\hypertrm.dll 2011-01-22 17:34:14 ----A---- D:\WINDOWS\system32\accwiz.exe 2011-01-22 17:34:13 ----D---- D:\Program Files\Windows NT 2011-01-22 17:34:13 ----A---- D:\WINDOWS\system32\spider.exe 2011-01-22 17:34:13 ----A---- D:\WINDOWS\system32\mspaint.exe 2011-01-22 17:34:13 ----A---- D:\WINDOWS\system32\drivers\tdtcp.sys 2011-01-22 17:34:13 ----A---- D:\WINDOWS\system32\drivers\tdpipe.sys 2011-01-22 17:34:13 ----A---- D:\WINDOWS\system32\drivers\rdpwd.sys 2011-01-22 17:34:13 ----A---- D:\WINDOWS\system32\clipbrd.exe 2011-01-22 17:34:12 ----A---- D:\WINDOWS\system32\tscfgwmi.dll 2011-01-22 17:34:12 ----A---- D:\WINDOWS\system32\sessmgr.exe 2011-01-22 17:34:12 ----A---- D:\WINDOWS\system32\remotepg.dll 2011-01-22 17:34:12 ----A---- D:\WINDOWS\system32\rdshost.exe 2011-01-22 17:34:12 ----A---- D:\WINDOWS\system32\rdsaddin.exe 2011-01-22 17:34:12 ----A---- D:\WINDOWS\system32\mstscax.dll 2011-01-22 17:34:12 ----A---- D:\WINDOWS\system32\mstsc.exe 2011-01-22 17:34:11 ----D---- D:\WINDOWS\system32\MsDtc 2011-01-22 17:34:11 ----A---- D:\WINDOWS\system32\tscupgrd.exe 2011-01-22 17:34:11 ----A---- D:\WINDOWS\system32\termsrv.dll 2011-01-22 17:34:11 ----A---- D:\WINDOWS\system32\rdpwsx.dll 2011-01-22 17:34:11 ----A---- D:\WINDOWS\system32\rdpsnd.dll 2011-01-22 17:34:11 ----A---- D:\WINDOWS\system32\rdpclip.exe 2011-01-22 17:34:11 ----A---- D:\WINDOWS\system32\rdchost.dll 2011-01-22 17:34:11 ----A---- D:\WINDOWS\system32\qprocess.exe 2011-01-22 17:34:11 ----A---- D:\WINDOWS\system32\msdtcuiu.dll 2011-01-22 17:34:11 ----A---- D:\WINDOWS\system32\icaapi.dll 2011-01-22 17:34:11 ----A---- D:\WINDOWS\system32\cfgbkend.dll 2011-01-22 17:34:10 ----A---- D:\WINDOWS\system32\xolehlp.dll 2011-01-22 17:34:10 ----A---- D:\WINDOWS\system32\mtxoci.dll 2011-01-22 17:34:10 ----A---- D:\WINDOWS\system32\msdtctm.dll 2011-01-22 17:34:10 ----A---- D:\WINDOWS\system32\msdtcprx.dll 2011-01-22 17:34:10 ----A---- D:\WINDOWS\system32\msdtclog.dll 2011-01-22 17:34:10 ----A---- D:\WINDOWS\system32\msdtc.exe 2011-01-22 17:34:09 ----D---- D:\WINDOWS\system32\Com 2011-01-22 17:34:09 ----A---- D:\WINDOWS\system32\colbact.dll 2011-01-22 17:34:09 ----A---- D:\WINDOWS\system32\clbcatex.dll 2011-01-22 17:34:09 ----A---- D:\WINDOWS\system32\catsrvps.dll 2011-01-22 17:34:08 ----A---- D:\WINDOWS\system32\comuid.dll 2011-01-22 17:34:08 ----A---- D:\WINDOWS\system32\comsvcs.dll 2011-01-22 17:34:08 ----A---- D:\WINDOWS\system32\clbcatq.dll 2011-01-22 17:34:08 ----A---- D:\WINDOWS\system32\catsrvut.dll 2011-01-22 17:34:08 ----A---- D:\WINDOWS\system32\catsrv.dll 2011-01-22 17:34:02 ----A---- D:\WINDOWS\system32\servdeps.dll 2011-01-22 17:34:02 ----A---- D:\WINDOWS\system32\mmfutil.dll 2011-01-22 17:34:02 ----A---- D:\WINDOWS\system32\licwmi.dll 2011-01-22 17:34:01 ----A---- D:\WINDOWS\system32\cmprops.dll 2011-01-22 17:33:57 ----A---- D:\WINDOWS\system32\drivers\termdd.sys 2011-01-22 17:33:57 ----A---- D:\WINDOWS\system32\drivers\rdpdr.sys 2011-01-22 17:30:25 ----A---- D:\WINDOWS\system32\h323log.txt 2011-01-22 17:30:20 ----A---- D:\WINDOWS\system32\drivers\splitter.sys 2011-01-22 17:30:19 ----A---- D:\WINDOWS\system32\drivers\aec.sys 2011-01-22 17:30:17 ----A---- D:\WINDOWS\system32\drivers\drmkaud.sys 2011-01-22 17:30:15 ----A---- D:\WINDOWS\system32\drivers\MSPQM.sys 2011-01-22 17:30:14 ----A---- D:\WINDOWS\system32\drivers\swmidi.sys 2011-01-22 17:30:12 ----A---- D:\WINDOWS\system32\drivers\DMusic.sys 2011-01-22 17:30:11 ----A---- D:\WINDOWS\system32\drivers\wdmaud.sys 2011-01-22 17:30:09 ----A---- D:\WINDOWS\system32\drivers\MSKSSRV.sys 2011-01-22 17:30:07 ----A---- D:\WINDOWS\system32\drivers\kmixer.sys 2011-01-22 17:30:06 ----A---- D:\WINDOWS\system32\drivers\MSPCLOCK.sys 2011-01-22 17:30:04 ----A---- D:\WINDOWS\system32\drivers\sysaudio.sys 2011-01-22 17:29:59 ----A---- D:\WINDOWS\system32\drivers\audstub.sys 2011-01-22 17:28:56 ----A---- D:\WINDOWS\system32\drivers\redbook.sys 2011-01-22 17:28:46 ----A---- D:\WINDOWS\system32\nvwrszht.dll 2011-01-22 17:28:46 ----A---- D:\WINDOWS\system32\nvwrszhc.dll 2011-01-22 17:28:46 ----A---- D:\WINDOWS\system32\nvwrstr.dll 2011-01-22 17:28:46 ----A---- D:\WINDOWS\system32\nvwrssv.dll 2011-01-22 17:28:46 ----A---- D:\WINDOWS\system32\nvwrssl.dll 2011-01-22 17:28:46 ----A---- D:\WINDOWS\system32\nvrszht.dll 2011-01-22 17:28:46 ----A---- D:\WINDOWS\system32\nvrszhc.dll 2011-01-22 17:28:46 ----A---- D:\WINDOWS\system32\nvrstr.dll 2011-01-22 17:28:46 ----A---- D:\WINDOWS\system32\nvrssv.dll 2011-01-22 17:28:45 ----A---- D:\WINDOWS\system32\nvwrssk.dll 2011-01-22 17:28:45 ----A---- D:\WINDOWS\system32\nvwrsru.dll 2011-01-22 17:28:45 ----A---- D:\WINDOWS\system32\nvwrsptb.dll 2011-01-22 17:28:45 ----A---- D:\WINDOWS\system32\nvrssl.dll 2011-01-22 17:28:45 ----A---- D:\WINDOWS\system32\nvrssk.dll 2011-01-22 17:28:45 ----A---- D:\WINDOWS\system32\nvrsru.dll 2011-01-22 17:28:45 ----A---- D:\WINDOWS\system32\nvrsptb.dll 2011-01-22 17:28:44 ----A---- D:\WINDOWS\system32\nvwrspt.dll 2011-01-22 17:28:44 ----A---- D:\WINDOWS\system32\nvwrspl.dll 2011-01-22 17:28:44 ----A---- D:\WINDOWS\system32\nvwrsno.dll 2011-01-22 17:28:44 ----A---- D:\WINDOWS\system32\nvwrsnl.dll 2011-01-22 17:28:44 ----A---- D:\WINDOWS\system32\nvwrsko.dll 2011-01-22 17:28:44 ----A---- D:\WINDOWS\system32\nvwrsja.dll 2011-01-22 17:28:44 ----A---- D:\WINDOWS\system32\nvwrsit.dll 2011-01-22 17:28:44 ----A---- D:\WINDOWS\system32\nvrspt.dll 2011-01-22 17:28:44 ----A---- D:\WINDOWS\system32\nvrspl.dll 2011-01-22 17:28:44 ----A---- D:\WINDOWS\system32\nvrsno.dll 2011-01-22 17:28:44 ----A---- D:\WINDOWS\system32\nvrsnl.dll 2011-01-22 17:28:44 ----A---- D:\WINDOWS\system32\nvrsko.dll 2011-01-22 17:28:44 ----A---- D:\WINDOWS\system32\nvrsja.dll 2011-01-22 17:28:44 ----A---- D:\WINDOWS\system32\nvrsit.dll 2011-01-22 17:28:43 ----A---- D:\WINDOWS\system32\nvwrshu.dll 2011-01-22 17:28:43 ----A---- D:\WINDOWS\system32\nvwrshe.dll 2011-01-22 17:28:43 ----A---- D:\WINDOWS\system32\nvwrsfr.dll 2011-01-22 17:28:43 ----A---- D:\WINDOWS\system32\nvrshu.dll 2011-01-22 17:28:43 ----A---- D:\WINDOWS\system32\nvrshe.dll 2011-01-22 17:28:43 ----A---- D:\WINDOWS\system32\nvrsfr.dll 2011-01-22 17:28:42 ----A---- D:\WINDOWS\system32\nvwrsfi.dll 2011-01-22 17:28:42 ----A---- D:\WINDOWS\system32\nvwrsesm.dll 2011-01-22 17:28:42 ----A---- D:\WINDOWS\system32\nvwrses.dll 2011-01-22 17:28:42 ----A---- D:\WINDOWS\system32\nvwrseng.dll 2011-01-22 17:28:42 ----A---- D:\WINDOWS\system32\nvwrsel.dll 2011-01-22 17:28:42 ----A---- D:\WINDOWS\system32\nvwrsde.dll 2011-01-22 17:28:42 ----A---- D:\WINDOWS\system32\nvwrsda.dll 2011-01-22 17:28:42 ----A---- D:\WINDOWS\system32\nvrsfi.dll 2011-01-22 17:28:42 ----A---- D:\WINDOWS\system32\nvrsesm.dll 2011-01-22 17:28:42 ----A---- D:\WINDOWS\system32\nvrses.dll 2011-01-22 17:28:42 ----A---- D:\WINDOWS\system32\nvrseng.dll 2011-01-22 17:28:42 ----A---- D:\WINDOWS\system32\nvrsel.dll 2011-01-22 17:28:42 ----A---- D:\WINDOWS\system32\nvrsde.dll 2011-01-22 17:28:42 ----A---- D:\WINDOWS\system32\nvrsda.dll 2011-01-22 17:28:41 ----A---- D:\WINDOWS\system32\nvwrscs.dll 2011-01-22 17:28:41 ----A---- D:\WINDOWS\system32\nvwrsar.dll 2011-01-22 17:28:41 ----A---- D:\WINDOWS\system32\nvrscs.dll 2011-01-22 17:28:41 ----A---- D:\WINDOWS\system32\nvrsar.dll 2011-01-22 17:28:41 ----A---- D:\WINDOWS\system32\nvmccsrs.dll 2011-01-22 17:28:41 ----A---- D:\WINDOWS\system32\nvexpbar.dll 2011-01-22 17:28:41 ----A---- D:\WINDOWS\system32\nvcpluir.dll 2011-01-22 17:28:41 ----A---- D:\WINDOWS\system32\nvcplui.exe 2011-01-22 17:28:40 ----D---- D:\WINDOWS\nview 2011-01-22 17:28:40 ----A---- D:\WINDOWS\system32\nwiz.exe 2011-01-22 17:28:40 ----A---- D:\WINDOWS\system32\nvwimg.dll 2011-01-22 17:28:40 ----A---- D:\WINDOWS\system32\nvwdmcpl.dll 2011-01-22 17:28:40 ----A---- D:\WINDOWS\system32\nvudisp.exe 2011-01-22 17:28:40 ----A---- D:\WINDOWS\system32\nvshell.dll 2011-01-22 17:28:40 ----A---- D:\WINDOWS\system32\nview.dll 2011-01-22 17:28:40 ----A---- D:\WINDOWS\system32\nvdspsch.exe 2011-01-22 17:28:40 ----A---- D:\WINDOWS\system32\nvcolor.exe 2011-01-22 17:28:40 ----A---- D:\WINDOWS\system32\nvappbar.exe 2011-01-22 17:28:40 ----A---- D:\WINDOWS\system32\keystone.exe 2011-01-22 17:28:11 ----A---- D:\WINDOWS\system32\ksuser.dll 2011-01-22 17:28:11 ----A---- D:\WINDOWS\system32\drivers\portcls.sys 2011-01-22 17:28:11 ----A---- D:\WINDOWS\system32\drivers\drmk.sys 2011-01-22 17:28:11 ----A---- D:\WINDOWS\system32\drivers\ALCXWDM.SYS 2011-01-22 17:27:55 ----A---- D:\WINDOWS\system32\drivers\UAGP35.SYS 2011-01-22 17:27:48 ----D---- D:\WINDOWS\SiS 2011-01-22 17:27:38 ----A---- D:\WINDOWS\system32\usbui.dll 2011-01-22 17:24:23 ----A---- D:\WINDOWS\imsins.BAK 2011-01-22 17:24:20 ----SHD---- D:\WINDOWS\Installer 2011-01-22 17:24:20 ----A---- D:\WINDOWS\system32\PerfStringBackup.INI 2011-01-22 17:24:19 ----D---- D:\Program Files\Fichiers communs\ODBC 2011-01-22 17:24:19 ----A---- D:\WINDOWS\ODBCINST.INI 2011-01-22 17:24:16 ----D---- D:\Program Files\Fichiers communs\SpeechEngines 2011-01-22 17:24:15 ----RD---- D:\Program Files 2011-01-22 17:24:15 ----D---- D:\Program Files\Fichiers communs\Microsoft Shared 2011-01-22 17:24:15 ----D---- D:\Program Files\Fichiers communs 2011-01-22 17:24:12 ----RA---- D:\WINDOWS\system32\kbdtuq.dll 2011-01-22 17:24:12 ----RA---- D:\WINDOWS\system32\kbdtuf.dll 2011-01-22 17:24:12 ----RA---- D:\WINDOWS\system32\kbdazel.dll 2011-01-22 17:24:11 ----RA---- D:\WINDOWS\system32\kbdmon.dll 2011-01-22 17:24:11 ----RA---- D:\WINDOWS\system32\kbdkyr.dll 2011-01-22 17:24:10 ----RA---- D:\WINDOWS\system32\kbdycc.dll 2011-01-22 17:24:10 ----RA---- D:\WINDOWS\system32\kbduzb.dll 2011-01-22 17:24:10 ----RA---- D:\WINDOWS\system32\kbdur.dll 2011-01-22 17:24:10 ----RA---- D:\WINDOWS\system32\kbdtat.dll 2011-01-22 17:24:10 ----RA---- D:\WINDOWS\system32\kbdru1.dll 2011-01-22 17:24:10 ----RA---- D:\WINDOWS\system32\kbdru.dll 2011-01-22 17:24:10 ----RA---- D:\WINDOWS\system32\kbdkaz.dll 2011-01-22 17:24:10 ----RA---- D:\WINDOWS\system32\kbdbu.dll 2011-01-22 17:24:10 ----RA---- D:\WINDOWS\system32\kbdblr.dll 2011-01-22 17:24:10 ----RA---- D:\WINDOWS\system32\kbdaze.dll 2011-01-22 17:24:09 ----RA---- D:\WINDOWS\system32\kbdhept.dll 2011-01-22 17:24:09 ----RA---- D:\WINDOWS\system32\kbdhela3.dll 2011-01-22 17:24:09 ----RA---- D:\WINDOWS\system32\kbdhela2.dll 2011-01-22 17:24:09 ----RA---- D:\WINDOWS\system32\kbdhe319.dll 2011-01-22 17:24:09 ----RA---- D:\WINDOWS\system32\kbdhe220.dll 2011-01-22 17:24:09 ----RA---- D:\WINDOWS\system32\kbdhe.dll 2011-01-22 17:24:09 ----RA---- D:\WINDOWS\system32\kbdgkl.dll 2011-01-22 17:24:07 ----RA---- D:\WINDOWS\system32\kbdlv1.dll 2011-01-22 17:24:07 ----RA---- D:\WINDOWS\system32\kbdlv.dll 2011-01-22 17:24:07 ----RA---- D:\WINDOWS\system32\kbdlt1.dll 2011-01-22 17:24:07 ----RA---- D:\WINDOWS\system32\kbdlt.dll 2011-01-22 17:24:07 ----RA---- D:\WINDOWS\system32\kbdest.dll 2011-01-22 17:24:06 ----RA---- D:\WINDOWS\system32\kbdsl1.dll 2011-01-22 17:24:06 ----RA---- D:\WINDOWS\system32\kbdsl.dll 2011-01-22 17:24:06 ----RA---- D:\WINDOWS\system32\kbdro.dll 2011-01-22 17:24:06 ----RA---- D:\WINDOWS\system32\kbdpl1.dll 2011-01-22 17:24:06 ----RA---- D:\WINDOWS\system32\kbdpl.dll 2011-01-22 17:24:06 ----RA---- D:\WINDOWS\system32\kbdhu1.dll 2011-01-22 17:24:06 ----RA---- D:\WINDOWS\system32\kbdhu.dll 2011-01-22 17:24:06 ----RA---- D:\WINDOWS\system32\kbdcz2.dll 2011-01-22 17:24:06 ----RA---- D:\WINDOWS\system32\kbdcz1.dll 2011-01-22 17:24:06 ----RA---- D:\WINDOWS\system32\kbdcz.dll 2011-01-22 17:24:06 ----RA---- D:\WINDOWS\system32\kbdcr.dll 2011-01-22 17:24:05 ----RA---- D:\WINDOWS\system32\kbdycl.dll 2011-01-22 17:24:05 ----RA---- D:\WINDOWS\system32\KBDAL.DLL 2011-01-22 17:24:04 ----D---- D:\WINDOWS\LastGood.Tmp 2011-01-22 17:24:00 ----A---- D:\WINDOWS\system32\spxcoins.dll 2011-01-22 17:24:00 ----A---- D:\WINDOWS\system32\irclass.dll 2011-01-22 17:24:00 ----A---- D:\WINDOWS\system32\EqnClass.Dll 2011-01-22 17:24:00 ----A---- D:\WINDOWS\system32\dgsetup.dll 2011-01-22 17:24:00 ----A---- D:\WINDOWS\system32\dgrpsetu.dll 2011-01-22 17:23:58 ----N---- D:\WINDOWS\system32\CONFIG.TMP 2011-01-22 17:23:58 ----A---- D:\WINDOWS\TASKMAN.EXE 2011-01-22 17:23:58 ----A---- D:\WINDOWS\system32\drivers\irenum.sys 2011-01-22 17:23:58 ----A---- D:\WINDOWS\system32\batt.dll 2011-01-22 17:23:57 ----A---- D:\WINDOWS\system32\storprop.dll 2011-01-22 17:23:57 ----A---- D:\WINDOWS\NOTEPAD.EXE 2011-01-22 17:23:48 ----ASH---- D:\Documents and Settings\All Users\Application Data\desktop.ini 2011-01-22 17:23:37 ----RA---- D:\WINDOWS\SET8.tmp 2011-01-22 17:23:34 ----RA---- D:\WINDOWS\SET4.tmp 2011-01-22 17:23:33 ----RA---- D:\WINDOWS\SET3.tmp 2011-01-22 17:23:27 ----D---- D:\WINDOWS\system32\CatRoot2 2011-01-22 17:23:27 ----D---- D:\WINDOWS\system32\CatRoot 2011-01-22 17:23:21 ----SD---- D:\Documents and Settings\All Users\Application Data\Microsoft 2011-01-22 17:23:04 ----A---- D:\WINDOWS\setuplog.txt 2011-01-22 17:21:44 ----A---- D:\WINDOWS\system32\RTLCPAPI.dll 2011-01-22 17:21:42 ----A---- D:\WINDOWS\SOUNDMAN.EXE 2011-01-22 17:21:41 ----A---- D:\WINDOWS\system32\RTLCPL.EXE 2011-01-22 17:21:40 ----A---- D:\WINDOWS\Alcrmv.exe 2011-01-22 17:21:02 ----A---- D:\WINDOWS\system32\property.dll 2011-01-22 17:20:57 ----A---- D:\WINDOWS\system32\drivers\sisnicxp.sys 2011-01-22 17:19:09 ----A---- D:\WINDOWS\system32\nvwssr.dll 2011-01-22 17:19:09 ----A---- D:\WINDOWS\system32\drivers\nv4_mini.sys 2011-01-22 17:19:08 ----A---- D:\WINDOWS\system32\nvwss.dll 2011-01-22 17:19:07 ----A---- D:\WINDOWS\system32\nvwddi.dll 2011-01-22 17:19:07 ----A---- D:\WINDOWS\system32\nvvitvsr.dll 2011-01-22 17:19:07 ----A---- D:\WINDOWS\system32\nvvitvs.dll 2011-01-22 17:19:05 ----A---- D:\WINDOWS\system32\nvoglnt.dll 2011-01-22 17:19:05 ----A---- D:\WINDOWS\system32\nvnt4cpl.dll 2011-01-22 17:19:05 ----A---- D:\WINDOWS\system32\nvmoblsr.dll 2011-01-22 17:19:05 ----A---- D:\WINDOWS\system32\nvmobls.dll 2011-01-22 17:19:05 ----A---- D:\WINDOWS\system32\nvmctray.dll 2011-01-22 17:19:05 ----A---- D:\WINDOWS\system32\nvmccssr.dll 2011-01-22 17:19:05 ----A---- D:\WINDOWS\system32\nvmccss.dll 2011-01-22 17:19:05 ----A---- D:\WINDOWS\system32\nvmccs.dll 2011-01-22 17:19:05 ----A---- D:\WINDOWS\system32\nvhwvid.dll 2011-01-22 17:19:04 ----A---- D:\WINDOWS\system32\nvgamesr.dll 2011-01-22 17:19:04 ----A---- D:\WINDOWS\system32\nvgames.dll 2011-01-22 17:18:57 ----A---- D:\WINDOWS\system32\nvdispsr.dll 2011-01-22 17:18:56 ----A---- D:\WINDOWS\system32\nvdisps.dll 2011-01-22 17:18:56 ----A---- D:\WINDOWS\system32\nvcpl.dll 2011-01-22 17:18:55 ----A---- D:\WINDOWS\system32\nvcodins.dll 2011-01-22 17:18:55 ----A---- D:\WINDOWS\system32\nvcod.dll 2011-01-22 17:18:55 ----A---- D:\WINDOWS\system32\nvapi.dll 2011-01-22 17:18:55 ----A---- D:\WINDOWS\system32\nv4_disp.dll 2011-01-22 17:18:54 ----A---- D:\WINDOWS\system32\nvsvc32.exe 2011-01-22 17:17:55 ----D---- D:\Documents and Settings 2011-01-22 17:13:16 ----SD---- D:\WINDOWS\Downloaded Program Files 2011-01-22 17:13:16 ----RSD---- D:\WINDOWS\Fonts 2011-01-22 17:13:16 ----RD---- D:\WINDOWS\Web 2011-01-22 17:13:16 ----HD---- D:\WINDOWS\inf 2011-01-22 17:13:16 ----D---- D:\WINDOWS\WinSxS 2011-01-22 17:13:16 ----D---- D:\WINDOWS\WBEM 2011-01-22 17:13:16 ----D---- D:\WINDOWS\twain_32 2011-01-22 17:13:16 ----D---- D:\WINDOWS\Temp 2011-01-22 17:13:16 ----D---- D:\WINDOWS\system32\wins 2011-01-22 17:13:16 ----D---- D:\WINDOWS\system32\wbem 2011-01-22 17:13:16 ----D---- D:\WINDOWS\system32\usmt 2011-01-22 17:13:16 ----D---- D:\WINDOWS\system32\spool 2011-01-22 17:13:16 ----D---- D:\WINDOWS\system32\ShellExt 2011-01-22 17:13:16 ----D---- D:\WINDOWS\system32\Setup 2011-01-22 17:13:16 ----D---- D:\WINDOWS\system32\ras 2011-01-22 17:13:16 ----D---- D:\WINDOWS\system32\PreInstall 2011-01-22 17:13:16 ----D---- D:\WINDOWS\system32\npp 2011-01-22 17:13:16 ----D---- D:\WINDOWS\system32\mui 2011-01-22 17:13:16 ----D---- D:\WINDOWS\system32\inetsrv 2011-01-22 17:13:16 ----D---- D:\WINDOWS\system32\IME 2011-01-22 17:13:16 ----D---- D:\WINDOWS\system32\icsxml 2011-01-22 17:13:16 ----D---- D:\WINDOWS\system32\ias 2011-01-22 17:13:16 ----D---- D:\WINDOWS\system32\fr-fr 2011-01-22 17:13:16 ----D---- D:\WINDOWS\system32\export 2011-01-22 17:13:16 ----D---- D:\WINDOWS\system32\en-US 2011-01-22 17:13:16 ----D---- D:\WINDOWS\system32\drivers\UMDF 2011-01-22 17:13:16 ----D---- D:\WINDOWS\system32\drivers\etc 2011-01-22 17:13:16 ----D---- D:\WINDOWS\system32\drivers\disdn 2011-01-22 17:13:16 ----D---- D:\WINDOWS\system32\drivers 2011-01-22 17:13:16 ----D---- D:\WINDOWS\system32\dhcp 2011-01-22 17:13:16 ----D---- D:\WINDOWS\system32\config 2011-01-22 17:13:16 ----D---- D:\WINDOWS\system32\3com_dmi 2011-01-22 17:13:16 ----D---- D:\WINDOWS\system32\3076 2011-01-22 17:13:16 ----D---- D:\WINDOWS\system32\2052 2011-01-22 17:13:16 ----D---- D:\WINDOWS\system32\1054 2011-01-22 17:13:16 ----D---- D:\WINDOWS\system32\1042 2011-01-22 17:13:16 ----D---- D:\WINDOWS\system32\1041 2011-01-22 17:13:16 ----D---- D:\WINDOWS\system32\1037 2011-01-22 17:13:16 ----D---- D:\WINDOWS\system32\1036 2011-01-22 17:13:16 ----D---- D:\WINDOWS\system32\1033 2011-01-22 17:13:16 ----D---- D:\WINDOWS\system32\1031 2011-01-22 17:13:16 ----D---- D:\WINDOWS\system32\1028 2011-01-22 17:13:16 ----D---- D:\WINDOWS\system32\1025 2011-01-22 17:13:16 ----D---- D:\WINDOWS\system32 2011-01-22 17:13:16 ----D---- D:\WINDOWS\system 2011-01-22 17:13:16 ----D---- D:\WINDOWS\SoftwareDistribution 2011-01-22 17:13:16 ----D---- D:\WINDOWS\security 2011-01-22 17:13:16 ----D---- D:\WINDOWS\Resources 2011-01-22 17:13:16 ----D---- D:\WINDOWS\repair 2011-01-22 17:13:16 ----D---- D:\WINDOWS\Provisioning 2011-01-22 17:13:16 ----D---- D:\WINDOWS\PeerNet 2011-01-22 17:13:16 ----D---- D:\WINDOWS\pchealth 2011-01-22 17:13:16 ----D---- D:\WINDOWS\Offline Web Pages 2011-01-22 17:13:16 ----D---- D:\WINDOWS\mui 2011-01-22 17:13:16 ----D---- D:\WINDOWS\msapps 2011-01-22 17:13:16 ----D---- D:\WINDOWS\msagent 2011-01-22 17:13:16 ----D---- D:\WINDOWS\Media 2011-01-22 17:13:16 ----D---- D:\WINDOWS\java 2011-01-22 17:13:16 ----D---- D:\WINDOWS\ime 2011-01-22 17:13:16 ----D---- D:\WINDOWS\Help 2011-01-22 17:13:16 ----D---- D:\WINDOWS\ehome 2011-01-22 17:13:16 ----D---- D:\WINDOWS\Driver Cache 2011-01-22 17:13:16 ----D---- D:\WINDOWS\Debug 2011-01-22 17:13:16 ----D---- D:\WINDOWS\Cursors 2011-01-22 17:13:16 ----D---- D:\WINDOWS\Connection Wizard 2011-01-22 17:13:16 ----D---- D:\WINDOWS\Config 2011-01-22 17:13:16 ----D---- D:\WINDOWS\AppPatch 2011-01-22 17:13:16 ----D---- D:\WINDOWS\addins 2011-01-22 17:13:16 ----D---- D:\WINDOWS 2011-01-22 17:13:16 ----ASH---- D:\pagefile.sys ======List of files/folders modified in the last 1 months====== 2011-01-22 22:52:04 ----A---- D:\WINDOWS\system32\uxtheme.dll 2011-01-22 18:12:52 ----A---- D:\WINDOWS\system.ini 2011-01-22 17:53:20 ----A---- D:\WINDOWS\win.ini 2011-01-22 17:39:38 ----ASH---- D:\WINDOWS\fonts\desktop.ini ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 sisraid;sisraid; D:\WINDOWS\system32\DRIVERS\SiSRaid.sys [2006-02-26 48128] R0 sptd;sptd; D:\WINDOWS\System32\Drivers\sptd.sys [2011-01-22 646392] R0 uagp35;Filtre AGP version 3.5 Microsoft; D:\WINDOWS\system32\DRIVERS\uagp35.sys [2004-08-03 44672] R1 avgio;avgio; \??\D:\Program Files\Avira\AntiVir Desktop\avgio.sys [] R1 avipbb;avipbb; D:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 intelppm;Pilote de processeur Intel; D:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-04 40320] R1 ssmdrv;ssmdrv; D:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520] R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B}; \??\D:\Program Files\CyberLink\PowerDVD\000.fcl [] R2 Aspi32;Aspi32; D:\WINDOWS\system32\drivers\Aspi32.sys [2002-07-17 16877] R2 avgntflt;avgntflt; D:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-11-25 56816] R2 ElbyCDIO;ElbyCDIO Driver; D:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2006-12-26 15440] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); D:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-12-29 4026112] R3 ElbyCDFL;ElbyCDFL; D:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2006-12-26 34760] R3 hidusb;Pilote de classe HID Microsoft; D:\WINDOWS\system32\DRIVERS\hidusb.sys [2002-09-07 9600] R3 mouhid;Pilote HID de souris; D:\WINDOWS\system32\DRIVERS\mouhid.sys [2007-04-02 12288] R3 nv;nv; D:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-10-22 3994624] R3 pcouffin;VSO Software pcouffin; D:\WINDOWS\System32\Drivers\pcouffin.sys [2011-01-22 47360] R3 pfc;Padus ASPI Shell; D:\WINDOWS\system32\drivers\pfc.sys [2011-01-22 10368] R3 SISNICXP;SiS PCI Fast Ethernet Adapter Driver for NDIS51; D:\WINDOWS\system32\DRIVERS\sisnicxp.sys [2006-02-14 32768] R3 usbccgp;Pilote parent générique USB Microsoft; D:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616] R3 usbvideo;Périphérique vidéo USB (WDM); D:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-03 78464] S3 a3zfsqcp;a3zfsqcp; D:\WINDOWS\system32\drivers\a3zfsqcp.sys [] S3 CCDECODE;Décodeur sous-titre fermé; D:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; D:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; D:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376] S3 NdisIP;Connection TV/vidéo Microsoft; D:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880] S3 SLIP;Détrameur décalage BDA; D:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136] S3 streamip;BDA IPSink; D:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360] S3 USBSTOR;Pilote de stockage de masse USB; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] S3 WSTCODEC;Codec Teletext standard; D:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; D:\WINDOWS\system32\DRIVERS\WudfPf.sys [2007-04-02 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; D:\WINDOWS\system32\DRIVERS\wudfrd.sys [2007-04-02 82944] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirSchedulerService;Avira AntiVir Planificateur; D:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289] R2 AntiVirService;Avira AntiVir Guard; D:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089] R2 JavaQuickStarterService;Java Quick Starter; D:\Program Files\Java\jre6\bin\jqs.exe [2011-01-22 153376] R2 NVSvc;NVIDIA Display Driver Service; D:\WINDOWS\system32\nvsvc32.exe [2006-10-22 159810] S3 aspnet_state;ASP.NET State Service; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240] S3 odserv;Microsoft Office Diagnostics Service; D:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136] S3 ose;Office Source Engine; D:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; D:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; D:\WINDOWS\system32\svchost.exe [2004-08-04 14336] -----------------EOF-----------------
  11. bullbizar
    Salut Thanos, Comme prévu, j'ai récuperé le PC, d'après le réparateur c'était juste le système (XP) qui a sauté!!!!!! Il me l'a réinstallé (assez cher en plus); là ça marche impeccable, la machine est plus rapide, mais je vois plein de choses nouvelles et j'aimerais bien d'un conseil de spécialiste. J'aimerais bien que tu me dises quoi faire pour diagnostiquer la machine telle qu'elle est en ce moment. Merci Thanos et à bientôt. P.S: Je n'arrive pas à t'écrire un M.P pour ne pas surcharger le forum.
  12. bullbizar
    Salut Thanos, Merci pour ta réponse et les instructions envoyées.......que je vais garder au chaud pour plus tard. En effet, en rentrant du boulot le PC ne chargeait plus Windows et s'éteignait. Je rebootais avec le cd Windows, pareil, même pas le mode sans échec ne démarre. (Là je suis sur mon portable). Devant mon impuissance et l'insistance des enfants, je l'ai donné à un technicien Hard pour diagnostique et réparation éventuelle. Dès que je le récupèrerais (normalement samedi soir), je me mettrais au boulot et te tiendrais au courant Merci encore pour ta patience ; tu me vois désolé si je te cause des désagréments dans le suivi de mon analyse. Bonne soirée et à bientôt.
  13. bullbizar
    Salut Thanos, Merci pour tes conseils, tu trouveras ci-joint le log du scan demandé. Da ns l'attente de tes instructions, je te souhaite une excellente journée ou soirée. ComboFix 11-01-17.05 - user 18/01/2011 22:17:13.3.1 - x86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.511.315 [GMT 1:00] Running from: c:\documents and settings\user\Bureau\bullbizar.exe AV: Lavasoft Ad-Watch Live! Antivirus *Enabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33} WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\user\Application Data\.# c:\documents and settings\user\Application Data\.#\MBX@6BC@383FA0.### c:\documents and settings\user\Application Data\.#\MBX@6BC@383FD0.### c:\documents and settings\user\Application Data\.#\MBX@BC8@383FB0.### c:\documents and settings\user\Application Data\.#\MBX@BC8@383FE0.### c:\documents and settings\user\Application Data\.#\MBX@BFC@383FA0.### c:\documents and settings\user\Application Data\.#\MBX@BFC@383FD0.### c:\documents and settings\user\Application Data\.#\MBX@C48@383FB0.### c:\documents and settings\user\Application Data\.#\MBX@C48@383FE0.### c:\documents and settings\user\Application Data\.#\MBX@C94@383FA0.### c:\documents and settings\user\Application Data\.#\MBX@C94@383FD0.### c:\documents and settings\user\Application Data\.#\MBX@E24@383FB0.### c:\documents and settings\user\Application Data\.#\MBX@E24@383FE0.### c:\documents and settings\user\Application Data\.#\MBX@E38@383FB0.### c:\documents and settings\user\Application Data\.#\MBX@E38@383FE0.### c:\documents and settings\user\Application Data\.#\MBX@EA0@383FB0.### c:\documents and settings\user\Application Data\.#\MBX@EA0@383FE0.### c:\documents and settings\user\Application Data\.#\MBX@EAC@383FB0.### c:\documents and settings\user\Application Data\.#\MBX@EAC@383FE0.### c:\documents and settings\user\Application Data\.#\MBX@F4@383FB0.### c:\documents and settings\user\Application Data\.#\MBX@F4@383FE0.### c:\documents and settings\user\Application Data\PriceGong c:\documents and settings\user\Application Data\PriceGong\Data\1.xml c:\documents and settings\user\Application Data\PriceGong\Data\a.xml c:\documents and settings\user\Application Data\PriceGong\Data\b.xml c:\documents and settings\user\Application Data\PriceGong\Data\c.xml c:\documents and settings\user\Application Data\PriceGong\Data\d.xml c:\documents and settings\user\Application Data\PriceGong\Data\e.xml c:\documents and settings\user\Application Data\PriceGong\Data\f.xml c:\documents and settings\user\Application Data\PriceGong\Data\g.xml c:\documents and settings\user\Application Data\PriceGong\Data\h.xml c:\documents and settings\user\Application Data\PriceGong\Data\i.xml c:\documents and settings\user\Application Data\PriceGong\Data\J.xml c:\documents and settings\user\Application Data\PriceGong\Data\k.xml c:\documents and settings\user\Application Data\PriceGong\Data\l.xml c:\documents and settings\user\Application Data\PriceGong\Data\m.xml c:\documents and settings\user\Application Data\PriceGong\Data\mru.xml c:\documents and settings\user\Application Data\PriceGong\Data\n.xml c:\documents and settings\user\Application Data\PriceGong\Data\o.xml c:\documents and settings\user\Application Data\PriceGong\Data\p.xml c:\documents and settings\user\Application Data\PriceGong\Data\q.xml c:\documents and settings\user\Application Data\PriceGong\Data\r.xml c:\documents and settings\user\Application Data\PriceGong\Data\s.xml c:\documents and settings\user\Application Data\PriceGong\Data\t.xml c:\documents and settings\user\Application Data\PriceGong\Data\u.xml c:\documents and settings\user\Application Data\PriceGong\Data\v.xml c:\documents and settings\user\Application Data\PriceGong\Data\w.xml c:\documents and settings\user\Application Data\PriceGong\Data\x.xml c:\documents and settings\user\Application Data\PriceGong\Data\y.xml c:\documents and settings\user\Application Data\PriceGong\Data\z.xml c:\documents and settings\user\Application Data\svchost.exe C:\info.bat c:\windows\system32\boote c:\windows\system32\boote\AUTOEXEC.BAT c:\windows\system32\boote\boot.ini c:\windows\system32\boote\CONFIG.SYS c:\windows\system32\boote\IO.SYS c:\windows\system32\boote\MSDOS.SYS c:\windows\system32\boote\NTDETECT.COM c:\windows\system32\olgryduv.dll c:\windows\system32\Viveza2FC32.dll D:\11rhbu.cmd D:\Autorun.inf . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_qjstkqhr -------\Service_qjstkqhr ((((((((((((((((((((((((( Files Created from 2010-12-18 to 2011-01-18 ))))))))))))))))))))))))))))))) . 2011-01-18 21:33 . 2009-08-06 18:23 215920 ----a-w- c:\windows\system32\muweb.dll 2011-01-18 21:33 . 2009-08-06 18:23 274288 ----a-w- c:\windows\system32\mucltui.dll 2011-01-18 21:32 . 2011-01-18 21:33 -------- d-----w- c:\windows\LastGood 2011-01-18 21:10 . 2011-01-18 21:12 -------- d-----r- C:\32788R22FWJFW 2011-01-13 21:49 . 2011-01-13 21:49 -------- d-----w- c:\documents and settings\user\Local Settings\Application Data\Sunbelt Software 2011-01-12 17:39 . 2011-01-12 17:39 -------- d-----w- c:\program files\Defraggler 2011-01-11 17:27 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-01-11 17:27 . 2011-01-11 17:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-01-11 17:27 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-01-11 12:41 . 2011-01-12 15:58 86576 ----a-w- c:\documents and settings\user\Application Data\Microsoft\Services Windows Live\Raccourci Galerie de Photos Windows Live.exe 2011-01-11 12:41 . 2011-01-12 15:58 392728 ----a-w- c:\documents and settings\user\Application Data\Microsoft\Services Windows Live\Services Windows Live.dll 2011-01-11 12:41 . 2011-01-12 15:58 132672 ----a-w- c:\documents and settings\user\Application Data\Microsoft\Services Windows Live\Raccourci Windows Live Messenger.exe 2011-01-10 17:53 . 2011-01-10 17:53 -------- d-----w- c:\windows\BDOSCAN8 2011-01-09 21:15 . 2011-01-09 21:15 -------- d-----w- c:\documents and settings\user\Application Data\Toolbar4 2011-01-09 21:15 . 2011-01-09 21:21 -------- d-----w- c:\documents and settings\All Users\Application Data\IMinent 2011-01-09 12:48 . 2011-01-10 16:22 -------- d-----w- c:\documents and settings\user\Local Settings\Application Data\BrotherSoft_Extreme 2011-01-09 12:47 . 2011-01-09 12:50 -------- d-----w- c:\program files\BrotherSoft_Extreme 2011-01-09 12:44 . 2011-01-09 12:50 -------- d-----w- c:\documents and settings\user\Application Data\GetRightToGo 2011-01-08 20:12 . 2011-01-08 20:12 -------- d-----w- C:\Messenger 2011-01-08 19:34 . 2011-01-08 19:34 -------- d-----w- c:\documents and settings\All Users\Application Data\WLInstaller 2011-01-08 16:47 . 2011-01-08 16:47 -------- d-----w- c:\program files\Hero Fighter 2011-01-08 14:59 . 2011-01-08 14:59 -------- d-----w- c:\documents and settings\user\Local Settings\Application Data\EoRezo 2011-01-08 14:59 . 2011-01-08 14:59 -------- d-----w- c:\documents and settings\user\Application Data\EoRezo 2011-01-08 09:54 . 2011-01-08 09:54 -------- d-----w- c:\windows\system32\fr-fr 2011-01-08 09:39 . 2011-01-08 09:39 -------- d--h--w- c:\windows\$hf_mig$ 2011-01-07 08:10 . 2011-01-07 08:12 -------- d-----w- c:\documents and settings\user\Application Data\UseNeXT 2011-01-07 08:10 . 2011-01-07 08:10 -------- d-----w- c:\program files\MSN Toolbar 2011-01-07 08:09 . 2011-01-07 08:09 -------- d-----w- c:\program files\UseNeXT 2011-01-07 08:09 . 2011-01-07 08:10 -------- d-----w- c:\program files\MSN Messenger 2011-01-07 07:58 . 2011-01-10 16:23 -------- d-----w- c:\documents and settings\user\Local Settings\Application Data\Softonic_France 2011-01-07 07:58 . 2011-01-07 08:11 -------- d-----w- c:\documents and settings\user\Local Settings\Application Data\ConduitEngine 2011-01-07 07:58 . 2011-01-07 07:58 -------- d-----w- c:\program files\ConduitEngine 2011-01-07 07:58 . 2011-01-07 07:58 -------- d-----w- c:\program files\Softonic_France 2011-01-06 15:33 . 2011-01-06 15:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Canneverbe Limited 2011-01-06 15:33 . 2011-01-06 15:33 -------- d-----w- c:\documents and settings\user\Application Data\Canneverbe Limited 2011-01-06 15:33 . 2009-11-12 12:48 7168 ----a-w- c:\windows\system32\drivers\StarOpen.sys 2011-01-06 15:32 . 2011-01-06 15:33 -------- d-----w- c:\program files\CDBurnerXP 2011-01-04 19:59 . 2011-01-04 19:59 -------- d-----w- c:\program files\Mozilla Firefox 4.0 Beta 8 2010-12-28 17:43 . 2010-12-30 22:09 -------- d-----w- c:\program files\VideoConverter 2010-12-25 10:15 . 2011-01-18 21:26 -------- d-----w- c:\documents and settings\user\Application Data\IDM 2010-12-25 10:15 . 2011-01-18 21:26 -------- d-----w- c:\program files\Internet Download Manager 2010-12-24 21:44 . 2011-01-07 07:49 -------- d-----w- C:\Downloads 2010-12-24 21:41 . 2011-01-11 20:17 -------- d-----w- c:\documents and settings\user\Application Data\Free Download Manager 2010-12-24 21:41 . 2010-12-24 21:41 -------- d-----w- c:\documents and settings\All Users\Application Data\FreeDownloadManager.ORG 2010-12-24 21:41 . 2011-01-10 20:48 -------- d-----w- c:\program files\Free Download Manager 2010-12-23 22:30 . 2010-12-23 22:30 -------- d-----w- c:\documents and settings\user\Application Data\skypePM 2010-12-23 20:41 . 2010-12-23 20:41 3584 ----a-r- c:\documents and settings\user\Application Data\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe 2010-12-23 20:41 . 2010-12-23 20:41 -------- d-----w- c:\program files\Windows Installer Clean Up 2010-12-23 20:39 . 2010-12-23 20:39 -------- d-----w- c:\program files\MSECACHE 2010-12-23 20:27 . 2010-12-23 20:27 -------- d-----w- C:\rsit 2010-12-23 20:27 . 2010-12-23 20:27 -------- d-----w- c:\program files\trend micro 2010-12-23 17:45 . 2011-01-07 08:40 -------- d-----w- c:\documents and settings\user\Application Data\MSNInstaller 2010-12-21 19:24 . 2010-12-21 19:25 -------- d-----w- c:\program files\Yacc Yet Another CSO Compressor . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-01-18 21:33 . 2009-06-27 20:35 10000 --sh--r- c:\windows\system32\.vbe 2011-01-18 21:33 . 2009-06-27 20:35 10000 --sh--r- c:\windows\.vbe 2010-12-19 19:35 . 2010-12-19 19:36 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}] 2010-11-13 20:58 3913000 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{8A6264B5-A8F2-494B-8F37-CF898A763E42}"= "c:\program files\Net_Games\tbNet0.dll" [2009-07-15 2224152] [HKEY_CLASSES_ROOT\clsid\{8a6264b5-a8f2-494b-8f37-cf898a763e42}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-09-17 8491008] "SiSPower"="SiSPower.dll" [2005-06-09 49152] "SoundMan"="SOUNDMAN.EXE" [2005-06-20 77824] "RaidTool"="c:\program files\VIA\RAID\raid_tool.exe" [2005-06-20 1056768] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-09-17 81920] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows\Currentversion\policies\explorer\Run] "HOMR-09BB4389E7"=".vbe" [2011-01-18 10000] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk backup=c:\windows\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^user^Menu Démarrer^Programmes^Démarrage^Product Registration.lnk] path=c:\documents and settings\user\Menu Démarrer\Programmes\Démarrage\Product Registration.lnk backup=c:\windows\pss\Product Registration.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^user^Menu Démarrer^Programmes^Démarrage^Reboot.exe] path=c:\documents and settings\user\Menu Démarrer\Programmes\Démarrage\Reboot.exe backup=c:\windows\pss\Reboot.exeStartup [HKLM\~\startupfolder\C:^Documents and Settings^user^Menu Démarrer^Programmes^Démarrage^Scol.lnk] path=c:\documents and settings\user\Menu Démarrer\Programmes\Démarrage\Scol.lnk backup=c:\windows\pss\Scol.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^user^Menu Démarrer^Programmes^Démarrage^Sid Registration.lnk] path=c:\documents and settings\user\Menu Démarrer\Programmes\Démarrage\Sid Registration.lnk backup=c:\windows\pss\Sid Registration.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] c:\windows\system32\dumprep 0 -k [X] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] 2007-09-17 00:07 1626112 -c--a-w- c:\windows\system32\nwiz.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\wcmdmgr] 2002-09-27 13:47 20480 -c--a-w- c:\windows\wt\updater\wcmdmgrl.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "d:\\Nexuiz\\nexuiz.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\SCOL\\UsmWin.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "c:\\Documents and Settings\\user\\Bureau\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\WINDOWS\\system32\\dpvsetup.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "8146:TCP"= 8146:TCP:ctnllrgy R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [23/11/2009 19:16 33920] R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [18/07/2010 19:31 64288] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [06/07/2010 18:28 1375992] R2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\system32\nlssrv32.exe [18/12/2009 10:58 57344] R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\kernexplorer.sys [19/12/2010 20:35 15264] S2 qjstkqhr;Task Windows;c:\windows\system32\svchost.exe -k netsvcs [04/08/2004 05:55 14336] S3 FXDRV;FXDRV;\??\e:\fxdrv.sys --> e:\Fxdrv.sys [?] S3 zeaiyk;zeaiyk;c:\windows\system32\02.tmp [01/09/2010 17:43 4096] --- Other Services/Drivers In Memory --- *NewlyCreated* - LAVASOFT_KERNEXPLORER HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs qjstkqhr . Contents of the 'Scheduled Tasks' folder 2011-01-18 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-07-06 19:34] . . ------- Supplementary Scan ------- . uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} mStart Page = hxxp://www.qaadi.com/ IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: Tout télécharger avec Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm IE: Télécharger avec Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm IE: Télécharger la sélection avec Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm IE: Télécharger la vidéo avec Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm TCP: {0D2E36BE-9B21-4DC5-84AD-FEDDF7FEF1EB} = 192.168.1.1 DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.zebulon.fr/scan8/oscan8.cab FF - ProfilePath - c:\documents and settings\user\Application Data\Mozilla\Firefox\Profiles\x7s1924b.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2857572&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - Bing FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?mkt=fr-FR&form=MIMWA1&q= FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox 4.0 Beta 8\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com FF - Ext: Elf 1.15 Community Toolbar: {b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} - %profile%\extensions\{b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} FF - Ext: LavaFox V1: info@djzig.com - %profile%\extensions\info@djzig.com FF - Ext: Softonic_France Community Toolbar: {4daac69c-cba7-45e2-9bc8-1044483d3352} - %profile%\extensions\{4daac69c-cba7-45e2-9bc8-1044483d3352} FF - Ext: Elf 1 Community Toolbar: {22e03916-85c5-44b0-8dc9-1830c11238d9} - %profile%\extensions\{22e03916-85c5-44b0-8dc9-1830c11238d9} FF - Ext: BrotherSoft Extreme Community Toolbar: {51a86bb3-6602-4c85-92a5-130ee4864f13} - %profile%\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13} FF - Ext: Elf 1.12 Community Toolbar: {38542454-dfb6-44f5-b052-d4e071a3d073} - %profile%\extensions\{38542454-dfb6-44f5-b052-d4e071a3d073} FF - Ext: IMinent Toolbar: {C9B68337-E93A-44EA-94DC-CB300EC06444} - %profile%\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444} . - - - - ORPHANS REMOVED - - - - WebBrowser-{4DAAC69C-CBA7-45E2-9BC8-1044483D3352} - (no file) WebBrowser-{51A86BB3-6602-4C85-92A5-130EE4864F13} - (no file) WebBrowser-{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - c:\program files\IMinent Toolbar\tbcore3.dll MSConfigStartUp-eorezo - c:\program files\EoRezo\eorezo.exe MSConfigStartUp-IDMan - c:\program files\Internet Download Manager\IDMan.exe MSConfigStartUp-IMBooster - c:\program files\Iminent\IMBooster\IMBooster.exe MSConfigStartUp-Iminent - c:\program files\Iminent\SearchTheWeb\Iminent.Notifier.exe MSConfigStartUp-Nokia - c:\program files\Nokia\Nokia PC Suite 6\PCSync2.exe MSConfigStartUp-PC Suite Tray - c:\program files\Nokia\Nokia PC Suite 6\PCSuite.exe MSConfigStartUp-Software Informer - c:\program files\Software Informer\softinfo.exe AddRemove-Aargon - c:\program files\Twilight\Aargon\Uninst.isu AddRemove-Cars Quatre Roues - Aventures à Radiator Springs - c:\games\Uninstall_Cars Quatre Roues - Aventures à Radiator Springs\Uninstall Cars Quatre Roues - Aventures à Radiator Springs.exe AddRemove-Comanche 4 - c:\program files\NovaLogic\Comanche 4\Uninst.isu AddRemove-Comanche 4 Demo - c:\program files\NovaLogic\Comanche 4 Demo\Uninst.isu AddRemove-HijackThis - G:\HijackThis.exe AddRemove-IMBoosterARP - c:\program files\Iminent\IMBooster\inst\Bootstrapper\Bootstrapper.exe AddRemove-Beach Soccer - c:\program files\Beach Soccer\uninstall.exe AddRemove-Jurassic Realm - c:\program files\Jurassic Realm\Uninstall.exe AddRemove-Notification de cadeaux MSN - c:\documents and settings\user\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-01-18 22:33 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\zeaiyk] "ImagePath"="\??\c:\windows\system32\02.tmp" [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\qjstkqhr] "ServiceDll"="c:\windows\system32\olgryduv.dll" . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-1078081533-1563985344-1801674531-1003\Software\Microsoft\SystemCertificates\AddressBook*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}] @Denied: (Full) (Everyone) "scansk"=hex(0):3b,bf,c2,bb,a1,85,b8,8f,16,92,a5,12,82,d4,d0,d5,6c,f0,2c,4c,bd, b7,fb,aa,46,b9,3e,54,34,2b,50,2b,e9,08,f6,13,5f,26,9f,e2,00,00,00,00,00,00,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{984e95e0-a5c2-4096-958d-cbb17366e57b}] @Denied: (Full) (Everyone) "Model"=dword:00000010 "Therad"=dword:0000001e "MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26, 38,95,44,7c,a3,58,23,ec,af,2d,15,15,ef,a1,46,54,19,6c,0d,35,95,e0,f3,7c,6d,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\SWd*a*p*t*e*r*s*\NdisWanIp] "LLInterface"="?????P" "IpConfig"=multi:"Tcpip\\Parameters\\Interfaces\\{6F9846C8-AC59-467F-AA96-F3278311DD67}\00Tcpip\\Parameters\\Interfaces\\{ED17079F-F40B-4E69-8210-E28ADCC5AF04}\00Tcpip\\Parameters\\Interfaces\\{73B19DBA-D63B-4255-A056-65B79160EE31}\00\00" "NumInterfaces"=dword:00000003 "IpInterfaces"=hex:c8,46,98,6f,59,ac,7f,46,aa,96,f3,27,83,11,dd,67,9f,07,17,ed, 0b,f4,69,4e,82,10,e2,8a,dc,c5,af,04,ba,9d,b1,73,3b,d6,55,42,a0,56,65,b7,91,\ . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'explorer.exe'(3504) c:\windows\system32\msi.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\Lavasoft\Ad-Aware 2007\aawservice.exe c:\program files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE c:\program files\CDBurnerXP\NMSAccessU.exe c:\windows\system32\nvsvc32.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\windows\system32\wdfmgr.exe c:\windows\system32\wbem\unsecapp.exe c:\program files\Lavasoft\Ad-Aware\AAWTray.exe c:\windows\SOUNDMAN.EXE c:\windows\system32\RUNDLL32.EXE c:\windows\System32\WScript.exe . ************************************************************************** . Completion time: 2011-01-18 22:45:04 - machine was rebooted ComboFix-quarantined-files.txt 2011-01-18 21:44 ComboFix2.txt 2008-11-22 17:07 ComboFix3.txt 2008-11-15 17:53 Pre-Run: 6 838 105 600 octets libres Post-Run: 6ÿ805ÿ674ÿ496 octets libres - - End Of File - - 5CF9349FB879C4EEFEE8FF0ED90B5EBB
  14. bullbizar
    Salut Thanos, Pas de problème pour le zapping, je n'ai jamais douté de la bonne foi des membres de ce forum, j'y ai toujours trouvé l'aide nécessaire. Je te poste les deux logs demandés.Bonne analyse et Merci encore. Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Version de la base de données: 5504 Windows 5.1.2600 Service Pack 2 Internet Explorer 7.0.5730.13 11/01/2011 19:19:17 mbam-log-2011-01-11 (19-19-17).txt Type d'examen: Examen complet (C:\|D:\|) Elément(s) analysé(s): 261470 Temps écoulé: 46 minute(s), 57 seconde(s) Processus mémoire infecté(s): 1 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 4 Valeur(s) du Registre infectée(s): 1 Elément(s) de données du Registre infecté(s): 3 Dossier(s) infecté(s): 1 Fichier(s) infecté(s): 12 Processus mémoire infecté(s): c:\documents and settings\user\application data\EoRezo\EoRezo\softwareupdatehp.exe (Rogue.Eorezo) -> 1864 -> Unloaded process successfully. Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CURRENT_USER\Software\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Windowsfirwall (Worm.Sohanad) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\eoRezo_is1 (Rogue.Eorezo) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SoftwareHelper (Rogue.Eorezo) -> Value: SoftwareHelper -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (PUM.Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully. Dossier(s) infecté(s): c:\program files\eoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully. Fichier(s) infecté(s): c:\documents and settings\user\application data\EoRezo\EoRezo\softwareupdatehp.exe (Rogue.Eorezo) -> Quarantined and deleted successfully. c:\program files\eoRezo\eorezo.exe (Rogue.Eorezo) -> Quarantined and deleted successfully. c:\documents and settings\user\application data\EoRezo\EoRezo\softwareupdate.exe (Rogue.Eorezo) -> Quarantined and deleted successfully. c:\documents and settings\user\Bureau\backups\backup-20110110-214816-704.dll (Rogue.Eorezo) -> Quarantined and deleted successfully. c:\system volume information\_restore{d94a209a-92b7-4305-a1dd-2d9f1f42301a}\RP187\A0284519.dll (Rogue.Eorezo) -> Quarantined and deleted successfully. d:\system volume information\_restore{d94a209a-92b7-4305-a1dd-2d9f1f42301a}\RP167\A0227785.EXE (Malware.Packer.Gen) -> Quarantined and deleted successfully. d:\Winrar3.51\Patch09c.exe (Trojan.Generic) -> Quarantined and deleted successfully. c:\WINDOWS\system32\sexy girls.scr (Trojan.Delf) -> Quarantined and deleted successfully. c:\WINDOWS\inf\smss.exe (Trojan.Delf) -> Quarantined and deleted successfully. c:\program files\eoRezo\confmedia.cyp (Rogue.Eorezo) -> Quarantined and deleted successfully. c:\program files\eoRezo\unins000.dat (Rogue.Eorezo) -> Quarantined and deleted successfully. c:\program files\eoRezo\unins000.exe (Rogue.Eorezo) -> Quarantined and deleted successfully. Logfile of random's system information tool 1.08 (written by random/random) Run by user at 2011-01-11 19:35:02 Microsoft Windows XP Professionnel Service Pack 2 System drive C: has 2 GB (6%) free of 38 GB Total RAM: 511 MB (37% free) HijackThis download failed ======Scheduled tasks folder====== C:\windows\tasks\Ad-Aware Update (Weekly).job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}] IDMIEHlprObj Class - C:\Program Files\Internet Download Manager\IDMIECC.dll [2010-12-23 202160] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}] Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-11-13 3913000] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352] {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Barre d'outils MSN - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll [2005-02-07 203464] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-09-17 8491008] "SiSPower"=SiSPower.dll,ModeAgent [] "SoundMan"=C:\windows\SOUNDMAN.EXE [2005-06-20 77824] "RaidTool"=C:\Program Files\VIA\RAID\raid_tool.exe [2005-06-20 1056768] "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-09-17 81920] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "HOMR-09BB4389E7"=C:\windows\system32\.vbe [2011-01-11 10000] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\windows\system32\ctfmon.exe [2004-08-04 15360] "IDMan"=C:\Program Files\Internet Download Manager\IDMan.exe [2010-12-23 3274136] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eorezo] C:\Program Files\EoRezo\eorezo.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan] C:\Program Files\Internet Download Manager\IDMan.exe [2010-12-23 3274136] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMBooster] C:\Program Files\Iminent\IMBooster\IMBooster.exe /warmup [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Iminent.Notifier] C:\Program Files\Iminent\SearchTheWeb\Iminent.Notifier.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] C:\windows\system32\dumprep 0 -k [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe /NoDialog [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] nwiz.exe /install [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe -onlytray [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Software Informer] C:\Program Files\Software Informer\softinfo.exe -autorun [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\wcmdmgr] C:\WINDOWS\wt\updater\wcmdmgrl.exe [2002-09-27 20480] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk] C:\PROGRA~1\FICHIE~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2003-11-15 110592] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk] C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2004-12-14 29696] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^user^Menu Démarrer^Programmes^Démarrage^Product Registration.lnk] E:\ATR1.EXE /remind /language=FRA /PRNM=Product [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^user^Menu Démarrer^Programmes^Démarrage^Reboot.exe] C:\Documents and Settings\user\Menu Démarrer\Programmes\Démarrage\Reboot.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^user^Menu Démarrer^Programmes^Démarrage^Scol.lnk] C:\PROGRA~1\SCOL\UsmWin.exe [1999-05-26 36864] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^user^Menu Démarrer^Programmes^Démarrage^Sid Registration.lnk] E:\ATR1.exe /remind /language=FRA /PRNM=Sid/PRMP=PIRS/SKUN=PCXX/GTYP=STRY [] C:\Documents and Settings\user\Menu Démarrer\Programmes\Démarrage Notification de cadeaux MSN.lnk - C:\Documents and Settings\user\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"=0 "NoDriveTypeAutoRun"=145 "DisallowRun"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoResolveSearch"=1 "NoDriveTypeAutoRun"=227 "NoDrives"=0 "NoDriveAutoRun"=67108863 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\RY's GAMES\Serious Sam\Bin\SeriousSam.exe"="C:\Program Files\RY's GAMES\Serious Sam\Bin\SeriousSam.exe:*:Enabled:SeriousSam" "C:\Program Files\EA Games\MOHAA\MOHAA.exe"="C:\Program Files\EA Games\MOHAA\MOHAA.exe:*:Enabled:Medal of Honor Allied Assault" "D:\Pc Gamer\Serious Sam 2\Bin\Sam2.exe"="D:\Pc Gamer\Serious Sam 2\Bin\Sam2.exe:*:Disabled:Sam2" "C:\Program Files\Duke Nukem - Manhattan Project\prism3d.exe"="C:\Program Files\Duke Nukem - Manhattan Project\prism3d.exe:*:Disabled:prism3d" "C:\Program Files\TmNationsForever\TmForever.exe"="C:\Program Files\TmNationsForever\TmForever.exe:*:Enabled:TmForever" "C:\Program Files\Raven\SOF GOLD\SoF.exe"="C:\Program Files\Raven\SOF GOLD\SoF.exe:*:Enabled:SoF" "C:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe"="C:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe:*:Enabled:TmNationsESWC" "C:\Program Files\GameTop.com\Extreme Racers\Extreme Racers.exe"="C:\Program Files\GameTop.com\Extreme Racers\Extreme Racers.exe:*:Enabled:Cipher Game Engine" "D:\Nexuiz\nexuiz.exe"="D:\Nexuiz\nexuiz.exe:*:Enabled:Nexuiz" "C:\Program Files\www.SmallGames.ws\Beach Head - Desert War\BH2Game\BH2.exe"="C:\Program Files\www.SmallGames.ws\Beach Head - Desert War\BH2Game\BH2.exe:*:Enabled:BH2" "C:\Program Files\Sierra\SWAT 4\Content\System\Swat4.exe"="C:\Program Files\Sierra\SWAT 4\Content\System\Swat4.exe:*:Enabled:SWAT 4" "C:\Program Files\Microsoft Games\Age of Empires II The Conquerors Expansion Trial\age2_x1t.exe"="C:\Program Files\Microsoft Games\Age of Empires II The Conquerors Expansion Trial\age2_x1t.exe:*:Enabled:Age of Empires II Expansion" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" "C:\Documents and Settings\user\Local Settings\temp\Rar$EX02.984\Nexuiz\nexuiz.exe"="C:\Documents and Settings\user\Local Settings\temp\Rar$EX02.984\Nexuiz\nexuiz.exe:*:Enabled:Nexuiz" "C:\Games\Nexuiz\nexuiz-sdl.exe"="C:\Games\Nexuiz\nexuiz-sdl.exe:*:Enabled:Nexuiz" "C:\Games\Nexuiz\nexuiz.exe"="C:\Games\Nexuiz\nexuiz.exe:*:Enabled:Nexuiz" "C:\Program Files\UrbanTerror\ioUrbanTerror.exe"="C:\Program Files\UrbanTerror\ioUrbanTerror.exe:*:Enabled:ioUrbanTerror" "C:\Program Files\MotoGP2\motogp2.exe"="C:\Program Files\MotoGP2\motogp2.exe:*:Enabled:motogp2" "C:\Program Files\Zone.com Deluxe Games\Hexic Deluxe\HexicDeluxe.exe"="C:\Program Files\Zone.com Deluxe Games\Hexic Deluxe\HexicDeluxe.exe:*:Disabled:Hexic Deluxe" "C:\Program Files\SCOL\UsmWin.exe"="C:\Program Files\SCOL\UsmWin.exe:*:Enabled:UsmWin" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\Internet Download Manager\IDMan.exe"="C:\Program Files\Internet Download Manager\IDMan.exe:*:Enabled:Internet Download Manager (IDM)" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" "C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager" "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.5" "G:\Messenger\msmsgs.exe"="G:\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Documents and Settings\user\Bureau\Windows Live\Messenger\msnmsgr.exe"="C:\Documents and Settings\user\Bureau\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test" "C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.5" ======File associations====== .scr - config - "%1" %* ======List of files/folders created in the last 1 months====== 2011-01-11 18:27:27 ----A---- C:\windows\system32\drivers\mbamswissarmy.sys 2011-01-11 18:27:23 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2011-01-11 18:27:23 ----A---- C:\windows\system32\drivers\mbam.sys 2011-01-10 18:53:10 ----D---- C:\windows\BDOSCAN8 2011-01-09 22:15:34 ----D---- C:\Documents and Settings\user\Application Data\Toolbar4 2011-01-09 22:15:01 ----D---- C:\Documents and Settings\All Users\Application Data\IMinent 2011-01-09 13:47:44 ----D---- C:\Program Files\BrotherSoft_Extreme 2011-01-09 13:44:42 ----D---- C:\Documents and Settings\user\Application Data\GetRightToGo 2011-01-08 21:12:22 ----D---- C:\Messenger 2011-01-08 20:34:03 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller 2011-01-08 17:47:58 ----SHD---- C:\Documents and Settings\user\Application Data\.# 2011-01-08 17:47:29 ----D---- C:\Program Files\Hero Fighter 2011-01-08 15:59:04 ----D---- C:\Documents and Settings\user\Application Data\EoRezo 2011-01-08 10:54:56 ----D---- C:\windows\WBEM 2011-01-08 10:54:53 ----D---- C:\windows\system32\fr-fr 2011-01-08 10:47:50 ----HDC---- C:\windows\ie7 2011-01-08 10:46:03 ----HDC---- C:\windows\$NtServicePackUninstallIDNMitigationAPIs$ 2011-01-08 10:43:16 ----HDC---- C:\windows\$NtServicePackUninstallNLSDownlevelMapping$ 2011-01-08 10:39:03 ----HDC---- C:\windows\$NtUninstallKB915865$ 2011-01-08 10:39:00 ----HD---- C:\windows\$hf_mig$ 2011-01-08 10:38:49 ----N---- C:\windows\system32\xmllite.dll 2011-01-07 09:11:27 ----D---- C:\Documents and Settings\user\Application Data\PriceGong 2011-01-07 09:10:52 ----D---- C:\Documents and Settings\user\Application Data\UseNeXT 2011-01-07 09:10:51 ----D---- C:\Program Files\MSN Toolbar 2011-01-07 09:09:39 ----D---- C:\Program Files\UseNeXT 2011-01-07 09:09:18 ----D---- C:\Program Files\MSN Messenger 2011-01-07 08:58:05 ----D---- C:\Program Files\ConduitEngine 2011-01-07 08:58:01 ----D---- C:\Program Files\Softonic_France 2011-01-06 16:33:21 ----D---- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited 2011-01-06 16:33:20 ----D---- C:\Documents and Settings\user\Application Data\Canneverbe Limited 2011-01-06 16:33:00 ----A---- C:\windows\system32\drivers\StarOpen.sys 2011-01-06 16:32:59 ----D---- C:\Program Files\CDBurnerXP 2011-01-04 20:59:07 ----D---- C:\Program Files\Mozilla Firefox 4.0 Beta 8 2010-12-30 20:12:29 ----A---- C:\Documents and Settings\user\Application Data\svchost.exe 2010-12-28 18:43:42 ----D---- C:\Program Files\VideoConverter 2010-12-25 11:15:32 ----D---- C:\Documents and Settings\user\Application Data\IDM 2010-12-25 11:15:08 ----D---- C:\Program Files\Internet Download Manager 2010-12-24 22:44:42 ----D---- C:\Downloads 2010-12-24 22:41:56 ----D---- C:\Documents and Settings\user\Application Data\Free Download Manager 2010-12-24 22:41:51 ----D---- C:\Documents and Settings\All Users\Application Data\FreeDownloadManager.ORG 2010-12-24 22:41:49 ----D---- C:\Program Files\Free Download Manager 2010-12-23 23:30:09 ----D---- C:\Documents and Settings\user\Application Data\skypePM 2010-12-23 21:41:41 ----D---- C:\Program Files\Windows Installer Clean Up 2010-12-23 21:39:20 ----D---- C:\Program Files\MSECACHE 2010-12-23 21:27:44 ----D---- C:\rsit 2010-12-23 21:27:44 ----D---- C:\Program Files\trend micro 2010-12-23 20:00:32 ----A---- C:\windows\system32\drivers\idmtdi.sys 2010-12-23 18:45:58 ----D---- C:\Documents and Settings\user\Application Data\MSNInstaller 2010-12-21 20:24:57 ----D---- C:\Program Files\Yacc Yet Another CSO Compressor 2010-12-19 21:20:00 ----D---- C:\Documents and Settings\user\Application Data\DMCache 2010-12-19 20:36:03 ----A---- C:\windows\system32\drivers\SBREDrv.sys 2010-12-19 19:19:49 ----D---- C:\Program Files\Mozilla Firefox ======List of files/folders modified in the last 1 months====== 2011-01-11 19:34:15 ----D---- C:\windows\system32 2011-01-11 19:34:15 ----AD---- C:\WINDOWS 2011-01-11 19:34:03 ----D---- C:\windows\temp 2011-01-11 19:32:53 ----D---- C:\windows\system32\drivers 2011-01-11 19:32:53 ----D---- C:\windows\PeerNet 2011-01-11 19:19:16 ----RD---- C:\Program Files 2011-01-11 17:57:53 ----D---- C:\windows\system32\CatRoot2 2011-01-11 17:55:55 ----SD---- C:\windows\Tasks 2011-01-11 13:41:01 ----SD---- C:\Documents and Settings\user\Application Data\Microsoft 2011-01-10 21:25:13 ----AC---- C:\windows\win.ini 2011-01-10 21:25:13 ----AC---- C:\windows\system.ini 2011-01-10 18:53:16 ----SD---- C:\windows\Downloaded Program Files 2011-01-10 18:53:10 ----HD---- C:\windows\inf 2011-01-10 18:43:28 ----N---- C:\windows\SchedLgU.Txt 2011-01-10 18:42:33 ----D---- C:\windows\pss 2011-01-10 18:26:33 ----D---- C:\windows\Prefetch 2011-01-10 17:36:30 ----D---- C:\windows\wt 2011-01-09 22:15:37 ----SHD---- C:\windows\Installer 2011-01-09 22:15:37 ----SHD---- C:\Config.Msi 2011-01-09 22:15:04 ----RSD---- C:\windows\assembly 2011-01-09 22:15:00 ----D---- C:\windows\WinSxS 2011-01-08 11:09:52 ----RSHDC---- C:\windows\system32\dllcache 2011-01-08 11:09:52 ----D---- C:\windows\Help 2011-01-08 11:09:52 ----D---- C:\Program Files\Internet Explorer 2011-01-08 10:55:11 ----D---- C:\windows\system32\config 2011-01-08 10:53:46 ----D---- C:\windows\Media 2011-01-05 21:35:34 ----D---- C:\Documents and Settings\user\Application Data\dvdcss 2011-01-01 10:11:31 ----D---- C:\EMBIRD32 2010-12-30 18:31:51 ----D---- C:\Program Files\EA Games 2010-12-30 18:29:25 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared 2010-12-30 18:27:33 ----HD---- C:\Program Files\Zero G Registry 2010-12-28 20:56:45 ----D---- C:\windows\system32\Adobe 2010-12-28 19:36:04 ----D---- C:\Program Files\Movie Maker 2010-12-27 19:30:19 ----D---- C:\Program Files\Fichiers communs 2010-12-27 19:30:19 ----D---- C:\Documents and Settings\user\Application Data\Skype 2010-12-25 19:57:51 ----D---- C:\Documents and Settings\user\Application Data\Adobe 2010-12-25 19:57:50 ----D---- C:\Documents and Settings\user\Application Data\Macromedia 2010-12-25 19:14:27 ----D---- C:\windows\system32\Macromed 2010-12-24 23:41:00 ----D---- C:\Documents and Settings\user\Application Data\AdobeUM 2010-12-24 20:51:32 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe 2010-12-23 23:26:07 ----D---- C:\Documents and Settings\All Users\Application Data\Skype 2010-12-23 21:45:57 ----AC---- C:\windows\system32\PerfStringBackup.INI 2010-12-23 18:45:27 ----D---- C:\Program Files\MSN 2010-12-20 21:10:35 ----D---- C:\Games 2010-12-20 21:07:58 ----HD---- C:\Program Files\InstallShield Installation Information 2010-12-20 19:18:37 ----D---- C:\windows\Turtix Rescue Adventure 2010-12-20 19:17:17 ----D---- C:\Program Files\MyPlayCity.com 2010-12-20 19:11:57 ----D---- C:\Program Files\Fichiers communs\Ahead 2010-12-20 19:06:51 ----D---- C:\Program Files\Common Files 2010-12-20 19:02:33 ----D---- C:\Program Files\Dweep Gold 2010-12-20 19:02:11 ----D---- C:\Program Files\Bud Redhead 2010-12-20 18:41:33 ----D---- C:\Program Files\My Worst Day WW2 2010-12-20 18:39:55 ----D---- C:\Program Files\Woody Woodpecker 2010-12-20 18:39:03 ----D---- C:\Program Files\Tropix 2010-12-20 18:10:07 ----D---- C:\Program Files\Mindscape 2010-12-20 18:09:33 ----D---- C:\Program Files\MagicBall 2010-12-19 19:20:47 ----D---- C:\Documents and Settings\user\Application Data\Mozilla 2010-12-14 19:17:40 ----A---- C:\dumpconsole.txt ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 fsbts;fsbts; C:\windows\system32\Drivers\fsbts.sys [2009-11-23 33920] R0 Lbd;Lbd; C:\windows\system32\DRIVERS\Lbd.sys [2010-07-06 64288] R0 prohlp02;StarForce Protection Helper Driver v2; C:\windows\System32\drivers\prohlp02.sys [2004-08-09 114016] R0 PxHelp20;PxHelp20; C:\windows\System32\Drivers\PxHelp20.sys [2008-07-04 44944] R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\windows\System32\drivers\sfdrv01.sys [2005-08-10 50688] R0 sfhlp01;StarForce Protection Helper Driver; C:\windows\System32\drivers\sfhlp01.sys [2003-12-01 4832] R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\windows\System32\drivers\sfhlp02.sys [2005-05-16 6656] R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\windows\System32\drivers\sfvfs02.sys [2005-11-03 63488] R0 uagp35;Filtre AGP version 3.5 Microsoft; C:\windows\system32\DRIVERS\uagp35.sys [2004-08-04 44672] R1 IDMTDI;IDMTDI; C:\windows\system32\DRIVERS\idmtdi.sys [2010-12-23 96600] R1 intelppm;Pilote de processeur Intel; C:\windows\system32\DRIVERS\intelppm.sys [2004-08-04 40320] R1 prodrv06;StarForce Protection Environment Driver v6; C:\windows\System32\drivers\prodrv06.sys [2004-08-09 53920] R1 SiSkp;SiSkp; C:\windows\system32\DRIVERS\srvkp.sys [2005-06-09 11904] R2 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr_tdi.sys [2008-12-08 55136] R2 tandpl;tandpl; C:\windows\System32\drivers\tandpl.sys [2003-04-19 4736] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\windows\system32\drivers\ALCXWDM.SYS [2005-06-20 2324480] R3 HidUsb;Pilote de classe HID Microsoft; C:\windows\system32\DRIVERS\hidusb.sys [2001-08-17 9600] R3 mouhid;Pilote HID de souris; C:\windows\system32\DRIVERS\mouhid.sys [2001-08-23 12288] R3 nv;nv; C:\windows\system32\DRIVERS\nv4_mini.sys [2007-09-17 6853088] R3 pfc;Padus ASPI Shell; C:\windows\system32\drivers\pfc.sys [2006-10-02 10368] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\windows\System32\Drivers\RootMdm.sys [2002-09-07 5888] R3 SISNIC;Pilote de carte Fast Ethernet PCI SiS; C:\windows\system32\DRIVERS\sisnic.sys [2004-08-03 32768] R3 usbccgp;Pilote parent générique USB Microsoft; C:\windows\system32\DRIVERS\usbccgp.sys [2004-08-03 31616] R3 usbvideo;Périphérique vidéo USB (WDM); C:\windows\System32\Drivers\usbvideo.sys [2004-08-03 78464] S0 viamraid;viamraid; C:\windows\system32\DRIVERS\viamraid.sys [2005-06-20 60928] S3 CCDECODE;Décodeur sous-titre fermé; C:\windows\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024] S3 FETND5BV;VIA Rhine-Family Fast Ethernet Adapter Driver Service; C:\windows\system32\DRIVERS\fetnd5bv.sys [2005-03-18 42496] S3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\windows\system32\DRIVERS\fetnd5.sys [2001-08-17 27165] S3 FXDRV;FXDRV; \??\E:\Fxdrv.sys [] S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys [] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\windows\system32\drivers\MSTEE.sys [2004-08-03 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\windows\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376] S3 NdisIP;Connection TV/vidéo Microsoft; C:\windows\system32\DRIVERS\NdisIP.sys [2004-08-03 10880] S3 SiS315;SiS315; C:\windows\system32\DRIVERS\sisgrp.sys [2005-06-08 247296] S3 SLIP;Détrameur décalage BDA; C:\windows\system32\DRIVERS\SLIP.sys [2004-08-03 11136] S3 StarOpen;StarOpen; C:\windows\system32\drivers\StarOpen.sys [2009-11-12 7168] S3 streamip;BDA IPSink; C:\windows\system32\DRIVERS\StreamIP.sys [2004-08-03 15360] S3 TSP;TSP; \??\C:\WINDOWS\system32\drivers\klif.sys [] S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerflt.sys [] S3 usbaudio;Pilote USB audio (WDM); C:\windows\system32\drivers\usbaudio.sys [2004-08-03 59264] S3 USBSTOR;Pilote de stockage de masse USB; C:\windows\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] S3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\windows\system32\DRIVERS\usbuhci.sys [2004-08-04 20480] S3 Wdf01000;Wdf01000; C:\windows\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000] S3 WSTCODEC;Codec Teletext standard; C:\windows\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328] S3 zeaiyk;zeaiyk; \??\C:\windows\system32\02.tmp [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 aawservice;Ad-Aware 2007 Service; C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe [2007-06-05 561152] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-12-19 1375992] R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120] R2 nlsX86cc;Nalpeiron Licensing Service; C:\windows\system32\nlssrv32.exe [2009-12-18 57344] R2 NMSAccess;NMSAccess; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2010-03-04 71096] R2 NVSvc;NVIDIA Display Driver Service; C:\windows\system32\nvsvc32.exe [2007-09-17 155716] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2008-12-04 226640] R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912] S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-02-10 68096] S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240] S3 fsssvc;Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592] -----------------EOF-----------------
  15. bullbizar
    Bonjour, Au secours, ça empire de jour en jour!!!!!! http://forum.zebulon.fr/pc-a-nettoyer-t181770.html Merci
  16. bullbizar
    Bonjour, je ne sais pas si Thanos n'est pas encore revenu de vacances et s'il a oublié? Désolé pour mon up et merci encore.
  17. bullbizar
    Bonjour, Merci Thanos, Je te joins les 2 rapports Autre question, je n'arrive pas à installer windows live mesenger. Logfile of random's system information tool 1.08 (written by random/random) Run by user at 2010-12-23 21:27:44 Microsoft Windows XP Professionnel Service Pack 2 System drive C: has 10 GB (26%) free of 38 GB Total RAM: 511 MB (27% free) HijackThis download failed ======Scheduled tasks folder====== C:\windows\tasks\Ad-Aware Update (Weekly).job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352] {8a6264b5-a8f2-494b-8f37-cf898a763e42} - Net Games Toolbar - C:\Program Files\Net_Games\tbNet0.dll [2009-07-15 2224152] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-09-17 8491008] "SiSPower"=SiSPower.dll,ModeAgent [] "SoundMan"=C:\windows\SOUNDMAN.EXE [2005-06-20 77824] "RaidTool"=C:\Program Files\VIA\RAID\raid_tool.exe [2005-06-20 1056768] "wcmdmgr"=C:\WINDOWS\wt\updater\wcmdmgrl.exe [2002-09-27 20480] "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-09-17 81920] "KernelFaultCheck"=C:\windows\system32\dumprep 0 -k [] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "HOMR-09BB4389E7"=C:\windows\system32\.vbe [2010-12-23 10000] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\windows\system32\ctfmon.exe [2004-08-04 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] C:\windows\system32\dumprep 0 -k [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe /NoDialog [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] nwiz.exe /install [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe -onlytray [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^user^Menu Démarrer^Programmes^Démarrage^Product Registration.lnk] E:\ATR1.EXE /remind /language=FRA /PRNM=Product [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^user^Menu Démarrer^Programmes^Démarrage^Sid Registration.lnk] E:\ATR1.exe /remind /language=FRA /PRNM=Sid/PRMP=PIRS/SKUN=PCXX/GTYP=STRY [] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe C:\Documents and Settings\user\Menu Démarrer\Programmes\Démarrage PowerReg Scheduler.exe Reboot.exe Scol.lnk - C:\Program Files\SCOL\UsmWin.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"=0 "NoDriveTypeAutoRun"=145 "DisallowRun"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoResolveSearch"=1 "NoDriveTypeAutoRun"=227 "NoDrives"=0 "NoDriveAutoRun"=67108863 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\RY's GAMES\Serious Sam\Bin\SeriousSam.exe"="C:\Program Files\RY's GAMES\Serious Sam\Bin\SeriousSam.exe:*:Enabled:SeriousSam" "C:\Program Files\EA Games\MOHAA\MOHAA.exe"="C:\Program Files\EA Games\MOHAA\MOHAA.exe:*:Enabled:Medal of Honor Allied Assault" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" "D:\Pc Gamer\Serious Sam 2\Bin\Sam2.exe"="D:\Pc Gamer\Serious Sam 2\Bin\Sam2.exe:*:Disabled:Sam2" "C:\Program Files\Duke Nukem - Manhattan Project\prism3d.exe"="C:\Program Files\Duke Nukem - Manhattan Project\prism3d.exe:*:Disabled:prism3d" "C:\Program Files\TmNationsForever\TmForever.exe"="C:\Program Files\TmNationsForever\TmForever.exe:*:Enabled:TmForever" "C:\Program Files\Raven\SOF GOLD\SoF.exe"="C:\Program Files\Raven\SOF GOLD\SoF.exe:*:Enabled:SoF" "C:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe"="C:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe:*:Enabled:TmNationsESWC" "C:\Program Files\GameTop.com\Extreme Racers\Extreme Racers.exe"="C:\Program Files\GameTop.com\Extreme Racers\Extreme Racers.exe:*:Enabled:Cipher Game Engine" "D:\Nexuiz\nexuiz.exe"="D:\Nexuiz\nexuiz.exe:*:Enabled:Nexuiz" "C:\Program Files\www.SmallGames.ws\Beach Head - Desert War\BH2Game\BH2.exe"="C:\Program Files\www.SmallGames.ws\Beach Head - Desert War\BH2Game\BH2.exe:*:Enabled:BH2" "C:\Program Files\Sierra\SWAT 4\Content\System\Swat4.exe"="C:\Program Files\Sierra\SWAT 4\Content\System\Swat4.exe:*:Enabled:SWAT 4" "C:\Program Files\Microsoft Games\Age of Empires II The Conquerors Expansion Trial\age2_x1t.exe"="C:\Program Files\Microsoft Games\Age of Empires II The Conquerors Expansion Trial\age2_x1t.exe:*:Enabled:Age of Empires II Expansion" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" "C:\Documents and Settings\user\Local Settings\temp\Rar$EX02.984\Nexuiz\nexuiz.exe"="C:\Documents and Settings\user\Local Settings\temp\Rar$EX02.984\Nexuiz\nexuiz.exe:*:Enabled:Nexuiz" "C:\Games\Nexuiz\nexuiz-sdl.exe"="C:\Games\Nexuiz\nexuiz-sdl.exe:*:Enabled:Nexuiz" "C:\Games\Nexuiz\nexuiz.exe"="C:\Games\Nexuiz\nexuiz.exe:*:Enabled:Nexuiz" "C:\Program Files\UrbanTerror\ioUrbanTerror.exe"="C:\Program Files\UrbanTerror\ioUrbanTerror.exe:*:Enabled:ioUrbanTerror" "C:\Program Files\MotoGP2\motogp2.exe"="C:\Program Files\MotoGP2\motogp2.exe:*:Enabled:motogp2" "C:\Program Files\Zone.com Deluxe Games\Hexic Deluxe\HexicDeluxe.exe"="C:\Program Files\Zone.com Deluxe Games\Hexic Deluxe\HexicDeluxe.exe:*:Disabled:Hexic Deluxe" "C:\Program Files\SCOL\UsmWin.exe"="C:\Program Files\SCOL\UsmWin.exe:*:Enabled:UsmWin" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\Internet Download Manager\IDMan.exe"="C:\Program Files\Internet Download Manager\IDMan.exe:*:Enabled:Internet Download Manager (IDM)" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" ======File associations====== .scr - config - "%1" %* ======List of files/folders created in the last 3 months====== 2010-12-23 21:27:44 ----D---- C:\rsit 2010-12-23 21:27:44 ----D---- C:\Program Files\trend micro 2010-12-23 18:45:58 ----D---- C:\Documents and Settings\user\Application Data\MSNInstaller 2010-12-23 13:30:46 ----A---- C:\windows\Active Setup Log.txt 2010-12-21 20:24:57 ----D---- C:\Program Files\Yacc Yet Another CSO Compressor 2010-12-20 21:18:11 ----A---- C:\windows\imsins.BAK 2010-12-19 21:20:00 ----D---- C:\Documents and Settings\user\Application Data\DMCache 2010-12-19 20:36:03 ----A---- C:\windows\system32\drivers\SBREDrv.sys 2010-12-19 19:19:49 ----D---- C:\Program Files\Mozilla Firefox ======List of files/folders modified in the last 3 months====== 2010-12-23 21:27:44 ----RD---- C:\Program Files 2010-12-23 21:25:21 ----D---- C:\windows\Prefetch 2010-12-23 20:56:38 ----D---- C:\windows\temp 2010-12-23 20:56:33 ----SD---- C:\windows\Tasks 2010-12-23 20:55:20 ----D---- C:\windows\system32 2010-12-23 20:55:20 ----AD---- C:\WINDOWS 2010-12-23 20:55:11 ----D---- C:\windows\wt 2010-12-23 20:53:19 ----A---- C:\windows\SchedLgU.Txt 2010-12-23 20:52:53 ----D---- C:\windows\system32\drivers 2010-12-23 19:40:47 ----SHD---- C:\windows\Installer 2010-12-23 18:45:29 ----HD---- C:\windows\inf 2010-12-23 18:45:27 ----D---- C:\Program Files\MSN 2010-12-23 18:21:36 ----D---- C:\windows\system32\CatRoot2 2010-12-20 22:22:08 ----D---- C:\windows\system32\Adobe 2010-12-20 21:18:46 ----AC---- C:\windows\system32\PerfStringBackup.INI 2010-12-20 21:13:22 ----SD---- C:\Documents and Settings\user\Application Data\Microsoft 2010-12-20 21:10:35 ----D---- C:\Games 2010-12-20 21:07:58 ----HD---- C:\Program Files\InstallShield Installation Information 2010-12-20 20:25:27 ----SHD---- C:\Config.Msi 2010-12-20 19:18:37 ----D---- C:\windows\Turtix Rescue Adventure 2010-12-20 19:17:17 ----D---- C:\Program Files\MyPlayCity.com 2010-12-20 19:12:33 ----D---- C:\Program Files\GameTop.com 2010-12-20 19:11:57 ----D---- C:\Program Files\Fichiers communs\Ahead 2010-12-20 19:06:51 ----D---- C:\Program Files\Common Files 2010-12-20 19:05:10 ----D---- C:\Program Files\EA Games 2010-12-20 19:04:46 ----D---- C:\Program Files\GunWarrior 2010-12-20 19:04:12 ----D---- C:\Program Files\GrudgeMatchPool 2010-12-20 19:03:48 ----D---- C:\Program Files\goldminerjoe_full 2010-12-20 19:02:33 ----D---- C:\Program Files\Dweep Gold 2010-12-20 19:02:11 ----D---- C:\Program Files\Bud Redhead 2010-12-20 18:41:33 ----D---- C:\Program Files\My Worst Day WW2 2010-12-20 18:39:55 ----D---- C:\Program Files\Woody Woodpecker 2010-12-20 18:39:03 ----D---- C:\Program Files\Tropix 2010-12-20 18:12:56 ----HD---- C:\Program Files\Zero G Registry 2010-12-20 18:10:07 ----D---- C:\Program Files\Mindscape 2010-12-20 18:10:04 ----AC---- C:\windows\win.ini 2010-12-20 18:09:33 ----D---- C:\Program Files\MagicBall 2010-12-20 18:09:10 ----D---- C:\Program Files\Laser Dolphin 2010-12-20 18:07:04 ----D---- C:\Program Files\Invadazoid 2010-12-20 11:42:06 ----D---- C:\Program Files\Beach Soccer 2010-12-19 19:20:47 ----D---- C:\Documents and Settings\user\Application Data\Mozilla 2010-12-14 19:17:40 ----A---- C:\dumpconsole.txt 2010-12-14 19:11:36 ----D---- C:\Documents and Settings\user\Application Data\Adobe 2010-12-14 19:11:36 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe 2010-12-10 08:38:40 ----AC---- C:\windows\password.ini 2010-12-05 20:45:33 ----AC---- C:\windows\NeroDigital.ini 2010-12-04 19:41:11 ----RSHDC---- C:\windows\system32\dllcache 2010-11-05 11:40:49 ----D---- C:\Program Files\Luxor 2010-10-22 16:40:42 ----D---- C:\EMBIRD32 2010-10-09 09:46:04 ----D---- C:\Program Files\Net_Games ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 fsbts;fsbts; C:\windows\system32\Drivers\fsbts.sys [2009-11-23 33920] R0 Lbd;Lbd; C:\windows\system32\DRIVERS\Lbd.sys [2010-07-06 64288] R0 prohlp02;StarForce Protection Helper Driver v2; C:\windows\System32\drivers\prohlp02.sys [2004-08-09 114016] R0 PxHelp20;PxHelp20; C:\windows\System32\Drivers\PxHelp20.sys [2008-07-04 44944] R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\windows\System32\drivers\sfdrv01.sys [2005-08-10 50688] R0 sfhlp01;StarForce Protection Helper Driver; C:\windows\System32\drivers\sfhlp01.sys [2003-12-01 4832] R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\windows\System32\drivers\sfhlp02.sys [2005-05-16 6656] R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\windows\System32\drivers\sfvfs02.sys [2005-11-03 63488] R0 uagp35;Filtre AGP version 3.5 Microsoft; C:\windows\system32\DRIVERS\uagp35.sys [2004-08-04 44672] R0 viamraid;viamraid; C:\windows\system32\DRIVERS\viamraid.sys [2005-06-20 60928] R1 intelppm;Pilote de processeur Intel; C:\windows\system32\DRIVERS\intelppm.sys [2004-08-04 40320] R1 prodrv06;StarForce Protection Environment Driver v6; C:\windows\System32\drivers\prodrv06.sys [2004-08-09 53920] R1 SiSkp;SiSkp; C:\windows\system32\DRIVERS\srvkp.sys [2005-06-09 11904] R2 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr_tdi.sys [2008-12-08 55136] R2 tandpl;tandpl; C:\windows\System32\drivers\tandpl.sys [2003-04-19 4736] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\windows\system32\drivers\ALCXWDM.SYS [2005-06-20 2324480] R3 HidUsb;Pilote de classe HID Microsoft; C:\windows\system32\DRIVERS\hidusb.sys [2001-08-17 9600] R3 mouhid;Pilote HID de souris; C:\windows\system32\DRIVERS\mouhid.sys [2001-08-23 12288] R3 nv;nv; C:\windows\system32\DRIVERS\nv4_mini.sys [2007-09-17 6853088] R3 pfc;Padus ASPI Shell; C:\windows\system32\drivers\pfc.sys [2006-10-02 10368] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\windows\System32\Drivers\RootMdm.sys [2002-09-07 5888] R3 SISNIC;Pilote de carte Fast Ethernet PCI SiS; C:\windows\system32\DRIVERS\sisnic.sys [2004-08-03 32768] S3 CCDECODE;Décodeur sous-titre fermé; C:\windows\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024] S3 FETND5BV;VIA Rhine-Family Fast Ethernet Adapter Driver Service; C:\windows\system32\DRIVERS\fetnd5bv.sys [2005-03-18 42496] S3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\windows\system32\DRIVERS\fetnd5.sys [2001-08-17 27165] S3 FXDRV;FXDRV; \??\E:\Fxdrv.sys [] S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys [] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\windows\system32\drivers\MSTEE.sys [2004-08-03 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\windows\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376] S3 NdisIP;Connection TV/vidéo Microsoft; C:\windows\system32\DRIVERS\NdisIP.sys [2004-08-03 10880] S3 SiS315;SiS315; C:\windows\system32\DRIVERS\sisgrp.sys [2005-06-08 247296] S3 SLIP;Détrameur décalage BDA; C:\windows\system32\DRIVERS\SLIP.sys [2004-08-03 11136] S3 streamip;BDA IPSink; C:\windows\system32\DRIVERS\StreamIP.sys [2004-08-03 15360] S3 TSP;TSP; \??\C:\WINDOWS\system32\drivers\klif.sys [] S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerflt.sys [] S3 usbaudio;Pilote USB audio (WDM); C:\windows\system32\drivers\usbaudio.sys [2004-08-03 59264] S3 usbccgp;Pilote parent générique USB Microsoft; C:\windows\system32\DRIVERS\usbccgp.sys [2004-08-03 31616] S3 USBSTOR;Pilote de stockage de masse USB; C:\windows\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] S3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\windows\system32\DRIVERS\usbuhci.sys [2004-08-04 20480] S3 usbvideo;Périphérique vidéo USB (WDM); C:\windows\System32\Drivers\usbvideo.sys [2004-08-03 78464] S3 Wdf01000;Wdf01000; C:\windows\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000] S3 WSTCODEC;Codec Teletext standard; C:\windows\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328] S3 zeaiyk;zeaiyk; \??\C:\windows\system32\02.tmp [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 aawservice;Ad-Aware 2007 Service; C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe [2007-06-05 561152] R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120] R2 nlsX86cc;Nalpeiron Licensing Service; C:\windows\system32\nlssrv32.exe [2009-12-18 57344] R2 NVSvc;NVIDIA Display Driver Service; C:\windows\system32\nvsvc32.exe [2007-09-17 155716] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2008-12-04 226640] R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912] S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-12-19 1375992] S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-02-10 68096] S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240] S3 fsssvc;Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592] -----------------EOF----------------- info.txt logfile of random's system information tool 1.08 2010-12-23 21:27:47 ======Uninstall list====== _Peter Pan (By RY's)-->C:\PROGRA~1\RY'SGA~1\PETERP~1\UNWISE.EXE C:\PROGRA~1\RY'SGA~1\PETERP~1\INSTALL.LOG -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Aargon-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Twilight\Aargon\Uninst.isu" Ad-Aware-->"C:\Documents and Settings\All Users\Application Data\{65893B95-F47B-4483-B883-86BA181E9B54}\Ad-AwareInstall.exe" REMOVE=TRUE MODIFY=FALSE Ad-Aware-->C:\Documents and Settings\All Users\Application Data\{65893B95-F47B-4483-B883-86BA181E9B54}\Ad-AwareInstall.exe Adobe Flash Player 10 Plugin-->C:\windows\system32\Macromed\Flash\FlashUtil10l_Plugin.exe -maintain plugin Adobe Illustrator CS-->RunDll32 "C:\Program Files\Fichiers communs\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll",LaunchSetup "C:\Program Files\InstallShield Installation Information\{91A4AD99-69CE-4745-97B7-0E0DFBECFDE5}\setup.exe" Adobe Photoshop CS-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0x40c Adobe Reader 6.0.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A00000000001} Adobe Shockwave Player 11.5-->"C:\windows\system32\Adobe\Shockwave 11\uninstaller.exe" Adobe SVG Viewer 3.0-->C:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Install.log Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe Assistant de connexion Windows Live-->MsiExec.exe /I{D6E592B3-67DA-4BBB-9783-E1838FB253A2} AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe" BATMAN VENGEANCE-->C:\WINDOWS\UbiSoft\SetupUbi.exe -uninstall BATMAN VENGEANCE Cars Quatre Roues - Aventures à Radiator Springs-->"C:\Games\Uninstall_Cars Quatre Roues - Aventures à Radiator Springs\Uninstall Cars Quatre Roues - Aventures à Radiator Springs.exe" CCleaner-->"C:\Program Files\CCleaner\uninst.exe" Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E} Color Efex Pro 3.0 Complete-->D:\Programme files\Photoshop-ImageReadyCs\Modules externes\Nik Software\Color Efex Pro 3.0 Complete\uninstall.exe Comanche 4 Demo-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\NovaLogic\Comanche 4 Demo\Uninst.isu" Comanche 4-->C:\windows\IsUninst.exe -f"C:\Program Files\NovaLogic\Comanche 4\Uninst.isu" Cooking Academy-->"C:\Program Files\Games\Cooking Academy\unins000.exe" Cryo-Networks - SCOL-->C:\Program Files\SCOL\scolsetup.exe C:\Program Files\SCOL Dfine 2.0-->D:\Programme files\Photoshop-ImageReadyCs\Modules externes\Nik Software\Dfine 2.0\uninstall.exe DVD PixPlay-->"C:\Program Files\DVD PixPlay\unins000.exe" EAX Unified-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Creative\EAX Unified\Uninst.isu" Electric 1.0-->C:\WINDOWS\iun6002.exe "D:\irunin.ini" EVEREST Home Edition v2.20-->"C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe" Free Window Registry Repair-->C:\PROGRA~1\FREEWI~1\UNWISE.EXE C:\PROGRA~1\FREEWI~1\INSTALL.LOG Galerie de photos Windows Live-->MsiExec.exe /X{43563ACB-371B-4C58-8979-B192B390424C} Global Operations-->C:\Program Files\InstallShield Installation Information\{ED5AACB5-F387-4DF0-961D-C2E5EA8702CF}\setup.exe -l0x9 Uninstall Grapher 4-->MsiExec.exe /I{E1330943-B9CD-4398-AAFC-C245929F5AAC} HijackThis 2.0.2-->"G:\HijackThis.exe" /uninstall Imagenomic Portraiture 2.0 Plug-in (build 2006)-->C:\Program Files\Imagenomic\Portraiture 2 Plug-in\uninst.exe Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{3CCB732A-E472-4CF9-B1EE-F18365341FE0} Junk Mail filter update-->MsiExec.exe /I{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A} K2000, La Revanche de KITT-->C:\PROGRA~1\Davilex\K2000_~1\UNWISE.EXE C:\PROGRA~1\Davilex\K2000_~1\INSTALL.LOG Lecteur Windows Media 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall LightWeight Ninja-->C:\PROGRA~1\Drengin.net\LWNinja\UNWISE.EXE C:\PROGRA~1\Drengin.net\LWNinja\INSTALL.LOG Little Fighter 2 1.9c-->C:\Program Files\LittleFighter2\LF2_v1.9c\uninst.exe Lizardtech DjVu Control-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{105CFC7C-6992-11D5-BD9D-000102C10FD8}\Setup.exe" -l0x40c Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe" Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC} Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0120-040C-0000-0000000FF1CE} Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9} Microsoft Search Enhancement Pack-->MsiExec.exe /I{299CF645-48C7-4FA1-8BCD-5CE200CF180D} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5} Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB} Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4} MotoGP2-->"C:\Program Files\MotoGP2\unins001.exe" Mozilla Firefox (3.6.13)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27} MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} Need For Speed Hot Pursuit 2-->C:\Program Files\EA Games\Need For Speed Hot Pursuit 2\EAUninstall.exe Net_Games Toolbar-->C:\PROGRA~1\NET_GA~1\UNWISE.EXE /U C:\PROGRA~1\NET_GA~1\INSTALL.LOG NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Paint Shop Pro 7-->MsiExec.exe /I{0F211D27-C463-43A9-9B8A-12CA8D6D90DE} Panda Craze-->"C:\Program Files\Panda Craze\ReflexiveArcade\unins000.exe" PC Connectivity Solution-->MsiExec.exe /I{AC599724-5755-48C1-ABE7-ABB857652930} Perles de rocaille 2.01-->"C:\Program Files\Perles de rocaille\uninstall.exe" Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x40c -removeonly Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} Shadow Illuminator Pro-->MsiExec.exe /X{8B1D967A-032F-44D1-A8CC-D38816D5217F} Sharpener Pro 3.0-->D:\Programme files\Photoshop-ImageReadyCs\Modules externes\Nik Software\Sharpener Pro 3.0\uninstall.exe SiS Mirage Graphics-->Rundll32 SiSInst.dll,Uninstall VGA,R,oem15.inf SONIC HEROES TRIAL-->C:\Program Files\Sega\SONICHEROES TRIAL\unsetup.exe Speed Boat By RY's-->C:\WINDOWS\unin040c.exe -f"C:\Program Files\RY's Games\Speed Boat\DeIsL1.isu" -c"C:\Program Files\RY's Games\Speed Boat\_ISREG32.DLL" Spider-Man 2-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{2F7655DD-793E-40C6-B348-DE67C109F6FF} The Mummy-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{44EAF482-99EB-11D4-8BB4-0080C87AF2C6}\setup.exe" the names of god-->C:\Program Files\the names of god\uninstall.exe Turtix Rescue Adventure-->"C:\WINDOWS\Turtix Rescue Adventure\uninstall.exe" "/U:C:\Program Files\Turtix Rescue Adventure\Uninstall\uninstall.xml" VIA Platform Device Manager-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169} VIA Rhine-Family Fast Ethernet Adapter-->Rundll32.exe vuins32.dll,vuins32Ex $Rhine $VIA Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27} Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\windows\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT="" Viveza 2-->C:\Program Files\Nik Software\Viveza 2\Uninstall Viveza 2.exe VLC media player 0.9.9-->C:\Program Files\VideoLAN\VLC\uninstall.exe WildTangent Updater-->C:\WINDOWS\wt\updater\wcmdmgr.exe -uninstall wcmdmgr.exe WildTangent Web Driver-->C:\WINDOWS\wt\updater/wcmdmgr -uninstall wtwebdriver Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe" Windows Installer 3.1 (KB893803)-->"C:\windows\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe" Windows Live Call-->MsiExec.exe /I{01523985-2098-43AF-9C97-12B07BE02A9B} Windows Live Communications Platform-->MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B} Windows Live Contrôle parental-->MsiExec.exe /X{EB8BAA0D-11EF-4EDC-A960-2AB7CA8F53F0} Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657} Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C} Windows Live Sync-->MsiExec.exe /X{67D0313C-4F15-437D-9A2D-C1564088A26A} Windows Live Toolbar-->MsiExec.exe /X{915809D6-1F93-45F2-9699-5F1DA64DC24B} Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1} Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll WinZip-->"C:\Program Files\WinZip\WINZIP32.EXE" /uninstall Yacc 0.4.0.3-->C:\Program Files\Yacc Yet Another CSO Compressor\uninst.exe ======Security center information====== AV: Lavasoft Ad-Watch Live! Antivirus (disabled) ======System event log====== Computer Name: HOMR-09BB4389E7 Event Code: 6009 Message: Microsoft ® Windows ® 5.01. 2600 Service Pack 2 Uniprocessor Free. Record Number: 1703 Source Name: EventLog Time Written: 20071109113150.000000+060 Event Type: Informations User: Computer Name: HOMR-09BB4389E7 Event Code: 36 Message: Le service de temps n'a pas pu synchroniser l'heure système de 49152 secondes car aucun fournisseur de temps n'a pu fournir de datage utilisable. L'horloge système n'est pas synchronisée. Record Number: 1702 Source Name: W32Time Time Written: 20071109110234.000000+060 Event Type: Avertissement User: Computer Name: HOMR-09BB4389E7 Event Code: 9 Message: Le périphérique \Device\Ide\IdePort0 n'a pas répondu dans le délai imparti. Record Number: 1701 Source Name: atapi Time Written: 20071109100525.000000+060 Event Type: erreur User: Computer Name: HOMR-09BB4389E7 Event Code: 9 Message: Le périphérique \Device\Ide\IdePort0 n'a pas répondu dans le délai imparti. Record Number: 1700 Source Name: atapi Time Written: 20071109100525.000000+060 Event Type: erreur User: Computer Name: HOMR-09BB4389E7 Event Code: 7034 Message: Le service Ad-Aware 2007 Service s'est terminé de façon inattendue pour la 1ème fois. Record Number: 1699 Source Name: Service Control Manager Time Written: 20330825052224.000000+060 Event Type: erreur User: =====Application event log===== Computer Name: HOMR-09BB4389E7 Event Code: 0 Message: Record Number: 5 Source Name: SeaPort Time Written: 20091202211853.000000+060 Event Type: Informations User: Computer Name: HOMR-09BB4389E7 Event Code: 4609 Message: Le système d'événements de COM+ a détecté un code de renvoi erroné lors de son traitement interne. Le HRESULT est 80070005 à partir de la ligne 44 de d:\qxp_slp\com\com1x\src\events\tier1\eventsystemobj.cpp. Contactez les services du Support Technique Microsoft pour signaler cette erreur. Record Number: 4 Source Name: EventSystem Time Written: 20091202211728.000000+060 Event Type: erreur User: Computer Name: HOMR-09BB4389E7 Event Code: 1000 Message: Application défaillante tropix2.exe, version 0.0.0.0, module défaillant tropix2.exe, version 0.0.0.0, adresse de défaillance 0x001a22a6. Record Number: 3 Source Name: Application Error Time Written: 20091202191203.000000+060 Event Type: erreur User: Computer Name: HOMR-09BB4389E7 Event Code: 1800 Message: Le service Centre de sécurité Windows a démarré. Record Number: 2 Source Name: SecurityCenter Time Written: 20091202191125.000000+060 Event Type: Informations User: Computer Name: HOMR-09BB4389E7 Event Code: 0 Message: Record Number: 1 Source Name: SeaPort Time Written: 20091202191108.000000+060 Event Type: Informations User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "NUMBER_OF_PROCESSORS"=1 "OS"=Windows_NT "Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\PC Connectivity Solution;C:\Program Files\Fichiers communs\Ulead Systems\MPEG "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 9, GenuineIntel "PROCESSOR_LEVEL"=15 "PROCESSOR_REVISION"=0409 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "windir"=%SystemRoot% -----------------EOF-----------------
  18. bullbizar
    Bonjour, Suite à la mise en place d'une connexion internet adsl (512Ko) sur le PC des enfants (Il en était dépourvu) P4, 512Mo RAM, DD 60Go, ces derniers se plaignent de la lenteur de leur machine. Ils utilisaient leur PC pour jouer à des jeux sur cd ou ramenés d'internet. Je joins le rapport hijackthis pour analyse et suis attentif à tout conseil et suggestions. Merci par avance et à bientôt.
  19. bullbizar
    Bonjour, Je n'arrive plus à me connecter à ma boite hotmail avec firefox 3 (délai d'attente trop long), par contre je peux le faire via I.E. Comme je suis un adepte de Firefox, ça m'embête énormément et je voudrais bien avec votre aide y remédier. Merci et à bientôt.
  20. bullbizar

    Problème avec Nero

    bullbizar a répondu à un(e) sujet de bullbizar dans Software

    Bonjour, Merci pour la réponse; Tout va de là apparemment, je n'ai pas de licence. En Algérie, les softs se vendent en copie non légales à raison de 1 euro le cd. J'ai téléchargé CDBurnerXP, je pense qu'il ferait l'affaire, sinon je convertis en wav avant de graver. Merci encore.
  21. bullbizar

    Problème avec Nero

    bullbizar a répondu à un(e) sujet de bullbizar dans Software

    Bonjour, Après moult tests et manipulations, j'ai trouvé d'où vient le problème : Il réside dans le fait que Néro ne me crée plus des cd audio à partir de fichiers MP3. En effet, après conversion de ces derniers en fichiers *.wav, j'arrive à créer un cd audio que je peux écouter en voiture. Néanmoins, une question me taraude l'esprit, j'ai déjà créé des cd audio avec le même Néro et le même graveur, d'où pourrait venir le problème???? A bientôt.
  22. bullbizar

    Problème avec Nero

    bullbizar a répondu à un(e) sujet de bullbizar dans Software

    Bonjour, Me voilà de retour; du coup j'ai pris un autre cd, verbatim 52x et j'ai réessayer de graver avec une vitesse de 4x des fichiers mp3 et les memes convertis en wma........j'ai le même problème. Je n'entends rien, l'explorateur windows le reconnait en tant que cd audio, de meme qu'audacity et indique disque plein et la taille des fichiers n'est que de 1Ko (il y'en a 20)!!!!!!!!!. A ce rythme et à force de gaspiller les CD-R, je crois que je vais acheter un CD-RW......au moins je pourrais effacer pour retenter. Merci
  23. bullbizar

    Problème avec Nero

    bullbizar a répondu à un(e) sujet de bullbizar dans Software

    Bonjour, Merci pour tous vos conseils et suggestions, mais un travail monumental m'est tombé dessus!!!!! ( je grave mes cd au bureau, quand j'ai un moment) Je reviendrais, si voulez bien, sur ce problème dans quelques jours. Merci encore et à bientôt.
  24. bullbizar

    Problème avec Nero

    bullbizar a posté un sujet dans Software

    Bonjour, J'utilise NERO 7 pour graver. Hier, je voulais graver un cd audio à partir de fichiers mp3 ( ce que j'ai déja fait par le passé), ça se fait le plus normalement du monde, mais surprise à l'écoute, les pistes s'affichent, le compteur défile, MAIS PAS DE SON!!!!!!!!, que ça soit en voiture, sur PC ou au salon. D'où cela peut-il provenir et surtout comment faire?? Merci pour votre aide et à bientôt.
  25. bullbizar
    Bonjour, Depuis une semaine, je n'arrive plus à lire mes messages sur hotmail. Il s'ouvre, me donne les détails , mais pas possible d'ouvrir les messages. Je vous joins une image de l'apparence bizarre de mon hotmail; sous firefox ou IE c'est pareil!!!! Merci de votre aide.
×
×
  • Créer...