Geomancien

Membres

Afficher le profil Afficher son activité

Compteur de contenus
23
Inscription
le 27 mai 2007
Dernière visite
le 17 mai 2015

Autres informations

Mes langues
francais

Geomancien's Achievements

Member (4/12)

Réputation sur la communauté

Envoi d'un formulaire

Geomancien a posté un sujet dans Programmation

Bonjour, Je suis vraiment novice en programmation. J'ai créé le formulaire que voici: <form id="form_1010965" class="appnitro" method="post" action=""> <div class="form_description"> <p class="centre">Remplissez simplement le formulaire ci-dessous.<br>Vous recevrez vos échantillons gratuits dans quelques jours par la poste.</p> </div> <ul > <li id="li_1" > <label class="description" for="element_1">Nom </label> <span> <input id="element_1_1" name= "element_1_1" class="element text" maxlength="255" size="8" value=""/> <label>Nom</label> </span> <span> <input id="element_1_2" name= "element_1_2" class="element text" maxlength="255" size="14" value=""/> <label>Prénom</label> </span> </li> <li id="li_2" > <label class="description" for="element_2">Addresse </label> <div> <input id="element_2_1" name="element_2_1" class="element text large" value="" type="text"> <label for="element_2_1">Adresse</label> </div> <div class="left"> <input id="element_2_3" name="element_2_3" class="element text medium" value="" type="text"> <label for="element_2_3">Ville</label> </div> <div class="right"> <select class="element select medium" id="element_2_6" name="element_2_6"> <option value="" selected="selected"></option> <option value="Québec" >Québec</option> <option value="Nouvelle-Écosse" >Nouvelle-Écosse</option> <option value="Nouveau-Brunswick" >Nouveau-Brunswick</option> <option value="Ile-du-Prince-Edouard" >Ile-du-Prince-Edouard</option> <option value="Ontario" >Ontario</option> <option value="Manitoba" >Manitoba</option> <option value="Saskatchewan" >Saskatchewan</option> <option value="Alberta" >Alberta</option> <option value="Saskatchewan" >Colombie-Britanique</option> </select> <label for="element_2_4">Province / State</label> </div> <div class="left"> <input id="element_2_5" name="element_2_5" class="element text medium" maxlength="15" value="" type="text"> <label for="element_2_5">Code Postal / Zip Code</label> </div> <div class="right"> <select class="element select medium" id="element_2_6" name="element_2_6"> <option value="" selected="selected"></option> <option value="Canada" >Canada</option> <option value="United States" >United States</option> </select> <label for="element_2_6">Pays / Country</label> </div> </li> <li id="li_3" > <label class="description" for="element_3">Email </label> <div> <input id="element_3" name="element_3" class="element text medium" type="text" maxlength="255" value=""/> </div> </li> <li class="buttons"> <input type="hidden" name="form_id" value="1010965" /> <input id="saveForm" class="button_text" type="submit" name="submit" value="Envoyez" /> </li> </ul> </form> J'aimerais pouvoir envoyer les données du formulaire à mon adresse email. Je ne veux toutefois pas passer par le mail du client. J'aimerais mieux que l'envoi se fasse via le service mail de mon site. Est-ce possible avec ma programmation actuelle ? J'ai comme l'impression que j'aurais dû avoir un code en PHP. Le problème, c'est que j'y connaît rien en PHP. Est-ce que quelqu'un pourrait m'aider ? Merci infiniment Pierre
- le 17 mai 2015
- 1 réponse
Double clic ne fonctionne plus sur le bureau Windows XP

Geomancien a répondu à un(e) sujet de Geomancien dans Software

Merci beaucoup votre aide. Un ami est venu m'aider et on a réussi à régler la situation. Amicalement PIERRE PS Je voulais fermé le sujet mais je ne sais pas comment faire. Désolé...
- le 16 avril 2015
- 9 réponses
Double clic ne fonctionne plus sur le bureau Windows XP

Geomancien a répondu à un(e) sujet de Geomancien dans Software

Salut ! J'ai essayé ton truc mais ça n'a pas fonctionné. Je crois vraiment que ça part du registre car le problème est survenu après un nettoyage de la base de registre. J'ai fouiné un peu avant de demander votre aide et j'ai essayé quelques trucs dans le registre mais rien ne fonctionne. Existe-t-il un outil de diagnostique pour la base de registre que quelqu'un pourrait analyser. Je me suis cru trop bon... J'aurais dû demander de l'aide pour nettoyer le pc...
- le 13 avril 2015
- 9 réponses
Double clic ne fonctionne plus sur le bureau Windows XP

Geomancien a répondu à un(e) sujet de Geomancien dans Software

Merci beaucoup pour votre réponse. C'est une grosse partie de mon problème: la restauration du système était désactiver... Je ne peux donc pas avoir de point de restauration avant la désinfection ( Y a t-il une autre solution ? Merci encore
- le 13 avril 2015
- 9 réponses
Double clic ne fonctionne plus sur le bureau Windows XP

Geomancien a posté un sujet dans Software

Bonjour, Voici mon problème : j'ai voulu aider ma sœur en nettoyant son vieux pc. Il est fonctionne sous XP. J'ai passé quelques logiciels de nettoyage comme Malwarebytes, mwavscan et adware. J'ai également fait une analyse avec CCleaner. Le pc est redevenu clean et plus rapide mais j'ai certainement effacé quelque chose de la base de registre car le double clic et le glisser déposer ne fonctionne plus. J'ai fait des recherches sur le net, essayé différentes manipulations et rien ne marche. Je suis découragé. Je sollicite votre aide en espérant que quelqu'un pourra m'aider. Merci beaucoup Pierre
- le 12 avril 2015
- 9 réponses
PC lent- analyse hijackthis

Geomancien a répondu à un(e) sujet de Geomancien dans Analyses et éradication malwares

Re-bonjour, J'ai fait un ménage de mon ordi en suivant le tuto sur votre site. Je constate une net amélioration. En fait, je crois que le problème vient de firefox. Même en fermant l'application, il reste actif dans mes processus et pompe presque tout le jus de mon UC. J'ai désactivé et supprimé plusieurs modules complémentaires pour voir si le problème pouvait venir de là. Entre-temps, si quelque pouvait analyser mon rapport hijackthis ce serait vraiment apprécié. Merci et je vous tiens au courant si ça va mieux du côté de FF. Bye Pierre
- le 20 août 2010
- 1 réponse
PC lent- analyse hijackthis

Geomancien a posté un sujet dans Analyses et éradication malwares

Bonjour, Depuis un certain temps mon PC est beaucoup plus lent qu'à l'habitude. J'ai souvent l'impression qu'un programme "vire" à l'ouverture de mon ordi. J'ai fait un scan avec hijackthis. Pouvez-vous me dire si vous voyez le problème ? Merci beaucoup Pierre Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:25:31, on 2010-08-19 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files\Fichiers communs\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\WINDOWS\system32\LEXBCES.EXE C:\Program Files\Spamihilator\spamihilator.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe C:\Documents and Settings\Propriétaire\Mes documents\Téléchargements\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url=http://go.microsoft.com/fwlink/?LinkId=69157]MSN : Hotmail, Messenger, Actualité, Sport et Vidéo[/url] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url=http://mystart.incredimail.com/][url=http://mystart.incredimail.com/]http://mystart.incredimail.com/[/url][/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url=http://go.microsoft.com/fwlink/?LinkId=69157]MSN : Hotmail, Messenger, Actualité, Sport et Vidéo[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [url=http://go.microsoft.com/fwlink/?LinkId=54896]Bing[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [url=http://go.microsoft.com/fwlink/?LinkId=54896]Bing[/url] R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url=http://go.microsoft.com/fwlink/?LinkId=69157]MSN : Hotmail, Messenger, Actualité, Sport et Vidéo[/url] R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [spamihilator] "C:\Program Files\Spamihilator\spamihilator.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: Spamihilator.lnk = C:\Program Files\Spamihilator\spamihilator.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Afficher ou masquer l'HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - [url=http://www.zebulon.fr/scan8/oscan8.cab][url=http://www.zebulon.fr/scan8/oscan8.cab]http://www.zebulon.fr/scan8/oscan8.cab[/url][/url] O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - [url=http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1158241279140][url=http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1158241279140]http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1158241279140[/url][/url] O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - [url=http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab][url=http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab]http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab[/url][/url] O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - [url=https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab][url=https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab]https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab[/url][/url] O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - [url=http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx][url=http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx]http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx[/url][/url] O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 8906 bytes
- le 20 août 2010
- 1 réponse
Fenêtre explorer qui s'ouvre seul

Geomancien a répondu à un(e) sujet de Geomancien dans Analyses et éradication malwares

Salut, Effectivement, tout va bien maintenant. Je vais suivre tes conseils merci
- le 4 octobre 2009
- 10 réponses
Fenêtre explorer qui s'ouvre seul

Geomancien a répondu à un(e) sujet de Geomancien dans Analyses et éradication malwares

voilà Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:04:23, on 2009-10-03 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Spamihilator\spamihilator.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\LEXBCES.EXE C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe C:\Program Files\Avira\AntiVir Desktop\avscan.exe C:\Documents and Settings\Propriétaire\Bureau\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.shareazaweb.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O2 - BHO: UrlHelper Class - {CFC4F59B-A2DA-4e12-B337-52A4F871E10C} - C:\Program Files\Shareaza Applications\Shareaza\ShareazaIEHelper.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Shareaza MediaBar - {196C3A46-4758-433D-A600-802C804AF39C} - C:\Program Files\Shareaza Applications\Shareaza MediaBar\ShareazaMediaBar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Spamihilator] "C:\Program Files\Spamihilator\spamihilator.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1100465 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; GTB6; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1); .NET CLR 1.1.4322; .NET CLR 2.0.50727)" -"http://www.jeuxdroles.fr/jeux/body/c2tlaTE0NzBza2Vp.php" O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Afficher ou masquer l'HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1158241279140 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: cbxutur - cbxutur.dll (file missing) O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 9814 bytes Merci
- le 3 octobre 2009
- 10 réponses
Fenêtre explorer qui s'ouvre seul

Geomancien a répondu à un(e) sujet de Geomancien dans Analyses et éradication malwares

Voici l e rapport demandé --------------------\\ Lop S&D 4.2.5-0 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3400+ ) BIOS : Phoenix - AwardBIOS v6.00PG USER : Propriétaire ( Administrator ) BOOT : Normal boot Antivirus : AntiVir Desktop 9.0.1.32 (Not Activated) C:\ (Local Disk) - NTFS - Total:148 Go (Free:116 Go) D:\ (CD or DVD) E:\ (USB) F:\ (USB) G:\ (USB) H:\ (USB) "C:\Lop SD" ( MAJ : 19-12-2008|23:40 ) Option : [2] ( 2009-10-02|22:14 ) \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION - [ Fichier Hosts ] .. Restaure! \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ --------------------\\ Listing des dossiers dans APPLIC~1 [2009-10-01|06:27] C:\DOCUME~1\ADMINI~1\APPLIC~1\Malwarebytes [2007-05-29|18:55] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft [2008-05-25|22:16] C:\DOCUME~1\ADMINI~1\APPLIC~1\Mozilla [2009-03-27|18:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3} [2009-09-18|20:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{755AC846-7372-4AC8-8550-C52491DAA8BD} [2009-02-14|15:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{83C91755-2546-441D-AC40-9A6B4B860800} [2009-05-22|21:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} [2009-05-13|22:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\1B203 [2009-04-26|19:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\1F1B5 [2009-05-10|21:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\218C [2009-04-24|23:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2B36B [2009-04-26|20:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\300 [2009-05-28|23:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\32BB [2009-05-30|22:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\34138 [2009-05-29|00:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\342CE [2009-05-10|21:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\36203 [2009-05-15|22:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\36FA [2009-04-20|16:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\38290 [2009-05-18|20:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\391D4 [2009-05-11|23:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\4213 [2008-11-21|23:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [2006-09-14|11:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead [2007-07-02|19:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple [2007-04-23|21:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer [2007-05-29|18:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avg7 [2009-04-30|07:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira [2009-03-22|13:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU [2006-09-14|11:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink [2009-05-12|00:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\D9C [2009-08-04|07:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DriverScanner [2007-05-12|13:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ErrorProtector Free [2009-02-15|09:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ESET [2009-05-03|21:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\F167 [2009-05-06|22:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\F5D [2009-03-03|23:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google [2009-09-07|10:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP [2009-09-07|10:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP Product Assistant [2008-10-14|21:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM [2008-10-14|21:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail [2008-12-25|16:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak [2008-06-04|09:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft [2009-09-22|10:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com [2009-03-02|21:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes [2009-09-06|07:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [2007-02-25|15:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Swift Sound [2006-12-02|00:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles [2008-07-28|22:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype [2008-10-13|21:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson [2009-02-14|10:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy [2007-06-30|19:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TechSmith [2008-10-13|21:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca [2007-02-25|17:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP [2009-09-07|10:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WEBREG [2006-09-14|10:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [2007-07-17|22:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip [2006-09-13|16:59] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [2008-07-25|09:48] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe [2007-06-18|06:42] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [2007-02-25|15:01] C:\DOCUME~1\LOCALS~1\APPLIC~1\NCH Swift Sound [2007-05-29|18:55] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft [2008-11-05|21:09] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe [2007-01-11|00:02] C:\DOCUME~1\PROPRI~1\APPLIC~1\AdobeUM [2007-08-06|21:15] C:\DOCUME~1\PROPRI~1\APPLIC~1\Ahead [2008-03-21|23:56] C:\DOCUME~1\PROPRI~1\APPLIC~1\Apple Computer [2009-03-22|13:30] C:\DOCUME~1\PROPRI~1\APPLIC~1\AVS4YOU [2009-07-25|16:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\Coby Media Manager [2007-11-01|22:24] C:\DOCUME~1\PROPRI~1\APPLIC~1\CyberLink [2007-08-07|22:36] C:\DOCUME~1\PROPRI~1\APPLIC~1\DivX [2007-01-14|21:04] C:\DOCUME~1\PROPRI~1\APPLIC~1\Google [2009-09-07|10:17] C:\DOCUME~1\PROPRI~1\APPLIC~1\HP [2009-10-02|22:06] C:\DOCUME~1\PROPRI~1\APPLIC~1\HPAppData [2009-09-15|17:44] C:\DOCUME~1\PROPRI~1\APPLIC~1\HpUpdate [2006-09-14|09:16] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities [2008-11-26|20:20] C:\DOCUME~1\PROPRI~1\APPLIC~1\KompoZer [2008-06-04|09:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\Lavasoft [2009-09-28|19:35] C:\DOCUME~1\PROPRI~1\APPLIC~1\LimeWire [2006-11-28|23:15] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia [2009-03-02|21:09] C:\DOCUME~1\PROPRI~1\APPLIC~1\Malwarebytes [2009-03-22|08:00] C:\DOCUME~1\PROPRI~1\APPLIC~1\Media Player Classic [2007-07-02|21:03] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft [2008-07-28|17:03] C:\DOCUME~1\PROPRI~1\APPLIC~1\Mozilla [2007-02-25|14:51] C:\DOCUME~1\PROPRI~1\APPLIC~1\Musicmatch [2007-04-21|23:52] C:\DOCUME~1\PROPRI~1\APPLIC~1\NCH Swift Sound [2007-10-14|16:13] C:\DOCUME~1\PROPRI~1\APPLIC~1\Nvu [2009-08-23|17:43] C:\DOCUME~1\PROPRI~1\APPLIC~1\OpenOffice.org2 [2007-05-05|17:40] C:\DOCUME~1\PROPRI~1\APPLIC~1\Opera [2009-09-27|22:22] C:\DOCUME~1\PROPRI~1\APPLIC~1\Qtrax2 [2007-02-25|15:01] C:\DOCUME~1\PROPRI~1\APPLIC~1\RecordPad [2008-01-05|17:01] C:\DOCUME~1\PROPRI~1\APPLIC~1\SecuROM [2009-09-27|22:05] C:\DOCUME~1\PROPRI~1\APPLIC~1\Shareaza [2008-12-25|16:20] C:\DOCUME~1\PROPRI~1\APPLIC~1\Skinux [2009-05-11|23:23] C:\DOCUME~1\PROPRI~1\APPLIC~1\Skype [2009-05-11|08:49] C:\DOCUME~1\PROPRI~1\APPLIC~1\skypePM [2008-10-13|21:48] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sony Ericsson [2009-10-02|22:11] C:\DOCUME~1\PROPRI~1\APPLIC~1\Spamihilator [2006-12-10|08:18] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun [2006-11-28|23:28] C:\DOCUME~1\PROPRI~1\APPLIC~1\Talkback [2009-06-04|21:14] C:\DOCUME~1\PROPRI~1\APPLIC~1\Teleca [2006-12-01|22:02] C:\DOCUME~1\PROPRI~1\APPLIC~1\Thunderbird [2009-08-04|07:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\Uniblue [2009-05-24|19:56] C:\DOCUME~1\PROPRI~1\APPLIC~1\Winamp [2008-02-27|23:24] C:\DOCUME~1\PROPRI~1\APPLIC~1\xm1 --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [2009-09-28 14:16][--a------] C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2009-10-02 15:04][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2009-10-01 21:45][--ah-----] C:\WINDOWS\tasks\SA.DAT [2001-08-28 08:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini --------------------\\ Listing des dossiers dans C:\Program Files [2006-11-27|17:10] C:\Program Files\[PC Game] Worms World Party [2007-07-17|22:24] C:\Program Files\7-Zip [2008-11-21|23:42] C:\Program Files\Adobe [2007-12-30|14:30] C:\Program Files\Adobe Type Manager [2006-09-14|11:19] C:\Program Files\Ahead [2006-12-02|17:03] C:\Program Files\Alex Feinman [2008-08-13|13:27] C:\Program Files\Apple Software Update [2008-02-27|22:59] C:\Program Files\Aspell [2007-03-18|14:11] C:\Program Files\Audacity [2009-04-30|07:19] C:\Program Files\Avira [2009-03-22|14:04] C:\Program Files\AVS4YOU [2006-11-27|17:12] C:\Program Files\blobby-1 [2009-03-27|18:22] C:\Program Files\Bonjour [2006-11-27|17:05] C:\Program Files\bon-usage.com [2007-12-12|22:12] C:\Program Files\BoxShot3D [2009-02-14|11:32] C:\Program Files\CCleaner [2006-11-27|17:12] C:\Program Files\chabreuil [2009-07-25|16:44] C:\Program Files\Coby [2006-09-13|16:56] C:\Program Files\ComPlus Applications [2006-09-14|11:04] C:\Program Files\CONEXANT [2009-09-22|06:50] C:\Program Files\Conference [2009-04-26|07:41] C:\Program Files\ConvertHelper [2006-11-27|17:03] C:\Program Files\coolpro2 [2006-09-14|11:20] C:\Program Files\CyberLink [2006-11-27|17:06] C:\Program Files\Disney [2009-03-22|07:53] C:\Program Files\DivX [2007-05-13|10:24] C:\Program Files\eCover [2008-02-16|17:45] C:\Program Files\eCover3D [2009-02-15|09:10] C:\Program Files\ESET [2009-09-07|10:14] C:\Program Files\Fichiers communs [2006-12-02|23:19] C:\Program Files\FileZilla [2008-07-25|10:43] C:\Program Files\Free Monitor for Google [2008-07-25|10:43] C:\Program Files\FreeMind [2007-03-18|22:55] C:\Program Files\Gadwin Systems [2006-11-27|17:00] C:\Program Files\GENACC [2007-03-08|09:12] C:\Program Files\genaccroches [2007-04-14|23:56] C:\Program Files\GeniTest [2008-01-22|17:46] C:\Program Files\GKM [2009-03-04|09:58] C:\Program Files\Google [2007-06-01|05:50] C:\Program Files\Grisoft [2009-09-22|10:14] C:\Program Files\HardwareDetection [2007-03-29|22:15] C:\Program Files\headliner [2007-05-28|16:30] C:\Program Files\HijackThis [2009-09-08|12:46] C:\Program Files\HP [2007-10-28|14:30] C:\Program Files\HTML Cr‚ateur [2009-02-03|23:39] C:\Program Files\IncrediMail [2009-03-14|19:30] C:\Program Files\InstallShield Installation Information [2007-05-04|00:12] C:\Program Files\InstantAudioFlash [2009-07-29|09:24] C:\Program Files\Internet Explorer [2009-09-18|20:10] C:\Program Files\iPod [2009-09-18|20:11] C:\Program Files\iTunes [2009-03-14|22:53] C:\Program Files\Java [2009-01-04|11:36] C:\Program Files\KaZaA [2009-03-22|07:58] C:\Program Files\K-Lite Codec Pack [2008-12-25|16:14] C:\Program Files\Kodak [2008-06-04|09:46] C:\Program Files\Lavasoft [2009-06-13|11:17] C:\Program Files\Ligos [2009-09-27|22:25] C:\Program Files\LimeWire [2008-01-05|15:14] C:\Program Files\LucasArts [2009-09-22|10:14] C:\Program Files\ma-config.com [2008-05-14|09:16] C:\Program Files\Magentic [2009-09-22|06:52] C:\Program Files\Malwarebytes' Anti-Malware [2007-08-06|21:19] C:\Program Files\MediaInfo [2008-10-20|13:52] C:\Program Files\Messenger [2009-09-06|07:34] C:\Program Files\Microsoft [2007-04-22|16:41] C:\Program Files\Microsoft ActiveSync [2006-09-13|16:59] C:\Program Files\microsoft frontpage [2009-09-19|16:35] C:\Program Files\Microsoft Office [2009-09-11|22:28] C:\Program Files\Microsoft Silverlight [2009-09-06|07:35] C:\Program Files\Microsoft SQL Server Compact Edition [2009-06-13|11:19] C:\Program Files\MotoRacer3 [2009-03-22|09:12] C:\Program Files\Movie Maker [2007-03-20|22:46] C:\Program Files\MovieShowPro [2009-10-02|22:13] C:\Program Files\Mozilla Firefox [2007-04-21|23:50] C:\Program Files\Mozilla Thunderbird [2007-01-25|11:39] C:\Program Files\MP3 Player Utilities 3.77 [2009-08-04|07:24] C:\Program Files\MSBuild [2009-09-19|16:35] C:\Program Files\MSECache [2006-09-13|16:55] C:\Program Files\MSN [2006-09-13|16:55] C:\Program Files\MSN Gaming Zone [2008-10-14|20:22] C:\Program Files\MSXML 4.0 [2007-02-25|14:51] C:\Program Files\Musicmatch [2007-04-21|23:52] C:\Program Files\NCH Swift Sound [2008-10-20|13:46] C:\Program Files\NetMeeting [2007-10-14|16:12] C:\Program Files\Nvu [2007-02-25|18:02] C:\Program Files\Oberon Media [2006-09-13|16:56] C:\Program Files\Online Services [2006-12-04|07:28] C:\Program Files\OpenOffice.org 2.0 [2007-05-05|17:40] C:\Program Files\Opera [2009-08-12|18:20] C:\Program Files\Outlook Express [2008-04-27|00:15] C:\Program Files\Panda Security [2008-02-16|16:59] C:\Program Files\PartyGaming [2009-09-27|22:24] C:\Program Files\Qtrax [2009-09-18|20:09] C:\Program Files\QuickTime [2007-04-22|00:54] C:\Program Files\Realtek AC97 [2009-08-04|07:24] C:\Program Files\Reference Assemblies [2007-03-20|22:38] C:\Program Files\ScreenRecorderPro [2006-11-27|17:12] C:\Program Files\self-help-classic-c [2006-09-13|16:57] C:\Program Files\Services en ligne [2009-03-22|19:30] C:\Program Files\Shareaza [2009-07-23|23:44] C:\Program Files\Shareaza Applications [2007-10-31|21:45] C:\Program Files\Shooot [2008-07-28|22:27] C:\Program Files\Skype [2008-10-13|21:44] C:\Program Files\Sony Ericsson [2009-01-22|07:46] C:\Program Files\Spamihilator [2009-09-22|07:49] C:\Program Files\Spybot - Search & Destroy [2007-07-08|18:45] C:\Program Files\SubliSoft [2007-06-30|19:13] C:\Program Files\TechSmith [2007-05-05|13:31] C:\Program Files\TellAFriend [2009-08-04|07:41] C:\Program Files\Uniblue [2006-09-14|09:16] C:\Program Files\Uninstall Information [2007-07-28|21:34] C:\Program Files\VeryPDF PDF2Word v3.0 [2006-12-02|23:09] C:\Program Files\Visicom Media [2007-04-13|22:59] C:\Program Files\WebSubmit Manager [2007-10-13|16:59] C:\Program Files\WebTemplate [2006-12-01|21:44] C:\Program Files\webtool [2009-05-24|19:53] C:\Program Files\Winamp [2007-08-06|21:48] C:\Program Files\WinAVI Video Capture [2009-09-06|07:36] C:\Program Files\Windows Live [2009-09-06|07:34] C:\Program Files\Windows Live SkyDrive [2006-11-28|23:23] C:\Program Files\Windows Media Connect 2 [2008-10-20|13:46] C:\Program Files\Windows Media Player [2008-10-20|13:46] C:\Program Files\Windows NT [2006-09-13|16:58] C:\Program Files\WindowsUpdate [2007-05-15|22:50] C:\Program Files\WinISO [2006-12-05|09:12] C:\Program Files\WinRAR [2007-07-17|22:21] C:\Program Files\WinZip [2006-11-27|17:12] C:\Program Files\Worms Armagedon [Crack NOCD-FR] [2006-09-13|16:59] C:\Program Files\xerox [2008-07-25|10:46] C:\Program Files\Yahoo! --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [2008-11-21|23:42] C:\Program Files\Fichiers communs\Adobe [2008-04-09|22:41] C:\Program Files\Fichiers communs\Adobe AIR [2006-09-14|11:16] C:\Program Files\Fichiers communs\Ahead [2009-09-18|20:10] C:\Program Files\Fichiers communs\Apple [2009-03-22|13:30] C:\Program Files\Fichiers communs\AVSMedia [2007-04-22|16:41] C:\Program Files\Fichiers communs\Designer [2009-07-19|22:25] C:\Program Files\Fichiers communs\ErrorProtector Free [2009-09-07|10:12] C:\Program Files\Fichiers communs\Hewlett-Packard [2009-09-07|10:14] C:\Program Files\Fichiers communs\HP [2008-10-13|21:42] C:\Program Files\Fichiers communs\InstallShield [2008-12-25|16:13] C:\Program Files\Fichiers communs\Kodak [2007-05-29|07:35] C:\Program Files\Fichiers communs\LightScribe [2009-09-19|16:35] C:\Program Files\Fichiers communs\Microsoft Shared [2006-09-13|16:57] C:\Program Files\Fichiers communs\MSSoap [2006-09-14|11:17] C:\Program Files\Fichiers communs\Nero [2006-09-13|12:49] C:\Program Files\Fichiers communs\ODBC [2006-09-13|16:57] C:\Program Files\Fichiers communs\Services [2008-07-28|22:26] C:\Program Files\Fichiers communs\Skype [2008-10-13|21:45] C:\Program Files\Fichiers communs\Sony Ericsson Shared [2006-09-13|12:49] C:\Program Files\Fichiers communs\SpeechEngines [2008-10-20|13:46] C:\Program Files\Fichiers communs\System [2007-04-22|16:51] C:\Program Files\Fichiers communs\TechSmith Shared [2008-10-13|21:45] C:\Program Files\Fichiers communs\Teleca Shared [2009-09-06|07:19] C:\Program Files\Fichiers communs\Windows Live --------------------\\ Process ( 43 Processes ) ... OK ! --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Verification du Registre ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-10-02 22:52:47 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 0 --------------------\\ Recherche d'autres infections --------------------\\ Cracks & Keygens .. C:\DOCUME~1\PROPRI~1\Menu D‚marrer\Programmes\WinRAR\KeyGen.exe C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Crack Photoshop 7_fr.exe C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\swat 3 crack Crack.exe [F:13][D:4]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp [F:56][D:0]-> C:\DOCUME~1\PROPRI~1\Cookies [F:11526][D:13]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - 2009-10-01|18:33 - Option : [1] 2 - "C:\Lop SD\LopR_2.txt" - 2009-10-02|23:00 - Option : [2] --------------------\\ Fin du rapport a 23:00:47 Merci de ton aide
- le 3 octobre 2009
- 10 réponses
Fenêtre explorer qui s'ouvre seul

Geomancien a répondu à un(e) sujet de Geomancien dans Analyses et éradication malwares

Voilà le rapport: --------------------\\ Lop S&D 4.2.5-0 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3400+ ) BIOS : Phoenix - AwardBIOS v6.00PG USER : Propriétaire ( Administrator ) BOOT : Normal boot Antivirus : AntiVir Desktop 9.0.1.32 (Not Activated) C:\ (Local Disk) - NTFS - Total:148 Go (Free:116 Go) D:\ (CD or DVD) E:\ (USB) F:\ (USB) G:\ (USB) H:\ (USB) "C:\Lop SD" ( MAJ : 19-12-2008|23:40 ) Option : [1] ( 2009-10-01|18:06 ) --------------------\\ Listing des dossiers dans APPLIC~1 [2009-10-01|06:27] C:\DOCUME~1\ADMINI~1\APPLIC~1\Malwarebytes [2007-05-29|18:55] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft [2008-05-25|22:16] C:\DOCUME~1\ADMINI~1\APPLIC~1\Mozilla [2009-03-27|18:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3} [2009-09-18|20:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{755AC846-7372-4AC8-8550-C52491DAA8BD} [2009-02-14|15:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{83C91755-2546-441D-AC40-9A6B4B860800} [2009-05-22|21:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} [2009-05-13|22:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\1B203 [2009-04-26|19:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\1F1B5 [2009-05-10|21:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\218C [2009-04-24|23:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2B36B [2009-04-26|20:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\300 [2009-05-28|23:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\32BB [2009-05-30|22:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\34138 [2009-05-29|00:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\342CE [2009-05-10|21:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\36203 [2009-05-15|22:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\36FA [2009-04-20|16:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\38290 [2009-05-18|20:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\391D4 [2009-05-11|23:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\4213 [2008-11-21|23:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [2006-09-14|11:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead [2007-07-02|19:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple [2007-04-23|21:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer [2007-05-29|18:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avg7 [2009-04-30|07:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira [2009-03-22|13:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU [2006-09-14|11:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink [2009-05-12|00:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\D9C [2009-08-04|07:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DriverScanner [2007-05-12|13:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ErrorProtector Free [2009-02-15|09:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ESET [2009-05-03|21:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\F167 [2009-05-06|22:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\F5D [2009-03-03|23:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google [2009-09-07|10:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP [2009-09-07|10:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP Product Assistant [2008-10-14|21:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM [2008-10-14|21:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail [2008-12-25|16:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak [2008-06-04|09:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft [2009-09-22|10:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com [2009-03-02|21:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes [2009-09-06|07:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [2007-02-25|15:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Swift Sound [2006-12-02|00:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles [2008-07-28|22:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype [2008-10-13|21:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson [2009-02-14|10:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy [2007-06-30|19:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TechSmith [2008-10-13|21:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca [2007-02-25|17:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP [2009-09-07|10:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WEBREG [2006-09-14|10:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [2007-07-17|22:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip [2006-09-13|16:59] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [2008-07-25|09:48] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe [2007-06-18|06:42] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [2007-02-25|15:01] C:\DOCUME~1\LOCALS~1\APPLIC~1\NCH Swift Sound [2007-05-29|18:55] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft [2008-11-05|21:09] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe [2007-01-11|00:02] C:\DOCUME~1\PROPRI~1\APPLIC~1\AdobeUM [2007-08-06|21:15] C:\DOCUME~1\PROPRI~1\APPLIC~1\Ahead [2008-03-21|23:56] C:\DOCUME~1\PROPRI~1\APPLIC~1\Apple Computer [2009-03-22|13:30] C:\DOCUME~1\PROPRI~1\APPLIC~1\AVS4YOU [2009-07-25|16:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\Coby Media Manager [2007-11-01|22:24] C:\DOCUME~1\PROPRI~1\APPLIC~1\CyberLink [2007-08-07|22:36] C:\DOCUME~1\PROPRI~1\APPLIC~1\DivX [2007-01-14|21:04] C:\DOCUME~1\PROPRI~1\APPLIC~1\Google [2009-09-07|10:17] C:\DOCUME~1\PROPRI~1\APPLIC~1\HP [2009-10-01|12:17] C:\DOCUME~1\PROPRI~1\APPLIC~1\HPAppData [2009-09-15|17:44] C:\DOCUME~1\PROPRI~1\APPLIC~1\HpUpdate [2006-09-14|09:16] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities [2008-11-26|20:20] C:\DOCUME~1\PROPRI~1\APPLIC~1\KompoZer [2008-06-04|09:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\Lavasoft [2009-09-28|19:35] C:\DOCUME~1\PROPRI~1\APPLIC~1\LimeWire [2006-11-28|23:15] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia [2009-03-02|21:09] C:\DOCUME~1\PROPRI~1\APPLIC~1\Malwarebytes [2009-03-22|08:00] C:\DOCUME~1\PROPRI~1\APPLIC~1\Media Player Classic [2007-07-02|21:03] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft [2008-07-28|17:03] C:\DOCUME~1\PROPRI~1\APPLIC~1\Mozilla [2007-02-25|14:51] C:\DOCUME~1\PROPRI~1\APPLIC~1\Musicmatch [2007-04-21|23:52] C:\DOCUME~1\PROPRI~1\APPLIC~1\NCH Swift Sound [2007-10-14|16:13] C:\DOCUME~1\PROPRI~1\APPLIC~1\Nvu [2009-08-23|17:43] C:\DOCUME~1\PROPRI~1\APPLIC~1\OpenOffice.org2 [2007-05-05|17:40] C:\DOCUME~1\PROPRI~1\APPLIC~1\Opera [2009-09-27|22:22] C:\DOCUME~1\PROPRI~1\APPLIC~1\Qtrax2 [2007-02-25|15:01] C:\DOCUME~1\PROPRI~1\APPLIC~1\RecordPad [2008-01-05|17:01] C:\DOCUME~1\PROPRI~1\APPLIC~1\SecuROM [2009-09-27|22:05] C:\DOCUME~1\PROPRI~1\APPLIC~1\Shareaza [2008-12-25|16:20] C:\DOCUME~1\PROPRI~1\APPLIC~1\Skinux [2009-05-11|23:23] C:\DOCUME~1\PROPRI~1\APPLIC~1\Skype [2009-05-11|08:49] C:\DOCUME~1\PROPRI~1\APPLIC~1\skypePM [2008-10-13|21:48] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sony Ericsson [2009-10-01|17:51] C:\DOCUME~1\PROPRI~1\APPLIC~1\Spamihilator [2006-12-10|08:18] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun [2006-11-28|23:28] C:\DOCUME~1\PROPRI~1\APPLIC~1\Talkback [2009-06-04|21:14] C:\DOCUME~1\PROPRI~1\APPLIC~1\Teleca [2006-12-01|22:02] C:\DOCUME~1\PROPRI~1\APPLIC~1\Thunderbird [2009-08-04|07:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\Uniblue [2009-05-24|19:56] C:\DOCUME~1\PROPRI~1\APPLIC~1\Winamp [2008-02-27|23:24] C:\DOCUME~1\PROPRI~1\APPLIC~1\xm1 --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [2009-09-28 14:16][--a------] C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2009-09-18 15:04][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2009-10-01 11:47][--ah-----] C:\WINDOWS\tasks\SA.DAT [2001-08-28 08:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini --------------------\\ Listing des dossiers dans C:\Program Files [2006-11-27|17:10] C:\Program Files\[PC Game] Worms World Party [2007-07-17|22:24] C:\Program Files\7-Zip [2008-11-21|23:42] C:\Program Files\Adobe [2007-12-30|14:30] C:\Program Files\Adobe Type Manager [2006-09-14|11:19] C:\Program Files\Ahead [2006-12-02|17:03] C:\Program Files\Alex Feinman [2008-08-13|13:27] C:\Program Files\Apple Software Update [2008-02-27|22:59] C:\Program Files\Aspell [2007-03-18|14:11] C:\Program Files\Audacity [2009-04-30|07:19] C:\Program Files\Avira [2009-03-22|14:04] C:\Program Files\AVS4YOU [2006-11-27|17:12] C:\Program Files\blobby-1 [2009-03-27|18:22] C:\Program Files\Bonjour [2006-11-27|17:05] C:\Program Files\bon-usage.com [2007-12-12|22:12] C:\Program Files\BoxShot3D [2009-02-14|11:32] C:\Program Files\CCleaner [2006-11-27|17:12] C:\Program Files\chabreuil [2009-07-25|16:44] C:\Program Files\Coby [2006-09-13|16:56] C:\Program Files\ComPlus Applications [2006-09-14|11:04] C:\Program Files\CONEXANT [2009-09-22|06:50] C:\Program Files\Conference [2009-04-26|07:41] C:\Program Files\ConvertHelper [2006-11-27|17:03] C:\Program Files\coolpro2 [2006-09-14|11:20] C:\Program Files\CyberLink [2006-11-27|17:06] C:\Program Files\Disney [2009-03-22|07:53] C:\Program Files\DivX [2007-05-13|10:24] C:\Program Files\eCover [2008-02-16|17:45] C:\Program Files\eCover3D [2009-02-15|09:10] C:\Program Files\ESET [2009-09-07|10:14] C:\Program Files\Fichiers communs [2006-12-02|23:19] C:\Program Files\FileZilla [2008-07-25|10:43] C:\Program Files\Free Monitor for Google [2008-07-25|10:43] C:\Program Files\FreeMind [2007-03-18|22:55] C:\Program Files\Gadwin Systems [2006-11-27|17:00] C:\Program Files\GENACC [2007-03-08|09:12] C:\Program Files\genaccroches [2007-04-14|23:56] C:\Program Files\GeniTest [2008-01-22|17:46] C:\Program Files\GKM [2009-03-04|09:58] C:\Program Files\Google [2007-06-01|05:50] C:\Program Files\Grisoft [2009-09-22|10:14] C:\Program Files\HardwareDetection [2007-03-29|22:15] C:\Program Files\headliner [2007-05-28|16:30] C:\Program Files\HijackThis [2009-09-08|12:46] C:\Program Files\HP [2007-10-28|14:30] C:\Program Files\HTML Cr‚ateur [2009-02-03|23:39] C:\Program Files\IncrediMail [2009-03-14|19:30] C:\Program Files\InstallShield Installation Information [2007-05-04|00:12] C:\Program Files\InstantAudioFlash [2009-07-29|09:24] C:\Program Files\Internet Explorer [2009-09-18|20:10] C:\Program Files\iPod [2009-09-18|20:11] C:\Program Files\iTunes [2009-03-14|22:53] C:\Program Files\Java [2009-01-04|11:36] C:\Program Files\KaZaA [2009-03-22|07:58] C:\Program Files\K-Lite Codec Pack [2008-12-25|16:14] C:\Program Files\Kodak [2008-06-04|09:46] C:\Program Files\Lavasoft [2009-06-13|11:17] C:\Program Files\Ligos [2009-09-27|22:25] C:\Program Files\LimeWire [2008-01-05|15:14] C:\Program Files\LucasArts [2009-09-22|10:14] C:\Program Files\ma-config.com [2008-05-14|09:16] C:\Program Files\Magentic [2009-09-22|06:52] C:\Program Files\Malwarebytes' Anti-Malware [2007-08-06|21:19] C:\Program Files\MediaInfo [2008-10-20|13:52] C:\Program Files\Messenger [2009-09-06|07:34] C:\Program Files\Microsoft [2007-04-22|16:41] C:\Program Files\Microsoft ActiveSync [2006-09-13|16:59] C:\Program Files\microsoft frontpage [2009-09-19|16:35] C:\Program Files\Microsoft Office [2009-09-11|22:28] C:\Program Files\Microsoft Silverlight [2009-09-06|07:35] C:\Program Files\Microsoft SQL Server Compact Edition [2009-06-13|11:19] C:\Program Files\MotoRacer3 [2009-03-22|09:12] C:\Program Files\Movie Maker [2007-03-20|22:46] C:\Program Files\MovieShowPro [2009-10-01|12:12] C:\Program Files\Mozilla Firefox [2007-04-21|23:50] C:\Program Files\Mozilla Thunderbird [2007-01-25|11:39] C:\Program Files\MP3 Player Utilities 3.77 [2009-08-04|07:24] C:\Program Files\MSBuild [2009-09-19|16:35] C:\Program Files\MSECache [2006-09-13|16:55] C:\Program Files\MSN [2006-09-13|16:55] C:\Program Files\MSN Gaming Zone [2008-10-14|20:22] C:\Program Files\MSXML 4.0 [2007-02-25|14:51] C:\Program Files\Musicmatch [2007-04-21|23:52] C:\Program Files\NCH Swift Sound [2008-10-20|13:46] C:\Program Files\NetMeeting [2007-10-14|16:12] C:\Program Files\Nvu [2007-02-25|18:02] C:\Program Files\Oberon Media [2006-09-13|16:56] C:\Program Files\Online Services [2006-12-04|07:28] C:\Program Files\OpenOffice.org 2.0 [2007-05-05|17:40] C:\Program Files\Opera [2009-08-12|18:20] C:\Program Files\Outlook Express [2008-04-27|00:15] C:\Program Files\Panda Security [2008-02-16|16:59] C:\Program Files\PartyGaming [2009-09-27|22:24] C:\Program Files\Qtrax [2009-09-18|20:09] C:\Program Files\QuickTime [2007-04-22|00:54] C:\Program Files\Realtek AC97 [2009-08-04|07:24] C:\Program Files\Reference Assemblies [2007-03-20|22:38] C:\Program Files\ScreenRecorderPro [2006-11-27|17:12] C:\Program Files\self-help-classic-c [2006-09-13|16:57] C:\Program Files\Services en ligne [2009-03-22|19:30] C:\Program Files\Shareaza [2009-07-23|23:44] C:\Program Files\Shareaza Applications [2007-10-31|21:45] C:\Program Files\Shooot [2008-07-28|22:27] C:\Program Files\Skype [2008-10-13|21:44] C:\Program Files\Sony Ericsson [2009-01-22|07:46] C:\Program Files\Spamihilator [2009-09-22|07:49] C:\Program Files\Spybot - Search & Destroy [2007-07-08|18:45] C:\Program Files\SubliSoft [2007-06-30|19:13] C:\Program Files\TechSmith [2007-05-05|13:31] C:\Program Files\TellAFriend [2009-08-04|07:41] C:\Program Files\Uniblue [2006-09-14|09:16] C:\Program Files\Uninstall Information [2007-07-28|21:34] C:\Program Files\VeryPDF PDF2Word v3.0 [2006-12-02|23:09] C:\Program Files\Visicom Media [2007-04-13|22:59] C:\Program Files\WebSubmit Manager [2007-10-13|16:59] C:\Program Files\WebTemplate [2006-12-01|21:44] C:\Program Files\webtool [2009-05-24|19:53] C:\Program Files\Winamp [2007-08-06|21:48] C:\Program Files\WinAVI Video Capture [2009-09-06|07:36] C:\Program Files\Windows Live [2009-09-06|07:34] C:\Program Files\Windows Live SkyDrive [2006-11-28|23:23] C:\Program Files\Windows Media Connect 2 [2008-10-20|13:46] C:\Program Files\Windows Media Player [2008-10-20|13:46] C:\Program Files\Windows NT [2006-09-13|16:58] C:\Program Files\WindowsUpdate [2007-05-15|22:50] C:\Program Files\WinISO [2006-12-05|09:12] C:\Program Files\WinRAR [2007-07-17|22:21] C:\Program Files\WinZip [2006-11-27|17:12] C:\Program Files\Worms Armagedon [Crack NOCD-FR] [2006-09-13|16:59] C:\Program Files\xerox [2008-07-25|10:46] C:\Program Files\Yahoo! --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [2008-11-21|23:42] C:\Program Files\Fichiers communs\Adobe [2008-04-09|22:41] C:\Program Files\Fichiers communs\Adobe AIR [2006-09-14|11:16] C:\Program Files\Fichiers communs\Ahead [2009-09-18|20:10] C:\Program Files\Fichiers communs\Apple [2009-03-22|13:30] C:\Program Files\Fichiers communs\AVSMedia [2007-04-22|16:41] C:\Program Files\Fichiers communs\Designer [2009-07-19|22:25] C:\Program Files\Fichiers communs\ErrorProtector Free [2009-09-07|10:12] C:\Program Files\Fichiers communs\Hewlett-Packard [2009-09-07|10:14] C:\Program Files\Fichiers communs\HP [2008-10-13|21:42] C:\Program Files\Fichiers communs\InstallShield [2008-12-25|16:13] C:\Program Files\Fichiers communs\Kodak [2007-05-29|07:35] C:\Program Files\Fichiers communs\LightScribe [2009-09-19|16:35] C:\Program Files\Fichiers communs\Microsoft Shared [2006-09-13|16:57] C:\Program Files\Fichiers communs\MSSoap [2006-09-14|11:17] C:\Program Files\Fichiers communs\Nero [2006-09-13|12:49] C:\Program Files\Fichiers communs\ODBC [2006-09-13|16:57] C:\Program Files\Fichiers communs\Services [2008-07-28|22:26] C:\Program Files\Fichiers communs\Skype [2008-10-13|21:45] C:\Program Files\Fichiers communs\Sony Ericsson Shared [2006-09-13|12:49] C:\Program Files\Fichiers communs\SpeechEngines [2008-10-20|13:46] C:\Program Files\Fichiers communs\System [2007-04-22|16:51] C:\Program Files\Fichiers communs\TechSmith Shared [2008-10-13|21:45] C:\Program Files\Fichiers communs\Teleca Shared [2009-09-06|07:19] C:\Program Files\Fichiers communs\Windows Live --------------------\\ Process ( 49 Processes ) IEXPLORE.EXE ~ [PID:21296] IEXPLORE.EXE ~ [PID:21496] --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Verification du Registre ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-10-01 18:26:25 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 0 --------------------\\ Recherche d'autres infections --------------------\\ Cracks & Keygens .. C:\DOCUME~1\PROPRI~1\Menu D‚marrer\Programmes\WinRAR\KeyGen.exe C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Crack Photoshop 7_fr.exe C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\swat 3 crack Crack.exe [F:13][D:2]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp [F:52][D:0]-> C:\DOCUME~1\PROPRI~1\Cookies [F:11420][D:13]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - 2009-10-01|18:33 - Option : [1] --------------------\\ Fin du rapport a 18:33:43 Merci
- le 1 octobre 2009
- 10 réponses
Fenêtre explorer qui s'ouvre seul

Geomancien a posté un sujet dans Analyses et éradication malwares

Bonjour, J'ai commis la très grave erreur d'avoir téléchargé un fichier via un site P2P. Je sais, je sais... c'est pas fort ! Maintenant, je suis infecté. J'ai fais un scan avec antivir et maleware bytes mais je n'arrive pas à me défaire de cette cochonerie. Voici mon rapport hijackthis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:04:37, on 2009-10-01 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Spamihilator\spamihilator.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\LEXBCES.EXE C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\IncrediMail\bin\IMApp.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe C:\Documents and Settings\Propriétaire\Bureau\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.shareazaweb.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O2 - BHO: UrlHelper Class - {CFC4F59B-A2DA-4e12-B337-52A4F871E10C} - C:\Program Files\Shareaza Applications\Shareaza\ShareazaIEHelper.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Shareaza MediaBar - {196C3A46-4758-433D-A600-802C804AF39C} - C:\Program Files\Shareaza Applications\Shareaza MediaBar\ShareazaMediaBar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Spamihilator] "C:\Program Files\Spamihilator\spamihilator.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [A00F2617915.exe] C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\_A00F2617915.exe O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1100465 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; GTB6; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1); .NET CLR 1.1.4322; .NET CLR 2.0.50727)" -"http://www.jeuxdroles.fr/jeux/body/c2tlaTE0NzBza2Vp.php" O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Afficher ou masquer l'HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1158241279140 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\WINDOWS\System32\ieframe32.dll O20 - Winlogon Notify: 98cd75d9684 - C:\WINDOWS\System32\ieframe32.dll O20 - Winlogon Notify: cbxutur - cbxutur.dll (file missing) O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 9930 bytes Merci pour votre aide Amicalement Pierre
- le 1 octobre 2009
- 10 réponses
Analyse rapport hijacthis - ordi tres lent

Geomancien a répondu à un(e) sujet de Geomancien dans Analyses et éradication malwares

Alors voici le rapport hijacthis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:13:42, on 2009-03-08 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\Program Files\Spamihilator\spamihilator.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\IncrediMail\bin\IMApp.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\Visicom Media\AceHTML Freeware\acehtmlfree.exe C:\Documents and Settings\Propriétaire\Bureau\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/french/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [Spamihilator] "C:\Program Files\Spamihilator\spamihilator.exe" O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [Gadwin PrintScreen 3.5] "C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe" /nosplash O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1100465 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1); .NET CLR 1.1.4322; .NET CLR 2.0.50727)" -"http://www.andkon.com/arcade/racing/stuntbikeisland/" O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1158241279140 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: cbxutur - cbxutur.dll (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 6877 bytes Le raport de NOD : 2009-03-07 16:33:51 HTTP filter file http://download.dcads.biz/dcads.biz/get.php a variant of Win32/Adware.GooochiBiz application connection terminated - quarantined T3418-FB3A81A12\Propriétaire 2009-03-05 23:44:03 HTTP filter file http://download.dcads.biz/dcads.biz/get.php a variant of Win32/Adware.GooochiBiz application connection terminated - quarantined T3418-FB3A81A12\Propriétaire 2009-03-04 23:32:18 HTTP filter file http://download.dcads.biz/dcads.biz/get.php a variant of Win32/Adware.GooochiBiz application connection terminated - quarantined T3418-FB3A81A12\Propriétaire 2009-02-26 16:31:42 POP3 filter email message from: <[email protected]> to: <[email protected]> with subject Fwd: More! dated Thu, 26 Feb 2009 23:22:11 +0100 Win32/TrojanDownloader.Delf.OMC trojan contained infected files T3418-FB3A81A12\Propriétaire Threat was detected upon receiving email by the application: C:\Program Files\Spamihilator\spamihilator.exe. 2009-02-22 12:28:10 Real-time file system protection file C:\System Volume Information\_restore{1A25F0DD-CC80-482D-AC6C-7011DDFA244C}\RP800\A0083900.exe probably a variant of Win32/Adware.Agent application cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred during an attempt to access the file by the application: C:\WINDOWS\System32\svchost.exe. 2009-02-21 23:07:33 Real-time file system protection file C:\WINDOWS\system32\myss_sb_uninstall.exe probably a variant of Win32/Adware.Agent application error while cleaning Event occurred during an attempt to access the file by the application: C:\WINDOWS\system32\wbem\wmiprvse.exe. 2009-02-21 00:26:07 Real-time file system protection file C:\WINDOWS\system32\myss_sb_uninstall.exe probably a variant of Win32/Adware.Agent application error while cleaning Event occurred during an attempt to access the file by the application: C:\WINDOWS\system32\wbem\wmiprvse.exe. 2009-02-20 20:26:36 Real-time file system protection file C:\WINDOWS\system32\myss_sb_uninstall.exe probably a variant of Win32/Adware.Agent application error while deleting Event occurred during an attempt to access the file by the application: C:\WINDOWS\system32\wbem\wmiprvse.exe. 2009-02-18 23:20:47 Real-time file system protection file C:\WINDOWS\system32\myss_sb_uninstall.exe probably a variant of Win32/Adware.Agent application error while cleaning Event occurred during an attempt to access the file by the application: C:\WINDOWS\system32\wbem\wmiprvse.exe. 2009-02-17 23:17:24 Real-time file system protection file C:\WINDOWS\system32\myss_sb_uninstall.exe probably a variant of Win32/Adware.Agent application error while deleting Event occurred during an attempt to access the file by the application: C:\WINDOWS\system32\wbem\wmiprvse.exe. 2009-02-17 08:26:49 Real-time file system protection file C:\WINDOWS\system32\myss_sb_uninstall.exe probably a variant of Win32/Adware.Agent application error while deleting Event occurred during an attempt to access the file by the application: C:\WINDOWS\system32\wbem\wmiprvse.exe. 2009-02-16 12:34:54 Real-time file system protection file C:\System Volume Information\_restore{1A25F0DD-CC80-482D-AC6C-7011DDFA244C}\RP795\A0083771.dll a variant of Win32/Adware.AdzgaloreBiz application cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe. 2009-02-16 11:34:55 Real-time file system protection file C:\System Volume Information\_restore{1A25F0DD-CC80-482D-AC6C-7011DDFA244C}\RP795\A0083770.dll Win32/BHO.NIR trojan cleaned by deleting - quarantined AUTORITE NT\SYSTEM Event occurred during an attempt to access the file by the application: C:\WINDOWS\System32\svchost.exe. 2009-02-15 12:31:35 Real-time file system protection file C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Component Update 806 probably a variant of Win32/Adware.GooochiBiz application deleted - quarantined AUTORITE NT\SYSTEM Event occurred on a new file created by the application: C:\Program Files\Mozilla Firefox\firefox.exe. 2009-02-15 12:31:03 HTTP filter file http://download.dcads.biz/dcads.biz/get.php probably a variant of Win32/Adware.GooochiBiz application connection terminated - quarantined T3418-FB3A81A12\Propriétaire 2009-02-15 12:26:59 Startup scanner file C:\Program Files\Mozilla Firefox\components\nsBrowserOpt.dll a variant of Win32/Adware.AdzgaloreBiz application cleaned by deleting (after the next restart) - quarantined 2009-02-15 12:26:44 Startup scanner file C:\WINDOWS\system32\nsv73D.dll Win32/BHO.NIR trojan cleaned by deleting - quarantined et le rapport de MBAM: Malwarebytes' Anti-Malware 1.34 Version de la base de données: 1826 Windows 5.1.2600 Service Pack 3 2009-03-08 12:08:13 mbam-log-2009-03-08 (12-08-13).txt Type de recherche: Examen complet (C:\|) Eléments examinés: 155089 Temps écoulé: 58 minute(s), 2 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) Hier, il y eu aussi un scan d'effectué avec spybot. Je le mentionne au cas où se serait important. Merci beaucoup Pierre
- le 8 mars 2009
- 12 réponses
Analyse rapport hijacthis - ordi tres lent

Geomancien a répondu à un(e) sujet de Geomancien dans Analyses et éradication malwares

Bonjour, Tout désolé pour le délai de ma réponse. J'ai effectué les opérations demandées. Le rapport se trouve plus bas. Par contre, mon antivirus détecte un malware et le place en quarantaine. Il s'agit de download.dcads.biz/dcads.biz/get.php a variant of win32/adware.gooochibiz application Voici un screenshot: Il y a également un fenêtre publicitaire qui s'ouvre quelque fois avec firefox. Pour ce qui est des manipulations, je crois que cela a amélioré la vitesse de mon ordi. Je vous joint donc le rapport demandé: ========== PROCESSES ========== Process explorer.exe killed successfully. ========== REGISTRY ========== Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{57695a78-7a81-11dd-b363-0040ca90edf2}\\ deleted successfully. Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ad0d81d9-8d76-11db-b2c0-0040ca90edf2}\\ deleted successfully. ========== COMMANDS ========== File delete failed. C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\etilqs_jdAiiDS5oIexyz4UQuMv scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Perflib_Perfdata_dfc.dat scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\~DF6F80.tmp scheduled to be deleted on reboot. User's Temp folder emptied. User's Temporary Internet Files folder emptied. User's Internet Explorer cache folder emptied. Local Service Temp folder emptied. File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. Local Service Temporary Internet Files folder emptied. Windows Temp folder emptied. Java cache emptied. File delete failed. C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\6ox2lz35.default\Cache\_CACHE_001_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\6ox2lz35.default\Cache\_CACHE_002_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\6ox2lz35.default\Cache\_CACHE_003_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\6ox2lz35.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\6ox2lz35.default\urlclassifier3.sqlite scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\6ox2lz35.default\XUL.mfl scheduled to be deleted on reboot. FireFox cache emptied. Temp folders emptied. Explorer started successfully OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 03052009_225920 Files moved on Reboot... File C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\etilqs_jdAiiDS5oIexyz4UQuMv not found! File C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Perflib_Perfdata_dfc.dat not found! C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\~DF6F80.tmp moved successfully. File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot. C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\6ox2lz35.default\Cache\_CACHE_001_ moved successfully. C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\6ox2lz35.default\Cache\_CACHE_002_ moved successfully. C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\6ox2lz35.default\Cache\_CACHE_003_ moved successfully. C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\6ox2lz35.default\Cache\_CACHE_MAP_ moved successfully. C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\6ox2lz35.default\urlclassifier3.sqlite moved successfully. C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\6ox2lz35.default\XUL.mfl moved successfully.
- le 8 mars 2009
- 12 réponses
Analyse rapport hijacthis - ordi tres lent

Geomancien a répondu à un(e) sujet de Geomancien dans Analyses et éradication malwares

Merci pour votre aide, voici les rapports : Logfile of random's system information tool 1.05 (written by random/random) Run by Propriétaire at 2009-03-04 21:28:08 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 124 GB (82%) free of 152 GB Total RAM: 382 MB (13% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:28:23, on 2009-03-04 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\Program Files\Spamihilator\spamihilator.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\IncrediMail\bin\IMApp.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Propriétaire\Bureau\RSIT.exe C:\Documents and Settings\Propriétaire\Bureau\Propriétaire.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/french/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [Spamihilator] "C:\Program Files\Spamihilator\spamihilator.exe" O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [Gadwin PrintScreen 3.5] "C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe" /nosplash O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1100465 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1); .NET CLR 1.1.4322; .NET CLR 2.0.50727)" -"http://www.andkon.com/arcade/racing/stuntbikeisland/" O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1158241279140 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: cbxutur - cbxutur.dll (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 7518 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job C:\WINDOWS\tasks\AppleSoftwareUpdate.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-10 320920] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-03-03 251504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2009-03-04 657904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}] Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2009-03-03 522224] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-10 34816] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-10 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-03-03 251504] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Spamihilator"=C:\Program Files\Spamihilator\spamihilator.exe [2008-12-23 1321984] "egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2008-07-01 1447168] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2005-09-18 7204864] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "IncrediMail"=C:\Program Files\IncrediMail\bin\IncMail.exe [2009-01-27 251264] "Gadwin PrintScreen 3.5"=C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe [2006-07-08 1101824] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Shockwave Updater"=C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~1.EXE [2008-08-06 447928] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadwin PrintScreen 3.5] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe [2006-07-08 1101824] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] C:\WINDOWS\system32\NvCpl.dll [2005-09-18 7204864] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan] [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cbxutur] cbxutur.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail" "C:\Program Files\IncrediMail\bin\IMApp.exe"="C:\Program Files\IncrediMail\bin\IMApp.exe:*:Enabled:IncrediMail" "C:\WINDOWS\system32\LEXPPS.EXE"="C:\WINDOWS\system32\LEXPPS.EXE:*:Enabled:LEXPPS.EXE" "C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail" "C:\Program Files\Conference\Conference.dll"="C:\Program Files\Conference\Conference.dll:*:Enabled:Audio/Video Conference" "C:\Program Files\Shareaza\Shareaza.exe"="C:\Program Files\Shareaza\Shareaza.exe:*:Enabled:Shareaza" "C:\Program Files\Magentic\bin\MgImp.exe"="C:\Program Files\Magentic\bin\MgImp.exe:*:Enabled:Magentic" "C:\Program Files\Magentic\bin\Magentic.exe"="C:\Program Files\Magentic\bin\Magentic.exe:*:Enabled:Magentic" "C:\Program Files\Magentic\bin\MgApp.exe"="C:\Program Files\Magentic\bin\MgApp.exe:*:Enabled:Magentic" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" "C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe"="C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare" "C:\Program Files\Spamihilator\cdcc.exe"="C:\Program Files\Spamihilator\cdcc.exe:*:Enabled:Spamihilator DCC Filter Configuration" "C:\Program Files\Spamihilator\dccproc.exe"="C:\Program Files\Spamihilator\dccproc.exe:*:Enabled:Spamihilator DCC Filter" "C:\Program Files\Spamihilator\spamihilator.exe"="C:\Program Files\Spamihilator\spamihilator.exe:*:Enabled:Spamihilator" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{57695a78-7a81-11dd-b363-0040ca90edf2}] shell\AutoRun\command - I:\CDGO.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ad0d81d9-8d76-11db-b2c0-0040ca90edf2}] shell\AutoRun\command - I:\GETMYPIX.EXE ======List of files/folders created in the last 1 months====== 2009-03-04 21:28:08 ----D---- C:\rsit 2009-03-02 20:09:59 ----D---- C:\Documents and Settings\Propriétaire\Application Data\Malwarebytes 2009-03-02 20:09:53 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2009-03-02 20:09:52 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-02-25 21:21:35 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$ 2009-02-21 22:10:33 ----A---- C:\WINDOWS\ntbtlog.txt 2009-02-15 08:10:47 ----D---- C:\Program Files\ESET 2009-02-15 08:10:47 ----D---- C:\Documents and Settings\All Users\Application Data\ESET 2009-02-14 16:39:41 ----A---- C:\WINDOWS\system32\lsdelete.exe 2009-02-14 14:09:12 ----HDC---- C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800} 2009-02-14 10:36:23 ----D---- C:\WINDOWS\pss ======List of files/folders modified in the last 1 months====== 2009-03-04 21:26:01 ----D---- C:\Program Files\Mozilla Firefox 2009-03-04 09:32:07 ----D---- C:\WINDOWS\temp 2009-03-04 09:07:15 ----D---- C:\WINDOWS\Prefetch 2009-03-04 08:58:28 ----D---- C:\Program Files\Google 2009-03-03 23:03:24 ----D---- C:\Documents and Settings\Propriétaire\Application Data\Spamihilator 2009-03-03 22:42:14 ----D---- C:\Documents and Settings\All Users\Application Data\Google 2009-03-03 22:40:56 ----SHD---- C:\System Volume Information 2009-03-03 22:40:56 ----D---- C:\WINDOWS\system32\Restore 2009-03-02 21:50:08 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-03-02 21:12:30 ----D---- C:\WINDOWS\system32 2009-03-02 20:09:57 ----D---- C:\WINDOWS\system32\drivers 2009-03-02 20:09:52 ----D---- C:\Program Files 2009-02-25 21:24:11 ----D---- C:\WINDOWS 2009-02-25 21:21:43 ----HD---- C:\WINDOWS\inf 2009-02-25 21:21:39 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-02-25 08:06:30 ----HD---- C:\WINDOWS\$hf_mig$ 2009-02-25 08:06:20 ----D---- C:\WINDOWS\system32\CatRoot2 2009-02-15 13:17:12 ----D---- C:\Documents and Settings\Propriétaire\Application Data\OpenOffice.org2 2009-02-15 08:12:08 ----SHD---- C:\WINDOWS\Installer 2009-02-14 16:39:38 ----D---- C:\WINDOWS\WebSubmit Manager 2009-02-14 14:16:30 ----SD---- C:\WINDOWS\Tasks 2009-02-14 14:16:10 ----DC---- C:\WINDOWS\system32\DRVSTORE 2009-02-14 14:08:46 ----D---- C:\WINDOWS\WinSxS 2009-02-14 14:08:40 ----D---- C:\Program Files\Fichiers communs 2009-02-14 10:34:07 ----D---- C:\WINDOWS\Debug 2009-02-14 10:32:01 ----D---- C:\Program Files\CCleaner 2009-02-14 09:22:04 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2009-02-14 09:21:18 ----D---- C:\Program Files\Spybot - Search & Destroy 2009-02-13 21:44:41 ----D---- C:\Program Files\DivX 2009-02-13 00:15:24 ----A---- C:\WINDOWS\NeroDigital.ini 2009-02-10 21:59:25 ----D---- C:\Program Files\Internet Explorer 2009-02-10 21:59:15 ----D---- C:\WINDOWS\ie7updates ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2008-07-01 53256] R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2008-07-01 34312] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352] R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2008-07-01 39944] R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-05 12544] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-01-25 4027456] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464] R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-07-22 1035008] R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys [2005-07-22 231168] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2005-09-18 3493984] R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-07-29 34048] R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-07-29 12928] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152] R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-07-22 717952] R4 sr;Pilote de filtre de restauration système; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-13 73600] S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\HardwareDetection\driverhardwarev2.sys [] S3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-28 12288] S3 se59bus;Sony Ericsson Device 089 driver (WDM); C:\WINDOWS\system32\DRIVERS\se59bus.sys [2006-09-05 61536] S3 se59mdfl;Sony Ericsson Device 089 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\se59mdfl.sys [2006-09-05 9360] S3 se59mdm;Sony Ericsson Device 089 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\se59mdm.sys [2006-09-05 97088] S3 se59mgmt;Sony Ericsson Device 089 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\se59mgmt.sys [2006-09-05 88624] S3 se59nd5;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (NDIS); C:\WINDOWS\system32\DRIVERS\se59nd5.sys [2006-09-05 18704] S3 se59obex;Sony Ericsson Device 089 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\se59obex.sys [2006-09-05 86432] S3 se59unic;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (WDM); C:\WINDOWS\system32\DRIVERS\se59unic.sys [2006-09-05 90800] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424] R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2008-07-01 468224] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-11-10 152984] R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2002-02-04 299008] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2005-05-31 53248] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2005-09-18 131139] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144] S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2008-07-01 19200] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-04 137200] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632] S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872] S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-02-14 950096] S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336] S4 ATMsrvc;ATM Service; C:\WINDOWS\System32\ATMsrvc.exe [] -----------------EOF----------------- info.txt logfile of random's system information tool 1.05 2009-03-04 21:28:26 ======Uninstall list====== -->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL -->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER -->C:\WINDOWS\UNNeroVision.exe /UNINSTALL -->C:\WINDOWS\UNNMP.exe /UNINSTALL -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf 7-Zip 4.42-->"C:\Program Files\7-Zip\Uninstall.exe" AceHTML Freeware-->"C:\Program Files\Visicom Media\AceHTML Freeware\uninst-ace.exe" Ad-Aware-->"C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe" REMOVE=TRUE MODIFY=FALSE Ad-Aware-->C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe Adobe AIR-->MsiExec.exe /I{E6672E63-6C06-4303-8F37-D8CEE82005B0} Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Photoshop 7.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Adobe\Photoshop 7.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 7.0\Uninst.dll" Adobe Reader 8.1.3-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81300000003} Adobe Shockwave Player-->C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log Adobe® Photoshop® Album Starter Edition 3.2-->MsiExec.exe /I{A654A805-41D9-40C7-AA46-4AF04F044D61} Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} Aspell French Dictionary-0.50-3-->"C:\Program Files\Aspell\unins000.exe" Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe" Camtasia Studio 4-->MsiExec.exe /I{1C6D9FD0-8BE2-4226-8D9F-4929CBC1C396} CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe" CCScore-->MsiExec.exe /I{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992} Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe" DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN ESET NOD32 Antivirus-->MsiExec.exe /I{3407FD83-0A2F-475E-BE94-34F1FA342C84} ESSBrwr-->MsiExec.exe /I{643EAE81-920C-4931-9F0B-4B343B225CA6} ESSCDBK-->MsiExec.exe /I{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD} ESScore-->MsiExec.exe /I{42938595-0D83-404D-9F73-F8177FDD531A} ESSgui-->MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A} ESSini-->MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765} ESSPCD-->MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5} ESSPDock-->MsiExec.exe /I{FCDB1C92-03C6-4C76-8625-371224256091} ESSSONIC-->MsiExec.exe /I{073F22CE-9A5B-4A40-A604-C7270AC6BF34} ESSTOOLS-->MsiExec.exe /I{8A502E38-29C9-49FA-BCFA-D727CA062589} essvatgt-->MsiExec.exe /I{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F} fflink-->MsiExec.exe /I{608D2A3C-6889-4C11-9B54-A42F45ACBFDB} FileZilla (remove only)-->"C:\Program Files\FileZilla\uninstall.exe" Gadwin PrintScreen-->C:\Program Files\Gadwin Systems\PrintScreen\Uninstall.exe getPlus(R)_dll-->rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\inf\GETPLUSd.INF, DefaultUninstall Google Earth-->MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72} Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0531C63A913CC9D1.exe" /uninstall HijackThis 2.0.2-->"C:\Documents and Settings\Propriétaire\Bureau\HijackThis.exe" /uninstall HTML Créateur-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\HTML Créateur\ST6UNST.LOG" IncrediMail-->C:\Program Files\IncrediMail\bin\ImSetup.exe /remove /addon:IncrediMail /log:IncMail.log ISO Recorder-->MsiExec.exe /I{0F6A7971-0F11-4A79-A0E9-133D0963A570} iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371} J2SE Runtime Environment 5.0 Update 10-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100} J2SE Runtime Environment 5.0 Update 11-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110} J2SE Runtime Environment 5.0 Update 9-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150090} Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF} Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020} Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030} Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050} Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070} Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010} kgcbaby-->MsiExec.exe /I{E18B549C-5D15-45DA-8D8F-8FD2BD946344} kgcbase-->MsiExec.exe /I{F22C222C-3CE2-4A4B-A83F-AF4681371ABE} kgchday-->MsiExec.exe /I{11F3F858-4131-4FFA-A560-3FE282933B6E} kgchlwn-->MsiExec.exe /I{03EDED24-8375-407D-A721-4643D9768BE1} kgcinvt-->MsiExec.exe /I{9BD54685-1496-46A5-AB62-357CD140ED8B} kgckids-->MsiExec.exe /I{693C08A7-9E76-43FF-B11E-9A58175474C4} kgcmove-->MsiExec.exe /I{A1588373-1D86-4D44-86C9-78ABD190F9CC} kgcvday-->MsiExec.exe /I{8A8664E1-84C8-4936-891C-BC1F07797549} Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall Les Sims™ 2 Deluxe-->C:\Program Files\EA GAMES\Les Sims 2 Deluxe\EAUninstall.exe Lexmark Supplies Monitor-->C:\WINDOWS\system32\LXSMUNIN.EXE Lexmark Z45-->C:\WINDOWS\system32\spool\drivers\w32x86\3\LXAZUN5C.EXE -dLexmark Z45 Logiciel Kodak EasyShare-->C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_140002_1af2ed5d\Setup.exe /APR-REMOVE Magentic-->C:\PROGRA~1\Magentic\bin\mgsetup.exe /remove /addon:Magentic Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" MediaInfo 0.7.5.1-->C:\Program Files\MediaInfo\uninst.exe Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700} Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28} Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Office XP Professional with FrontPage-->MsiExec.exe /I{90280409-6000-11D3-8CFE-0050048383C9} Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe Mozilla Firefox (3.0.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MP3 Player Utilities 3.77-->MsiExec.exe /I{7784A172-61F1-445E-8368-601607E0DD22} MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} Nero Suite-->C:\Program Files\Fichiers communs\Nero\Uninstall\Setupx.exe /uninstall ExtraUninstallID="" netbrdg-->MsiExec.exe /I{4537EA4B-F603-4181-89FB-2953FC695AB1} NVIDIA Drivers-->C:\WINDOWS\system32\nvuide.exe UninstallGUI Nvu 1.0-->"C:\Program Files\Nvu\unins000.exe" OfotoXMI-->MsiExec.exe /I{B162D0A6-9A1D-4B7C-91A5-88FB48113C45} OpenOffice.org 2.0-->MsiExec.exe /I{E2055AB2-D1C7-4147-A384-2B4B1C04282B} Opera 9.20-->MsiExec.exe /X{FC0C72DD-A491-43FF-B377-67273E4D94D7} Package de base Microsoft de service de chiffrement pour cartes à puce-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe" PartyPoker-->"C:\Program Files\PartyGaming\PartyPoker\Uninstall.exe" "C:\Program Files\PartyGaming\PartyPoker\install.log" PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4} Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x40c -removeonly Rogue Squadron de LucasArts-->C:\WINDOWS\unin040c.exe -f"C:\Program Files\LucasArts\ROGUE\DeIsL1.isu" ScreenRecorderPro 1.0-->"C:\Program Files\ScreenRecorderPro\unins000.exe" SFR-->MsiExec.exe /I{DB02F716-6275-42E9-B8D2-83BA2BF5100B} Shareaza version 2.3.0.0-->"C:\Program Files\Shareaza\Uninstall\unins000.exe" SHASTA-->MsiExec.exe /I{605A4E39-613C-4A12-B56F-DEFBE6757237} skin0001-->MsiExec.exe /I{5316DFC9-CE99-4458-9AB3-E8726EDE0210} SKINXSDK-->MsiExec.exe /I{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F} Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82} Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200014F1\HXFSETUP.EXE -U -IPDRSLSM5K.inf Sony Ericsson PC Suite-->MsiExec.exe /I{FE6397C1-CECA-4EC3-B064-42AED7676898} Spybot - Search & Destroy 1.5.2.20-->"C:\WINDOWS\unins000.exe" Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins001.exe" staticcr-->MsiExec.exe /I{8943CE61-53BD-475E-90E1-A580869E98A2} Texmaker-->C:\Program Files\Texmaker\uninstall.exe TextMaster 1.0-->"C:\Documents and Settings\All Users\Menu Démarrer\Programmes\TxtMaster\unins000.exe" tooltips-->MsiExec.exe /I{E79987F0-0E34-42CC-B8FF-6C860AEEB26A} VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B} version 1.0-->"C:\Program Files\MovieShowPro\unins000.exe" version 1.00-->"C:\Program Files\WebTemplate\unins000.exe" version 1.02-->"C:\Program Files\InstantAudioFlash\unins000.exe" version 1.08-->"C:\Program Files\headliner\unins000.exe" version 1-->"C:\Program Files\GeniTest\unins000.exe" version 2-->"C:\Program Files\SubliSoft\unins000.exe" version 2-->"C:\Program Files\TellAFriend\unins000.exe" VeryPDF PDF2Word v3.0-->"C:\Program Files\VeryPDF PDF2Word v3.0\unins000.exe" Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27} Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT="" Visual C++ CRT 9.0 SP1-->MsiExec.exe /I{EC25B803-4BDB-47F7-B877-FCE7D7966C0F} Visual C++ CRT 9.0-->MsiExec.exe /I{9ED38F62-7A50-4145-8C5D-0FCFFBF10A7B} VPRINTOL-->MsiExec.exe /I{999D43F4-9709-4887-9B1A-83EBB15A8370} WinAVI Video Capture 2.0 Fr-->C:\Program Files\WinAVI Video Capture\UnInstall_WinCap.exe Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411} Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" WinISO 5.3-->"C:\Program Files\WinISO\unins000.exe" WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe WIRELESS-->MsiExec.exe /I{F9593CFB-D836-49BC-BFF1-0E669A411D9F} ======Hosts File====== 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com ======Security center information====== AV: ESET NOD32 Antivirus 3.0 (disabled) System event log Computer Name: T3418-FB3A81A12 Event Code: 32 Message: L'assemblage dépendant Microsoft.VC80.MFCLOC ne peut pas être trouvé. La dernière erreur était L'assemblage référencé n'est pas installé sur votre système. Record Number: 102683 Source Name: SideBySide Time Written: 20081225045619.000000-300 Event Type: error User: Computer Name: T3418-FB3A81A12 Event Code: 59 Message: Generate Activation Context a échoué pour C:\Program Files\IncrediMail\bin\MFC80U.DLL. Message d'erreur de référence : Opération réussie. . Record Number: 102682 Source Name: SideBySide Time Written: 20081225045606.000000-300 Event Type: error User: Computer Name: T3418-FB3A81A12 Event Code: 59 Message: Resolve Partial Assembly a échoué pour Microsoft.VC80.MFCLOC. Message d'erreur de référence : L'assemblage référencé n'est pas installé sur votre système. . Record Number: 102681 Source Name: SideBySide Time Written: 20081225045606.000000-300 Event Type: error User: Computer Name: T3418-FB3A81A12 Event Code: 32 Message: L'assemblage dépendant Microsoft.VC80.MFCLOC ne peut pas être trouvé. La dernière erreur était L'assemblage référencé n'est pas installé sur votre système. Record Number: 102680 Source Name: SideBySide Time Written: 20081225045606.000000-300 Event Type: error User: Computer Name: T3418-FB3A81A12 Event Code: 59 Message: Generate Activation Context a échoué pour C:\Program Files\IncrediMail\bin\MFC80U.DLL. Message d'erreur de référence : Opération réussie. . Record Number: 102679 Source Name: SideBySide Time Written: 20081225045606.000000-300 Event Type: error User: Application event log Computer Name: T3418-FB3A81A12 Event Code: 4 Message: The LightScribe Service started successfully. Record Number: 619 Source Name: LightScribeService Time Written: 20070602161902.000000-240 Event Type: information User: Computer Name: T3418-FB3A81A12 Event Code: 4096 Message: Record Number: 618 Source Name: H+BEDV AntiVir Time Written: 20070602161901.000000-240 Event Type: information User: AUTORITE NT\SYSTEM Computer Name: T3418-FB3A81A12 Event Code: 1002 Message: L'environnement s'est arrêté de façon inattendue et Explorer.exe a redémarré. Record Number: 617 Source Name: Winlogon Time Written: 20070602160741.000000-240 Event Type: information User: Computer Name: T3418-FB3A81A12 Event Code: 1000 Message: Application défaillante acehtmlfree.exe, version 6.0.5.8, module défaillant unknown, version 0.0.0.0, adresse de défaillance 0x00000000. Record Number: 616 Source Name: Application Error Time Written: 20070602155139.000000-240 Event Type: error User: Computer Name: T3418-FB3A81A12 Event Code: 1000 Message: Application défaillante firefox.exe, version 1.8.20070.51502, module défaillant js3250.dll, version 4.0.0.0, adresse de défaillance 0x0004c7b4. Record Number: 615 Source Name: Application Error Time Written: 20070602154855.000000-240 Event Type: error User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Fichiers communs\Teleca Shared;C:\Program Files\QuickTime\QTSystem\ "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 44 Stepping 2, AuthenticAMD "PROCESSOR_REVISION"=2c02 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip -----------------EOF----------------- J'espère que cela va aider. Merci encore une fois Pierre
- le 5 mars 2009
- 12 réponses

Connexion

Geomancien

Compteur de contenus

Inscription

Dernière visite

Autres informations

Geomancien's Achievements

Member (4/12)

Réputation sur la communauté

Envoi d'un formulaire

Double clic ne fonctionne plus sur le bureau Windows XP

Double clic ne fonctionne plus sur le bureau Windows XP

Double clic ne fonctionne plus sur le bureau Windows XP

Double clic ne fonctionne plus sur le bureau Windows XP

PC lent- analyse hijackthis

PC lent- analyse hijackthis

Fenêtre explorer qui s'ouvre seul

Fenêtre explorer qui s'ouvre seul

Fenêtre explorer qui s'ouvre seul

Fenêtre explorer qui s'ouvre seul

Fenêtre explorer qui s'ouvre seul

Analyse rapport hijacthis - ordi tres lent

Analyse rapport hijacthis - ordi tres lent

Analyse rapport hijacthis - ordi tres lent

Zebulon

Outils en ligne

Naviguer