Aller au contenu

leredge

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    26

  • Inscription

  • Dernière visite

À propos de leredge

  • Date de naissance 23/02/1968

Profile Information

  • Sexe
    Male
  • Localisation
    Perpignan

Autres informations

  • Mes langues
    français

leredge's Achievements

Member

Member (4/12)

0

Réputation sur la communauté

  1. leredge
    re, j'ai déjà effectué tout cela aujourd'hui et les jours précédents... @+, leredge
  2. leredge
    re, voici le nouveau rapport de Clean ci-dessous: Script execute en mode sans echec Rapport clean par Malekal_morte - http://www.malekal.com Script execute en mode sans echec 05/09/2008 a 16:31:54,87 Microsoft Windows XP [version 5.1.2600] *** Suppression des fichiers dans C: *** Suppression des fichiers dans C:\WINDOWS\ *** Suppression des fichiers dans C:\WINDOWS\system32 tentative de suppression de "C:\WINDOWS\Downloaded Program Files\CONFLICT.1" *** Suppression des fichiers dans C:\Program Files *** Suppression des clefs du registre effectuee.. *** Fin du rapport ! L'ordi. a le même comportement, cela n'a pas effectué de changement majeur... dans sa procédure d'exécution en mode sans échec, le programme Clean a compressé les programmes non utilisés, supprimé des clefs du registre. @+, leredge
  3. leredge
    re, voici le rapport de Clean 05/09/2008 a 11:42:04,21 *** Recherche des fichiers dans C: *** Recherche des fichiers dans C:\WINDOWS\ *** Recherche des fichiers dans C:\WINDOWS\system32 "C:\WINDOWS\Downloaded Program Files\CONFLICT.1" FOUND *** Recherche des fichiers dans C:\Program Files *** Fin du rapport ! @+, leredge.
  4. leredge
    Salut chrifleur, En exécutant le programme DiagHelp un encart c'est ouvert et il m'a fallut m'y reprendre à trois pour le fermer. Voici ce qu'il disait : You can also use the /accepteula command-line swich to accept the EULA les choix : Print, Agree ou Decline. SYSINTERNALS SOFTWARE LICENSE TERMS These license terms are an agreement between Sysinternals (a wholly owned subsidiary of Microsoft Corporation) and you. Please read them. They apply to the software you are downloading from Systinternals.com, which includes the media on which you received it, if any. The terms also apply to any Sysinternals · updates, · supplements, · Internet-based services, and · support services for this software, unless other terms accompany those items. If so, those terms apply. BY USING THE SOFTWARE, YOU ACCEPT THESE TERMS. IF YOU DO NOT ACCEPT THEM, DO NOT USE THE SOFTWARE. If you comply with these license terms, you have the rights below. 1. INSTALLATION AND USE RIGHTS. You may install and use any number of copies of the software on your devices. 2. Scope of License. The software is licensed, not sold. This agreement only gives you some rights to use the software. Sysinternals reserves all other rights. Unless applicable law gives you more rights despite this limitation, you may use the software only as expressly permitted in this agreement. In doing so, you must comply with any technical limitations in the software that only allow you to use it in certain ways. You may not · work around any technical limitations in the binary versions of the software; · reverse engineer, decompile or disassemble the binary versions of the software, except and only to the extent that applicable law expressly permits, despite this limitation; · make more copies of the software than specified in this agreement or allowed by applicable law, despite this limitation; · publish the software for others to copy; · rent, lease or lend the software; · transfer the software or this agreement to any third party; or · use the software for commercial software hosting services. 3. DOCUMENTATION. Any person that has valid access to your computer or internal network may copy and use the documentation for your internal, reference purposes. 4. Export Restrictions. The software is subject to United States export laws and regulations. You must comply with all domestic and international export laws and regulations that apply to the software. These laws include restrictions on destinations, end users and end use. For additional information, see www.microsoft.com/exporting <http://www.microsoft.com/exporting>. 5. SUPPORT SERVICES. Because this software is "as is," we may not provide support services for it. 6. Entire Agreement. This agreement, and the terms for supplements, updates, Internet-based services and support services that you use, are the entire agreement for the software and support services. 7. Applicable Law. a. United States. If you acquired the software in the United States, Washington state law governs the interpretation of this agreement and applies to claims for breach of it, regardless of conflict of laws principles. The laws of the state where you live govern all other claims, including claims under state consumer protection laws, unfair competition laws, and in tort. b. Outside the United States. If you acquired the software in any other country, the laws of that country apply. 8. Legal Effect. This agreement describes certain legal rights. You may have other rights under the laws of your country. You may also have rights with respect to the party from whom you acquired the software. This agreement does not change your rights under the laws of your country if the laws of your country do not permit it to do so. 9. Disclaimer of Warranty. The software is licensed "as-is." You bear the risk of using it. SYSINTERNALS gives no express warranties, guarantees or conditions. You may have additional consumer rights under your local laws which this agreement cannot change. To the extent permitted under your local laws, SYSINTERNALS excludes the implied warranties of merchantability, fitness for a particular purpose and non-infringement. 10. Limitation on and Exclusion of Remedies and Damages. You can recover from SYSINTERNALS and its suppliers only direct damages up to U.S. $5.00. You cannot recover any other damages, including consequential, lost profits, special, indirect or incidental damages. This limitation applies to · anything related to the software, services, content (including code) on third party Internet sites, or third party programs; and · claims for breach of contract, breach of warranty, guarantee or condition, strict liability, negligence, or other tort to the extent permitted by applicable law. It also applies even if Sysinternals knew or should have known about the possibility of the damages. The above limitation or exclusion may not apply to you because your country may not allow the exclusion or limitation of incidental, consequential or other damages. Please note: As this software is distributed in Quebec, Canada, some of the clauses in this agreement are provided below in French. Remarque : Ce logiciel étant distribué au Québec, Canada, certaines des clauses dans ce contrat sont fournies ci-dessous en français. EXONÉRATION DE GARANTIE. Le logiciel visé par une licence est offert « tel quel ». Toute utilisation de ce logiciel est à votre seule risque et péril. Sysinternals n'accorde aucune autre garantie expresse. Vous pouvez bénéficier de droits additionnels en vertu du droit local sur la protection dues consommateurs, que ce contrat ne peut modifier. La ou elles sont permises par le droit locale, les garanties implicites de qualité marchande, d'adéquation à un usage particulier et d'absence de contrefaçon sont exclues. LIMITATION DES DOMMAGES-INTÉRÊTS ET EXCLUSION DE RESPONSABILITÉ POUR LES DOMMAGES. Vous pouvez obtenir de Sysinternals et de ses fournisseurs une indemnisation en cas de dommages directs uniquement à hauteur de 5,00 $ US. Vous ne pouvez prétendre à aucune indemnisation pour les autres dommages, y compris les dommages spéciaux, indirects ou accessoires et pertes de bénéfices. Cette limitation concerne : · tout ce qui est relié au logiciel, aux services ou au contenu (y compris le code) figurant sur des sites Internet tiers ou dans des programmes tiers ; et · les réclamations au titre de violation de contrat ou de garantie, ou au titre de responsabilité stricte, de négligence ou d'une autre faute dans la limite autorisée par la loi en vigueur. Elle s'applique également, même si Sysinternals connaissait ou devrait connaître l'éventualité d'un tel dommage. Si votre pays n'autorise pas l'exclusion ou la limitation de responsabilité pour les dommages indirects, accessoires ou de quelque nature que ce soit, il se peut que la limitation ou l'exclusion ci-dessus ne s'appliquera pas à votre égard. EFFET JURIDIQUE. Le présent contrat décrit certains droits juridiques. Vous pourriez avoir d'autres droits prévus par les lois de votre pays. Le présent contrat ne modifie pas les droits que vous confèrent les lois de votre pays si celles-ci ne le permettent pas. C'est quoi ce truc ? et voici le rapport diagHelp : DiagHelp version v1.4 - http://www.malekal.com excute le 05/09/2008 à 9:47:38,35 Liste des derniers fichies modifies/crees dans windir\system32 et prefetch C:\WINDOWS\prefetch\CMD.EXE-087B4001.pf -->05/09/2008 09:47:38 C:\WINDOWS\prefetch\CHCP.COM-18156052.pf -->05/09/2008 09:47:37 C:\WINDOWS\prefetch\AVWSC.EXE-347FCF75.pf -->05/09/2008 09:47:30 C:\WINDOWS\prefetch\NOTEPAD.EXE-336351A9.pf -->05/09/2008 09:41:55 C:\WINDOWS\prefetch\VERCLSID.EXE-3667BD89.pf -->05/09/2008 09:40:37 C:\WINDOWS\prefetch\WLLOGINPROXY.EXE-2D4B6027.pf -->05/09/2008 09:39:06 C:\WINDOWS\prefetch\IEXPLORE.EXE-27122324.pf -->05/09/2008 09:38:56 C:\WINDOWS\prefetch\REGEDIT.EXE-1B606482.pf -->05/09/2008 09:34:26 C:\WINDOWS\prefetch\IPCONFIG.EXE-2395F30B.pf -->05/09/2008 09:34:26 C:\WINDOWS\prefetch\FIND.EXE-0EC32F1E.pf -->05/09/2008 09:32:42 C:\WINDOWS\System32\drivers\mbamswissarmy.sys -->02/09/2008 00:16:46 C:\WINDOWS\System32\drivers\mbam.sys -->02/09/2008 00:16:40 C:\WINDOWS\System32\drivers\avipbb.sys -->22/08/2008 07:43:05 C:\WINDOWS\System32\drivers\SynTP.sys -->03/07/2008 15:53:20 C:\WINDOWS\System32\drivers\IBMBLDID.sys -->02/07/2008 00:22:06 C:\WINDOWS\System32\drivers\ANC.sys -->02/07/2008 00:22:04 C:\WINDOWS\System32\drivers\tcpip.sys -->20/06/2008 13:51:12 C:\WINDOWS\System32\PROCDB.INI -->05/09/2008 09:15:21 C:\WINDOWS\System32\TPHDLOG0.LOG -->05/09/2008 09:15:19 C:\WINDOWS\System32\IPSCtrl.INI -->05/09/2008 09:15:11 C:\WINDOWS\System32\oodbs.lor -->05/09/2008 09:14:57 C:\WINDOWS\System32\TPAPSLOG.LOG -->04/09/2008 14:25:02 C:\WINDOWS\System32\EGATHDRV.SYS -->03/09/2008 08:41:53 C:\WINDOWS\System32\mlfcache.dat -->02/09/2008 12:29:58 C:\WINDOWS\System32\PerfStringBackup.INI -->29/08/2008 10:41:04 C:\WINDOWS\System32\perfh00C.dat -->29/08/2008 10:41:04 C:\WINDOWS\System32\perfh009.dat -->29/08/2008 10:41:04 C:\WINDOWS\System32\perfc00C.dat -->29/08/2008 10:41:04 C:\WINDOWS\System32\perfc009.dat -->29/08/2008 10:41:04 C:\WINDOWS\System32\wpa.dbl -->28/08/2008 08:19:02 C:\WINDOWS\System32\spupdwxp.log -->28/08/2008 08:16:34 C:\WINDOWS\System32\FNTCACHE.DAT -->28/08/2008 08:15:38 C:\WINDOWS\System32\d3d9caps.dat -->22/08/2008 08:48:21 C:\WINDOWS\System32\TZLog.log -->18/08/2008 12:03:39 C:\WINDOWS\System32\TUKernel.exe -->09/08/2008 00:28:47 C:\WINDOWS\System32\CONFIG.NT -->05/08/2008 11:32:22 C:\WINDOWS\System32\MRT.exe -->05/08/2008 11:11:02 C:\WINDOWS\System32\TuneUpDefragService.exe -->23/07/2008 13:20:04 C:\WINDOWS\System32\cdm.dll -->18/07/2008 22:10:48 C:\WINDOWS\System32\wuauclt.exe -->18/07/2008 22:10:42 C:\WINDOWS\System32\wups2.dll -->18/07/2008 22:10:40 C:\WINDOWS\System32\wucltui.dll.mui -->18/07/2008 22:10:36 C:\WINDOWS\WindowsUpdate.log -->05/09/2008 09:18:32 C:\WINDOWS\setupapi.log -->05/09/2008 09:15:25 C:\WINDOWS\wiadebug.log -->05/09/2008 09:15:20 C:\WINDOWS\wiaservc.log -->05/09/2008 09:15:17 C:\WINDOWS\0.log -->05/09/2008 09:15:02 C:\WINDOWS\bootstat.dat -->05/09/2008 09:15:01 C:\WINDOWS\SchedLgU.Txt -->05/09/2008 09:13:48 C:\WINDOWS\msnfix.txt -->04/09/2008 11:26:46 C:\WINDOWS\npornap.INI -->31/08/2008 12:21:42 C:\WINDOWS\SynInst.log -->31/08/2008 12:12:25 C:\WINDOWS\setupact.log -->31/08/2008 12:12:11 C:\WINDOWS\iis6.log -->29/08/2008 07:45:02 C:\WINDOWS\tsoc.log -->29/08/2008 07:45:01 C:\WINDOWS\tabletoc.log -->29/08/2008 07:45:01 C:\WINDOWS\ocmsn.log -->29/08/2008 07:45:01 winlogon.exe svchost.exe ws2_32.dll user32.dll tcpip.sys ndis.sys null.sys ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ explorer.exe pid: 3520 Command line: C:\WINDOWS\Explorer.EXE Base Size Version Path 0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll 0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll 0x76610000 0x84000 5.131.2600.5512 C:\WINDOWS\system32\CRYPTUI.dll 0x44080000 0xd0000 7.00.6000.16705 C:\WINDOWS\system32\WININET.dll 0x00400000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll 0x43e00000 0x45000 7.00.6000.16705 C:\WINDOWS\system32\iertutil.dll 0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll 0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\comctl32.dll 0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll 0x76ac0000 0x11000 3.05.2284.0001 C:\WINDOWS\system32\ATL.DLL 0x44360000 0x5cd000 7.00.6000.16705 C:\WINDOWS\system32\ieframe.dll 0x44160000 0x127000 7.00.6000.16705 C:\WINDOWS\system32\urlmon.dll 0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll 0x7d200000 0x2bc000 3.01.4001.5512 C:\WINDOWS\system32\msi.dll 0x442b0000 0x3c000 7.00.6000.16705 C:\WINDOWS\system32\webcheck.dll 0x10000000 0x4e000 1.00.0000.0000 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL 0x5f800000 0xf2000 6.02.8071.0000 C:\WINDOWS\system32\MFC42u.DLL 0x61d70000 0xe000 6.00.8665.0000 C:\WINDOWS\system32\MFC42LOC.DLL 0x00ce0000 0xc000 C:\PROGRA~1\ThinkPad\UTILIT~1\FR\PWRMGRRT.DLL 0x00e10000 0x19000 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRIF.DLL 0x00f40000 0x7000 1.60.0000.0006 C:\WINDOWS\system32\Sensor.dll 0x02ed0000 0x36000 6.14.0010.4926 C:\WINDOWS\system32\igfxdev.dll 0x03060000 0x96000 2.00.0000.0000 C:\Program Files\Lenovo\Client Security Solution\tvtpwm_windows_hook.dll 0x015e0000 0x13000 5.01.0000.4700 C:\WINDOWS\system32\btmmhook.dll 0x74730000 0x3d000 3.525.1132.0000 C:\WINDOWS\system32\ODBC32.dll 0x1f840000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll 0x6bd10000 0x10000 12.00.4518.1014 C:\Program Files\Microsoft Office\Office12\msohevi.dll 0x78130000 0x9b000 8.00.50727.1433 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\MSVCR80.dll 0x00970000 0x2c000 C:\Program Files\WinRAR\rarext.dll 0x00c00000 0x16000 600.00.0000.0002 C:\Program Files\Free Download Manager\FUM\fumshext.dll 0x00c20000 0x9000 2.00.0000.0004 C:\PROGRA~1\TUNEUP~1\SDShelEx-win32.dll 0x00c30000 0x12000 7.00.0000.0015 C:\Program Files\Avira\AntiVir PersonalEdition Classic\shlext.dll 0x7c250000 0x102000 7.10.3077.0000 C:\Program Files\Avira\AntiVir PersonalEdition Classic\MFC71U.DLL 0x02b70000 0x56000 7.10.3052.0004 C:\Program Files\Avira\AntiVir PersonalEdition Classic\MSVCR71.dll 0x5d360000 0xf000 7.10.6030.0000 C:\WINDOWS\system32\MFC71FRA.DLL 0x1c600000 0x7000 1.19.0000.0001 C:\Program Files\Lenovo\SafeGuard PrivateDisk\pdshell.dll 0x1c000000 0xe6000 1.19.0000.0002 C:\Program Files\Lenovo\SafeGuard PrivateDisk\PDLib.dll 0x7c3c0000 0x7c000 7.10.6030.0000 C:\WINDOWS\system32\MSVCP71.dll 0x038c0000 0x138000 1.19.0000.0001 C:\Program Files\Lenovo\SafeGuard PrivateDisk\PDLib040c.dll 0x01400000 0x3000 1.19.0000.0001 C:\Program Files\Lenovo\SafeGuard PrivateDisk\PDShell040c.dll 0x03a00000 0x87000 10.00.0002.3363 C:\PROGRA~1\OOSOFT~1\DEFRAG~1\oodsh.dll 0x03a90000 0x4b000 10.00.0012.1681 C:\PROGRA~1\OOSOFT~1\DEFRAG~1\OODSHRS.DLL 0x03bc0000 0x12000 1.01.0000.0000 C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ winlogon.exe pid: 1648 Command line: winlogon.exe Base Size Version Path 0x01000000 0x82000 \??\C:\WINDOWS\system32\winlogon.exe 0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll 0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll 0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll 0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\COMCTL32.dll 0x74730000 0x3d000 3.525.1132.0000 C:\WINDOWS\system32\ODBC32.dll 0x1f840000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll 0x10000000 0x8f000 1.02.0059.0000 C:\WINDOWS\system32\tvt_gina.dll 0x00cb0000 0x21a000 7.00.0051.0000 C:\Program Files\Lenovo\Client Security Solution\css_gina_plugin.dll 0x00ed0000 0xd9000 7.00.0051.0000 C:\Program Files\Lenovo\Client Security Solution\css_wait_bar.dll 0x00ab0000 0x40000 7.00.0051.0000 C:\Program Files\Lenovo\Client Security Solution\cssuserdatadispatcher.dll 0x01090000 0x1ce000 7.00.0051.0000 C:\Program Files\Lenovo\Client Security Solution\csswait.dll 0x01260000 0xa8000 1.10.0051.0000 C:\Program Files\Fichiers communs\Lenovo\tvt_banner.dll 0x01310000 0x107000 7.00.0051.0000 C:\Program Files\Lenovo\Client Security Solution\cssdlgpwentry.dll 0x01420000 0x10f000 7.00.0051.0000 C:\Program Files\Lenovo\Client Security Solution\dlganswerprompt.dll 0x01530000 0x55000 1.01.0003.0006 C:\Program Files\Lenovo\Client Security Solution\tvttsp.dll 0x01590000 0xa2000 1.01.0003.0006 C:\Program Files\Lenovo\Client Security Solution\tcsrpc.dll 0x016c0000 0x859000 1.10.0051.0000 C:\Program Files\Fichiers communs\Lenovo\tvt_res.dll 0x7c140000 0x106000 7.10.6030.0000 C:\WINDOWS\system32\MFC71.DLL 0x7c360000 0x56000 7.10.6030.0000 C:\WINDOWS\system32\MSVCR71.dll 0x5d360000 0xf000 7.10.6030.0000 C:\WINDOWS\system32\MFC71FRA.DLL 0x316b0000 0x3c000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\pscssint.dll 0x4eb80000 0x1a6000 5.01.3102.5512 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5512_x-ww_dfb54e0c\gdiplus.dll 0x78130000 0x9b000 8.00.50727.1433 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\MSVCR80.dll 0x30000000 0x4b000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\infra.dll 0x31bb0000 0x11000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\VTI.DLL 0x02310000 0x8000 5.00.0000.0000 C:\Program Files\ThinkPad\ConnectUtilities\ACNotify.dll 0x02320000 0x2a000 5.00.0000.0000 C:\Program Files\ThinkPad\ConnectUtilities\AcSvcStub.dll 0x0a000000 0x30000 5.00.0000.0000 C:\Program Files\ThinkPad\ConnectUtilities\AcLocSettings.dll 0x7c3c0000 0x7c000 7.10.6030.0000 C:\WINDOWS\system32\MSVCP71.dll 0x02350000 0x18000 5.00.0000.0000 C:\Program Files\ThinkPad\ConnectUtilities\ACHelper.dll 0x02430000 0x1a000 5.06.0002.3649 C:\WINDOWS\system32\psqlpwd.dll 0x31320000 0x115000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\homefus2.dll 0x74da0000 0x6d000 5.30.0023.1230 C:\WINDOWS\system32\RICHED20.DLL 0x30280000 0x30f000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\homepass.dll 0x30680000 0x263000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\bio.dll 0x31690000 0xb000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\ps2css.dll 0x300a0000 0xc7000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\remote.dll 0x03170000 0x7000 1.00.0003.0000 C:\Program Files\Lenovo\HOTKEY\tphklock.dll 0x30200000 0x5a000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\crypto.dll 0x03530000 0xd000 2.00.0000.0000 C:\Program Files\Lenovo\AwayTask\AwayNotify.dll 0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll 0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL Le volume dans le lecteur C s'appelle Preload Le numéro de série du volume est 14CD-7516 Répertoire de C:\WINDOWS\system32 14/04/2008 04:33 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 28 259 106 816 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C s'appelle Preload Le numéro de série du volume est 14CD-7516 Répertoire de C:\WINDOWS\Downloaded Program Files 20/08/2008 01:20 <REP> . 20/08/2008 01:20 <REP> .. 26/03/2007 11:16 449 acpir.inf 12/12/2007 10:33 747 AdSignerADP.inf 08/06/2008 21:13 <REP> CONFLICT.1 26/01/2006 23:52 65 desktop.ini 11/04/2007 14:55 1 292 erma.inf 16/05/2007 09:22 399 gp.inf 16/03/2005 12:34 7 407 lang.ini 14/03/2005 14:38 126 live.ini 02/08/2007 15:47 569 MSNPUpld.inf 15/06/2007 09:02 632 392 OberonGameHost.dll 15/06/2007 09:01 332 OberonGameHost_dbg.inf 01/06/2006 02:57 1 331 oscan8.inf 14/03/2005 14:58 7 073 scanoptions.tsi 09/09/2005 18:45 1 516 wvc1dmo.inf 13 fichier(s) 653 698 octets Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.1 08/06/2008 21:13 <REP> . 08/06/2008 21:13 <REP> .. 20/06/2006 15:44 379 704 MsnPUpld.dll 19/06/2006 14:40 393 MsnPUpld.inf 20/06/2006 15:44 117 560 PURen-us.dll 09/01/2007 08:30 110 592 PURfr-fr.dll 4 fichier(s) 608 249 octets Total des fichiers listés : 17 fichier(s) 1 261 947 octets 5 Rép(s) 28 259 151 872 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues Export des clefs sensibles.. Liste des fichiers en exception sur le pare-feu XP SP2 "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\\WINDOWS\\system32\\rundll32.exe"="C:\\WINDOWS\\system32\\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application" "C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" "C:\\WINDOWS\\system32\\dpnsvr.exe"="C:\\WINDOWS\\system32\\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server" "C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox" "C:\\Program Files\\TmNationsForever\\TmForever.exe"="C:\\Program Files\\TmNationsForever\\TmForever.exe:*:Enabled:TmForever" "C:\\Program Files\\Winamp\\winamp.exe"="C:\\Program Files\\Winamp\\winamp.exe:*:Enabled:Winamp" "D:\\Livebox\\RGWRepair.exe"="D:\\Livebox\\RGWRepair.exe:*:Enabled:RGWRepair" "C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:LocalSubNet:Enabled:eMule" "C:\\Program Files\\eMule\\dserver.exe"="C:\\Program Files\\eMule\\dserver.exe:*:Enabled:dserver" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" Export de la clef SharedTaskScheduler [sharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" REGEDIT4 [taskmgr.exe] exports des policies REGEDIT4 [system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 Export des clefs sensibles.. Rechercher adresses sensibles dans le fichier HOSTS... 127.0.0.1 www.activexupdate.com 127.0.0.1 activexupdate.com 127.0.0.1 www.avpcheckupdate.com 127.0.0.1 avpcheckupdate.com 127.0.0.1 client.exeupdate.com 127.0.0.1 www.eupdatepage.com 127.0.0.1 eupdatepage.com 127.0.0.1 www.exeupdate.com 127.0.0.1 exeupdate.com 127.0.0.1 www.hotwinupdates.com 127.0.0.1 hotwinupdates.com 127.0.0.1 www.lavasoftupdate.com 127.0.0.1 lavasoftupdate.com 127.0.0.1 www.malwarewipeupdate.com 127.0.0.1 malwarewipeupdate.com 127.0.0.1 www.msupdate.net 127.0.0.1 msupdate.net 127.0.0.1 www.msupdater.net 127.0.0.1 msupdater.net 127.0.0.1 www.necessaryupdates.com 127.0.0.1 necessaryupdates.com 127.0.0.1 newupdates.lzio.com 127.0.0.1 redirect.msupdate.net 127.0.0.1 search.keyword.exeupdate.com 127.0.0.1 www.securityupdatesite.com 127.0.0.1 securityupdatesite.com 127.0.0.1 settings.updatemysettings.com 127.0.0.1 www.spyaxeupdate.com 127.0.0.1 spyaxeupdate.com 127.0.0.1 www.spyfalconupdate.com 127.0.0.1 spyfalconupdate.com 127.0.0.1 www.systemupdates.net 127.0.0.1 systemupdates.net 127.0.0.1 trial.updates.winsoftware.com 127.0.0.1 update.680180.net 127.0.0.1 www.updatemysettings.com 127.0.0.1 updatemysettings.com 127.0.0.1 updates.spywarequake.com 127.0.0.1 www.urgentsystemupdate.biz 127.0.0.1 urgentsystemupdate.biz 127.0.0.1 www.urgentsystemupdate.com 127.0.0.1 urgentsystemupdate.com 127.0.0.1 windupdates.com 127.0.0.1 update.shareaza.com 127.0.0.1 www.antispywareupdates.net 127.0.0.1 antispywareupdates.net 127.0.0.1 www.flwupdate.com 127.0.0.1 flwupdate.com 127.0.0.1 www.mpegupdate.com 127.0.0.1 mpegupdate.com 127.0.0.1 www.movupdate.com 127.0.0.1 movupdate.com 127.0.0.1 www.pandaantivirus-2007.com 127.0.0.1 pandaantivirus-2007.com 127.0.0.1 www.pandadownload-now.com 127.0.0.1 pandadownload-now.com 127.0.0.1 www.panda-hq.com 127.0.0.1 panda-hq.com catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-05 09:52:03 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden services & system hive ... scanning hidden registry entries ... [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System] "OODEFRAG10.00.00.01WORKSTATION"="D89080994D4813D016F6F62A6A914549CEEE7CD62532A71A9594484CFB2BCF3EBE0525D4A52 0FB0CA4268BF2B7E7D6D82E831A1799341734ADB64FD4CABF62278B661EBB76120711C547CB2D5752 850D3A422450EDAAEAE3C417720C0337F3182898DD1CFC0C8A7ACEF9FD2683C88C4F56A353F1F835E 1846A2402223679EB7EF0A6E804A55FB3E20A7EFB6EA7A2FB8C59C178AEC256147523F2620AAAD304 48B8BCD8C917C081ECB5BCB4DAE42139378DDBF57B0976EA99E5BA0CF95CF5CCE9C12B5B04284AC73 C833C29058D647D46B354C412BD6023D51FD60A6DF7F4A7DA48FEBC9E127BECC74CFEBC9E127BECC7 4CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC793 3A2D97226D213B5559DB7CE019D40AA5C9DB7CE019D40AA5CEEE5D9EEA86E62995E2AAA2C44707446 9ADD2F13269F97558A435AAE8A3D9B7A0F2E315CFC29D5F63607CDD45282A0856F1EE9FB202672185 8447E89DBF20B61184671FCF0E520B24AA3575D7D00AD2AF4A23D558E7FC3AD18B48A12F4E7F23746 1FED78A65CBFF1CE82DB2CB3C5ACA479A720E246CB4AF3CF21F58634A0E4E776BA3C2D2715B64B1CB C33DB4601305BEE78C89B81004BBC292C765C5EF6F7D0ADB036ACDBED0DCB2D7EF6B9E734D0246876 33AADCE1904DF28B0DBB1796454690AC7ABB96974B74A307074A32382A4FA018A0EFD98EE4E19D0BF 7026901690FEBEDE954081B02B741AC06C221B6DA1D72E495005E759AA5BF08BC3F448A08662D46AC A4C9CE437D6ED5DB8D142E07C0607C58A1B4DA84BC9474A53779DCC5F9E8202B8ED6622522B87F33C A51F0D6658F8DF54F0856FC3C77D7BF6441F24BEED47394A50E5743F6CEBA7BC98027F52747DE40BA EA525F2E6C4BDAF1339FC6DA4C51DBB4B2833B3E03AAE6952E4B1418F44A49C5D38F0D1197FD0EC0C E06EA48CDDCB439EC902FB050876E64C9AA63BB2ABB690899A26BD5C4B03064F720EC377C4C9B6547 FAC8F9D01E4C27A8E89D8B1CB43DCD7C72E1E4E03B60A67239851B1F6C4D9DB116AF3BC3CE7F0003F E7D74A2CBA4969B3A5C957D87FE036BF3F35A219BCC7B7F8793880F8D4BC5F4344158BB28C415FD0C 4E37519331ABEFC3F750904DDE4CE74927E7B963360180A8308B070905B10CC8A90CB5F1E083F1F2D 8CBA0098F1386A8A1D66F6C8CF207CF8DD7C9BE9187142AE8C928C7B9A3C79CDF0FA8E9AB04DBC63C 450057DC8DD2EFA8F76DAD5AE5463B879ACBD1AD592D315AD1249EC588C81B36185FE97AF491A44E2 07FD09350395C861C655CF2A33FF71940AF6B353F176DD3A4A5FB7B8650DAD4F32FB5367F65BF6ADF 5FC900B78108747711A61279705D58B98F7A3D5007D6128BD2FBFD5D28EFBCED471095FD59CDC20BA CBCBB3BE55A92967B65DD130B2EE1" scanning hidden files ... scan completed successfully hidden services: 0 hidden files: 0 KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Process list by traversal of KiWaitListHead 4 - System 236 - svchost.exe 496 - ACWLIcon.exe 696 - tvt_reg_monitor 712 - TPHDEXLG.exe 960 - AwaySch.EXE 1192 - AcSvc.exe 1308 - pdservice.exe 1324 - oodtray.exe 1376 - logmon.exe 1396 - IPSSVC.EXE 1444 - acs.exe 1480 - avguard.exe 1604 - mdm.exe 1624 - csrss.exe 1648 - winlogon.exe 1692 - services.exe 1704 - lsass.exe 1840 - ibmpmsvc.exe 1884 - svchost.exe 1892 - oodag.exe 1956 - svchost.exe 1996 - svchost.exe 2084 - fdm.exe 2380 - sqlservr.exe 2464 - alg.exe 3060 - avgnt.exe 3104 - ctfmon.exe 3112 - taskmgr.exe 3120 - BTSTAC~1.EXE 3176 - notepad.exe 3212 - MemOptimizer.ex 3220 - fum.exe 3240 - fumoei.exe 3272 - CamTray.exe 3300 - wcescomm.exe 3396 - winamp.exe 3416 - cssauth.exe 3468 - PicasaMediaDete 3500 - rapimgr.exe 3520 - explorer.exe 3732 - BTTray.exe 3844 - DLG.exe 3860 - SynTPEnh.exe 3892 - TpShocks.exe 3908 - TPOSDSVC.exe 4056 - SMax4.exe 4412 - cmd.exe 4684 - iexplore.exe 4688 - firefox.exe Total number of processes = 50 NOTE: Under WinXP, this will not show all processes. KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Driver/Module list by traversal of PsLoadedModuleList 804D7000 - \WINDOWS\system32\ntkrnlpa.exe 806E4000 - \WINDOWS\system32\hal.dll F7ABD000 - \WINDOWS\system32\KDCOM.DLL F79CD000 - \WINDOWS\system32\BOOTVID.dll F748D000 - ACPI.sys F7ABF000 - \WINDOWS\system32\DRIVERS\WMILIB.SYS F747C000 - pci.sys F75BD000 - isapnp.sys F79D1000 - compbatt.sys F79D5000 - \WINDOWS\system32\DRIVERS\BATTC.SYS F7B85000 - pciide.sys F783D000 - \WINDOWS\system32\DRIVERS\PCIIDEX.SYS F745E000 - pcmcia.sys F75CD000 - MountMgr.sys F743F000 - ftdisk.sys F7AC1000 - dmload.sys F7419000 - dmio.sys F7845000 - PartMgr.sys F79D9000 - ACPIEC.sys F7B86000 - \WINDOWS\system32\DRIVERS\OPRGHDLR.SYS F75DD000 - VolSnap.sys F7401000 - atapi.sys F7339000 - iaStor.sys F75ED000 - disk.sys F75FD000 - \WINDOWS\system32\DRIVERS\CLASSPNP.SYS F7319000 - fltmgr.sys F7307000 - sr.sys F760D000 - PxHelp20.sys F72F0000 - KSecDD.sys F7263000 - Ntfs.sys F7236000 - NDIS.sys F7218000 - Apsx86.sys F784D000 - ApsHM86.sys F761D000 - ohci1394.sys F762D000 - \WINDOWS\system32\DRIVERS\1394BUS.SYS F71FE000 - Mup.sys F765D000 - \SystemRoot\system32\DRIVERS\nic1394.sys F6BC3000 - \SystemRoot\system32\DRIVERS\intelppm.sys F5878000 - \SystemRoot\system32\DRIVERS\igxpmp32.sys F5864000 - \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS F583C000 - \SystemRoot\system32\DRIVERS\HDAudBus.sys F5811000 - \SystemRoot\system32\DRIVERS\b57xp32.sys F578A000 - \SystemRoot\system32\DRIVERS\ar5211.sys F7935000 - \SystemRoot\system32\DRIVERS\usbuhci.sys F5766000 - \SystemRoot\system32\DRIVERS\USBPORT.SYS F793D000 - \SystemRoot\system32\DRIVERS\usbehci.sys F573E000 - \SystemRoot\system32\drivers\tifm21.sys F572A000 - \SystemRoot\system32\DRIVERS\sdbus.sys F6BB3000 - \SystemRoot\system32\DRIVERS\i8042prt.sys F7945000 - \SystemRoot\system32\DRIVERS\kbdclass.sys F56F2000 - \SystemRoot\system32\DRIVERS\SynTP.sys F7B17000 - \SystemRoot\system32\DRIVERS\USBD.SYS F794D000 - \SystemRoot\system32\DRIVERS\mouclass.sys F7955000 - \SystemRoot\system32\DRIVERS\nscirda.sys F7AB1000 - \SystemRoot\system32\DRIVERS\irenum.sys F795D000 - \SystemRoot\system32\DRIVERS\atmeltpm.sys F7AB9000 - \SystemRoot\system32\DRIVERS\CmBatt.sys F71DA000 - \SystemRoot\system32\DRIVERS\ibmpmdrv.sys F6BA3000 - \SystemRoot\system32\DRIVERS\imapi.sys F7965000 - \SystemRoot\system32\drivers\iviaspi.sys F6B93000 - \SystemRoot\system32\DRIVERS\cdrom.sys F6B83000 - \SystemRoot\system32\DRIVERS\redbook.sys F56CF000 - \SystemRoot\system32\DRIVERS\ks.sys F55FE000 - \SystemRoot\system32\DRIVERS\btkrnl.sys F796D000 - \SystemRoot\system32\DRIVERS\tvtpktfilter.sys F7CD7000 - \SystemRoot\system32\DRIVERS\audstub.sys F7975000 - \SystemRoot\system32\DRIVERS\rasirda.sys F797D000 - \SystemRoot\system32\DRIVERS\TDI.SYS F6B73000 - \SystemRoot\system32\DRIVERS\rasl2tp.sys F71C6000 - \SystemRoot\system32\DRIVERS\ndistapi.sys F55E7000 - \SystemRoot\system32\DRIVERS\ndiswan.sys F6B63000 - \SystemRoot\system32\DRIVERS\raspppoe.sys F773D000 - \SystemRoot\system32\DRIVERS\raspptp.sys F55D6000 - \SystemRoot\system32\DRIVERS\psched.sys F774D000 - \SystemRoot\system32\DRIVERS\msgpc.sys F7985000 - \SystemRoot\system32\DRIVERS\ptilink.sys F798D000 - \SystemRoot\system32\DRIVERS\raspti.sys F55A6000 - \SystemRoot\system32\DRIVERS\rdpdr.sys F775D000 - \SystemRoot\system32\DRIVERS\termdd.sys F7995000 - \SystemRoot\system32\DRIVERS\psadd.sys F7B19000 - \SystemRoot\system32\DRIVERS\swenum.sys F5548000 - \SystemRoot\system32\DRIVERS\update.sys F7171000 - \SystemRoot\system32\DRIVERS\mssmbios.sys F778D000 - \SystemRoot\system32\DRIVERS\wsimd.sys F799D000 - \SystemRoot\system32\DRIVERS\btport.sys F5E8E000 - \SystemRoot\System32\Drivers\NDProxy.SYS AA5DB000 - \SystemRoot\system32\drivers\ADIHdAud.sys AA5B7000 - \SystemRoot\system32\drivers\portcls.sys F77BD000 - \SystemRoot\system32\drivers\drmk.sys AA5A0000 - \SystemRoot\system32\drivers\AEAudio.sys AA56C000 - \SystemRoot\system32\DRIVERS\HSFHWAZL.sys AA47A000 - \SystemRoot\system32\DRIVERS\HSF_DPV.sys AA3C7000 - \SystemRoot\system32\DRIVERS\HSF_CNXT.sys F788D000 - \SystemRoot\System32\Drivers\Modem.SYS A98E4000 - \SystemRoot\system32\DRIVERS\usbhub.sys F551C000 - \SystemRoot\System32\Drivers\i2omgmt.SYS F7B51000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS F7C89000 - \SystemRoot\System32\Drivers\Null.SYS F7B53000 - \SystemRoot\System32\Drivers\Beep.SYS A83B5000 - \SystemRoot\system32\DRIVERS\HIDPARSE.SYS A83AD000 - \SystemRoot\System32\drivers\vga.sys F7B55000 - \SystemRoot\System32\Drivers\mnmdd.SYS F7B59000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys A83A5000 - \SystemRoot\System32\Drivers\Msfs.SYS A839D000 - \SystemRoot\System32\Drivers\Npfs.SYS F5514000 - \SystemRoot\system32\DRIVERS\rasacd.sys A5A93000 - \SystemRoot\system32\DRIVERS\ipsec.sys A5A3A000 - \SystemRoot\system32\DRIVERS\tcpip.sys A5A12000 - \SystemRoot\system32\DRIVERS\netbt.sys A59EC000 - \SystemRoot\system32\DRIVERS\ipnat.sys A59CA000 - \SystemRoot\System32\drivers\afd.sys A845E000 - \SystemRoot\system32\DRIVERS\netbios.sys A8395000 - \SystemRoot\System32\drivers\TSMAPIP.SYS A838D000 - \SystemRoot\System32\drivers\Tppwrif.sys A8385000 - \SystemRoot\system32\DRIVERS\TPHKDRV.sys A837D000 - \SystemRoot\System32\drivers\TDSMAPI.SYS A77B5000 - \SystemRoot\system32\DRIVERS\ssmdrv.sys A77AD000 - \SystemRoot\System32\drivers\Smapint.sys A588F000 - \SystemRoot\system32\DRIVERS\rdbss.sys A581F000 - \SystemRoot\system32\DRIVERS\mrxsmb.sys F7B5B000 - \??\C:\WINDOWS\system32\Drivers\IBMBLDID.sys A843E000 - \SystemRoot\System32\Drivers\Fips.SYS A7C10000 - \SystemRoot\system32\DRIVERS\wanarp.sys A7C00000 - \SystemRoot\system32\DRIVERS\arp1394.sys A55A4000 - \SystemRoot\system32\DRIVERS\avipbb.sys A9B58000 - \SystemRoot\system32\DRIVERS\hidusb.sys A7BD0000 - \SystemRoot\system32\DRIVERS\HIDCLASS.SYS F7B5F000 - \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys A9B54000 - \SystemRoot\System32\drivers\ANC.SYS A599A000 - \SystemRoot\System32\Drivers\tcusb.sys A51A2000 - \SystemRoot\system32\DRIVERS\USBSTOR.SYS A7B23000 - \SystemRoot\system32\DRIVERS\mouhid.sys 9BAD9000 - \SystemRoot\System32\Drivers\Fastfat.SYS 9BA11000 - \SystemRoot\System32\Drivers\dump_iaStor.sys BF800000 - \SystemRoot\System32\win32k.sys 9D4A6000 - \SystemRoot\System32\drivers\Dxapi.sys 9C388000 - \SystemRoot\System32\watchdog.sys BF000000 - \SystemRoot\System32\drivers\dxg.sys F7C45000 - \SystemRoot\System32\drivers\dxgthk.sys BF024000 - \SystemRoot\System32\igxpgd32.dll BF012000 - \SystemRoot\System32\igxprd32.dll BF04F000 - \SystemRoot\System32\igxpdv32.DLL BF1E7000 - \SystemRoot\System32\igxpdx32.DLL 9C077000 - \??\C:\Program Files\Fichiers communs\ThinkVantage Fingerprint Software\Drivers\smihlp.sys 9B9FB000 - \SystemRoot\system32\DRIVERS\irda.sys 9B9E5000 - \SystemRoot\system32\DRIVERS\nwlnkipx.sys F6BF3000 - \SystemRoot\system32\DRIVERS\nwlnknb.sys 9F922000 - \SystemRoot\system32\DRIVERS\ndisuio.sys 9B995000 - \SystemRoot\system32\DRIVERS\nwrdr.sys 9B968000 - \SystemRoot\system32\DRIVERS\mrxdav.sys A22EB000 - \SystemRoot\system32\DRIVERS\PROCDD.SYS F7AC9000 - \??\C:\WINDOWS\SYSTEM32\EGATHDRV.SYS 9F155000 - \SystemRoot\system32\DRIVERS\mdmxsdk.sys 9B84E000 - \SystemRoot\system32\DRIVERS\srv.sys 9D979000 - \SystemRoot\system32\DRIVERS\nwlnkspx.sys 9B812000 - \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys F7AEB000 - \??\C:\WINDOWS\System32\drivers\pmemnt.sys A4063000 - \??\C:\Program Files\Lenovo\SafeGuard PrivateDisk\PrivateDiskM.sys F7C59000 - \??\C:\Program Files\SMI2\smi2.sys A2ED1000 - \SystemRoot\System32\Drivers\Cdfs.SYS 9B7BA000 - \??\C:\WINDOWS\system32\drivers\tvtfilter.sys 9B1E5000 - \SystemRoot\system32\drivers\wdmaud.sys A2F41000 - \SystemRoot\system32\drivers\sysaudio.sys 9A3F2000 - \SystemRoot\System32\Drivers\btwusb.sys 9A374000 - \SystemRoot\system32\DRIVERS\btwdndis.sys 9A2F4000 - \SystemRoot\system32\drivers\btaudio.sys 9A032000 - \SystemRoot\system32\drivers\kmixer.sys F7C25000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys Total number of drivers = 168 Liste des programmes installes 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office system Access - Aide Activation Assistant for the 2007 Microsoft Office suites Activation Assistant for the 2007 Microsoft Office suites Adobe AIR Adobe Flash Player 9 ActiveX Adobe Flash Player ActiveX Adobe Flash Player Plugin Apple Software Update Archiveur WinRAR Assistant de connexion Windows Live Assistant UltraNav ThinkPad Audacity 1.3.5 (Unicode) Avira AntiVir Personal - Free Antivirus CCleaner (remove only) Client Security Solution Configuration du ThinkPad Correctif pour Windows Internet Explorer 7 (KB947864) Correctif pour Windows XP (KB952287) Creative WebCam Center Creative WebCam NX Ultra Driver (1.01.03.0112) eMule ffdshow [rev 1977] [2008-05-28] Fichiers de prise en charge de l'installation de Microsoft SQL Server (Français) Fonctions d'accessibilité TrackPoint Free Download Manager 2.5 Free Easy Burner V 3.8 FTP Utility G-Force GDR 3068 for SQL Server Database Services 2005 ENU (KB948109) Gestionnaire d'alimentation ThinkPad Gestionnaire de contacts professionnels pour Outlook 2007 SP1 Gestionnaire de contacts professionnels pour Outlook 2007 SP1 Gestionnaire de présentation getPlus®_ocx GIMP 2.4.4 Help Center HijackThis 2.0.2 Incrustation InfraRecorder Integrated camera Intel® Graphics Media Accelerator Driver InterVideo Register Manager InterVideo WinDVD InterVideo WinDVD Creator 3 Java 6 Update 7 LADSPA_plugins-win-0.4.15 Lecteur Windows Media 10 Macromedia Flash Player 8 Maintenance Manager Malwarebytes' Anti-Malware Media Player Classic fr Message Center Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Hotfix (KB928366) Microsoft .NET Framework 2.0 Language Pack - FRA Microsoft .NET Framework 2.0 Service Pack 1 Microsoft ActiveSync Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Office 2003 Web Components Microsoft Office 2007 Primary Interop Assemblies Microsoft Office Access MUI (French) 2007 Microsoft Office Excel MUI (French) 2007 Microsoft Office InfoPath MUI (French) 2007 Microsoft Office Language Pack 2007 Service Pack 1 (SP1) Microsoft Office Language Pack 2007 Service Pack 1 (SP1) Microsoft Office Outlook MUI (French) 2007 Microsoft Office PowerPoint MUI (French) 2007 Microsoft Office Professional Hybrid 2007 Microsoft Office Professional Plus 2007 Microsoft Office Professional Plus 2007 Microsoft Office Proof (Arabic) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (French) 2007 Microsoft Office Publisher MUI (French) 2007 Microsoft Office Shared MUI (French) 2007 Microsoft Office Small Business Connectivity Components Microsoft Office Word MUI (French) 2007 Microsoft Software Update for Web Folders (French) 12 Microsoft SQL Server 2005 Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) Microsoft SQL Server Native Client Microsoft SQL Server VSS Writer Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable Microsoft Works 6-9 Converter Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782) Mise à jour de sécurité pour Step by Step Interactive Training (KB923723) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838) Mise à jour de sécurité pour Windows XP (KB941569) Mise à jour de sécurité pour Windows XP (KB946648) Mise à jour de sécurité pour Windows XP (KB950760) Mise à jour de sécurité pour Windows XP (KB950762) Mise à jour de sécurité pour Windows XP (KB950974) Mise à jour de sécurité pour Windows XP (KB951066) Mise à jour de sécurité pour Windows XP (KB951376-v2) Mise à jour de sécurité pour Windows XP (KB951376) Mise à jour de sécurité pour Windows XP (KB951698) Mise à jour de sécurité pour Windows XP (KB951748) Mise à jour de sécurité pour Windows XP (KB952954) Mise à jour de sécurité pour Windows XP (KB953839) Mise à jour pour Windows XP (KB951072-v2) Mise à jour pour Windows XP (KB951978) Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA Montpellier Business Plan Classic Mozilla Firefox (3.0.1) MSXML 4.0 SP2 (KB936181) MSXML 6.0 Parser (KB933579) O&O Defrag Professional Edition OpenOffice.org Installer 1.0 Orange Plug-in messagerie vocale 888 PC-Doctor 5 pour Windows Picasa 2 QuickTime RecordNow Audio RecordNow Copy RecordNow Data Remove Multimedia Center Rescue and Recovery Rescue and Recovery Critical Patch for Windows Update (KB917422) Security Update for 2007 Microsoft Office System (KB951596) Security Update for 2007 Microsoft Office System (KB951596) Security Update for CAPICOM (KB931906) Security Update for CAPICOM (KB931906) Security Update for Microsoft Office Excel 2007 (KB951546) Security Update for Microsoft Office Excel 2007 (KB951546) Security Update for Microsoft Office PowerPoint 2007 (KB951338) Security Update for Microsoft Office PowerPoint 2007 (KB951338) Security Update for Microsoft Office Publisher 2007 (KB950114) Security Update for Microsoft Office Publisher 2007 (KB950114) Security Update for Microsoft Office Word 2007 (KB950113) Security Update for Microsoft Office Word 2007 (KB950113) Security Update for Visio 2007 (KB947590) Security Update for Visio 2007 (KB947590) ServerMaker 2001 SoundMAX Sumatra PDF reader Supplément à Productivity Center pour ThinkPad System Migration Assistant System Update Système de protection active ThinkVantage Texas Instruments PCIxx21/x515/xx12 drivers. ThinkPad Bluetooth with Enhanced Data Rate Software ThinkPad FullScreen Magnifier ThinkPad Modem ThinkPad PC Card Power Policy ThinkPad Power Management Driver ThinkPad UltraNav Driver ThinkPad Wireless LAN Adapters Software (11a/b, 11b/g, 11a/b/g) ThinkVantage Access Connections ThinkVantage Fingerprint Software 5.6 ThinkVantage Productivity Center ThinkVantage Technologies Welcome Message TIPCI Total Commander (Remove or Repair) TuneUp Utilities 2008 Update for Microsoft Office Outlook 2007 (KB952142) Update for Microsoft Office Outlook 2007 (KB952142) Update for Office 2007 (KB946691) Update for Office 2007 (KB946691) Update for Outlook 2007 Junk Email Filter (kb955433) Update for Outlook 2007 Junk Email Filter (kb955433) Utilitaire de personnalisation du clavier ThinkPad Utilitaire ThinkPad EasyEject Utilitaire ThinkPad UltraNav VideoLAN VLC media player 0.8.6f Wallpapers WebFldrs XP Winamp Windows Live installer Windows Live Messenger Windows Live Toolbar Windows Live Toolbar Windows Media Connect Windows Media Format Runtime Windows Media Player 10 Hotfix - KB894476 Windows Media Player Firefox Plugin Windows XP Service Pack 3 XP Themes Le volume dans le lecteur C s'appelle Preload Le numéro de série du volume est 14CD-7516 Répertoire de C:\Program Files 04/09/2008 10:38 <REP> . 04/09/2008 10:38 <REP> .. 27/04/2008 18:55 <REP> Activation Assistant for the 2007 Microsoft Office suites 06/08/2008 12:20 <REP> Adobe 10/02/2008 23:40 <REP> Alwil Software 10/02/2008 18:27 <REP> Analog Devices 22/08/2008 10:05 <REP> Apple Software Update 04/09/2008 10:33 <REP> Audacity 1.3 Beta (Unicode) 05/08/2008 11:40 <REP> Avira 07/03/2008 10:50 <REP> CapAlpha 19/05/2008 12:11 <REP> CCleaner 25/01/2006 19:50 <REP> ComPlus Applications 10/02/2008 18:27 <REP> CONEXANT 02/05/2008 14:32 <REP> Creative 27/04/2008 18:55 <REP> Dactylo 27/04/2008 18:55 <REP> Digital Line Detect 29/08/2008 00:44 <REP> eMule 02/08/2008 13:47 <REP> FairUse Wizard 2 31/05/2008 13:37 <REP> ffdshow 03/08/2008 08:47 <REP> Fichiers communs 28/08/2008 18:53 <REP> Foxit Software 31/08/2008 12:10 <REP> Free Download Manager 07/07/2008 07:50 <REP> Free Easy Burner 29/02/2008 06:35 <REP> GIMP-2.0 02/08/2008 23:51 <REP> Google 19/05/2008 15:57 <REP> InfraRecorder 12/02/2008 02:31 <REP> Intel 18/08/2008 12:03 <REP> Internet Explorer 28/05/2008 09:53 <REP> InterVideo 26/05/2008 13:28 <REP> Inventel 28/08/2008 18:55 <REP> Java 17/04/2008 14:24 <REP> K-Lite Codec Pack 22/02/2008 17:05 <REP> KONICA MINOLTA 22/08/2008 08:19 <REP> Lenovo 02/09/2008 09:54 <REP> Malwarebytes' Anti-Malware 27/04/2008 18:59 <REP> Media Player Classic 28/08/2008 08:11 <REP> Messenger 27/04/2008 18:59 <REP> Microsoft ActiveSync 11/02/2008 14:53 <REP> Microsoft CAPICOM 2.1.0.2 25/01/2006 19:57 <REP> microsoft frontpage 10/02/2008 19:02 <REP> Microsoft Office 10/02/2008 19:02 <REP> Microsoft Small Business 23/07/2008 20:03 <REP> Microsoft SQL Server 10/02/2008 18:55 <REP> Microsoft Visual Studio 10/02/2008 23:32 <REP> Microsoft Visual Studio 8 27/04/2008 18:54 <REP> Microsoft Works 10/02/2008 18:55 <REP> Microsoft.NET 28/08/2008 08:07 <REP> Movie Maker 05/09/2008 09:17 <REP> Mozilla Firefox 10/02/2008 23:35 <REP> MSBuild 25/01/2006 19:49 <REP> MSN 25/01/2006 19:49 <REP> MSN Gaming Zone 10/02/2008 18:23 <REP> MSXML 4.0 11/02/2008 14:53 <REP> MSXML 6.0 31/05/2008 15:28 <REP> Multimedia Center for Think Offerings 28/08/2008 08:03 <REP> NetMeeting 27/04/2008 18:59 <REP> NetWaiting 27/04/2008 18:59 <REP> Online Services 11/02/2008 00:19 <REP> OO Software 02/03/2008 10:56 <REP> orange 28/08/2008 08:03 <REP> Outlook Express 03/05/2008 09:47 <REP> PCDR5 02/08/2008 23:51 <REP> Picasa2 13/06/2008 09:53 <REP> QuickTime 27/04/2008 19:00 <REP> Services en ligne 27/04/2008 19:00 <REP> SMI2 25/05/2008 12:38 <REP> SoundSpectrum 28/08/2008 19:21 <REP> SumatraPDF 14/08/2008 13:52 <REP> Sun 10/02/2008 18:25 <REP> Synaptics 12/02/2008 02:43 <REP> ThinkPad 28/05/2008 09:54 <REP> ThinkVantage 27/04/2008 19:00 <REP> ThinkVantage Fingerprint Software 27/04/2008 19:26 <REP> TmNationsForever 06/08/2008 09:41 <REP> Trend Micro 22/08/2008 08:37 <REP> TuneUp Utilities 2008 27/04/2008 19:00 <REP> TVT SMBus 05/06/2008 11:09 <REP> VideoLAN 23/07/2008 13:16 <REP> Winamp 28/02/2008 19:55 <REP> Windows Desktop Search 11/02/2008 22:10 <REP> Windows Live 27/04/2008 19:00 <REP> Windows Live Toolbar 27/04/2008 19:00 <REP> Windows Media Connect 2 28/08/2008 08:03 <REP> Windows Media Player 28/08/2008 08:03 <REP> Windows NT 27/04/2008 19:00 <REP> WinRAR 25/01/2006 19:57 <REP> xerox 0 fichier(s) 0 octets 87 Rép(s) 28 258 312 192 octets libres Le volume dans le lecteur C s'appelle Preload Le numéro de série du volume est 14CD-7516 Répertoire de C:\Program Files\fichiers communs 03/08/2008 08:47 <REP> . 03/08/2008 08:47 <REP> .. 06/08/2008 12:20 <REP> Adobe 24/06/2008 10:51 <REP> Adobe AIR 03/08/2008 08:48 <REP> AVSMedia 27/04/2008 18:55 <REP> DESIGNER 26/05/2008 13:28 278 528 FDEUnInstaller.exe 31/05/2008 15:30 <REP> Installshield 12/02/2008 03:01 <REP> InterVideo 17/04/2008 13:31 <REP> Java 27/05/2008 15:53 <REP> Lenovo 03/08/2008 08:47 <REP> Microsoft Shared 25/01/2006 19:51 <REP> MSSoap 12/02/2008 00:36 <REP> NSV 04/07/2008 05:59 <REP> Oberon Media 25/01/2006 11:45 <REP> ODBC 25/01/2006 19:51 <REP> Services 27/04/2008 18:56 <REP> snp2std 27/04/2008 18:56 <REP> Sonic Shared 25/01/2006 11:44 <REP> SpeechEngines 13/02/2008 08:59 <REP> Symantec Shared 28/08/2008 08:03 <REP> System 12/02/2008 02:48 <REP> ThinkVantage Fingerprint Software 03/08/2008 11:44 <REP> Wise Installation Wizard 1 fichier(s) 278 528 octets 23 Rép(s) 28 258 320 384 octets libres Le volume dans le lecteur C s'appelle Preload Le numéro de série du volume est 14CD-7516 Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 01/08/2008 18:30 <REP> . 01/08/2008 18:30 <REP> .. 27/04/2008 18:56 <REP> 1036 28/08/2007 23:55 973 168 MSONSEXT.DLL 26/10/2006 21:12 40 256 MSOSV.DLL 03/06/1999 22:09 122 937 MSOWS409.DLL 07/03/2001 17:00 127 033 MSOWS40c.DLL 4 fichier(s) 1 263 394 octets 3 Rép(s) 28 258 320 384 octets libres c:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe c:\Documents and Settings\All Users\Application Data\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe c:\Documents and Settings\Régis Granger\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe c:\Documents and Settings\Régis Granger\Application Data\Microsoft\Installer\{53480330-E1D1-41CA-B8F8-7F78644F7F50}\ARPPRODUCTICON.exe c:\Documents and Settings\Régis Granger\Application Data\Microsoft\Installer\{53480330-E1D1-41CA-B8F8-7F78644F7F50}\oodcnt_ds.53480420_ED54_41F1_B802_5A3B83DAF067.exe c:\Documents and Settings\Régis Granger\Application Data\Microsoft\Installer\{53480330-E1D1-41CA-B8F8-7F78644F7F50}\oodcnt_exe.53480420_ED54_41F1_B802_5A3B83DAF067.exe c:\Documents and Settings\Régis Granger\Application Data\Microsoft\Installer\{EDA1C1F7-F27E-4B20-B9BC-39964452DBB1}\ARPPRODUCTICON.exe c:\Documents and Settings\Régis Granger\Application Data\Microsoft\Installer\{EDA1C1F7-F27E-4B20-B9BC-39964452DBB1}\NewShortcut1_EDA1C1F7F27E4B20B9BC39964452DBB1.exe c:\Documents and Settings\Régis Granger\Application Data\Microsoft\Installer\{EDA1C1F7-F27E-4B20-B9BC-39964452DBB1}\NewShortcut2_EDA1C1F7F27E4B20B9BC39964452DBB1.exe c:\Documents and Settings\Régis Granger\Bureau\OTViewIt.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\catchme.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\diff.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\dumphive.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\find2.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\Fport.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\grep.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\gzip.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\KProcCheck.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\LFiles.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\LISTDLLS.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\md5sums.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\pslist.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\sigcheck.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\streams.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\swreg.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\tar.exe c:\Documents and Settings\Régis Granger\Bureau\HJT\HJTInstall.exe c:\Documents and Settings\Régis Granger\Bureau\MSNFix\incl\catchme.exe c:\Documents and Settings\Régis Granger\Bureau\MSNFix\incl\Hostsclean.exe c:\Documents and Settings\Régis Granger\Bureau\MSNFix\incl\MD5File.exe c:\Documents and Settings\Régis Granger\Bureau\MSNFix\incl\Process.exe c:\Documents and Settings\Régis Granger\Bureau\MSNFix\incl\setpath.exe c:\Documents and Settings\Régis Granger\Bureau\MSNFix\incl\swreg.exe c:\Documents and Settings\Régis Granger\Bureau\MSNFix\incl\zip.exe c:\Documents and Settings\Administrateur\Local Settings\Application Data\Seven Zip\Codecs\7zAes.dll c:\Documents and Settings\Administrateur\Local Settings\Application Data\Seven Zip\Codecs\Aes.dll c:\Documents and Settings\Administrateur\Local Settings\Application Data\Seven Zip\Codecs\Branch.dll c:\Documents and Settings\Administrateur\Local Settings\Application Data\Seven Zip\Codecs\Copy.dll c:\Documents and Settings\Administrateur\Local Settings\Application Data\Seven Zip\Codecs\LZMA.dll c:\Documents and Settings\Administrateur\Local Settings\Application Data\Seven Zip\Codecs\Swap.dll c:\Documents and Settings\Administrateur\Local Settings\Application Data\Seven Zip\Formats\7z.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aebb.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aecore.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aeemu.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aegen.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aehelp.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aeheur.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aeoffice.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aepack.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aerdl.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aescn.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aescript.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aevdf.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\core.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\file.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\fmod.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\gfx2d.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\gfx2d_dd7.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\imglib.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\jpeg.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\logger.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\luxor_ar_web.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\net.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\snd3d.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\snd3d_fmod.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\ui2.dll c:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\zone\zuma\Zuma.dll c:\Documents and Settings\All Users\Application Data\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\mia.dll c:\Documents and Settings\Default User\Local Settings\Application Data\Seven Zip\Codecs\7zAes.dll c:\Documents and Settings\Default User\Local Settings\Application Data\Seven Zip\Codecs\Aes.dll c:\Documents and Settings\Default User\Local Settings\Application Data\Seven Zip\Codecs\Branch.dll c:\Documents and Settings\Default User\Local Settings\Application Data\Seven Zip\Codecs\Copy.dll c:\Documents and Settings\Default User\Local Settings\Application Data\Seven Zip\Codecs\LZMA.dll c:\Documents and Settings\Default User\Local Settings\Application Data\Seven Zip\Codecs\Swap.dll c:\Documents and Settings\Default User\Local Settings\Application Data\Seven Zip\Formats\7z.dll c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll c:\Documents and Settings\Régis Granger\Application Data\Microsoft\IdentityCRL\PROD\ppcrlconfig.dll c:\Documents and Settings\Régis Granger\Application Data\Microsoft\IdentityCRL\Production\ppcrlconfig.dll c:\Documents and Settings\Régis Granger\Application Data\Mozilla\Firefox\Profiles\pq5irnan.default\extensions\[email protected]\platform\WINNT_x86-msvc\plugins\js32.dll c:\Documents and Settings\Régis Granger\Application Data\Mozilla\Firefox\Profiles\pq5irnan.default\extensions\[email protected]\platform\WINNT_x86-msvc\plugins\npOberonGameHost.dll c:\Documents and Settings\Régis Granger\Application Data\Mozilla\Firefox\Profiles\pq5irnan.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}\plugins\npietab.dll c:\Documents and Settings\Régis Granger\Local Settings\Application Data\Seven Zip\Codecs\7zAes.dll c:\Documents and Settings\Régis Granger\Local Settings\Application Data\Seven Zip\Codecs\Aes.dll c:\Documents and Settings\Régis Granger\Local Settings\Application Data\Seven Zip\Codecs\Branch.dll c:\Documents and Settings\Régis Granger\Local Settings\Application Data\Seven Zip\Codecs\Copy.dll c:\Documents and Settings\Régis Granger\Local Settings\Application Data\Seven Zip\Codecs\LZMA.dll c:\Documents and Settings\Régis Granger\Local Settings\Application Data\Seven Zip\Codecs\Swap.dll c:\Documents and Settings\Régis Granger\Local Settings\Application Data\Seven Zip\Formats\7z.dll ****** Fin du rapport DiagHelp C:\WINDOWS\prefetch\FIREFOX.EXE-28641590.pf -->05/09/2008 09:17:38 C:\WINDOWS\prefetch\TASKMGR.EXE-20256C55.pf -->05/09/2008 09:17:20 C:\WINDOWS\prefetch\BTSTAC~1.EXE-22A3B15B.pf -->05/09/2008 09:17:12 C:\WINDOWS\System32\drivers\mbamswissarmy.sys -->02/09/2008 00:16:46 C:\WINDOWS\System32\drivers\mbam.sys -->02/09/2008 00:16:40 C:\WINDOWS\System32\drivers\avipbb.sys -->22/08/2008 07:43:05 C:\WINDOWS\System32\drivers\SynTP.sys -->03/07/2008 15:53:20 C:\WINDOWS\System32\drivers\IBMBLDID.sys -->02/07/2008 00:22:06 C:\WINDOWS\System32\drivers\ANC.sys -->02/07/2008 00:22:04 C:\WINDOWS\System32\drivers\tcpip.sys -->20/06/2008 13:51:12 C:\WINDOWS\System32\PROCDB.INI -->05/09/2008 09:15:21 C:\WINDOWS\System32\TPHDLOG0.LOG -->05/09/2008 09:15:19 C:\WINDOWS\System32\IPSCtrl.INI -->05/09/2008 09:15:11 C:\WINDOWS\System32\oodbs.lor -->05/09/2008 09:14:57 C:\WINDOWS\System32\TPAPSLOG.LOG -->04/09/2008 14:25:02 C:\WINDOWS\System32\EGATHDRV.SYS -->03/09/2008 08:41:53 C:\WINDOWS\System32\mlfcache.dat -->02/09/2008 12:29:58 C:\WINDOWS\System32\PerfStringBackup.INI -->29/08/2008 10:41:04 C:\WINDOWS\System32\perfh00C.dat -->29/08/2008 10:41:04 C:\WINDOWS\System32\perfh009.dat -->29/08/2008 10:41:04 C:\WINDOWS\System32\perfc00C.dat -->29/08/2008 10:41:04 C:\WINDOWS\System32\perfc009.dat -->29/08/2008 10:41:04 C:\WINDOWS\System32\wpa.dbl -->28/08/2008 08:19:02 C:\WINDOWS\System32\spupdwxp.log -->28/08/2008 08:16:34 C:\WINDOWS\System32\FNTCACHE.DAT -->28/08/2008 08:15:38 C:\WINDOWS\System32\d3d9caps.dat -->22/08/2008 08:48:21 C:\WINDOWS\System32\TZLog.log -->18/08/2008 12:03:39 C:\WINDOWS\System32\TUKernel.exe -->09/08/2008 00:28:47 C:\WINDOWS\System32\CONFIG.NT -->05/08/2008 11:32:22 C:\WINDOWS\System32\MRT.exe -->05/08/2008 11:11:02 C:\WINDOWS\System32\TuneUpDefragService.exe -->23/07/2008 13:20:04 C:\WINDOWS\System32\cdm.dll -->18/07/2008 22:10:48 C:\WINDOWS\System32\wuauclt.exe -->18/07/2008 22:10:42 C:\WINDOWS\System32\wups2.dll -->18/07/2008 22:10:40 C:\WINDOWS\System32\wucltui.dll.mui -->18/07/2008 22:10:36 C:\WINDOWS\WindowsUpdate.log -->05/09/2008 09:18:32 C:\WINDOWS\setupapi.log -->05/09/2008 09:15:25 C:\WINDOWS\wiadebug.log -->05/09/2008 09:15:20 C:\WINDOWS\wiaservc.log -->05/09/2008 09:15:17 C:\WINDOWS\0.log -->05/09/2008 09:15:02 C:\WINDOWS\bootstat.dat -->05/09/2008 09:15:01 C:\WINDOWS\SchedLgU.Txt -->05/09/2008 09:13:48 C:\WINDOWS\msnfix.txt -->04/09/2008 11:26:46 C:\WINDOWS\npornap.INI -->31/08/2008 12:21:42 C:\WINDOWS\SynInst.log -->31/08/2008 12:12:25 C:\WINDOWS\setupact.log -->31/08/2008 12:12:11 C:\WINDOWS\iis6.log -->29/08/2008 07:45:02 C:\WINDOWS\tsoc.log -->29/08/2008 07:45:01 C:\WINDOWS\tabletoc.log -->29/08/2008 07:45:01 C:\WINDOWS\ocmsn.log -->29/08/2008 07:45:01 winlogon.exe svchost.exe ws2_32.dll user32.dll tcpip.sys ndis.sys null.sys ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ explorer.exe pid: 3520 Command line: C:\WINDOWS\Explorer.EXE Base Size Version Path 0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll 0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll 0x76610000 0x84000 5.131.2600.5512 C:\WINDOWS\system32\CRYPTUI.dll 0x44080000 0xd0000 7.00.6000.16705 C:\WINDOWS\system32\WININET.dll 0x00400000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll 0x43e00000 0x45000 7.00.6000.16705 C:\WINDOWS\system32\iertutil.dll 0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll 0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\comctl32.dll 0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll 0x76ac0000 0x11000 3.05.2284.0001 C:\WINDOWS\system32\ATL.DLL 0x44360000 0x5cd000 7.00.6000.16705 C:\WINDOWS\system32\ieframe.dll 0x44160000 0x127000 7.00.6000.16705 C:\WINDOWS\system32\urlmon.dll 0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll 0x7d200000 0x2bc000 3.01.4001.5512 C:\WINDOWS\system32\msi.dll 0x442b0000 0x3c000 7.00.6000.16705 C:\WINDOWS\system32\webcheck.dll 0x10000000 0x4e000 1.00.0000.0000 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL 0x5f800000 0xf2000 6.02.8071.0000 C:\WINDOWS\system32\MFC42u.DLL 0x61d70000 0xe000 6.00.8665.0000 C:\WINDOWS\system32\MFC42LOC.DLL 0x00ce0000 0xc000 C:\PROGRA~1\ThinkPad\UTILIT~1\FR\PWRMGRRT.DLL 0x00e10000 0x19000 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRIF.DLL 0x00f40000 0x7000 1.60.0000.0006 C:\WINDOWS\system32\Sensor.dll 0x02ed0000 0x36000 6.14.0010.4926 C:\WINDOWS\system32\igfxdev.dll 0x03060000 0x96000 2.00.0000.0000 C:\Program Files\Lenovo\Client Security Solution\tvtpwm_windows_hook.dll 0x015e0000 0x13000 5.01.0000.4700 C:\WINDOWS\system32\btmmhook.dll 0x74730000 0x3d000 3.525.1132.0000 C:\WINDOWS\system32\ODBC32.dll 0x1f840000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll 0x6bd10000 0x10000 12.00.4518.1014 C:\Program Files\Microsoft Office\Office12\msohevi.dll 0x78130000 0x9b000 8.00.50727.1433 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\MSVCR80.dll 0x00970000 0x2c000 C:\Program Files\WinRAR\rarext.dll 0x00c00000 0x16000 600.00.0000.0002 C:\Program Files\Free Download Manager\FUM\fumshext.dll 0x00c20000 0x9000 2.00.0000.0004 C:\PROGRA~1\TUNEUP~1\SDShelEx-win32.dll 0x00c30000 0x12000 7.00.0000.0015 C:\Program Files\Avira\AntiVir PersonalEdition Classic\shlext.dll 0x7c250000 0x102000 7.10.3077.0000 C:\Program Files\Avira\AntiVir PersonalEdition Classic\MFC71U.DLL 0x02b70000 0x56000 7.10.3052.0004 C:\Program Files\Avira\AntiVir PersonalEdition Classic\MSVCR71.dll 0x5d360000 0xf000 7.10.6030.0000 C:\WINDOWS\system32\MFC71FRA.DLL 0x1c600000 0x7000 1.19.0000.0001 C:\Program Files\Lenovo\SafeGuard PrivateDisk\pdshell.dll 0x1c000000 0xe6000 1.19.0000.0002 C:\Program Files\Lenovo\SafeGuard PrivateDisk\PDLib.dll 0x7c3c0000 0x7c000 7.10.6030.0000 C:\WINDOWS\system32\MSVCP71.dll 0x038c0000 0x138000 1.19.0000.0001 C:\Program Files\Lenovo\SafeGuard PrivateDisk\PDLib040c.dll 0x01400000 0x3000 1.19.0000.0001 C:\Program Files\Lenovo\SafeGuard PrivateDisk\PDShell040c.dll 0x03a00000 0x87000 10.00.0002.3363 C:\PROGRA~1\OOSOFT~1\DEFRAG~1\oodsh.dll 0x03a90000 0x4b000 10.00.0012.1681 C:\PROGRA~1\OOSOFT~1\DEFRAG~1\OODSHRS.DLL 0x03bc0000 0x12000 1.01.0000.0000 C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ winlogon.exe pid: 1648 Command line: winlogon.exe Base Size Version Path 0x01000000 0x82000 \??\C:\WINDOWS\system32\winlogon.exe 0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll 0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll 0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll 0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\COMCTL32.dll 0x74730000 0x3d000 3.525.1132.0000 C:\WINDOWS\system32\ODBC32.dll 0x1f840000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll 0x10000000 0x8f000 1.02.0059.0000 C:\WINDOWS\system32\tvt_gina.dll 0x00cb0000 0x21a000 7.00.0051.0000 C:\Program Files\Lenovo\Client Security Solution\css_gina_plugin.dll 0x00ed0000 0xd9000 7.00.0051.0000 C:\Program Files\Lenovo\Client Security Solution\css_wait_bar.dll 0x00ab0000 0x40000 7.00.0051.0000 C:\Program Files\Lenovo\Client Security Solution\cssuserdatadispatcher.dll 0x01090000 0x1ce000 7.00.0051.0000 C:\Program Files\Lenovo\Client Security Solution\csswait.dll 0x01260000 0xa8000 1.10.0051.0000 C:\Program Files\Fichiers communs\Lenovo\tvt_banner.dll 0x01310000 0x107000 7.00.0051.0000 C:\Program Files\Lenovo\Client Security Solution\cssdlgpwentry.dll 0x01420000 0x10f000 7.00.0051.0000 C:\Program Files\Lenovo\Client Security Solution\dlganswerprompt.dll 0x01530000 0x55000 1.01.0003.0006 C:\Program Files\Lenovo\Client Security Solution\tvttsp.dll 0x01590000 0xa2000 1.01.0003.0006 C:\Program Files\Lenovo\Client Security Solution\tcsrpc.dll 0x016c0000 0x859000 1.10.0051.0000 C:\Program Files\Fichiers communs\Lenovo\tvt_res.dll 0x7c140000 0x106000 7.10.6030.0000 C:\WINDOWS\system32\MFC71.DLL 0x7c360000 0x56000 7.10.6030.0000 C:\WINDOWS\system32\MSVCR71.dll 0x5d360000 0xf000 7.10.6030.0000 C:\WINDOWS\system32\MFC71FRA.DLL 0x316b0000 0x3c000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\pscssint.dll 0x4eb80000 0x1a6000 5.01.3102.5512 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5512_x-ww_dfb54e0c\gdiplus.dll 0x78130000 0x9b000 8.00.50727.1433 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\MSVCR80.dll 0x30000000 0x4b000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\infra.dll 0x31bb0000 0x11000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\VTI.DLL 0x02310000 0x8000 5.00.0000.0000 C:\Program Files\ThinkPad\ConnectUtilities\ACNotify.dll 0x02320000 0x2a000 5.00.0000.0000 C:\Program Files\ThinkPad\ConnectUtilities\AcSvcStub.dll 0x0a000000 0x30000 5.00.0000.0000 C:\Program Files\ThinkPad\ConnectUtilities\AcLocSettings.dll 0x7c3c0000 0x7c000 7.10.6030.0000 C:\WINDOWS\system32\MSVCP71.dll 0x02350000 0x18000 5.00.0000.0000 C:\Program Files\ThinkPad\ConnectUtilities\ACHelper.dll 0x02430000 0x1a000 5.06.0002.3649 C:\WINDOWS\system32\psqlpwd.dll 0x31320000 0x115000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\homefus2.dll 0x74da0000 0x6d000 5.30.0023.1230 C:\WINDOWS\system32\RICHED20.DLL 0x30280000 0x30f000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\homepass.dll 0x30680000 0x263000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\bio.dll 0x31690000 0xb000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\ps2css.dll 0x300a0000 0xc7000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\remote.dll 0x03170000 0x7000 1.00.0003.0000 C:\Program Files\Lenovo\HOTKEY\tphklock.dll 0x30200000 0x5a000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\crypto.dll 0x03530000 0xd000 2.00.0000.0000 C:\Program Files\Lenovo\AwayTask\AwayNotify.dll 0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll 0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL Le volume dans le lecteur C s'appelle Preload Le numéro de série du volume est 14CD-7516 Répertoire de C:\WINDOWS\system32 14/04/2008 04:33 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 28 254 629 888 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C s'appelle Preload Le numéro de série du volume est 14CD-7516 Répertoire de C:\WINDOWS\Downloaded Program Files 20/08/2008 01:20 <REP> . 20/08/2008 01:20 <REP> .. 26/03/2007 11:16 449 acpir.inf 12/12/2007 10:33 747 AdSignerADP.inf 08/06/2008 21:13 <REP> CONFLICT.1 26/01/2006 23:52 65 desktop.ini 11/04/2007 14:55 1 292 erma.inf 16/05/2007 09:22 399 gp.inf 16/03/2005 12:34 7 407 lang.ini 14/03/2005 14:38 126 live.ini 02/08/2007 15:47 569 MSNPUpld.inf 15/06/2007 09:02 632 392 OberonGameHost.dll 15/06/2007 09:01 332 OberonGameHost_dbg.inf 01/06/2006 02:57 1 331 oscan8.inf 14/03/2005 14:58 7 073 scanoptions.tsi 09/09/2005 18:45 1 516 wvc1dmo.inf 13 fichier(s) 653 698 octets Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.1 08/06/2008 21:13 <REP> . 08/06/2008 21:13 <REP> .. 20/06/2006 15:44 379 704 MsnPUpld.dll 19/06/2006 14:40 393 MsnPUpld.inf 20/06/2006 15:44 117 560 PURen-us.dll 09/01/2007 08:30 110 592 PURfr-fr.dll 4 fichier(s) 608 249 octets Total des fichiers listés : 17 fichier(s) 1 261 947 octets 5 Rép(s) 28 254 609 408 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues Export des clefs sensibles.. Liste des fichiers en exception sur le pare-feu XP SP2 "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\\WINDOWS\\system32\\rundll32.exe"="C:\\WINDOWS\\system32\\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application" "C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" "C:\\WINDOWS\\system32\\dpnsvr.exe"="C:\\WINDOWS\\system32\\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server" "C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox" "C:\\Program Files\\TmNationsForever\\TmForever.exe"="C:\\Program Files\\TmNationsForever\\TmForever.exe:*:Enabled:TmForever" "C:\\Program Files\\Winamp\\winamp.exe"="C:\\Program Files\\Winamp\\winamp.exe:*:Enabled:Winamp" "D:\\Livebox\\RGWRepair.exe"="D:\\Livebox\\RGWRepair.exe:*:Enabled:RGWRepair" "C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:LocalSubNet:Enabled:eMule" "C:\\Program Files\\eMule\\dserver.exe"="C:\\Program Files\\eMule\\dserver.exe:*:Enabled:dserver" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" Export de la clef SharedTaskScheduler [sharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" REGEDIT4 [taskmgr.exe] exports des policies REGEDIT4 [system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 Export des clefs sensibles.. Rechercher adresses sensibles dans le fichier HOSTS... 127.0.0.1 www.activexupdate.com 127.0.0.1 activexupdate.com 127.0.0.1 www.avpcheckupdate.com 127.0.0.1 avpcheckupdate.com 127.0.0.1 client.exeupdate.com 127.0.0.1 www.eupdatepage.com 127.0.0.1 eupdatepage.com 127.0.0.1 www.exeupdate.com 127.0.0.1 exeupdate.com 127.0.0.1 www.hotwinupdates.com 127.0.0.1 hotwinupdates.com 127.0.0.1 www.lavasoftupdate.com 127.0.0.1 lavasoftupdate.com 127.0.0.1 www.malwarewipeupdate.com 127.0.0.1 malwarewipeupdate.com 127.0.0.1 www.msupdate.net 127.0.0.1 msupdate.net 127.0.0.1 www.msupdater.net 127.0.0.1 msupdater.net 127.0.0.1 www.necessaryupdates.com 127.0.0.1 necessaryupdates.com 127.0.0.1 newupdates.lzio.com 127.0.0.1 redirect.msupdate.net 127.0.0.1 search.keyword.exeupdate.com 127.0.0.1 www.securityupdatesite.com 127.0.0.1 securityupdatesite.com 127.0.0.1 settings.updatemysettings.com 127.0.0.1 www.spyaxeupdate.com 127.0.0.1 spyaxeupdate.com 127.0.0.1 www.spyfalconupdate.com 127.0.0.1 spyfalconupdate.com 127.0.0.1 www.systemupdates.net 127.0.0.1 systemupdates.net 127.0.0.1 trial.updates.winsoftware.com 127.0.0.1 update.680180.net 127.0.0.1 www.updatemysettings.com 127.0.0.1 updatemysettings.com 127.0.0.1 updates.spywarequake.com 127.0.0.1 www.urgentsystemupdate.biz 127.0.0.1 urgentsystemupdate.biz 127.0.0.1 www.urgentsystemupdate.com 127.0.0.1 urgentsystemupdate.com 127.0.0.1 windupdates.com 127.0.0.1 update.shareaza.com 127.0.0.1 www.antispywareupdates.net 127.0.0.1 antispywareupdates.net 127.0.0.1 www.flwupdate.com 127.0.0.1 flwupdate.com 127.0.0.1 www.mpegupdate.com 127.0.0.1 mpegupdate.com 127.0.0.1 www.movupdate.com 127.0.0.1 movupdate.com 127.0.0.1 www.pandaantivirus-2007.com 127.0.0.1 pandaantivirus-2007.com 127.0.0.1 www.pandadownload-now.com 127.0.0.1 pandadownload-now.com 127.0.0.1 www.panda-hq.com 127.0.0.1 panda-hq.com catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-05 09:30:29 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden services & system hive ... scanning hidden registry entries ... [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System] "OODEFRAG10.00.00.01WORKSTATION"="D89080994D4813D016F6F62A6A914549CEEE7CD62532A71A9594484CFB2BCF3EBE0525D4A52 0FB0CA4268BF2B7E7D6D82E831A1799341734ADB64FD4CABF62278B661EBB76120711C547CB2D5752 850D3A422450EDAAEAE3C417720C0337F3182898DD1CFC0C8A7ACEF9FD2683C88C4F56A353F1F835E 1846A2402223679EB7EF0A6E804A55FB3E20A7EFB6EA7A2FB8C59C178AEC256147523F2620AAAD304 48B8BCD8C917C081ECB5BCB4DAE42139378DDBF57B0976EA99E5BA0CF95CF5CCE9C12B5B04284AC73 C833C29058D647D46B354C412BD6023D51FD60A6DF7F4A7DA48FEBC9E127BECC74CFEBC9E127BECC7 4CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC793 3A2D97226D213B5559DB7CE019D40AA5C9DB7CE019D40AA5CEEE5D9EEA86E62995E2AAA2C44707446 9ADD2F13269F97558A435AAE8A3D9B7A0F2E315CFC29D5F63607CDD45282A0856F1EE9FB202672185 8447E89DBF20B61184671FCF0E520B24AA3575D7D00AD2AF4A23D558E7FC3AD18B48A12F4E7F23746 1FED78A65CBFF1CE82DB2CB3C5ACA479A720E246CB4AF3CF21F58634A0E4E776BA3C2D2715B64B1CB C33DB4601305BEE78C89B81004BBC292C765C5EF6F7D0ADB036ACDBED0DCB2D7EF6B9E734D0246876 33AADCE1904DF28B0DBB1796454690AC7ABB96974B74A307074A32382A4FA018A0EFD98EE4E19D0BF 7026901690FEBEDE954081B02B741AC06C221B6DA1D72E495005E759AA5BF08BC3F448A08662D46AC A4C9CE437D6ED5DB8D142E07C0607C58A1B4DA84BC9474A53779DCC5F9E8202B8ED6622522B87F33C A51F0D6658F8DF54F0856FC3C77D7BF6441F24BEED47394A50E5743F6CEBA7BC98027F52747DE40BA EA525F2E6C4BDAF1339FC6DA4C51DBB4B2833B3E03AAE6952E4B1418F44A49C5D38F0D1197FD0EC0C E06EA48CDDCB439EC902FB050876E64C9AA63BB2ABB690899A26BD5C4B03064F720EC377C4C9B6547 FAC8F9D01E4C27A8E89D8B1CB43DCD7C72E1E4E03B60A67239851B1F6C4D9DB116AF3BC3CE7F0003F E7D74A2CBA4969B3A5C957D87FE036BF3F35A219BCC7B7F8793880F8D4BC5F4344158BB28C415FD0C 4E37519331ABEFC3F750904DDE4CE74927E7B963360180A8308B070905B10CC8A90CB5F1E083F1F2D 8CBA0098F1386A8A1D66F6C8CF207CF8DD7C9BE9187142AE8C928C7B9A3C79CDF0FA8E9AB04DBC63C 450057DC8DD2EFA8F76DAD5AE5463B879ACBD1AD592D315AD1249EC588C81B36185FE97AF491A44E2 07FD09350395C861C655CF2A33FF71940AF6B353F176DD3A4A5FB7B8650DAD4F32FB5367F65BF6ADF 5FC900B78108747711A61279705D58B98F7A3D5007D6128BD2FBFD5D28EFBCED471095FD59CDC20BA CBCBB3BE55A92967B65DD130B2EE1" scanning hidden files ... scan completed successfully hidden services: 0 hidden files: 0 KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Process list by traversal of KiWaitListHead 4 - System 236 - svchost.exe 356 - Amsg.exe 496 - ACWLIcon.exe 680 - svchost.exe 712 - TPHDEXLG.exe 840 - spoolsv.exe 960 - AwaySch.EXE 1192 - AcSvc.exe 1308 - pdservice.exe 1324 - oodtray.exe 1376 - logmon.exe 1396 - IPSSVC.EXE 1444 - acs.exe 1480 - avguard.exe 1604 - mdm.exe 1624 - csrss.exe 1648 - winlogon.exe 1692 - services.exe 1704 - lsass.exe 1840 - ibmpmsvc.exe 1884 - svchost.exe 1892 - oodag.exe 1956 - svchost.exe 1996 - svchost.exe 2084 - fdm.exe 2312 - wmiprvse.exe 2380 - sqlservr.exe 2464 - alg.exe 3060 - avgnt.exe 3104 - ctfmon.exe 3112 - taskmgr.exe 3120 - BTSTAC~1.EXE 3212 - MemOptimizer.ex 3220 - fum.exe 3240 - fumoei.exe 3272 - CamTray.exe 3300 - wcescomm.exe 3396 - winamp.exe 3416 - cssauth.exe 3500 - rapimgr.exe 3520 - explorer.exe 3732 - BTTray.exe 3816 - rundll32.exe 3844 - DLG.exe 3860 - SynTPEnh.exe 3892 - TpShocks.exe 3908 - TPOSDSVC.exe 4056 - SMax4.exe 4144 - cmd.exe 4688 - firefox.exe Total number of processes = 51 NOTE: Under WinXP, this will not show all processes. KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Driver/Module list by traversal of PsLoadedModuleList 804D7000 - \WINDOWS\system32\ntkrnlpa.exe 806E4000 - \WINDOWS\system32\hal.dll F7ABD000 - \WINDOWS\system32\KDCOM.DLL F79CD000 - \WINDOWS\system32\BOOTVID.dll F748D000 - ACPI.sys F7ABF000 - \WINDOWS\system32\DRIVERS\WMILIB.SYS F747C000 - pci.sys F75BD000 - isapnp.sys F79D1000 - compbatt.sys F79D5000 - \WINDOWS\system32\DRIVERS\BATTC.SYS F7B85000 - pciide.sys F783D000 - \WINDOWS\system32\DRIVERS\PCIIDEX.SYS F745E000 - pcmcia.sys F75CD000 - MountMgr.sys F743F000 - ftdisk.sys F7AC1000 - dmload.sys F7419000 - dmio.sys F7845000 - PartMgr.sys F79D9000 - ACPIEC.sys F7B86000 - \WINDOWS\system32\DRIVERS\OPRGHDLR.SYS F75DD000 - VolSnap.sys F7401000 - atapi.sys F7339000 - iaStor.sys F75ED000 - disk.sys F75FD000 - \WINDOWS\system32\DRIVERS\CLASSPNP.SYS F7319000 - fltmgr.sys F7307000 - sr.sys F760D000 - PxHelp20.sys F72F0000 - KSecDD.sys F7263000 - Ntfs.sys F7236000 - NDIS.sys F7218000 - Apsx86.sys F784D000 - ApsHM86.sys F761D000 - ohci1394.sys F762D000 - \WINDOWS\system32\DRIVERS\1394BUS.SYS F71FE000 - Mup.sys F765D000 - \SystemRoot\system32\DRIVERS\nic1394.sys F6BC3000 - \SystemRoot\system32\DRIVERS\intelppm.sys F5878000 - \SystemRoot\system32\DRIVERS\igxpmp32.sys F5864000 - \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS F583C000 - \SystemRoot\system32\DRIVERS\HDAudBus.sys F5811000 - \SystemRoot\system32\DRIVERS\b57xp32.sys F578A000 - \SystemRoot\system32\DRIVERS\ar5211.sys F7935000 - \SystemRoot\system32\DRIVERS\usbuhci.sys F5766000 - \SystemRoot\system32\DRIVERS\USBPORT.SYS F793D000 - \SystemRoot\system32\DRIVERS\usbehci.sys F573E000 - \SystemRoot\system32\drivers\tifm21.sys F572A000 - \SystemRoot\system32\DRIVERS\sdbus.sys F6BB3000 - \SystemRoot\system32\DRIVERS\i8042prt.sys F7945000 - \SystemRoot\system32\DRIVERS\kbdclass.sys F56F2000 - \SystemRoot\system32\DRIVERS\SynTP.sys F7B17000 - \SystemRoot\system32\DRIVERS\USBD.SYS F794D000 - \SystemRoot\system32\DRIVERS\mouclass.sys F7955000 - \SystemRoot\system32\DRIVERS\nscirda.sys F7AB1000 - \SystemRoot\system32\DRIVERS\irenum.sys F795D000 - \SystemRoot\system32\DRIVERS\atmeltpm.sys F7AB9000 - \SystemRoot\system32\DRIVERS\CmBatt.sys F71DA000 - \SystemRoot\system32\DRIVERS\ibmpmdrv.sys F6BA3000 - \SystemRoot\system32\DRIVERS\imapi.sys F7965000 - \SystemRoot\system32\drivers\iviaspi.sys F6B93000 - \SystemRoot\system32\DRIVERS\cdrom.sys F6B83000 - \SystemRoot\system32\DRIVERS\redbook.sys F56CF000 - \SystemRoot\system32\DRIVERS\ks.sys F55FE000 - \SystemRoot\system32\DRIVERS\btkrnl.sys F796D000 - \SystemRoot\system32\DRIVERS\tvtpktfilter.sys F7CD7000 - \SystemRoot\system32\DRIVERS\audstub.sys F7975000 - \SystemRoot\system32\DRIVERS\rasirda.sys F797D000 - \SystemRoot\system32\DRIVERS\TDI.SYS F6B73000 - \SystemRoot\system32\DRIVERS\rasl2tp.sys F71C6000 - \SystemRoot\system32\DRIVERS\ndistapi.sys F55E7000 - \SystemRoot\system32\DRIVERS\ndiswan.sys F6B63000 - \SystemRoot\system32\DRIVERS\raspppoe.sys F773D000 - \SystemRoot\system32\DRIVERS\raspptp.sys F55D6000 - \SystemRoot\system32\DRIVERS\psched.sys F774D000 - \SystemRoot\system32\DRIVERS\msgpc.sys F7985000 - \SystemRoot\system32\DRIVERS\ptilink.sys F798D000 - \SystemRoot\system32\DRIVERS\raspti.sys F55A6000 - \SystemRoot\system32\DRIVERS\rdpdr.sys F775D000 - \SystemRoot\system32\DRIVERS\termdd.sys F7995000 - \SystemRoot\system32\DRIVERS\psadd.sys F7B19000 - \SystemRoot\system32\DRIVERS\swenum.sys F5548000 - \SystemRoot\system32\DRIVERS\update.sys F7171000 - \SystemRoot\system32\DRIVERS\mssmbios.sys F778D000 - \SystemRoot\system32\DRIVERS\wsimd.sys F799D000 - \SystemRoot\system32\DRIVERS\btport.sys F5E8E000 - \SystemRoot\System32\Drivers\NDProxy.SYS AA5DB000 - \SystemRoot\system32\drivers\ADIHdAud.sys AA5B7000 - \SystemRoot\system32\drivers\portcls.sys F77BD000 - \SystemRoot\system32\drivers\drmk.sys AA5A0000 - \SystemRoot\system32\drivers\AEAudio.sys AA56C000 - \SystemRoot\system32\DRIVERS\HSFHWAZL.sys AA47A000 - \SystemRoot\system32\DRIVERS\HSF_DPV.sys AA3C7000 - \SystemRoot\system32\DRIVERS\HSF_CNXT.sys F788D000 - \SystemRoot\System32\Drivers\Modem.SYS A98E4000 - \SystemRoot\system32\DRIVERS\usbhub.sys F551C000 - \SystemRoot\System32\Drivers\i2omgmt.SYS F7B51000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS F7C89000 - \SystemRoot\System32\Drivers\Null.SYS F7B53000 - \SystemRoot\System32\Drivers\Beep.SYS A83B5000 - \SystemRoot\system32\DRIVERS\HIDPARSE.SYS A83AD000 - \SystemRoot\System32\drivers\vga.sys F7B55000 - \SystemRoot\System32\Drivers\mnmdd.SYS F7B59000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys A83A5000 - \SystemRoot\System32\Drivers\Msfs.SYS A839D000 - \SystemRoot\System32\Drivers\Npfs.SYS F5514000 - \SystemRoot\system32\DRIVERS\rasacd.sys A5A93000 - \SystemRoot\system32\DRIVERS\ipsec.sys A5A3A000 - \SystemRoot\system32\DRIVERS\tcpip.sys A5A12000 - \SystemRoot\system32\DRIVERS\netbt.sys A59EC000 - \SystemRoot\system32\DRIVERS\ipnat.sys A59CA000 - \SystemRoot\System32\drivers\afd.sys A845E000 - \SystemRoot\system32\DRIVERS\netbios.sys A8395000 - \SystemRoot\System32\drivers\TSMAPIP.SYS A838D000 - \SystemRoot\System32\drivers\Tppwrif.sys A8385000 - \SystemRoot\system32\DRIVERS\TPHKDRV.sys A837D000 - \SystemRoot\System32\drivers\TDSMAPI.SYS A77B5000 - \SystemRoot\system32\DRIVERS\ssmdrv.sys A77AD000 - \SystemRoot\System32\drivers\Smapint.sys A588F000 - \SystemRoot\system32\DRIVERS\rdbss.sys A581F000 - \SystemRoot\system32\DRIVERS\mrxsmb.sys F7B5B000 - \??\C:\WINDOWS\system32\Drivers\IBMBLDID.sys A843E000 - \SystemRoot\System32\Drivers\Fips.SYS A7C10000 - \SystemRoot\system32\DRIVERS\wanarp.sys A7C00000 - \SystemRoot\system32\DRIVERS\arp1394.sys A55A4000 - \SystemRoot\system32\DRIVERS\avipbb.sys A9B58000 - \SystemRoot\system32\DRIVERS\hidusb.sys A7BD0000 - \SystemRoot\system32\DRIVERS\HIDCLASS.SYS F7B5F000 - \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys A9B54000 - \SystemRoot\System32\drivers\ANC.SYS A599A000 - \SystemRoot\System32\Drivers\tcusb.sys A51A2000 - \SystemRoot\system32\DRIVERS\USBSTOR.SYS A7B23000 - \SystemRoot\system32\DRIVERS\mouhid.sys 9BAD9000 - \SystemRoot\System32\Drivers\Fastfat.SYS 9BA11000 - \SystemRoot\System32\Drivers\dump_iaStor.sys BF800000 - \SystemRoot\System32\win32k.sys 9D4A6000 - \SystemRoot\System32\drivers\Dxapi.sys 9C388000 - \SystemRoot\System32\watchdog.sys BF000000 - \SystemRoot\System32\drivers\dxg.sys F7C45000 - \SystemRoot\System32\drivers\dxgthk.sys BF024000 - \SystemRoot\System32\igxpgd32.dll BF012000 - \SystemRoot\System32\igxprd32.dll BF04F000 - \SystemRoot\System32\igxpdv32.DLL BF1E7000 - \SystemRoot\System32\igxpdx32.DLL 9C077000 - \??\C:\Program Files\Fichiers communs\ThinkVantage Fingerprint Software\Drivers\smihlp.sys 9B9FB000 - \SystemRoot\system32\DRIVERS\irda.sys 9B9E5000 - \SystemRoot\system32\DRIVERS\nwlnkipx.sys F6BF3000 - \SystemRoot\system32\DRIVERS\nwlnknb.sys 9F922000 - \SystemRoot\system32\DRIVERS\ndisuio.sys 9B995000 - \SystemRoot\system32\DRIVERS\nwrdr.sys 9B968000 - \SystemRoot\system32\DRIVERS\mrxdav.sys A22EB000 - \SystemRoot\system32\DRIVERS\PROCDD.SYS F7AC9000 - \??\C:\WINDOWS\SYSTEM32\EGATHDRV.SYS 9F155000 - \SystemRoot\system32\DRIVERS\mdmxsdk.sys 9B84E000 - \SystemRoot\system32\DRIVERS\srv.sys 9D979000 - \SystemRoot\system32\DRIVERS\nwlnkspx.sys 9B812000 - \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys F7AEB000 - \??\C:\WINDOWS\System32\drivers\pmemnt.sys A4063000 - \??\C:\Program Files\Lenovo\SafeGuard PrivateDisk\PrivateDiskM.sys F7C59000 - \??\C:\Program Files\SMI2\smi2.sys A2ED1000 - \SystemRoot\System32\Drivers\Cdfs.SYS 9B7BA000 - \??\C:\WINDOWS\system32\drivers\tvtfilter.sys 9B1E5000 - \SystemRoot\system32\drivers\wdmaud.sys A2F41000 - \SystemRoot\system32\drivers\sysaudio.sys 9A3F2000 - \SystemRoot\System32\Drivers\btwusb.sys 9A374000 - \SystemRoot\system32\DRIVERS\btwdndis.sys 9A2F4000 - \SystemRoot\system32\drivers\btaudio.sys 9A032000 - \SystemRoot\system32\drivers\kmixer.sys F7C25000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys Total number of drivers = 168 Liste des programmes installes 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office system Access - Aide Activation Assistant for the 2007 Microsoft Office suites Activation Assistant for the 2007 Microsoft Office suites Adobe AIR Adobe Flash Player 9 ActiveX Adobe Flash Player ActiveX Adobe Flash Player Plugin Apple Software Update Archiveur WinRAR Assistant de connexion Windows Live Assistant UltraNav ThinkPad Audacity 1.3.5 (Unicode) Avira AntiVir Personal - Free Antivirus CCleaner (remove only) Client Security Solution Configuration du ThinkPad Correctif pour Windows Internet Explorer 7 (KB947864) Correctif pour Windows XP (KB952287) Creative WebCam Center Creative WebCam NX Ultra Driver (1.01.03.0112) eMule ffdshow [rev 1977] [2008-05-28] Fichiers de prise en charge de l'installation de Microsoft SQL Server (Français) Fonctions d'accessibilité TrackPoint Free Download Manager 2.5 Free Easy Burner V 3.8 FTP Utility G-Force GDR 3068 for SQL Server Database Services 2005 ENU (KB948109) Gestionnaire d'alimentation ThinkPad Gestionnaire de contacts professionnels pour Outlook 2007 SP1 Gestionnaire de contacts professionnels pour Outlook 2007 SP1 Gestionnaire de présentation getPlus®_ocx GIMP 2.4.4 Help Center HijackThis 2.0.2 Incrustation InfraRecorder Integrated camera Intel® Graphics Media Accelerator Driver InterVideo Register Manager InterVideo WinDVD InterVideo WinDVD Creator 3 Java 6 Update 7 LADSPA_plugins-win-0.4.15 Lecteur Windows Media 10 Macromedia Flash Player 8 Maintenance Manager Malwarebytes' Anti-Malware Media Player Classic fr Message Center Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Hotfix (KB928366) Microsoft .NET Framework 2.0 Language Pack - FRA Microsoft .NET Framework 2.0 Service Pack 1 Microsoft ActiveSync Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Office 2003 Web Components Microsoft Office 2007 Primary Interop Assemblies Microsoft Office Access MUI (French) 2007 Microsoft Office Excel MUI (French) 2007 Microsoft Office InfoPath MUI (French) 2007 Microsoft Office Language Pack 2007 Service Pack 1 (SP1) Microsoft Office Language Pack 2007 Service Pack 1 (SP1) Microsoft Office Outlook MUI (French) 2007 Microsoft Office PowerPoint MUI (French) 2007 Microsoft Office Professional Hybrid 2007 Microsoft Office Professional Plus 2007 Microsoft Office Professional Plus 2007 Microsoft Office Proof (Arabic) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (French) 2007 Microsoft Office Publisher MUI (French) 2007 Microsoft Office Shared MUI (French) 2007 Microsoft Office Small Business Connectivity Components Microsoft Office Word MUI (French) 2007 Microsoft Software Update for Web Folders (French) 12 Microsoft SQL Server 2005 Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) Microsoft SQL Server Native Client Microsoft SQL Server VSS Writer Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable Microsoft Works 6-9 Converter Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782) Mise à jour de sécurité pour Step by Step Interactive Training (KB923723) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838) Mise à jour de sécurité pour Windows XP (KB941569) Mise à jour de sécurité pour Windows XP (KB946648) Mise à jour de sécurité pour Windows XP (KB950760) Mise à jour de sécurité pour Windows XP (KB950762) Mise à jour de sécurité pour Windows XP (KB950974) Mise à jour de sécurité pour Windows XP (KB951066) Mise à jour de sécurité pour Windows XP (KB951376-v2) Mise à jour de sécurité pour Windows XP (KB951376) Mise à jour de sécurité pour Windows XP (KB951698) Mise à jour de sécurité pour Windows XP (KB951748) Mise à jour de sécurité pour Windows XP (KB952954) Mise à jour de sécurité pour Windows XP (KB953839) Mise à jour pour Windows XP (KB951072-v2) Mise à jour pour Windows XP (KB951978) Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA Montpellier Business Plan Classic Mozilla Firefox (3.0.1) MSXML 4.0 SP2 (KB936181) MSXML 6.0 Parser (KB933579) O&O Defrag Professional Edition OpenOffice.org Installer 1.0 Orange Plug-in messagerie vocale 888 PC-Doctor 5 pour Windows Picasa 2 QuickTime RecordNow Audio RecordNow Copy RecordNow Data Remove Multimedia Center Rescue and Recovery Rescue and Recovery Critical Patch for Windows Update (KB917422) Security Update for 2007 Microsoft Office System (KB951596) Security Update for 2007 Microsoft Office System (KB951596) Security Update for CAPICOM (KB931906) Security Update for CAPICOM (KB931906) Security Update for Microsoft Office Excel 2007 (KB951546) Security Update for Microsoft Office Excel 2007 (KB951546) Security Update for Microsoft Office PowerPoint 2007 (KB951338) Security Update for Microsoft Office PowerPoint 2007 (KB951338) Security Update for Microsoft Office Publisher 2007 (KB950114) Security Update for Microsoft Office Publisher 2007 (KB950114) Security Update for Microsoft Office Word 2007 (KB950113) Security Update for Microsoft Office Word 2007 (KB950113) Security Update for Visio 2007 (KB947590) Security Update for Visio 2007 (KB947590) ServerMaker 2001 SoundMAX Sumatra PDF reader Supplément à Productivity Center pour ThinkPad System Migration Assistant System Update Système de protection active ThinkVantage Texas Instruments PCIxx21/x515/xx12 drivers. ThinkPad Bluetooth with Enhanced Data Rate Software ThinkPad FullScreen Magnifier ThinkPad Modem ThinkPad PC Card Power Policy ThinkPad Power Management Driver ThinkPad UltraNav Driver ThinkPad Wireless LAN Adapters Software (11a/b, 11b/g, 11a/b/g) ThinkVantage Access Connections ThinkVantage Fingerprint Software 5.6 ThinkVantage Productivity Center ThinkVantage Technologies Welcome Message TIPCI Total Commander (Remove or Repair) TuneUp Utilities 2008 Update for Microsoft Office Outlook 2007 (KB952142) Update for Microsoft Office Outlook 2007 (KB952142) Update for Office 2007 (KB946691) Update for Office 2007 (KB946691) Update for Outlook 2007 Junk Email Filter (kb955433) Update for Outlook 2007 Junk Email Filter (kb955433) Utilitaire de personnalisation du clavier ThinkPad Utilitaire ThinkPad EasyEject Utilitaire ThinkPad UltraNav VideoLAN VLC media player 0.8.6f Wallpapers WebFldrs XP Winamp Windows Live installer Windows Live Messenger Windows Live Toolbar Windows Live Toolbar Windows Media Connect Windows Media Format Runtime Windows Media Player 10 Hotfix - KB894476 Windows Media Player Firefox Plugin Windows XP Service Pack 3 XP Themes Le volume dans le lecteur C s'appelle Preload Le numéro de série du volume est 14CD-7516 Répertoire de C:\Program Files 04/09/2008 10:38 <REP> . 04/09/2008 10:38 <REP> .. 27/04/2008 18:55 <REP> Activation Assistant for the 2007 Microsoft Office suites 06/08/2008 12:20 <REP> Adobe 10/02/2008 23:40 <REP> Alwil Software 10/02/2008 18:27 <REP> Analog Devices 22/08/2008 10:05 <REP> Apple Software Update 04/09/2008 10:33 <REP> Audacity 1.3 Beta (Unicode) 05/08/2008 11:40 <REP> Avira 07/03/2008 10:50 <REP> CapAlpha 19/05/2008 12:11 <REP> CCleaner 25/01/2006 19:50 <REP> ComPlus Applications 10/02/2008 18:27 <REP> CONEXANT 02/05/2008 14:32 <REP> Creative 27/04/2008 18:55 <REP> Dactylo 27/04/2008 18:55 <REP> Digital Line Detect 29/08/2008 00:44 <REP> eMule 02/08/2008 13:47 <REP> FairUse Wizard 2 31/05/2008 13:37 <REP> ffdshow 03/08/2008 08:47 <REP> Fichiers communs 28/08/2008 18:53 <REP> Foxit Software 31/08/2008 12:10 <REP> Free Download Manager 07/07/2008 07:50 <REP> Free Easy Burner 29/02/2008 06:35 <REP> GIMP-2.0 02/08/2008 23:51 <REP> Google 19/05/2008 15:57 <REP> InfraRecorder 12/02/2008 02:31 <REP> Intel 18/08/2008 12:03 <REP> Internet Explorer 28/05/2008 09:53 <REP> InterVideo 26/05/2008 13:28 <REP> Inventel 28/08/2008 18:55 <REP> Java 17/04/2008 14:24 <REP> K-Lite Codec Pack 22/02/2008 17:05 <REP> KONICA MINOLTA 22/08/2008 08:19 <REP> Lenovo 02/09/2008 09:54 <REP> Malwarebytes' Anti-Malware 27/04/2008 18:59 <REP> Media Player Classic 28/08/2008 08:11 <REP> Messenger 27/04/2008 18:59 <REP> Microsoft ActiveSync 11/02/2008 14:53 <REP> Microsoft CAPICOM 2.1.0.2 25/01/2006 19:57 <REP> microsoft frontpage 10/02/2008 19:02 <REP> Microsoft Office 10/02/2008 19:02 <REP> Microsoft Small Business 23/07/2008 20:03 <REP> Microsoft SQL Server 10/02/2008 18:55 <REP> Microsoft Visual Studio 10/02/2008 23:32 <REP> Microsoft Visual Studio 8 27/04/2008 18:54 <REP> Microsoft Works 10/02/2008 18:55 <REP> Microsoft.NET 28/08/2008 08:07 <REP> Movie Maker 05/09/2008 09:17 <REP> Mozilla Firefox 10/02/2008 23:35 <REP> MSBuild 25/01/2006 19:49 <REP> MSN 25/01/2006 19:49 <REP> MSN Gaming Zone 10/02/2008 18:23 <REP> MSXML 4.0 11/02/2008 14:53 <REP> MSXML 6.0 31/05/2008 15:28 <REP> Multimedia Center for Think Offerings 28/08/2008 08:03 <REP> NetMeeting 27/04/2008 18:59 <REP> NetWaiting 27/04/2008 18:59 <REP> Online Services 11/02/2008 00:19 <REP> OO Software 02/03/2008 10:56 <REP> orange 28/08/2008 08:03 <REP> Outlook Express 03/05/2008 09:47 <REP> PCDR5 02/08/2008 23:51 <REP> Picasa2 13/06/2008 09:53 <REP> QuickTime 27/04/2008 19:00 <REP> Services en ligne 27/04/2008 19:00 <REP> SMI2 25/05/2008 12:38 <REP> SoundSpectrum 28/08/2008 19:21 <REP> SumatraPDF 14/08/2008 13:52 <REP> Sun 10/02/2008 18:25 <REP> Synaptics 12/02/2008 02:43 <REP> ThinkPad 28/05/2008 09:54 <REP> ThinkVantage 27/04/2008 19:00 <REP> ThinkVantage Fingerprint Software 27/04/2008 19:26 <REP> TmNationsForever 06/08/2008 09:41 <REP> Trend Micro 22/08/2008 08:37 <REP> TuneUp Utilities 2008 27/04/2008 19:00 <REP> TVT SMBus 05/06/2008 11:09 <REP> VideoLAN 23/07/2008 13:16 <REP> Winamp 28/02/2008 19:55 <REP> Windows Desktop Search 11/02/2008 22:10 <REP> Windows Live 27/04/2008 19:00 <REP> Windows Live Toolbar 27/04/2008 19:00 <REP> Windows Media Connect 2 28/08/2008 08:03 <REP> Windows Media Player 28/08/2008 08:03 <REP> Windows NT 27/04/2008 19:00 <REP> WinRAR 25/01/2006 19:57 <REP> xerox 0 fichier(s) 0 octets 87 Rép(s) 28 254 138 368 octets libres Le volume dans le lecteur C s'appelle Preload Le numéro de série du volume est 14CD-7516 Répertoire de C:\Program Files\fichiers communs 03/08/2008 08:47 <REP> . 03/08/2008 08:47 <REP> .. 06/08/2008 12:20 <REP> Adobe 24/06/2008 10:51 <REP> Adobe AIR 03/08/2008 08:48 <REP> AVSMedia 27/04/2008 18:55 <REP> DESIGNER 26/05/2008 13:28 278 528 FDEUnInstaller.exe 31/05/2008 15:30 <REP> Installshield 12/02/2008 03:01 <REP> InterVideo 17/04/2008 13:31 <REP> Java 27/05/2008 15:53 <REP> Lenovo 03/08/2008 08:47 <REP> Microsoft Shared 25/01/2006 19:51 <REP> MSSoap 12/02/2008 00:36 <REP> NSV 04/07/2008 05:59 <REP> Oberon Media 25/01/2006 11:45 <REP> ODBC 25/01/2006 19:51 <REP> Services 27/04/2008 18:56 <REP> snp2std 27/04/2008 18:56 <REP> Sonic Shared 25/01/2006 11:44 <REP> SpeechEngines 13/02/2008 08:59 <REP> Symantec Shared 28/08/2008 08:03 <REP> System 12/02/2008 02:48 <REP> ThinkVantage Fingerprint Software 03/08/2008 11:44 <REP> Wise Installation Wizard 1 fichier(s) 278 528 octets 23 Rép(s) 28 254 146 560 octets libres Le volume dans le lecteur C s'appelle Preload Le numéro de série du volume est 14CD-7516 Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 01/08/2008 18:30 <REP> . 01/08/2008 18:30 <REP> .. 27/04/2008 18:56 <REP> 1036 28/08/2007 23:55 973 168 MSONSEXT.DLL 26/10/2006 21:12 40 256 MSOSV.DLL 03/06/1999 22:09 122 937 MSOWS409.DLL 07/03/2001 17:00 127 033 MSOWS40c.DLL 4 fichier(s) 1 263 394 octets 3 Rép(s) 28 254 146 560 octets libres c:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe c:\Documents and Settings\All Users\Application Data\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe c:\Documents and Settings\Régis Granger\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe c:\Documents and Settings\Régis Granger\Application Data\Microsoft\Installer\{53480330-E1D1-41CA-B8F8-7F78644F7F50}\ARPPRODUCTICON.exe c:\Documents and Settings\Régis Granger\Application Data\Microsoft\Installer\{53480330-E1D1-41CA-B8F8-7F78644F7F50}\oodcnt_ds.53480420_ED54_41F1_B802_5A3B83DAF067.exe c:\Documents and Settings\Régis Granger\Application Data\Microsoft\Installer\{53480330-E1D1-41CA-B8F8-7F78644F7F50}\oodcnt_exe.53480420_ED54_41F1_B802_5A3B83DAF067.exe c:\Documents and Settings\Régis Granger\Application Data\Microsoft\Installer\{EDA1C1F7-F27E-4B20-B9BC-39964452DBB1}\ARPPRODUCTICON.exe c:\Documents and Settings\Régis Granger\Application Data\Microsoft\Installer\{EDA1C1F7-F27E-4B20-B9BC-39964452DBB1}\NewShortcut1_EDA1C1F7F27E4B20B9BC39964452DBB1.exe c:\Documents and Settings\Régis Granger\Application Data\Microsoft\Installer\{EDA1C1F7-F27E-4B20-B9BC-39964452DBB1}\NewShortcut2_EDA1C1F7F27E4B20B9BC39964452DBB1.exe c:\Documents and Settings\Régis Granger\Bureau\OTViewIt.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\catchme.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\diff.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\dumphive.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\find2.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\Fport.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\grep.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\gzip.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\KProcCheck.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\LFiles.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\LISTDLLS.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\md5sums.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\pslist.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\sigcheck.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\streams.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\swreg.exe c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\tar.exe c:\Documents and Settings\Régis Granger\Bureau\HJT\HJTInstall.exe c:\Documents and Settings\Régis Granger\Bureau\MSNFix\incl\catchme.exe c:\Documents and Settings\Régis Granger\Bureau\MSNFix\incl\Hostsclean.exe c:\Documents and Settings\Régis Granger\Bureau\MSNFix\incl\MD5File.exe c:\Documents and Settings\Régis Granger\Bureau\MSNFix\incl\Process.exe c:\Documents and Settings\Régis Granger\Bureau\MSNFix\incl\setpath.exe c:\Documents and Settings\Régis Granger\Bureau\MSNFix\incl\swreg.exe c:\Documents and Settings\Régis Granger\Bureau\MSNFix\incl\zip.exe c:\Documents and Settings\Administrateur\Local Settings\Application Data\Seven Zip\Codecs\7zAes.dll c:\Documents and Settings\Administrateur\Local Settings\Application Data\Seven Zip\Codecs\Aes.dll c:\Documents and Settings\Administrateur\Local Settings\Application Data\Seven Zip\Codecs\Branch.dll c:\Documents and Settings\Administrateur\Local Settings\Application Data\Seven Zip\Codecs\Copy.dll c:\Documents and Settings\Administrateur\Local Settings\Application Data\Seven Zip\Codecs\LZMA.dll c:\Documents and Settings\Administrateur\Local Settings\Application Data\Seven Zip\Codecs\Swap.dll c:\Documents and Settings\Administrateur\Local Settings\Application Data\Seven Zip\Formats\7z.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aebb.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aecore.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aeemu.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aegen.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aehelp.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aeheur.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aeoffice.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aepack.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aerdl.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aescn.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aescript.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aevdf.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\core.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\file.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\fmod.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\gfx2d.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\gfx2d_dd7.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\imglib.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\jpeg.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\logger.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\luxor_ar_web.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\net.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\snd3d.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\snd3d_fmod.dll c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\ui2.dll c:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\zone\zuma\Zuma.dll c:\Documents and Settings\All Users\Application Data\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\mia.dll c:\Documents and Settings\Default User\Local Settings\Application Data\Seven Zip\Codecs\7zAes.dll c:\Documents and Settings\Default User\Local Settings\Application Data\Seven Zip\Codecs\Aes.dll c:\Documents and Settings\Default User\Local Settings\Application Data\Seven Zip\Codecs\Branch.dll c:\Documents and Settings\Default User\Local Settings\Application Data\Seven Zip\Codecs\Copy.dll c:\Documents and Settings\Default User\Local Settings\Application Data\Seven Zip\Codecs\LZMA.dll c:\Documents and Settings\Default User\Local Settings\Application Data\Seven Zip\Codecs\Swap.dll c:\Documents and Settings\Default User\Local Settings\Application Data\Seven Zip\Formats\7z.dll c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll c:\Documents and Settings\Régis Granger\Application Data\Microsoft\IdentityCRL\PROD\ppcrlconfig.dll c:\Documents and Settings\Régis Granger\Application Data\Microsoft\IdentityCRL\Production\ppcrlconfig.dll c:\Documents and Settings\Régis Granger\Application Data\Mozilla\Firefox\Profiles\pq5irnan.default\extensions\[email protected]\platform\WINNT_x86-msvc\plugins\js32.dll c:\Documents and Settings\Régis Granger\Application Data\Mozilla\Firefox\Profiles\pq5irnan.default\extensions\[email protected]\platform\WINNT_x86-msvc\plugins\npOberonGameHost.dll c:\Documents and Settings\Régis Granger\Application Data\Mozilla\Firefox\Profiles\pq5irnan.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}\plugins\npietab.dll c:\Documents and Settings\Régis Granger\Local Settings\Application Data\Seven Zip\Codecs\7zAes.dll c:\Documents and Settings\Régis Granger\Local Settings\Application Data\Seven Zip\Codecs\Aes.dll c:\Documents and Settings\Régis Granger\Local Settings\Application Data\Seven Zip\Codecs\Branch.dll c:\Documents and Settings\Régis Granger\Local Settings\Application Data\Seven Zip\Codecs\Copy.dll c:\Documents and Settings\Régis Granger\Local Settings\Application Data\Seven Zip\Codecs\LZMA.dll c:\Documents and Settings\Régis Granger\Local Settings\Application Data\Seven Zip\Codecs\Swap.dll c:\Documents and Settings\Régis Granger\Local Settings\Application Data\Seven Zip\Formats\7z.dll ****** Fin du rapport DiagHelp voilà.... @+, leredge.
  5. leredge
    En fait, la procédure utilisée n'a pas apporté beaucoup d'amélioration. Car en effet, après ces quelles heures utilisations de mon ordi. il y n'a pas eu un progrès significatif. @+, leredge.
  6. leredge
    Oui, l'ordi à encore des trucs qui utilisent le processeur sans savoir d'où cela provient. que faire ? @+, leredge
  7. leredge
    Salut chrifleur, j'ai effectué la procédure avec MSNfix et il a trouvé des erreurs. Le rapport (que je te joins ci-dessous) indique : " ces fichiers nécessitent un avis expérimenté avant toute intervention". C'est ce que j'ai fais en suivant l'indication : http://upload.changelog.fr MSNFix 1.742 C:\Documents and Settings\R‚gis Granger\Bureau\MSNFix Fix exécuté le 04/09/2008 - 11:21:47,92 By R‚gis Granger mode normal ************************ Recherche les fichiers présents ... C:\log.txt ************************ Recherche les dossiers présents Aucun dossier trouvé ************************ Suppression des fichiers .. OK ... C:\log.txt ************************ Nettoyage du registre ************************ Hostsclean Cleanhosts v 0.1.0.7 By Laurent -- Backup : C:\WINDOWS\system32\drivers\etc\hosts-20080904112258 -- original size 251.75 Kb / 9005 lines -- Start cleaning Hosts file .... /!\... antivirus.com ..... Found and removed /!\... avast.com ..... Found and removed /!\... ca.com ..... Found and removed /!\... mcafee.com ..... Found and removed /!\... spybot.info ..... Found and removed -- final size 250.39 Kb / 8963 lines -- entry Found : 5 / Entry check : 310 End .............................. 23.4 Secondes Les fichiers encore présents seront supprimés au prochain redémarrage ************************ Suppression des fichiers .. OK ... C:\log.txt ************************ Hostsclean Cleanhosts v 0.1.0.7 By Laurent -- Backup : C:\WINDOWS\system32\drivers\etc\hosts-20080904112558 -- original size 250.39 Kb / 8963 lines -- Start cleaning Hosts file .... -- final size 250.39 Kb / 8963 lines -- entry Found : 0 / Entry check : 310 End .............................. 27.11 Secondes ************************ Fichiers suspects /!\ ces fichiers nécessitent un avis expérimenté avant toute intervention [C:\WINDOWS\system32\IPSSVC.EXE] 00D8E9DAEBE72A5DF3986FD418A995EB ==> SVP merci d'envoyer le fichier C:\DOCUME~1\RGISGR~1\Bureau\Upload_Me.zip sur http://upload.changelog.fr Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 04092008_11262629.zip ************************ HKLM\...\Winlogon\Userinit Userinit = C:\WINDOWS\system32\userinit.exe, Important : http://msnfix.changelog.fr/index.php/2008/05/18/32-alerte ------------------------------------------------------------------------ Auteur : !aur3n7 Contact: http://changelog.fr ------------------------------------------------------------------------ --------------------------------------------- END --------------------------------------------- @+, leredge.
  8. leredge
    Salut chrifleur, Merci pour ta réponse. L'antivirus ne trouve pas mais il signale 2 dangers sans préciser lesquels. voici les deux rapports Otviewit : OTViewIt Extras logfile created on: 04/09/2008 09:53:30 - Run 3 OTViewIt by OldTimer - Version 1.0.1.8 Folder = C:\Documents and Settings\Régis Granger\Bureau Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 1014,36 Mb Total Physical Memory | 472,55 Mb Available Physical Memory | 46,59% Memory free 2,38 Gb Paging File | 1,87 Gb Available in Paging File | 78,57% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 106,73 Gb Total Space | 26,44 Gb Free Space | 24,77% Space Free | Partition Type: NTFS D: Drive not present or media not loaded Drive E: | 18,63 Gb Total Space | 1,31 Gb Free Space | 7,03% Space Free | Partition Type: NTFS Drive F: | 55,88 Gb Total Space | 3,38 Gb Free Space | 6,05% Space Free | Partition Type: FAT32 G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 1 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 [04/14/2008 04:34 AM | 00,142,848 | ---- | M] (Microsoft Corporation) "C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager [11/13/2006 03:06 PM | 00,199,464 | ---- | M] (Microsoft Corporation) "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager [11/13/2006 03:07 PM | 01,289,000 | ---- | M] (Microsoft Corporation) "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application [11/13/2006 03:07 PM | 04,291,368 | ---- | M] (Microsoft Corporation) "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 [04/13/2008 08:53 PM | 00,558,080 | ---- | M] (Microsoft Corporation) "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger [10/18/2007 12:34 PM | 05,724,184 | ---- | M] (Microsoft Corporation) "C:\Program Files\Windows Live\Messenger\livecall.exe" = C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) [10/02/2007 06:18 PM | 00,304,488 | ---- | M] (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 [04/14/2008 04:34 AM | 00,142,848 | ---- | M] (Microsoft Corporation) "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook [05/21/2008 04:37 AM | 12,844,576 | ---- | M] (Microsoft Corporation) "C:\WINDOWS\system32\rundll32.exe" = C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application [04/14/2008 04:34 AM | 00,033,792 | ---- | M] (Microsoft Corporation) "C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager [11/13/2006 03:06 PM | 00,199,464 | ---- | M] (Microsoft Corporation) "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager [11/13/2006 03:07 PM | 01,289,000 | ---- | M] (Microsoft Corporation) "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application [11/13/2006 03:07 PM | 04,291,368 | ---- | M] (Microsoft Corporation) "C:\WINDOWS\system32\dpnsvr.exe" = C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server [04/14/2008 04:34 AM | 00,018,432 | ---- | M] (Microsoft Corporation) "C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox [07/03/2008 04:56 AM | 00,307,712 | ---- | M] (Mozilla Corporation) "C:\Program Files\TmNationsForever\TmForever.exe" = C:\Program Files\TmNationsForever\TmForever.exe:*:Enabled:TmForever [04/14/2008 01:03 AM | 11,976,704 | ---- | M] () "C:\Program Files\Winamp\winamp.exe" = C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp [07/09/2008 11:34 PM | 01,343,840 | ---- | M] (Nullsoft) "D:\Livebox\RGWRepair.exe" = D:\Livebox\RGWRepair.exe:*:Enabled:RGWRepair File not found "C:\Program Files\eMule\emule.exe" = C:\Program Files\eMule\emule.exe:LocalSubNet:Enabled:eMule [08/01/2008 07:41 PM | 05,480,448 | ---- | M] (http://www.emule-project.net) "C:\Program Files\eMule\dserver.exe" = C:\Program Files\eMule\dserver.exe:*:Enabled:dserver [11/30/2001 11:07 AM | 00,221,184 | ---- | M] () "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 [04/13/2008 08:53 PM | 00,558,080 | ---- | M] (Microsoft Corporation) "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger [10/18/2007 12:34 PM | 05,724,184 | ---- | M] (Microsoft Corporation) "C:\Program Files\Windows Live\Messenger\livecall.exe" = C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) [10/02/2007 06:18 PM | 00,304,488 | ---- | M] (Microsoft Corporation) ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .bat [@ = batfile] - "%1" %* .cmd [@ = cmdfile] - "%1" %* .com [@ = comfile] - "%1" %* .exe [@ = exefile] - "%1" %* .html [@ = FirefoxHTML] - [07/03/2008 04:56 AM | 00,307,712 | ---- | M] (Mozilla Corporation) - C:\Program Files\Mozilla Firefox\firefox.exe .pif [@ = piffile] - "%1" %* .scr [@ = scrfile] - "%1" %* ========== Winsock2 Catalogs ========== ========== HKEY_LOCAL_MACHINE Protocol Defaults ========== ========== HKEY_CURRENT_USER Protocol Defaults ========== ========== HKEY_USERS Protocol Defaults ========== ========== HKEY_USERS Protocol Defaults ========== ========== HKEY_USERS Protocol Defaults ========== ========== HKEY_USERS Protocol Defaults ========== ========== HKEY_USERS Protocol Defaults ========== ========== Protocol Handlers ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] ipp: [HKLM - No CLSID value] msdaipp: [HKLM - No CLSID value] ========== Protocol Filters ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{075473F5-846A-448B-BCB3-104AA1760205}" = RecordNow Data "{08CA9554-B5FE-4313-938F-D4A417B81175}" = QuickTime "{0A8C97AD-DEED-4894-B446-3ABA95A77D0D}" = Windows Live Toolbar "{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}" = Security Update for CAPICOM (KB931906) "{1007F41F-7D69-468E-8017-3849A5A973C2}" = ThinkVantage Technologies Welcome Message "{1297C681-92D7-40EF-93BF-03F66EC5105C}" = Utilitaire ThinkPad EasyEject "{16E79B1D-D1C2-4CA6-8B23-F4D890E0DCB9}" = Orange Plug-in messagerie vocale 888 "{172423F9-522A-483A-AD65-03600CE4CA4F}" = Microsoft Works 6-9 Converter "{1787603C-E6E3-42D4-8034-55F358486F1D}" = MSXML 6.0 Parser (KB933579) "{17CBC505-D1AE-459D-B445-3D2000A85842}" = Utilitaire ThinkPad UltraNav "{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR "{2111B23F-7FDA-4A41-8309-E5A1663CA296}" = Utilitaire de personnalisation du clavier ThinkPad "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7 "{3380F354-C5F7-4E71-8F51-EEE6C3F06C62}" = Fichiers de prise en charge de l'installation de Microsoft SQL Server (Français) "{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3A2AF807-9F9F-43C9-A24A-17B617238B74}" = OpenOffice.org Installer 1.0 "{46A84694-59EC-48F0-964C-7E76E9F8A2ED}" = Système de protection active ThinkVantage "{480DBB60-F0B6-45F2-B26F-1A2E11197791}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) "{48227AEB-DC8E-4A90-A274-0B4A39D699B1}" = Client Security Solution "{483CFBDB-5870-41ED-82DC-992D1A2CBA87}" = Adobe Flash Player 9 ActiveX "{48CF6549-B45D-4313-9927-EFCCC8A3493F}" = TIPCI "{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies "{53480330-E1D1-41CA-B8F8-7F78644F7F50}" = O&O Defrag Professional Edition "{5888428E-699C-4E71-BF71-94EE06B497DA}" = TuneUp Utilities 2008 "{65706020-7B6F-41F2-8047-FC69579E386A}" = Gestionnaire de présentation "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{69333A04-5134-40A5-A055-9166A7AA1EC8}" = "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{69ca8988-1c6c-4285-b8af-db780a6e42af}" = Gestionnaire de contacts professionnels pour Outlook 2007 SP1 "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6CE96A14-61E2-48CC-837E-22710A953ADE}" = XP Themes "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{75438C0E-9925-412E-AD85-D0E71C6CE2ED}" = Integrated camera "{75FF1600-6330-43FA-9022-E0835BF20778}" = Microsoft SQL Server VSS Writer "{7726CF62-7B45-4E6D-9266-615346816BCA}" = Rescue and Recovery "{7EB114D8-207F-45AE-BABD-1669715F2630}" = ThinkVantage Access Connections "{7FC3BBEC-5A91-41B0-9CB8-960EC4421411}" = InterVideo WinDVD Creator 3 "{82512BC9-BD5D-4C50-BE4D-B98E7DF78687}" = Assistant UltraNav ThinkPad "{83E5061B-A69A-46AD-A780-1DA6569FF283}" = Rescue and Recovery Critical Patch for Windows Update (KB917422) "{84814E6B-2581-46EC-926A-823BD1C670F6}" = ThinkPad Bluetooth with Enhanced Data Rate Software "{8675339C-128C-44DD-83BF-0A5D6ABD8297}" = System Update "{90120000-0010-040C-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (French) 12 "{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007 "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1AFF2298-CC00-4A3B-866A-C62B8373794E}" = Security Update for 2007 Microsoft Office System (KB951596) "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{4AD3A076-427C-491F-A5B7-7D1DE788A756}" = Update for Microsoft Office Outlook 2007 (KB952142) "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{558B709B-821B-4FC5-90FC-9A8890641E77}" = Security Update for Microsoft Office PowerPoint 2007 (KB951338) "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6BAD036C-261F-4BEF-96CF-C20678D07A41}" = Security Update for Visio 2007 (KB947590) "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7399DD71-8E24-4E60-B6A8-6CED89C0AC26}" = Security Update for Microsoft Office Excel 2007 (KB951546) "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{A420F522-7395-4872-9882-C591B4B92278}" = Update for Office 2007 (KB946691) "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{AD72BABE-C733-4FCF-9674-4314466191B9}" = Security Update for Microsoft Office Word 2007 (KB950113) "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{D9806966-6AA1-4B55-9528-6748E37CEE86}" = Update for Outlook 2007 Junk Email Filter (kb955433) "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}" = Security Update for Microsoft Office Publisher 2007 (KB950114) "{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007 "{90120000-0015-040C-0000-0000000FF1CE}_PROHYBRIDR_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007 "{90120000-0016-040C-0000-0000000FF1CE}_PROHYBRIDR_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007 "{90120000-0018-040C-0000-0000000FF1CE}_PROHYBRIDR_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007 "{90120000-0019-040C-0000-0000000FF1CE}_PROHYBRIDR_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007 "{90120000-001A-040C-0000-0000000FF1CE}_PROHYBRIDR_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007 "{90120000-001B-040C-0000-0000000FF1CE}_PROHYBRIDR_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007 "{90120000-001F-0401-0000-0000000FF1CE}_PROHYBRIDR_{5A2F65A4-808F-4A1E-973E-92E17824982D}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{5A2F65A4-808F-4A1E-973E-92E17824982D}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007 "{90120000-001F-0413-0000-0000000FF1CE}_PROHYBRIDR_{B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007 "{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007 "{90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007 "{90120000-006E-040C-0000-0000000FF1CE}_PROHYBRIDR_{EC50B538-CBE1-42E6-B7FE-87AA540AADFB}" = Microsoft Office Language Pack 2007 Service Pack 1 (SP1) "{90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{EC50B538-CBE1-42E6-B7FE-87AA540AADFB}" = Microsoft Office Language Pack 2007 Service Pack 1 (SP1) "{90A4040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components "{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007 "{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{1AFF2298-CC00-4A3B-866A-C62B8373794E}" = Security Update for 2007 Microsoft Office System (KB951596) "{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{4AD3A076-427C-491F-A5B7-7D1DE788A756}" = Update for Microsoft Office Outlook 2007 (KB952142) "{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{558B709B-821B-4FC5-90FC-9A8890641E77}" = Security Update for Microsoft Office PowerPoint 2007 (KB951338) "{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6BAD036C-261F-4BEF-96CF-C20678D07A41}" = Security Update for Visio 2007 (KB947590) "{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{7399DD71-8E24-4E60-B6A8-6CED89C0AC26}" = Security Update for Microsoft Office Excel 2007 (KB951546) "{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{A420F522-7395-4872-9882-C591B4B92278}" = Update for Office 2007 (KB946691) "{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{AD72BABE-C733-4FCF-9674-4314466191B9}" = Security Update for Microsoft Office Word 2007 (KB950113) "{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{D9806966-6AA1-4B55-9528-6748E37CEE86}" = Update for Outlook 2007 Junk Email Filter (kb955433) "{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}" = Security Update for Microsoft Office Publisher 2007 (KB950114) "{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD "{975C1D10-BA0E-4D58-AE01-8FD03A373E06}" = ServerMaker 2001 "{986F64DC-FF15-449D-998F-EE3BCEC6666A}" = Help Center "{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync "{9C7E944F-4502-40B8-A0AB-66B2FA9EE829}" = Microsoft SQL Server Native Client "{9FAC9E5C-0D20-4DBF-AFE5-2E09C52A95A2}" = ThinkPad Wireless LAN Adapters Software (11a/b, 11b/g, 11a/b/g) "{A0E64EBA-8BF0-49FB-90C0-BB3D781A2016}" = Gestionnaire d'alimentation ThinkPad "{A2289997-10A3-48F2-AA03-99180D761661}" = ThinkVantage Fingerprint Software 5.6 "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components "{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = RecordNow Audio "{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}" = Assistant de connexion Windows Live "{B12665F4-4E93-4AB4-B7FC-37053B524629}" = RecordNow Copy "{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1 "{BADF6744-3787-48F6-B8C9-4C4995401D65}" = Windows Live Messenger "{C04E32E0-0416-434D-AFB9-6969D703A9EF}" = MSXML 4.0 SP2 (KB936181) "{C6FA39A7-26B1-480A-BC74-6D17531AC222}" = Access - Aide "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CF5737AF-8550-4546-A69B-0EA9EF5A9B55}" = ThinkVantage Productivity Center "{D728E945-256D-4477-B377-6BBA693714AC}" = Supplément à Productivity Center pour ThinkPad "{E7E836B8-4BDD-454F-82E6-5FEA17C83AD4}" = Message Center "{EA664480-3844-11D5-8C25-444553540000}" = Fonctions d'accessibilité TrackPoint "{EDA1C1F7-F27E-4B20-B9BC-39964452DBB1}" = Montpellier Business Plan Classic "{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX "{F18DB86D-BC16-4E01-BCCE-63F62B931D82}" = InterVideo Register Manager "{F196AC50-7C95-42E1-9947-BDAB18BF3C8C}" = Microsoft .NET Framework 2.0 Language Pack - FRA "{F386C340-DF4B-4BBA-9503-420FB7EDB395}" = Wallpapers "{F705E3E1-A471-426B-9A09-73429F3418EE}" = System Migration Assistant "{FC081D4D-DF1B-4CF1-B530-027E4118D846}" = Configuration du ThinkPad "{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}" = Windows Live installer "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player Plugin "AntiVir PersonalEdition Classic" = Avira AntiVir Personal - Free Antivirus "Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.4 (Unicode) "AwayTask" = Maintenance Manager "Business Contact Manager" = Gestionnaire de contacts professionnels pour Outlook 2007 SP1 "CCleaner" = CCleaner (remove only) "CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_10140588" = ThinkPad Modem "Creative PD1120" = Creative WebCam NX Ultra Driver (1.01.03.0112) "Creative WebCam Center" = Creative WebCam Center "eMule" = eMule "ffdshow_is1" = ffdshow [rev 1977] [2008-05-28] "Free Download Manager_is1" = Free Download Manager 2.5 "Free Easy Burner_is1" = Free Easy Burner V 3.8 "getPlus®_ocx" = getPlus®_ocx "G-Force" = G-Force "HDMI" = Intel® Graphics Media Accelerator Driver "HijackThis" = HijackThis 2.0.2 "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "InfraRecorder" = InfraRecorder "InstallShield_{48CF6549-B45D-4313-9927-EFCCC8A3493F}" = Texas Instruments PCIxx21/x515/xx12 drivers. "InstallShield_{A5EC243A-AAB4-4AF0-85A5-07F9F4618353}" = FTP Utility "KB894476" = Windows Media Player 10 Hotfix - KB894476 "KB923723" = Mise à jour de sécurité pour Step by Step Interactive Training (KB923723) "KB931906" = Security Update for CAPICOM (KB931906) "KB936782_WMP10" = Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782) "KB938127-IE7" = Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127) "KB941569" = Mise à jour de sécurité pour Windows XP (KB941569) "KB942615-IE7" = Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615) "KB944533-IE7" = Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533) "KB946648" = Mise à jour de sécurité pour Windows XP (KB946648) "KB947864-IE7" = Correctif pour Windows Internet Explorer 7 (KB947864) "KB948109_SQL9" = GDR 3068 for SQL Server Database Services 2005 ENU (KB948109) "KB950759-IE7" = Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759) "KB950760" = Mise à jour de sécurité pour Windows XP (KB950760) "KB950762" = Mise à jour de sécurité pour Windows XP (KB950762) "KB950974" = Mise à jour de sécurité pour Windows XP (KB950974) "KB951066" = Mise à jour de sécurité pour Windows XP (KB951066) "KB951072-v2" = Mise à jour pour Windows XP (KB951072-v2) "KB951376" = Mise à jour de sécurité pour Windows XP (KB951376) "KB951376-v2" = Mise à jour de sécurité pour Windows XP (KB951376-v2) "KB951698" = Mise à jour de sécurité pour Windows XP (KB951698) "KB951748" = Mise à jour de sécurité pour Windows XP (KB951748) "KB951978" = Mise à jour pour Windows XP (KB951978) "KB952287" = Correctif pour Windows XP (KB952287) "KB952954" = Mise à jour de sécurité pour Windows XP (KB952954) "KB953838-IE7" = Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838) "KB953839" = Mise à jour de sécurité pour Windows XP (KB953839) "LADSPA_plugins-win_is1" = LADSPA_plugins-win-0.4.15 "M928366" = Microsoft .NET Framework 1.1 Hotfix (KB928366) "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Media Player Classic" = Media Player Classic fr "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 2.0 Language Pack - FRA" = Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA "Microsoft SQL Server 2005" = Microsoft SQL Server 2005 "Mozilla Firefox (3.0.1)" = Mozilla Firefox (3.0.1) "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "OnScreenDisplay" = Incrustation "PC-Doctor 5 for Windows" = PC-Doctor 5 pour Windows "PCMCIAPW" = ThinkPad PC Card Power Policy "Picasa2" = Picasa 2 "Power Management Driver" = ThinkPad Power Management Driver "PROHYBRIDR" = 2007 Microsoft Office system "PROPLUS" = Microsoft Office Professional Plus 2007 "Remove Multimedia Center" = Remove Multimedia Center "ShockwaveFlash" = Macromedia Flash Player 8 "SumatraPDF" = Sumatra PDF reader "SynTPDeinstKey" = ThinkPad UltraNav Driver "ThinkPad FullScreen Magnifier" = ThinkPad FullScreen Magnifier "Totalcmd" = Total Commander (Remove or Repair) "VLC media player" = VideoLAN VLC media player 0.8.6f "VST Bridge_is1" = VST Bridge 1.1 "Winamp" = Winamp "Windows Live Toolbar" = Windows Live Toolbar "Windows Media Format Runtime" = Windows Media Format Runtime "Windows Media Player" = Lecteur Windows Media 10 "Windows XP Service" = Windows XP Service Pack 3 "WinGimp-2.0_is1" = GIMP 2.4.4 "WinRAR archiver" = Archiveur WinRAR "WMCSetup" = Windows Media Connect ========== HKEY_CURRENT_USER Uninstall List ========== ========== HKEY_USERS Uninstall List ========== ========== HKEY_USERS Uninstall List ========== ========== HKEY_USERS Uninstall List ========== ========== HKEY_USERS Uninstall List ========== ========== HKEY_USERS Uninstall List ========== ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 30/08/2008 20:13:50 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Application Hang Description = Détecteur d'erreurs 854786114. Error - 01/09/2008 05:22:38 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Application Error Description = Application défaillante audacity.exe, version 1.3.4.0, module défaillant audacity.exe, version 1.3.4.0, adresse de défaillance 0x000b18dc. Error - 01/09/2008 19:43:07 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Application Hang Description = Application bloquée iexplore.exe, version 7.0.6000.16705, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000. Error - 01/09/2008 19:43:16 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Application Hang Description = Détecteur d'erreurs 854786114. Error - 02/09/2008 14:37:05 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Application Error Description = Application défaillante sumatrapdf.exe, version 0.0.0.0, module défaillant sumatrapdf.exe, version 0.0.0.0, adresse de défaillance 0x000686cd. Error - 02/09/2008 14:37:09 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Application Error Description = Détecteur d'erreurs 898464924. Error - 03/09/2008 07:38:20 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Application Error Description = Application défaillante QuickTimePlayer.exe, version 7.50.61.0, module défaillant QuickTimePlayer.exe, version 7.50.61.0, adresse de défaillance 0x0000130d. Error - 03/09/2008 09:07:27 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Application Error Description = Application défaillante audacity.exe, version 1.3.4.0, module défaillant audacity.exe, version 1.3.4.0, adresse de défaillance 0x000b18dc. Error - 03/09/2008 09:07:29 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Application Error Description = Détecteur d'erreurs 570669371. Error - 03/09/2008 09:52:25 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Application Error Description = Application défaillante audacity.exe, version 1.3.4.0, module défaillant audacity.exe, version 1.3.4.0, adresse de défaillance 0x000b18dc. [ Internet Explorer Events ] [ ODiag Events ] [ OSession Events ] [ Security Events ] [ System Events ] Error - 02/09/2008 08:24:18 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Disk Description = Le périphérique \Device\Harddisk1\D comporte un bloc défectueux. Error - 02/09/2008 08:24:22 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Disk Description = Le périphérique \Device\Harddisk1\D comporte un bloc défectueux. Error - 02/09/2008 08:24:26 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Disk Description = Le périphérique \Device\Harddisk1\D comporte un bloc défectueux. Error - 02/09/2008 08:24:30 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Disk Description = Le périphérique \Device\Harddisk1\D comporte un bloc défectueux. Error - 02/09/2008 08:24:34 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Disk Description = Le périphérique \Device\Harddisk1\D comporte un bloc défectueux. Error - 02/09/2008 08:24:38 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Disk Description = Le périphérique \Device\Harddisk1\D comporte un bloc défectueux. Error - 02/09/2008 08:24:42 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Disk Description = Le périphérique \Device\Harddisk1\D comporte un bloc défectueux. Error - 02/09/2008 15:47:02 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = NetBT Description = L'initialisation a échoué car le transport a refusé d'ouvrir les adresses initiales. Error - 02/09/2008 22:49:41 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Service Control Manager Description = Délai (30000 millisecondes) d'attente pour une réponse du service Dnscache à une transaction. Error - 03/09/2008 08:38:01 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = irevents Description = Le service de transfert de fichiers par infrarouge a rencontré une erreur en envoyant le fichier "C:\Documents and Settings\Régis Granger\Mes documents\Ma musique\Funkadelic\Funkadelic - Maggot Brain.mp3. L'erreur renvoyée est L'opération d'entrée/sortie a été abandonnée en raison de l'arrêt d'une thread ou à la demande d'une application. . < End of report > et voici le deuxième : OTViewIt logfile created on: 04/09/2008 09:53:30 - Run 3 OTViewIt by OldTimer - Version 1.0.1.8 Folder = C:\Documents and Settings\Régis Granger\Bureau Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 1014,36 Mb Total Physical Memory | 472,55 Mb Available Physical Memory | 46,59% Memory free 2,38 Gb Paging File | 1,87 Gb Available in Paging File | 78,57% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 106,73 Gb Total Space | 26,44 Gb Free Space | 24,77% Space Free | Partition Type: NTFS D: Drive not present or media not loaded Drive E: | 18,63 Gb Total Space | 1,31 Gb Free Space | 7,03% Space Free | Partition Type: NTFS Drive F: | 55,88 Gb Total Space | 3,38 Gb Free Space | 6,05% Space Free | Partition Type: FAT32 G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: LENOVO-6BD91387 Current User Name: Régis Granger Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Whitelist: On ===== Processes - Non-Microsoft Only ===== [11/02/2007 04:51 PM | 00,036,136 | ---- | M] (Lenovo) - C:\WINDOWS\system32\ibmpmsvc.exe [01/30/2007 01:05 PM | 00,108,080 | ---- | M] (Lenovo Group Limited) - C:\WINDOWS\system32\IPSSVC.EXE [07/05/2008 01:06 AM | 00,090,112 | ---- | M] (Lenovo ) - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe [03/21/2007 02:42 PM | 00,364,629 | ---- | M] (Atheros) - C:\WINDOWS\system32\acs.exe [01/04/2007 08:48 PM | 00,112,152 | R--- | M] (InterVideo) - C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe [06/29/2007 12:02 AM | 01,049,856 | ---- | M] (O&O Software GmbH) - C:\WINDOWS\system32\oodag.exe [09/26/2007 06:34 PM | 00,644,408 | ---- | M] (Lenovo Group Limited) - C:\Program Files\Fichiers communs\Lenovo\tvt_reg_monitor_svc.exe [05/14/2008 04:21 PM | 00,037,416 | ---- | M] (Lenovo.) - C:\WINDOWS\system32\TPHDEXLG.exe [06/29/2006 10:57 PM | 00,032,768 | ---- | M] () - C:\WINDOWS\system32\TpKmpSvc.exe [07/14/2006 06:42 PM | 00,723,712 | ---- | M] (IBM) - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe [07/14/2006 07:01 PM | 01,974,272 | ---- | M] (Lenovo Group Limited) - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe [03/04/2008 10:34 AM | 01,122,304 | ---- | M] (Lenovo Group Limited) - C:\Program Files\Fichiers communs\Lenovo\Scheduler\tvtsched.exe [07/14/2006 04:52 PM | 00,045,056 | ---- | M] () - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe [07/05/2008 01:05 AM | 00,212,992 | ---- | M] (Lenovo ) - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe [06/10/2008 01:40 AM | 00,094,208 | ---- | M] () - C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe [04/29/2008 03:43 PM | 00,032,768 | ---- | M] (Lenovo Group Limited) - c:\Program Files\Lenovo\System Update\SUService.exe [07/14/2006 06:36 PM | 00,022,016 | ---- | M] () - C:\Program Files\Fichiers communs\Lenovo\Logger\logmon.exe [07/05/2008 01:06 AM | 00,126,976 | ---- | M] (Lenovo ) - C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe [07/14/2006 07:13 PM | 02,341,632 | ---- | M] (Lenovo Group Limited) - C:\Program Files\Lenovo\Client Security Solution\cssauth.exe [07/03/2008 04:10 PM | 01,323,008 | ---- | M] (Synaptics, Inc.) - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [06/05/2008 02:36 AM | 00,242,976 | ---- | M] (Lenovo Group Ltd.) - C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE [07/03/2008 04:17 PM | 00,118,784 | ---- | M] (Synaptics, Inc.) - C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [06/06/2008 06:21 PM | 00,181,536 | ---- | M] (Lenovo.) - C:\WINDOWS\system32\TpShocks.exe [03/24/2008 10:15 AM | 00,068,464 | ---- | M] (Lenovo Group Limited) - C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe [03/24/2008 02:41 PM | 00,067,432 | ---- | M] (Lenovo Group Limited) - C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe [04/25/2008 04:38 PM | 00,128,368 | ---- | M] (Lenovo Group Limited) - C:\Program Files\Lenovo\ZOOM\TpScrex.exe [06/09/2008 03:00 AM | 00,165,208 | ---- | M] (Lenovo Group Limited) - C:\Program Files\ThinkVantage\PrdCtr\LPMGR.EXE [11/14/2005 08:23 AM | 00,487,424 | ---- | M] (LENOVO) - C:\Program Files\ThinkVantage\AMSG\Amsg.exe [07/05/2008 01:00 AM | 00,425,984 | ---- | M] (Lenovo ) - C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe [07/05/2008 12:56 AM | 00,143,360 | ---- | M] (Lenovo ) - C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe [03/13/2006 05:38 PM | 00,041,472 | R--- | M] (Utimaco Safeware AG) - C:\Program Files\Lenovo\SafeGuard PrivateDisk\pdservice.exe [06/29/2007 12:01 AM | 02,512,128 | ---- | M] (O&O Software GmbH) - C:\WINDOWS\system32\oodtray.exe [07/14/2006 07:20 PM | 00,817,920 | ---- | M] (Lenovo Group Limited) - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_tray.exe [03/04/2008 10:34 AM | 00,487,424 | ---- | M] (Lenovo Group Limited) - C:\Program Files\Fichiers communs\Lenovo\Scheduler\scheduler_proxy.exe [11/07/2006 08:51 PM | 00,091,688 | ---- | M] (Lenovo Group Limited) - C:\Program Files\Lenovo\AwayTask\AwaySch.EXE [06/09/2008 03:00 AM | 00,124,248 | ---- | M] (Lenovo Group Limited) - C:\Program Files\ThinkVantage\PrdCtr\LPMLCHK.EXE [06/09/2008 04:00 AM | 00,060,192 | ---- | M] (Lenovo Group Limited) - C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe [02/13/2008 06:02 PM | 02,453,551 | ---- | M] (FreeDownloadManager.ORG) - C:\Program Files\Free Download Manager\fdm.exe [12/30/2007 11:14 PM | 00,253,952 | ---- | M] () - C:\Program Files\Free Download Manager\FUM\fum.exe [06/10/2007 07:02 PM | 00,040,960 | ---- | M] () - C:\Program Files\Free Download Manager\FUM\fumoei.exe [06/20/2008 09:23 AM | 00,154,368 | ---- | M] (TuneUp Software GmbH) - C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe [11/03/2006 07:02 PM | 00,050,688 | ---- | M] (Avanquest Software ) - C:\Program Files\Digital Line Detect\DLG.exe ===== Win32 Services - Non-Microsoft Only ===== (AcPrfMgrSvc) Ac Profile Manager Service [Auto | Running] [07/05/2008 01:06 AM | 00,090,112 | ---- | M] (Lenovo ) - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe (acs) Atheros Configuration Service [Auto | Running] [03/21/2007 02:42 PM | 00,364,629 | ---- | M] (Atheros) - C:\WINDOWS\system32\acs.exe (AcSvc) Access Connections Main Service [Auto | Running] [07/05/2008 01:05 AM | 00,212,992 | ---- | M] (Lenovo ) - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe (IBMPMSVC) ThinkPad PM Service [Auto | Running] [11/02/2007 04:51 PM | 00,036,136 | ---- | M] (Lenovo) - C:\WINDOWS\system32\ibmpmsvc.exe (IPSSVC) Service de base IPS [Auto | Running] [01/30/2007 01:05 PM | 00,108,080 | ---- | M] (Lenovo Group Limited) - C:\WINDOWS\system32\IPSSVC.EXE (IviRegMgr) IviRegMgr [Auto | Running] [01/04/2007 08:48 PM | 00,112,152 | R--- | M] (InterVideo) - C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe (O&O Defrag) O&O Defrag [Auto | Running] [06/29/2007 12:02 AM | 01,049,856 | ---- | M] (O&O Software GmbH) - C:\WINDOWS\system32\oodag.exe (Power Manager DBC Service) Power Manager DBC Service [Auto | Running] [06/10/2008 01:40 AM | 00,094,208 | ---- | M] () - C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe (PsaSrv) IBM PSA Access Driver Control [On_Demand | Stopped] File not found - C:\WINDOWS\system32\PsaSrv.exe (SUService) System Update [Auto | Running] [04/29/2008 03:43 PM | 00,032,768 | ---- | M] (Lenovo Group Limited) - c:\Program Files\Lenovo\System Update\SUService.exe (ThinkVantage Registry Monitor Service) ThinkVantage Registry Monitor Service [Auto | Running] [09/26/2007 06:34 PM | 00,644,408 | ---- | M] (Lenovo Group Limited) - C:\Program Files\Fichiers communs\Lenovo\tvt_reg_monitor_svc.exe (TPHDEXLGSVC) ThinkPad HDD APS Logging Service [Auto | Running] [05/14/2008 04:21 PM | 00,037,416 | ---- | M] (Lenovo.) - C:\WINDOWS\system32\TPHDEXLG.exe (TpKmpSVC) IBM KCU Service [Auto | Running] [06/29/2006 10:57 PM | 00,032,768 | ---- | M] () - C:\WINDOWS\system32\TpKmpSvc.exe (TSSCoreService) TSS Core Service [Auto | Running] [07/14/2006 06:42 PM | 00,723,712 | ---- | M] (IBM) - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe (TuneUp.Defrag) TuneUp Drive Defrag Service [On_Demand | Stopped] [07/23/2008 01:20 PM | 00,355,584 | ---- | M] (TuneUp Software GmbH) - C:\WINDOWS\system32\TuneUpDefragService.exe (TVT Backup Service) TVT Backup Service [Auto | Running] [07/14/2006 07:01 PM | 01,974,272 | ---- | M] (Lenovo Group Limited) - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe (TVT Scheduler) TVT Scheduler [Auto | Running] [03/04/2008 10:34 AM | 01,122,304 | ---- | M] (Lenovo Group Limited) - C:\Program Files\Fichiers communs\Lenovo\Scheduler\tvtsched.exe (tvtnetwk) tvtnetwk [Auto | Running] [07/14/2006 04:52 PM | 00,045,056 | ---- | M] () - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe ===== Driver Services - Non-Microsoft Only ===== (AR5211) Atheros Wireless Network Adapter Service [On_Demand | Running] [10/26/2007 02:20 AM | 00,549,184 | ---- | M] (Atheros Communications, Inc.) - C:\WINDOWS\system32\drivers\ar5211.sys (atmeltpm) atmeltpm [On_Demand | Running] [05/17/2005 11:20 AM | 00,015,872 | ---- | M] (Atmel, Inc.) - C:\WINDOWS\system32\drivers\atmeltpm.sys (IBMPMDRV) IBMPMDRV [On_Demand | Running] [11/02/2007 04:50 PM | 00,021,808 | ---- | M] (Lenovo.) - C:\WINDOWS\system32\drivers\ibmpmdrv.sys (IBMTPCHK) IBMTPCHK [system | Running] [07/02/2008 12:22 AM | 00,004,224 | ---- | M] () - C:\WINDOWS\system32\drivers\IBMBLDID.sys (Iviaspi) IVI ASPI Shell [On_Demand | Running] [09/11/2003 12:36 AM | 00,021,060 | ---- | M] (InterVideo, Inc.) - C:\WINDOWS\system32\drivers\iviaspi.sys (mraid35x) mraid35x [Disabled | Stopped] [08/18/2001 07:52 AM | 00,017,280 | ---- | M] (American Megatrends Inc.) - C:\WINDOWS\system32\drivers\mraid35x.sys (PcdrNdisuio) PCDRNDISUIO Usermode I/O Protocol [On_Demand | Stopped] File not found - C:\WINDOWS\System32\DRIVERS\pcdrndisuio.sys (PrivateDisk) PrivateDisk [Auto | Running] [03/13/2006 05:05 PM | 00,058,368 | R--- | M] (Utimaco Safeware AG) - C:\Program Files\Lenovo\SafeGuard PrivateDisk\privatediskm.sys (PROCDD) Pilote de support IPS [Auto | Running] [11/06/2006 06:24 PM | 00,012,080 | ---- | M] (Lenovo Group Limited) - C:\WINDOWS\system32\drivers\PROCDD.SYS (psadd) Lenovo Parties Service Access Device Driver [On_Demand | Running] [02/19/2007 07:56 AM | 00,021,376 | ---- | M] (Lenovo (United States) Inc.) - C:\WINDOWS\system32\drivers\psadd.sys (Shockprf) Shockprf [boot | Running] [05/14/2008 04:21 PM | 00,114,728 | ---- | M] (Lenovo.) - C:\WINDOWS\system32\drivers\ApsX86.sys (smihlp2) SMI Helper Driver (smihlp2) [Auto | Running] [08/14/2007 04:46 PM | 00,010,896 | ---- | M] (UPEK Inc.) - C:\Program Files\Fichiers communs\ThinkVantage Fingerprint Software\Drivers\smihlp.sys (Sparrow) Sparrow [Disabled | Stopped] [08/18/2001 08:07 AM | 00,019,072 | ---- | M] (Adaptec, Inc.) - C:\WINDOWS\system32\drivers\sparrow.sys (SynTP) Synaptics TouchPad Driver [On_Demand | Running] [07/03/2008 03:53 PM | 00,225,664 | ---- | M] (Synaptics, Inc.) - C:\WINDOWS\system32\drivers\SynTP.sys (TcUsb) TC USB Kernel Driver [On_Demand | Running] [08/14/2007 04:25 PM | 00,047,376 | ---- | M] (UPEK Inc.) - C:\WINDOWS\system32\drivers\tcusb.sys (TDSMAPI) TDSMAPI [system | Running] [10/02/2006 02:55 AM | 00,009,343 | ---- | M] () - C:\WINDOWS\system32\drivers\TDSMAPI.SYS (tifm21) tifm21 [On_Demand | Running] [11/30/2005 03:12 AM | 00,162,560 | ---- | M] (Texas Instruments) - C:\WINDOWS\system32\drivers\tifm21.sys (TPDIGIMN) TPDIGIMN [boot | Running] [05/14/2008 04:21 PM | 00,019,496 | ---- | M] (Lenovo.) - C:\WINDOWS\system32\drivers\ApsHM86.sys (TPHKDRV) TPHKDRV [system | Running] [05/12/2008 10:14 PM | 00,017,844 | ---- | M] (Lenovo Group Limited) - C:\WINDOWS\system32\drivers\TPHKDRV.sys (TPPWRIF) TPPWRIF [system | Running] [06/10/2008 01:40 AM | 00,004,442 | ---- | M] () - C:\WINDOWS\system32\drivers\TPPWRIF.SYS (TSMAPIP) TSMAPIP [system | Running] [06/09/2008 04:00 AM | 00,004,608 | ---- | M] () - C:\WINDOWS\system32\drivers\TSMAPIP.SYS (tvtfilter) tvtfilter [Auto | Running] [07/14/2006 06:27 PM | 00,012,544 | ---- | M] (Lenovo) - C:\WINDOWS\system32\drivers\tvtfilter.sys (TVTPktFilter) TVT Packet Filter Service [On_Demand | Running] [07/14/2006 06:03 PM | 00,017,664 | ---- | M] (Lenovo Group Limited) - C:\WINDOWS\system32\drivers\tvtpktfilter.sys (WSIMD) wsimd Service [On_Demand | Running] [07/03/2007 07:46 PM | 00,057,344 | ---- | M] (Atheros Communications, Inc.) - C:\WINDOWS\system32\drivers\wsimd.sys ========== Run Keys ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ACTray" = C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe [07/05/2008 01:00 AM | 00,425,984 | ---- | M] (Lenovo ) "ACWLIcon" = C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe [07/05/2008 12:56 AM | 00,143,360 | ---- | M] (Lenovo ) "AMSG" = C:\Program Files\ThinkVantage\AMSG\Amsg.exe [11/14/2005 08:23 AM | 00,487,424 | ---- | M] (LENOVO) "avgnt" = "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min [08/22/2008 07:43 AM | 00,266,497 | ---- | M] (Avira GmbH) "AwaySch" = C:\Program Files\Lenovo\AwayTask\AwaySch.EXE [11/07/2006 08:51 PM | 00,091,688 | ---- | M] (Lenovo Group Limited) "BLOG" = rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog [06/10/2008 01:40 AM | 00,208,896 | ---- | M] () "cssauth" = "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent [07/14/2006 07:13 PM | 02,341,632 | ---- | M] (Lenovo Group Limited) "EZEJMNAP" = C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe [06/05/2008 02:36 AM | 00,242,976 | ---- | M] (Lenovo Group Ltd.) "HotKeysCmds" = C:\WINDOWS\system32\hkcmd.exe [03/05/2008 02:48 PM | 00,166,424 | ---- | M] (Intel Corporation) "IgfxTray" = C:\WINDOWS\system32\igfxtray.exe [03/05/2008 02:48 PM | 00,141,848 | ---- | M] (Intel Corporation) "LPMailChecker" = C:\PROGRA~1\THINKV~2\PrdCtr\LPMLCHK.exe [06/09/2008 03:00 AM | 00,124,248 | ---- | M] (Lenovo Group Limited) "LPManager" = C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe [06/09/2008 03:00 AM | 00,165,208 | ---- | M] (Lenovo Group Limited) "OODefragTray" = C:\WINDOWS\system32\oodtray.exe [06/29/2007 12:01 AM | 02,512,128 | ---- | M] (O&O Software GmbH) "PDService.exe" = "C:\Program Files\Lenovo\SafeGuard PrivateDisk\pdservice.exe" [03/13/2006 05:38 PM | 00,041,472 | R--- | M] (Utimaco Safeware AG) "Persistence" = C:\WINDOWS\system32\igfxpers.exe [03/05/2008 02:48 PM | 00,137,752 | ---- | M] (Intel Corporation) "PWRMGRTR" = rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor [06/10/2008 01:40 AM | 00,311,296 | ---- | M] (Lenovo Group Limited) "QuickTime Task" = "C:\Program Files\QuickTime\qttask.exe" -atboottime [05/27/2008 10:50 AM | 00,413,696 | ---- | M] (Apple Inc.) "SoundMAX" = "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray [05/06/2005 04:06 PM | 00,716,800 | ---- | M] (Analog Devices, Inc.) "SoundMAXPnP" = C:\Program Files\Analog Devices\Core\smax4pnp.exe [05/20/2005 10:11 AM | 00,925,696 | ---- | M] (Analog Devices, Inc.) "SynTPEnh" = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [07/03/2008 04:10 PM | 01,323,008 | ---- | M] (Synaptics, Inc.) "SynTPLpr" = C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [07/03/2008 04:17 PM | 00,118,784 | ---- | M] (Synaptics, Inc.) "TP4EX" = tp4ex.exe [10/17/2005 02:11 AM | 00,065,536 | ---- | M] (Lenovo Group Limited) "TPFNF7" = C:\PROGRA~1\Lenovo\NPDIRECT\TPFNF7SP.exe /r [06/09/2008 04:00 AM | 00,060,192 | ---- | M] (Lenovo Group Limited) "TPHOTKEY" = C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe [03/24/2008 10:15 AM | 00,068,464 | ---- | M] (Lenovo Group Limited) "TPKMAPHELPER" = C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper [01/09/2007 05:28 PM | 00,868,352 | ---- | M] (Lenovo) "TpShocks" = TpShocks.exe [06/06/2008 06:21 PM | 00,181,536 | ---- | M] (Lenovo.) "TVT Scheduler Proxy" = C:\Program Files\Fichiers communs\Lenovo\Scheduler\scheduler_proxy.exe [03/04/2008 10:34 AM | 00,487,424 | ---- | M] (Lenovo Group Limited) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "load" = Reg Error: Value load does not exist or could not be read. "run" = Reg Error: Value run does not exist or could not be read. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Creative WebCam Tray" = "C:\Program Files\Creative\Shared Files\CamTray.exe" [10/27/2005 06:00 PM | 00,299,008 | ---- | M] (Creative Technology Ltd) "Free Download Manager" = "C:\Program Files\Free Download Manager\fdm.exe" -autorun [02/13/2008 06:02 PM | 02,453,551 | ---- | M] (FreeDownloadManager.ORG) "Free Upload Manager" = "C:\Program Files\Free Download Manager\fum\fum.exe" -autorun [12/30/2007 11:14 PM | 00,253,952 | ---- | M] () "Free Uploader Oe Integration" = C:\Program Files\Free Download Manager\FUM\fumoei.exe [06/10/2007 07:02 PM | 00,040,960 | ---- | M] () "Picasa Media Detector" = C:\Program Files\Picasa2\PicasaMediaDetector.exe [02/26/2008 03:23 AM | 00,443,968 | ---- | M] (Google Inc.) "TuneUp MemOptimizer" = "C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe" autostart [06/20/2008 09:23 AM | 00,154,368 | ---- | M] (TuneUp Software GmbH) [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "load" = "run" = Reg Error: Value run does not exist or could not be read. [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "load" = "run" = Reg Error: Value run does not exist or could not be read. [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "load" = "run" = Reg Error: Value run does not exist or could not be read. [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "load" = "run" = Reg Error: Value run does not exist or could not be read. [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "load" = "run" = Reg Error: Value run does not exist or could not be read. [HKEY_USERS\S-1-5-21-1902654263-2307695710-1140962926-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Creative WebCam Tray" = "C:\Program Files\Creative\Shared Files\CamTray.exe" [10/27/2005 06:00 PM | 00,299,008 | ---- | M] (Creative Technology Ltd) "Free Download Manager" = "C:\Program Files\Free Download Manager\fdm.exe" -autorun [02/13/2008 06:02 PM | 02,453,551 | ---- | M] (FreeDownloadManager.ORG) "Free Upload Manager" = "C:\Program Files\Free Download Manager\fum\fum.exe" -autorun [12/30/2007 11:14 PM | 00,253,952 | ---- | M] () "Free Uploader Oe Integration" = C:\Program Files\Free Download Manager\FUM\fumoei.exe [06/10/2007 07:02 PM | 00,040,960 | ---- | M] () "Picasa Media Detector" = C:\Program Files\Picasa2\PicasaMediaDetector.exe [02/26/2008 03:23 AM | 00,443,968 | ---- | M] (Google Inc.) "TuneUp MemOptimizer" = "C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe" autostart [06/20/2008 09:23 AM | 00,154,368 | ---- | M] (TuneUp Software GmbH) [HKEY_USERS\S-1-5-21-1902654263-2307695710-1140962926-1008\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "load" = "run" = Reg Error: Value run does not exist or could not be read. ========== Startup Folders ========== [Administrateur Startup Folder - C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage] [All Users Startup Folder - C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage] [11/26/2007 04:58 PM | 00,576,104 | ---- | M] (Broadcom Corporation.) - C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\BTTray.lnk = C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe [11/03/2006 07:02 PM | 00,050,688 | ---- | M] (Avanquest Software ) - C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe [Default User Startup Folder - C:\Documents and Settings\Default User\Menu Démarrer\Programmes\Démarrage] [Régis Granger Startup Folder - C:\Documents and Settings\Régis Granger\Menu Démarrer\Programmes\Démarrage] ========== BHO's ========== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] HKLM CLSID: (SSVHelper Class) - [06/10/2008 04:27 AM | 00,509,328 | ---- | M] (Sun Microsystems, Inc.) C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] HKLM CLSID: (Reg Error: Key does not exist or could not be opened.) - File not found Reg Error: Key does not exist or could not be opened. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}] HKLM CLSID: (FDMIECookiesBHO Class) - [11/26/2007 03:35 PM | 00,094,208 | ---- | M] () C:\Program Files\Free Download Manager\iefdm2.dll [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F040E541-A427-4CF7-85D8-75E3E0F476C5}] HKLM CLSID: (CPwmIEBrowserHelper Object) - [07/14/2006 07:20 PM | 00,719,616 | ---- | M] (Lenovo Group Limited) C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll ========== Toolbars ========== ========== AppInit_Dlls ========== ========== HKLM Security Providers ========== ========== HKLM Winlogon Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell] = Explorer.exe >Explorer.exe - [04/14/2008 04:34 AM | 01,037,824 | ---- | M] (Microsoft Corporation) C:\WINDOWS\explorer.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit] = C:\WINDOWS\system32\userinit.exe, >C:\WINDOWS\system32\userinit.exe - [04/14/2008 04:34 AM | 00,026,624 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\userinit.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\GinaDLL] = tvt_gina.dll >tvt_gina.dll - [07/02/2008 12:22 AM | 00,582,968 | ---- | M] (Lenovo) C:\WINDOWS\system32\tvt_gina.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UIHost] = logonui.exe >logonui.exe - [04/14/2008 04:34 AM | 00,515,584 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\logonui.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet] = rundll32 shell32,Control_RunDLL "sysdm.cpl" >rundll32 shell32 - [04/14/2008 04:33 AM | 08,517,632 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll >Control_RunDLL "sysdm.cpl" - [04/14/2008 04:34 AM | 00,307,200 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\sysdm.cpl ========== User's Winlogon Settings ========== ========== Winlogon Notify Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ACNotify] "DllName" = C:\Program Files\ThinkPad\ConnectUtilities\ACNotify.dll [07/05/2008 12:57 AM | 00,032,768 | ---- | M] (Lenovo ) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AwayNotify] "DllName" = C:\Program Files\Lenovo\AwayTask\AwayNotify.dll [08/16/2006 07:07 PM | 00,049,152 | ---- | M] (Lenovo Group Limited) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] "DllName" = C:\WINDOWS\system32\igfxdev.dll [02/15/2008 12:45 PM | 00,208,896 | ---- | M] (Intel Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon] "DllName" = File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus] "DllName" = C:\WINDOWS\system32\psqlpwd.dll [08/14/2007 04:54 PM | 00,089,600 | ---- | M] (UPEK Inc.) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tpfnf2] "DllName" = C:\Program Files\Lenovo\HOTKEY\notifyf2.dll [09/06/2006 04:37 PM | 00,034,344 | ---- | M] () [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tphotkey] "DllName" = C:\Program Files\Lenovo\HOTKEY\tphklock.dll [03/17/2008 04:02 PM | 00,034,080 | ---- | M] (Lenovo Group Limited) ========== Policies ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer] Unable to open key or key not present! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System] "dontdisplaylastusername" = 0 "legalnoticecaption" = "legalnoticetext" = "shutdownwithoutlogon" = 1 "undockwithoutlogon" = 1 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer] "NoDriveTypeAutoRun" = 145 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System] Unable to open key or key not present! [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer] "NoDriveTypeAutoRun" = 145 [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System] Unable to open key or key not present! [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer] "NoDriveTypeAutoRun" = 145 [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System] Unable to open key or key not present! [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer] "NoDriveTypeAutoRun" = 145 [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System] Unable to open key or key not present! [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer] "NoDriveTypeAutoRun" = 145 [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System] Unable to open key or key not present! [HKEY_USERS\S-1-5-21-1902654263-2307695710-1140962926-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer] "NoDriveTypeAutoRun" = 145 [HKEY_USERS\S-1-5-21-1902654263-2307695710-1140962926-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System] Unable to open key or key not present! ========== Lsa Authentication Packages ========== ========== Lsa Security Packages ========== ========== Desktop Components ========== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0] "FriendlyName" = "Ma page d'accueil" "Source" = "About:Home" "SubscribedURL" = "About:Home" ========== Safeboot Options ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot] "AlternateShell" = cmd.exe ========== Disabled MsConfig Items ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^FTP Utility.lnk] "path" = C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\FTP Utility.lnk File not found "backup" = C:\WINDOWS\pss\FTP Utility.lnk File not found "location" = Common Startup "command" = C:\Program Files\KONICA MINOLTA\FTP Utility\KMFtp.exe File not found "item" = C:\WINDOWS\system32\ftp.exe [04/14/2008 04:34 AM | 00,046,080 | ---- | M] (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^Régis Granger^Menu Démarrer^Programmes^Démarrage^Adobe Media Player.lnk] "path" = C:\Documents and Settings\Régis Granger\Menu Démarrer\Programmes\Démarrage\Adobe Media Player.lnk File not found "backup" = C:\WINDOWS\pss\Adobe Media Player.lnk File not found "location" = Startup "command" = C:\PROGRA~1\ADOBEM~1\ADOBEM~1.EXE File not found "item" = Adobe Media Player [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state] "system.ini" = 0 "win.ini" = 0 "bootini" = 0 "services" = 0 "startup" = 2 ========== CDRom AutoRun Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom] "AutoRun" = 1 ========== MountPoints2 ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0aad0508-e146-11dc-af45-8000600fe800}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{16d68960-3092-11dd-b007-00197eed6594}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{484815bf-54bd-11dd-b03f-8000600fe800}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{59b1ff7a-f9cf-11dc-af7e-00197eed6594}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7441dac2-2d78-11dd-afff-00197eed6594}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{86b166d5-e613-11dc-af54-00197eed6594}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9aadca16-6704-11dd-b06e-00197eed6594}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c76eeade-fb14-11dc-af81-8000600fe800}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d11fd207-04b8-11dd-af9f-00197eed6594}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dc09f78c-e4e1-11dc-af4f-00197eed6594}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ffc8e24d-8e70-11da-9887-806d6172696f}\Shell] "" = None ========== DNS Name Servers ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{3F254497-3FB2-4C13-B2EB-D8F1EBE314A9}] Servers: | Description: Windows Mobile-based Device [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{57C9E86A-DB58-4B94-AF19-5FB4BA8D2F9F}] Servers: | Description: 11a/b/g Wireless LAN Mini PCI Express Adapter [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{B1D52F6C-4FFB-4AE5-9B2B-266C20F69D46}] Servers: | Description: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{B930A187-59DC-47A0-9C71-325BA8913484}] Servers: | Description: Broadcom NetXtreme Gigabit Ethernet [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{C450C8EE-1586-4CD5-927B-9255BB6C9D11}] Servers: | Description: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{ECCC14E1-B4A7-41CC-A6F1-F5D1F880B879}] Servers: | Description: Carte réseau 1394 ========== Hosts File ========== HOSTS File = (257789 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts First 25 entries... 127.0.0.1 localhost 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.1001-search.info 127.0.0.1 1001-search.info 127.0.0.1 www.100888290cs.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com 127.0.0.1 www.10sek.com 127.0.0.1 10sek.com 127.0.0.1 www.123topsearch.com 127.0.0.1 123topsearch.com 127.0.0.1 www.132.com 127.0.0.1 132.com 127.0.0.1 www.136136.net 127.0.0.1 136136.net ========== Files/Folders - Created Within 90 days ========== [08/02/2008 06:39 PM | ---D | C] - C:\Deckard [08/28/2008 07:39 AM | 00,064,352 | ---- | C] () - C:\WINDOWS\System32\drivers\ativmc20.cod [08/28/2008 07:41 AM | 00,129,045 | ---- | C] () - C:\WINDOWS\System32\drivers\cxthsfs2.cty [08/28/2008 07:42 AM | 00,067,866 | ---- | C] () - C:\WINDOWS\System32\drivers\netwlan5.img [1 C:\WINDOWS\System32\*.tmp files] [06/06/2008 06:20 PM | 00,218,400 | ---- | C] (Lenovo.) - C:\WINDOWS\System32\TpShCPL.cpl [06/06/2008 06:21 PM | 00,128,288 | ---- | C] (Lenovo.) - C:\WINDOWS\System32\TpShEvUI.exe [06/06/2008 06:21 PM | 00,181,536 | ---- | C] (Lenovo.) - C:\WINDOWS\System32\TpShocks.exe [06/06/2008 06:21 PM | 00,492,832 | ---- | C] (Lenovo.) - C:\WINDOWS\System32\TpShCPL.dll [06/08/2008 09:13 PM | 00,057,344 | ---- | C] (LEAD Technologies, Inc.) - C:\WINDOWS\System32\lfbmp13n.dll [06/08/2008 09:13 PM | 00,069,632 | ---- | C] (LEAD Technologies, Inc.) - C:\WINDOWS\System32\lfgif13n.dll [06/08/2008 09:13 PM | 00,163,840 | ---- | C] (LEAD Technologies, Inc.) - C:\WINDOWS\System32\ltfil13n.dll [06/08/2008 09:13 PM | 00,206,336 | ---- | C] (LEAD Technologies, Inc.) - C:\WINDOWS\System32\ltefx13n.dll [06/08/2008 09:13 PM | 00,299,008 | ---- | C] (LEAD Technologies, Inc.) - C:\WINDOWS\System32\ltdis13n.dll [06/08/2008 09:13 PM | 00,401,408 | ---- | C] (LEAD Technologies, Inc.) - C:\WINDOWS\System32\lfcmp13n.dll [06/08/2008 09:13 PM | 00,450,560 | ---- | C] (LEAD Technologies, Inc.) - C:\WINDOWS\System32\ltimg13n.dll [06/08/2008 09:13 PM | 00,462,848 | ---- | C] (LEAD Technologies, Inc.) - C:\WINDOWS\System32\ltkrn13n.dll [06/24/2008 10:35 AM | ---D | C] - C:\WINDOWS\System32\Adobe [07/23/2008 01:20 PM | 00,028,416 | ---- | C] (TuneUp Software GmbH) - C:\WINDOWS\System32\uxtuneup.dll [07/23/2008 01:20 PM | 00,355,584 | ---- | C] (TuneUp Software GmbH) - C:\WINDOWS\System32\TuneUpDefragService.exe [08/22/2008 08:44 AM | 00,183,808 | ---- | C] () - C:\WINDOWS\System32\BDEADMIN.CPL [08/22/2008 08:44 AM | 00,210,032 | ---- | C] () - C:\WINDOWS\System32\DBCLIENT.DLL [08/22/2008 08:48 AM | 00,000,664 | ---- | C] () - C:\WINDOWS\System32\d3d9caps.dat [08/28/2008 08:07 AM | ---D | C] - C:\WINDOWS\System32\bits [08/28/2008 08:07 AM | ---D | C] - C:\WINDOWS\System32\fr [08/31/2008 12:12 PM | 00,110,592 | ---- | C] (Synaptics, Inc.) - C:\WINDOWS\System32\SynTPCo4.dll [09/02/2008 12:29 PM | 00,051,100 | -H-- | C] () - C:\WINDOWS\System32\mlfcache.dat [1 C:\WINDOWS\*.tmp files] [07/23/2008 08:02 PM | ---D | C] - C:\WINDOWS\SQL9_KB948109_ENU [08/02/2008 06:40 PM | ---D | C] - C:\WINDOWS\ERDNT [08/18/2008 12:02 PM | 00,002,675 | ---- | C] () - C:\WINDOWS\imsins.BAK [08/28/2008 07:58 AM | -H-D | C] - C:\WINDOWS\$NtServicePackUninstall$ [08/28/2008 08:01 AM | ---D | C] - C:\WINDOWS\network diagnostic [08/28/2008 08:03 AM | ---D | C] - C:\WINDOWS\ServicePackFiles [08/28/2008 08:07 AM | ---D | C] - C:\WINDOWS\l2schemas [08/28/2008 08:16 AM | ---D | C] - C:\WINDOWS\Prefetch [08/31/2008 12:11 PM | 00,000,051 | ---- | C] () - C:\WINDOWS\npornap.INI [08/22/2008 10:05 AM | 00,000,284 | ---- | C] () - C:\WINDOWS\tasks\AppleSoftwareUpdate.job [06/09/2008 12:09 PM | ---D | C] - C:\Documents and Settings\All Users\Application Data\FileOpen [06/13/2008 09:53 AM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Apple Computer [08/03/2008 08:48 AM | ---D | C] - C:\Documents and Settings\All Users\Application Data\AVS4YOU [08/05/2008 11:40 AM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Avira [08/05/2008 11:52 AM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Malwarebytes [08/22/2008 10:05 AM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Apple [06/09/2008 12:09 PM | ---D | C] - C:\Documents and Settings\Régis Granger\Application Data\FileOpen [07/04/2008 06:00 AM | ---D | C] - C:\Documents and Settings\Régis Granger\Application Data\DiVision Studios XAvenger [08/03/2008 08:48 AM | ---D | C] - C:\Documents and Settings\Régis Granger\Application Data\AVS4YOU [08/05/2008 11:52 AM | ---D | C] - C:\Documents and Settings\Régis Granger\Application Data\Malwarebytes [08/28/2008 07:21 PM | ---D | C] - C:\Documents and Settings\Régis Granger\Application Data\SumatraPDF [08/05/2008 09:53 PM | ---D | C] - C:\Documents and Settings\Régis Granger\Local Settings\Application Data\IsolatedStorage [06/06/2008 08:20 PM | ---D | C] - C:\Documents and Settings\Régis Granger\Mes documents\Mes radios [06/16/2008 11:18 AM | 00,000,000 | -H-- | C] () - C:\Documents and Settings\Régis Granger\Mes documents\Default.rdp [06/16/2008 11:45 AM | ---D | C] - C:\Documents and Settings\Régis Granger\Mes documents\WM-RG Mes documents [07/18/2008 01:27 PM | 04,987,098 | ---- | C] () - C:\Documents and Settings\Régis Granger\Mes documents\Marionnette vivante.wmv [07/18/2008 01:32 PM | 00,176,740 | ---- | C] () - C:\Documents and Settings\Régis Granger\Mes documents\Vélib.gif [07/18/2008 01:32 PM | 01,492,992 | ---- | C] () - C:\Documents and Settings\Régis Granger\Mes documents\metro-agression-ridicule.mpg [07/18/2008 01:32 PM | 02,532,679 | ---- | C] () - C:\Documents and Settings\Régis Granger\Mes documents\autostopistas.zip [08/03/2008 01:04 AM | ---D | C] - C:\Documents and Settings\Régis Granger\Mes documents\TmForever [08/20/2008 07:11 PM | ---D | C] - C:\Documents and Settings\Régis Granger\Mes documents\Access Connections [09/02/2008 10:19 AM | ---D | C] - C:\Documents and Settings\Régis Granger\Mes documents\A trier [06/13/2008 09:53 AM | 00,001,611 | ---- | C] () - C:\Documents and Settings\All Users\Bureau\QuickTime Player.lnk [08/05/2008 11:52 AM | 00,000,703 | ---- | C] () - C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk [06/16/2008 11:45 AM | 00,001,433 | ---- | C] () - C:\Documents and Settings\Régis Granger\Bureau\WM-RG Mes documents.LNK [08/05/2008 11:54 AM | 00,001,870 | ---- | C] () - C:\Documents and Settings\Régis Granger\Bureau\Start Avira AntiVir Personal.lnk [08/06/2008 08:06 AM | ---D | C] - C:\Documents and Settings\Régis Granger\Bureau\HJT [08/06/2008 09:41 AM | 00,001,741 | ---- | C] () - C:\Documents and Settings\Régis Granger\Bureau\HijackThis.lnk [08/06/2008 12:37 PM | 00,059,632 | ---- | C] () - C:\Documents and Settings\Régis Granger\Bureau\JavaRa.zip [08/30/2008 08:12 PM | 00,208,384 | ---- | C] (Paul McLain and Fred de Vries) - C:\Documents and Settings\Régis Granger\Bureau\JavaRa.exe [09/03/2008 11:51 AM | 00,000,736 | ---- | C] () - C:\Documents and Settings\Régis Granger\Bureau\Audacity 1.3 Beta (Unicode).lnk [06/24/2008 10:51 AM | ---D | C] - C:\Program Files\Fichiers communs\Adobe AIR [07/04/2008 05:59 AM | ---D | C] - C:\Program Files\Fichiers communs\Oberon Media [08/03/2008 08:47 AM | ---D | C] - C:\Program Files\Fichiers communs\AVSMedia [06/13/2008 09:53 AM | ---D | C] - C:\Program Files\QuickTime [08/03/2008 08:49 AM | ---D | C] - C:\Program Files\Foxit Software [08/05/2008 11:40 AM | ---D | C] - C:\Program Files\Avira [08/05/2008 11:52 AM | ---D | C] - C:\Program Files\Malwarebytes' Anti-Malware [08/06/2008 09:41 AM | ---D | C] - C:\Program Files\Trend Micro [08/14/2008 01:52 PM | ---D | C] - C:\Program Files\Sun [08/22/2008 10:05 AM | ---D | C] - C:\Program Files\Apple Software Update [08/28/2008 07:21 PM | ---D | C] - C:\Program Files\SumatraPDF [09/03/2008 11:51 AM | ---D | C] - C:\Program Files\Audacity 1.3 Beta (Unicode) ========== Files - Modified Within 90 days ========== [08/22/2008 08:42 AM | 00,000,226 | RHS- | M] () - C:\boot.ini [08/28/2008 08:01 AM | 00,252,240 | RHS- | M] () - C:\NTLDR [09/04/2008 08:09 AM | 10,637,02528 | -HS- | M] () - C:\hiberfil.sys [06/13/2008 09:54 AM | 00,245,715 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080613-095557.backup [06/13/2008 09:55 AM | 00,250,955 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080616-073532.backup [06/16/2008 07:35 AM | 00,250,955 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080619-163407.backup [06/19/2008 04:34 PM | 00,250,955 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080619-163453.backup [06/19/2008 04:34 PM | 00,251,509 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080624-121506.backup [06/24/2008 12:15 PM | 00,251,509 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080628-083031.backup [06/28/2008 08:30 AM | 00,251,509 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080628-083116.backup [06/28/2008 08:31 AM | 00,251,843 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080630-194103.backup [06/30/2008 07:41 PM | 00,251,843 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080704-053717.backup [07/04/2008 05:37 AM | 00,251,843 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080704-053812.backup [07/04/2008 05:38 AM | 00,252,291 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080718-140930.backup [07/18/2008 02:09 PM | 00,252,291 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080718-141532.backup [07/18/2008 02:15 PM | 00,254,111 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080723-123952.backup [07/23/2008 12:39 PM | 00,254,111 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080723-124104.backup [07/23/2008 12:41 PM | 00,256,833 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080724-065340.backup [07/24/2008 06:53 AM | 00,256,833 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080802-114925.backup [08/02/2008 03:50 PM | 00,257,789 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080802-155554.backup [08/02/2008 03:55 PM | 00,257,789 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080803-114333.backup [08/02/2008 11:49 AM | 00,256,833 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080802-115054.backup [08/02/2008 11:50 AM | 00,257,789 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080802-155011.backup [08/03/2008 11:43 AM | 00,257,789 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts [06/09/2008 04:00 AM | 00,004,608 | ---- | M] () - C:\WINDOWS\System32\drivers\TSMAPIP.SYS [06/10/2008 01:40 AM | 00,004,442 | ---- | M] () - C:\WINDOWS\System32\drivers\TPPWRIF.SYS [07/02/2008 12:22 AM | 00,004,224 | ---- | M] () - C:\WINDOWS\System32\drivers\IBMBLDID.sys [07/03/2008 03:53 PM | 00,225,664 | ---- | M] (Synaptics, Inc.) - C:\WINDOWS\System32\drivers\SynTP.sys [1 C:\WINDOWS\System32\*.tmp files] [06/06/2008 06:20 PM | 00,218,400 | ---- | M] (Lenovo.) - C:\WINDOWS\System32\TpShCPL.cpl [06/06/2008 06:21 PM | 00,128,288 | ---- | M] (Lenovo.) - C:\WINDOWS\System32\TpShEvUI.exe [06/06/2008 06:21 PM | 00,181,536 | ---- | M] (Lenovo.) - C:\WINDOWS\System32\TpShocks.exe [06/06/2008 06:21 PM | 00,492,832 | ---- | M] (Lenovo.) - C:\WINDOWS\System32\TpShCPL.dll [07/02/2008 12:22 AM | 00,292,152 | ---- | M] (Lenovo) - C:\WINDOWS\System32\tvt_gina_api.dll [07/02/2008 12:22 AM | 00,582,968 | ---- | M] (Lenovo) - C:\WINDOWS\System32\tvt_gina.dll [07/03/2008 03:55 PM | 00,163,840 | ---- | M] (Synaptics, Inc.) - C:\WINDOWS\System32\SynCOM.dll [07/03/2008 03:56 PM | 00,200,704 | ---- | M] (Synaptics, Inc.) - C:\WINDOWS\System32\SynCtrl.dll [07/03/2008 04:09 PM | 00,147,456 | ---- | M] (Synaptics, Inc.) - C:\WINDOWS\System32\SynTPAPI.dll [07/03/2008 04:29 PM | 00,110,592 | ---- | M] (Synaptics, Inc.) - C:\WINDOWS\System32\SynTPCo4.dll [07/23/2008 01:20 PM | 00,355,584 | ---- | M] (TuneUp Software GmbH) - C:\WINDOWS\System32\TuneUpDefragService.exe [08/05/2008 11:32 AM | 00,003,072 | ---- | M] () - C:\WINDOWS\System32\CONFIG.NT [08/22/2008 08:48 AM | 00,000,664 | ---- | M] () - C:\WINDOWS\System32\d3d9caps.dat [08/28/2008 08:15 AM | 00,264,616 | ---- | M] () - C:\WINDOWS\System32\FNTCACHE.DAT [08/28/2008 08:19 AM | 00,002,278 | ---- | M] () - C:\WINDOWS\System32\wpa.dbl [08/29/2008 10:41 AM | 00,082,228 | ---- | M] () - C:\WINDOWS\System32\perfc009.dat [08/29/2008 10:41 AM | 00,101,196 | ---- | M] () - C:\WINDOWS\System32\perfc00C.dat [08/29/2008 10:41 AM | 00,456,274 | ---- | M] () - C:\WINDOWS\System32\perfh009.dat [08/29/2008 10:41 AM | 00,532,214 | ---- | M] () - C:\WINDOWS\System32\perfh00C.dat [08/29/2008 10:41 AM | 01,185,482 | ---- | M] () - C:\WINDOWS\System32\PerfStringBackup.INI [09/02/2008 12:29 PM | 00,051,100 | -H-- | M] () - C:\WINDOWS\System32\mlfcache.dat [09/04/2008 08:09 AM | 00,000,380 | ---- | M] () - C:\WINDOWS\System32\IPSCtrl.INI [09/04/2008 08:09 AM | 00,025,355 | ---- | M] () - C:\WINDOWS\System32\PROCDB.INI [09/04/2008 08:09 AM | 00,561,880 | ---- | M] () - C:\WINDOWS\System32\oodbs.lor [1 C:\WINDOWS\*.tmp files] [06/10/2008 01:40 AM | 00,016,384 | ---- | M] () - C:\WINDOWS\PWMBTHLP.EXE [06/24/2008 10:35 AM | 00,001,479 | ---- | M] () - C:\WINDOWS\mozver.dat [08/06/2008 07:36 AM | 00,000,246 | ---- | M] () - C:\WINDOWS\system.ini [08/06/2008 07:36 AM | 00,000,610 | ---- | M] () - C:\WINDOWS\win.ini [08/22/2008 08:13 AM | 00,000,188 | ---- | M] () - C:\WINDOWS\x [08/28/2008 08:12 AM | 00,002,675 | ---- | M] () - C:\WINDOWS\imsins.BAK [08/28/2008 08:16 AM | 00,316,640 | ---- | M] () - C:\WINDOWS\WMSysPr9.prx [08/31/2008 12:21 PM | 00,000,051 | ---- | M] () - C:\WINDOWS\npornap.INI [09/04/2008 08:09 AM | 00,002,048 | --S- | M] () - C:\WINDOWS\bootstat.dat [08/28/2008 11:57 AM | 00,000,284 | ---- | M] () - C:\WINDOWS\tasks\AppleSoftwareUpdate.job [09/04/2008 08:09 AM | 00,000,006 | -H-- | M] () - C:\WINDOWS\tasks\SA.DAT [09/04/2008 08:10 AM | 00,000,316 | ---- | M] () - C:\WINDOWS\tasks\PMTask.job [09/04/2008 09:00 AM | 00,000,520 | ---- | M] () - C:\WINDOWS\tasks\Maintenance en 1 clic.job [09/04/2008 09:11 AM | 00,000,256 | ---- | M] () - C:\WINDOWS\tasks\Vérifier les mises à jour de Windows Live Toolbar.job [08/28/2008 07:02 PM | 03,707,858 | -H-- | M] () - C:\Documents and Settings\Régis Granger\Local Settings\Application Data\IconCache.db [08/28/2008 08:20 AM | 00,069,240 | ---- | M] () - C:\Documents and Settings\Régis Granger\Local Settings\Application Data\GDIPFONTCACHEV1.DAT [09/03/2008 05:57 PM | 00,136,704 | ---- | M] () - C:\Documents and Settings\Régis Granger\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [06/16/2008 11:18 AM | 00,000,000 | -H-- | M] () - C:\Documents and Settings\Régis Granger\Mes documents\Default.rdp [07/18/2008 01:27 PM | 04,987,098 | ---- | M] () - C:\Documents and Settings\Régis Granger\Mes documents\Marionnette vivante.wmv [07/18/2008 01:32 PM | 00,176,740 | ---- | M] () - C:\Documents and Settings\Régis Granger\Mes documents\Vélib.gif [07/18/2008 01:32 PM | 01,492,992 | ---- | M] () - C:\Documents and Settings\Régis Granger\Mes documents\metro-agression-ridicule.mpg [07/18/2008 01:32 PM | 02,532,679 | ---- | M] () - C:\Documents and Settings\Régis Granger\Mes documents\autostopistas.zip [09/04/2008 08:46 AM | 00,000,592 | ---- | M] () - C:\Documents and Settings\Régis Granger\Mes documents\Mes dossiers de partage.lnk [06/13/2008 09:53 AM | 00,001,611 | ---- | M] () - C:\Documents and Settings\All Users\Bureau\QuickTime Player.lnk [07/23/2008 01:16 PM | 00,000,671 | ---- | M] () - C:\Documents and Settings\All Users\Bureau\Winamp.lnk [08/05/2008 11:47 AM | 00,001,609 | ---- | M] () - C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk [08/05/2008 11:52 AM | 00,000,703 | ---- | M] () - C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk [08/22/2008 08:17 AM | 00,001,648 | ---- | M] () - C:\Documents and Settings\All Users\Bureau\ThinkVantage Productivity Center.lnk [06/16/2008 11:45 AM | 00,001,433 | ---- | M] () - C:\Documents and Settings\Régis Granger\Bureau\WM-RG Mes documents.LNK [08/01/2008 10:49 PM | 00,208,384 | ---- | M] (Paul McLain and Fred de Vries) - C:\Documents and Settings\Régis Granger\Bureau\JavaRa.exe [08/05/2008 11:54 AM | 00,001,870 | ---- | M] () - C:\Documents and Settings\Régis Granger\Bureau\Start Avira AntiVir Personal.lnk [08/06/2008 09:41 AM | 00,001,741 | ---- | M] () - C:\Documents and Settings\Régis Granger\Bureau\HijackThis.lnk [08/06/2008 12:37 PM | 00,059,632 | ---- | M] () - C:\Documents and Settings\Régis Granger\Bureau\JavaRa.zip [08/28/2008 07:13 PM | 00,001,555 | ---- | M] () - C:\Documents and Settings\Régis Granger\Bureau\CCleaner.lnk [09/03/2008 11:51 AM | 00,000,736 | ---- | M] () - C:\Documents and Settings\Régis Granger\Bureau\Audacity 1.3 Beta (Unicode).lnk [09/03/2008 12:22 PM | 00,001,514 | ---- | M] () - C:\Documents and Settings\Régis Granger\Bureau\Bloc-notes.lnk < End of report > @+, leredge.
  9. leredge
    Salut, merci pour ta réponse. En fait, j'ai attrapé un truc l'antivirus "Antivir" n'arrive pas à l'éliminer et non plus Malwarebytes Anti-Malware. Que faire ? Car mon ordi "tourne" entre 6 et 56 % en permanence. Cela ne se produisait pas auparavant... @+, leredge
  10. leredge
    Bonjour, comment ce fait-il que je n'est pas de réponse ? Merci de me répondre, leredge
  11. leredge
    Salut, je n'arrive pas à supprimer des éléments qui me ralentissent non système. J'ai effectué un rapport hjt et en voici son contenu ci-dessous. Pourriez-vous m'aider ? Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:44:41, on 02/09/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\ibmpmsvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\WINDOWS\system32\IPSSVC.EXE C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe C:\WINDOWS\system32\acs.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe C:\WINDOWS\system32\oodag.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Lenovo\tvt_reg_monitor_svc.exe C:\WINDOWS\System32\TPHDEXLG.exe C:\WINDOWS\system32\TpKmpSVC.exe C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe C:\Program Files\Fichiers communs\Lenovo\Scheduler\tvtsched.exe C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE c:\program files\lenovo\system update\suservice.exe C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe C:\Program Files\Fichiers communs\Lenovo\Logger\logmon.exe C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe C:\Program Files\Lenovo\Client Security Solution\cssauth.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\rundll32.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe C:\WINDOWS\system32\TpShocks.exe C:\Program Files\ThinkPad\UltraNav Wizard\UNavTray.EXE C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe C:\Program Files\ThinkVantage\AMSG\Amsg.exe C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe C:\Program Files\Lenovo\Zoom\TpScrex.exe C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe C:\Program Files\Lenovo\SafeGuard PrivateDisk\pdservice.exe C:\WINDOWS\system32\oodtray.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Fichiers communs\Lenovo\Scheduler\scheduler_proxy.exe C:\Program Files\Lenovo\AwayTask\AwaySch.EXE C:\PROGRA~1\THINKV~2\PrdCtr\LPMLCHK.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxsrvc.exe C:\WINDOWS\system32\igfxpers.exe C:\PROGRA~1\Lenovo\NPDIRECT\TPFNF7SP.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Lenovo\Client Security Solution\tvtpwm_tray.exe C:\Program Files\Free Download Manager\fdm.exe C:\Program Files\Free Download Manager\fum\fum.exe C:\Program Files\Free Download Manager\FUM\fumoei.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\Program Files\Creative\Shared Files\CamTray.exe C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\PROGRA~1\MI3AA1~1\rapimgr.exe C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll O2 - BHO: ThinkVantage Password Manager - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor O4 - HKLM\..\Run: rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper O4 - HKLM\..\Run: [TpShocks] TpShocks.exe O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe O4 - HKLM\..\Run: [TP4EX] tp4ex.exe O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe O4 - HKLM\..\Run: [AMSG] C:\Program Files\ThinkVantage\AMSG\Amsg.exe O4 - HKLM\..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe O4 - HKLM\..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe O4 - HKLM\..\Run: [PDService.exe] "C:\Program Files\Lenovo\SafeGuard PrivateDisk\pdservice.exe" O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Fichiers communs\Lenovo\Scheduler\scheduler_proxy.exe O4 - HKLM\..\Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent O4 - HKLM\..\Run: [AwaySch] C:\Program Files\Lenovo\AwayTask\AwaySch.EXE O4 - HKLM\..\Run: [LPMailChecker] C:\PROGRA~1\THINKV~2\PrdCtr\LPMLCHK.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [TPFNF7] C:\PROGRA~1\Lenovo\NPDIRECT\TPFNF7SP.exe /r O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun O4 - HKCU\..\Run: [Free Upload Manager] "C:\Program Files\Free Download Manager\fum\fum.exe" -autorun O4 - HKCU\..\Run: [Free Uploader Oe Integration] C:\Program Files\Free Download Manager\FUM\fumoei.exe O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [Creative WebCam Tray] "C:\Program Files\Creative\Shared Files\CamTray.exe" O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe" autostart O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Envoyer à Bluetooth - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm O9 - Extra button: (no name) - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll O9 - Extra 'Tools' menuitem: ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - C:\Program Files\Free Download Manager\FUM\fumiebtn.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {2DAD3559-2923-4935-AD49-B673D2539944} (IASRunner Class) - http://www-307.ibm.com/pc/support/acpir.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://redgetrebes.spaces.live.com/PhotoUpload/MsnPUpld.cab O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/a...gnerADP-1.1.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshel...ronGameHost.cab O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing) O20 - Winlogon Notify: AwayNotify - C:\Program Files\Lenovo\AwayTask\AwayNotify.dll O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe O23 - Service: Atheros Configuration Service (acs) - Atheros - C:\WINDOWS\system32\acs.exe O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\WINDOWS\system32\ibmpmsvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de base IPS (IPSSVC) - Lenovo Group Limited - C:\WINDOWS\system32\IPSSVC.EXE O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe O23 - Service: Power Manager DBC Service - Unknown owner - C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing) O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\program files\lenovo\system update\suservice.exe O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files\Fichiers communs\Lenovo\tvt_reg_monitor_svc.exe O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.exe O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program Files\Fichiers communs\Lenovo\Scheduler\tvtsched.exe O23 - Service: tvtnetwk - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe -- End of file - 15815 bytes Merci à vous ! leredge
  12. leredge
    Malwarebytes' Anti-Malware 1.24 Version de la base de données: 1026 Windows 5.1.2600 Service Pack 2 14:25:18 05/08/2008 mbam-log-8-5-2008 (14-25-12).txt Type de recherche: Examen complet (C:\|E:\|) Eléments examinés: 121383 Temps écoulé: 1 hour(s), 38 minute(s), 45 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 1 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 1 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowHelp (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken. Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\System Volume Information\_restore{D44870F8-BB07-46F8-A47D-4CAF911022A6}\RP211\A0055044.exe (Adware.Rabio) -> No action taken. le deuxième : Malwarebytes' Anti-Malware 1.24 Version de la base de données: 1026 Windows 5.1.2600 Service Pack 2 14:25:22 05/08/2008 mbam-log-8-5-2008 (14-25-20).txt Type de recherche: Examen complet (C:\|E:\|) Eléments examinés: 121383 Temps écoulé: 1 hour(s), 38 minute(s), 45 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 1 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 1 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowHelp (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken. Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\System Volume Information\_restore{D44870F8-BB07-46F8-A47D-4CAF911022A6}\RP211\A0055044.exe (Adware.Rabio) -> No action taken. et HJT : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 09:42:08, on 06/08/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\ibmpmsvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\WINDOWS\system32\IPSSVC.EXE C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe C:\WINDOWS\system32\acs.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe C:\WINDOWS\system32\oodag.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Lenovo\tvt_reg_monitor_svc.exe C:\WINDOWS\System32\TPHDEXLG.exe C:\WINDOWS\system32\TpKmpSVC.exe C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe C:\Program Files\Fichiers communs\Lenovo\Scheduler\tvtsched.exe C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe c:\program files\lenovo\system update\suservice.exe C:\Program Files\Fichiers communs\Lenovo\Logger\logmon.exe C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe C:\Program Files\Lenovo\Client Security Solution\cssauth.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\rundll32.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe C:\WINDOWS\system32\TpShocks.exe C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe C:\Program Files\ThinkVantage\AMSG\Amsg.exe C:\Program Files\Lenovo\Zoom\TpScrex.exe C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe C:\Program Files\ThinkPad\UltraNav Wizard\UNavTray.EXE C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe C:\Program Files\Lenovo\SafeGuard PrivateDisk\pdservice.exe C:\WINDOWS\system32\oodtray.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Fichiers communs\Lenovo\Scheduler\scheduler_proxy.exe C:\Program Files\Lenovo\AwayTask\AwaySch.EXE C:\PROGRA~1\THINKV~2\PrdCtr\LPMLCHK.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxsrvc.exe C:\WINDOWS\system32\igfxpers.exe C:\PROGRA~1\Lenovo\NPDIRECT\TPFNF7SP.exe C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Free Download Manager\fdm.exe C:\Program Files\Free Download Manager\fum\fum.exe C:\Program Files\Free Download Manager\FUM\fumoei.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\Program Files\Creative\Shared Files\CamTray.exe C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe C:\Program Files\Lenovo\Client Security Solution\tvtpwm_tray.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\PROGRA~1\MI3AA1~1\rapimgr.exe C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe C:\Program Files\Digital Line Detect\DLG.exe C:\PROGRA~1\ThinkPad\BLUETO~1\BTSTAC~1.EXE C:\WINDOWS\system32\taskmgr.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll O2 - BHO: ThinkVantage Password Manager - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor O4 - HKLM\..\Run: rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper O4 - HKLM\..\Run: [TpShocks] TpShocks.exe O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe O4 - HKLM\..\Run: [TP4EX] tp4ex.exe O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe O4 - HKLM\..\Run: [AMSG] C:\Program Files\ThinkVantage\AMSG\Amsg.exe O4 - HKLM\..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe O4 - HKLM\..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe O4 - HKLM\..\Run: [PDService.exe] "C:\Program Files\Lenovo\SafeGuard PrivateDisk\pdservice.exe" O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Fichiers communs\Lenovo\Scheduler\scheduler_proxy.exe O4 - HKLM\..\Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent O4 - HKLM\..\Run: [AwaySch] C:\Program Files\Lenovo\AwayTask\AwaySch.EXE O4 - HKLM\..\Run: [LPMailChecker] C:\PROGRA~1\THINKV~2\PrdCtr\LPMLCHK.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [TPFNF7] C:\PROGRA~1\Lenovo\NPDIRECT\TPFNF7SP.exe /r O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun O4 - HKCU\..\Run: [Free Upload Manager] "C:\Program Files\Free Download Manager\fum\fum.exe" -autorun O4 - HKCU\..\Run: [Free Uploader Oe Integration] C:\Program Files\Free Download Manager\FUM\fumoei.exe O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [Creative WebCam Tray] "C:\Program Files\Creative\Shared Files\CamTray.exe" O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe" autostart O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Envoyer à Bluetooth - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm O9 - Extra button: (no name) - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll O9 - Extra 'Tools' menuitem: ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - C:\Program Files\Free Download Manager\FUM\fumiebtn.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {2DAD3559-2923-4935-AD49-B673D2539944} (IASRunner Class) - http://www-307.ibm.com/pc/support/acpir.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://redgetrebes.spaces.live.com/PhotoUpload/MsnPUpld.cab O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/a...gnerADP-1.1.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshel...ronGameHost.cab O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing) O20 - Winlogon Notify: AwayNotify - C:\Program Files\Lenovo\AwayTask\AwayNotify.dll O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe O23 - Service: Atheros Configuration Service (acs) - Atheros - C:\WINDOWS\system32\acs.exe O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\WINDOWS\system32\ibmpmsvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de base IPS (IPSSVC) - Lenovo Group Limited - C:\WINDOWS\system32\IPSSVC.EXE O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing) O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\program files\lenovo\system update\suservice.exe O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files\Fichiers communs\Lenovo\tvt_reg_monitor_svc.exe O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.exe O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program Files\Fichiers communs\Lenovo\Scheduler\tvtsched.exe O23 - Service: tvtnetwk - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe -- End of file - 15922 bytes ciao.
  13. leredge
    Salut, Voici le rapport deux rapports de mbam et le dernier de HJT. @+, leredge,
  14. leredge
    Suite à mon dernier message, rien n'a changé. A savoir que l'UC reste énormément utilisé quand l'ordi est connecté sur Internet. Que faire, te transmettre un nouveau rapport HijackThis ? @+, merci, leredge.
  15. leredge
    Salut, J'ai bien lu tes recommandations et j'en tiens compte. Pour conclure par rapport à mon problème, je suis conscient qu'il y a un problème avec teatimer. Cependant, si je l'arrête avec le gestionnaire de tâche, la fluctuation de l'utilisation du processeur reste identique. C'est-à-dire, une oscillation entre 4 et 50 % en permanence. je fais le changement des programmes conseiller par tes soins et je te dis. Merci, leredge.
×
×
  • Créer...