xbob

quelqu un change le mot de passe du facebook de ma conjointe et de son msn a tout les jours.ca fais 5 fois que l ont le rechange mais rien a faire.je vien juste de recevoir un couriere a mon adresse de securitee que la personne veut effacer son adresse msn.svp aider moi merci!

merci pour ton aide! 10/10

j ai tout fais ce que tu ma dit de faire

tout va 100% sur mon pc .voici le raport Malwarebytes' Anti-Malware 1.38 Version de la base de données: 2343 Windows 5.1.2600 Service Pack 3 2009-06-27 13:14:05 mbam-log-2009-06-27 (13-14-05).txt Type de recherche: Examen complet (C:\|D:\|) Eléments examinés: 174122 Temps écoulé: 31 minute(s), 41 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)

j ai aucun probleme avec ta disponibilitée .pour ce qui est de (programe file)oui c est moi,je ne sais pas toujours ou vont les vrai affaire au bonne place,chu pas trop,trop un expert . j ai commencé le scan hier avan d aller me coucher,a mon reveil antivir avais trouver quelque chose fesan stoper Malwarebytes' Anti-Malware.j ai suprimé ce que antivir avais decouvert et mabam a continué son travail jusqu a ce que antivir trouve d autre infection(entre 25 et 30).a chaque fois j ai du les suprimer. Malwarebytes' Anti-Malware 1.38 Version de la base de données: 2323 Windows 5.1.2600 Service Pack 3 2009-06-23 11:15:42 mbam-log-2009-06-23 (11-15-42).txt Type de recherche: Examen complet (C:\|D:\|) Eléments examinés: 172971 Temps écoulé: 8 hour(s), 33 minute(s), 23 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 1 Dossier(s) infecté(s): 2 Fichier(s) infecté(s): 4 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Dossier(s) infecté(s): C:\Program Files\WiniGuard Software (Rogue.WiniGuard) -> Quarantined and deleted successfully. c:\program files\winiguard software\WiniGuard (Rogue.WiniGuard) -> Quarantined and deleted successfully. Fichier(s) infecté(s): c:\WINDOWS\system32\MSINET.oca (Rogue.Trace) -> Quarantined and deleted successfully. c:\system volume information\_restore{d3105db7-8a86-4ab3-84c6-418e9ab61b74}\RP566\A0068352.dll (Trojan.TDSS) -> Quarantined and deleted successfully. c:\Qoobox\quarantine\C\WINDOWS\system32\SKYNEToyvvbyds.dll.vir (Trojan.TDSS) -> Quarantined and deleted successfully. c:\program files\winiguard software\winiguard\winiguard.exe (Rogue.WiniGuard) -> Quarantined and deleted successfully.

je voie deja un gros changement avec ma machine,plus rapide et plus de probleme avec msn ComboFix 09-06-21.01 - Propriétaire 2009-06-22 8:27.7 - FAT32x86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.2.1036.18.1278.889 [GMT -4:00] Lancé depuis: c:\documents and settings\Propriétaire\Bureau\Combo-Fix.exe Commutateurs utilisés :: c:\documents and settings\Propriétaire\Bureau\CFScript.txt AV: Avira AntiVir PersonalEdition *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} FILE :: "c:\docume~1\PROPRI~1\LOCALS~1\Temp\SKYNET000" "c:\windows\system32\drivers\SKYNETugegdubh.sys" "c:\windows\TEMP\SKYNETbwphsjfgen.tmp" "c:\windows\TEMP\SKYNETcrpvncyecx.tmp" "c:\windows\TEMP\SKYNETeibqhevkxj.tmp" "c:\windows\TEMP\SKYNETeipbqtsexx.tmp" "c:\windows\TEMP\SKYNETeqkysukxyl.tmp" "c:\windows\TEMP\SKYNETevpenrqsrs.tmp" "c:\windows\TEMP\SKYNETfeqoxwsuvk.tmp" "c:\windows\TEMP\SKYNEThbrkmmhuml.tmp" "c:\windows\TEMP\SKYNETiomrdfmiyu.tmp" "c:\windows\TEMP\SKYNETipcrewywju.tmp" "c:\windows\TEMP\SKYNETloiefvjsiq.tmp" "c:\windows\TEMP\SKYNETlstspkkthx.tmp" "c:\windows\TEMP\SKYNETmcvxkvwkxc.tmp" "c:\windows\TEMP\SKYNETmttpsrbirt.tmp" "c:\windows\TEMP\SKYNETnwbxdmbdni.tmp" "c:\windows\TEMP\SKYNETpfulbvrnpr.tmp" "c:\windows\TEMP\SKYNETqfpuoiyyly.tmp" "c:\windows\TEMP\SKYNETrjetaltlvj.tmp" "c:\windows\TEMP\SKYNETrrsquerdjd.tmp" "c:\windows\TEMP\SKYNETtkxdpdriui.tmp" "c:\windows\TEMP\SKYNETtrqxreprsm.tmp" "c:\windows\TEMP\SKYNETwxrpjtqrte.tmp" "c:\windows\TEMP\SKYNETwxvncvbyap.tmp" "c:\windows\TEMP\SKYNETxgqqvwxosa.tmp" "c:\windows\TEMP\SKYNETxigqwkolyj.tmp" "c:\windows\TEMP\SKYNETxyiqjaffml.tmp" . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\drivers\SKYNETugegdubh.sys c:\windows\system32\SKYNETfrqvxkru.dat c:\windows\system32\SKYNEToyvvbyds.dll c:\windows\system32\SKYNETtwwyuqqf.dat c:\windows\system32\SKYNETxwvyjemb.dll c:\docume~1\PROPRI~1\LOCALS~1\Temp\SKYNET000 c:\windows\system32\drivers\SKYNETugegdubh.sys c:\windows\system32\SKYNETfrqvxkru.dat c:\windows\system32\SKYNEToyvvbyds.dll c:\windows\system32\SKYNETtwwyuqqf.dat c:\windows\system32\SKYNETxwvyjemb.dll c:\windows\TEMP\SKYNETbwphsjfgen.tmp c:\windows\TEMP\SKYNETcrpvncyecx.tmp c:\windows\TEMP\SKYNETeibqhevkxj.tmp c:\windows\TEMP\SKYNETeipbqtsexx.tmp c:\windows\TEMP\SKYNETeqkysukxyl.tmp c:\windows\TEMP\SKYNETevpenrqsrs.tmp c:\windows\TEMP\SKYNETfeqoxwsuvk.tmp c:\windows\TEMP\SKYNEThbrkmmhuml.tmp c:\windows\TEMP\SKYNETiomrdfmiyu.tmp c:\windows\TEMP\SKYNETipcrewywju.tmp c:\windows\TEMP\SKYNETloiefvjsiq.tmp c:\windows\TEMP\SKYNETmcvxkvwkxc.tmp c:\windows\TEMP\SKYNETmttpsrbirt.tmp c:\windows\TEMP\SKYNETnwbxdmbdni.tmp c:\windows\TEMP\SKYNETqfpuoiyyly.tmp c:\windows\TEMP\SKYNETrjetaltlvj.tmp c:\windows\TEMP\SKYNETrrsquerdjd.tmp c:\windows\TEMP\SKYNETtkxdpdriui.tmp c:\windows\TEMP\SKYNETtrqxreprsm.tmp c:\windows\TEMP\SKYNETwxrpjtqrte.tmp c:\windows\TEMP\SKYNETwxvncvbyap.tmp c:\windows\TEMP\SKYNETxgqqvwxosa.tmp c:\windows\TEMP\SKYNETxigqwkolyj.tmp c:\windows\TEMP\SKYNETxyiqjaffml.tmp . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_SKYNETmutfdqjh -------\Service_SKYNETmutfdqjh ((((((((((((((((((((((((((((( Fichiers créés du 2009-05-22 au 2009-06-22 )))))))))))))))))))))))))))))))))))) . 2009-06-22 12:10 . 2009-06-22 12:10 -------- d-----w- c:\program files\Codemonster 2009-06-21 21:50 . 2009-06-21 21:50 -------- d-s---w- C:\ComboFix 2009-06-20 19:03 . 2009-06-20 19:04 3561743 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe 2009-06-20 17:57 . 2009-06-20 17:57 -------- d-----w- C:\rsit 2009-06-20 05:09 . 2009-06-20 05:09 -------- d-----w- c:\program files\Windows Live SkyDrive 2009-06-10 03:43 . 2009-06-10 03:43 -------- d-sh--w- C:\FOUND.010 2009-06-09 13:44 . 2009-06-09 13:44 -------- d-sh--w- C:\FOUND.009 . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-06-17 15:27 . 2008-12-17 18:54 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-06-17 15:27 . 2008-12-17 18:54 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-05-27 19:00 . 2007-04-22 06:56 75096 ----a-w- c:\windows\system32\drivers\avipbb.sys 2009-05-18 06:00 . 2009-02-16 17:57 3532 ----a-w- C:\drmHeader.bin 2009-05-07 15:33 . 2004-08-04 08:54 348672 ------w- c:\windows\system32\localspl.dll 2009-04-29 04:45 . 2004-08-04 08:54 827392 ----a-w- c:\windows\system32\wininet.dll 2009-04-29 04:45 . 2004-08-04 08:54 78336 ------w- c:\windows\system32\ieencode.dll 2009-04-19 19:50 . 2004-08-04 08:45 1847296 ------w- c:\windows\system32\win32k.sys 2009-04-16 21:25 . 2003-04-24 16:00 86566 ----a-w- c:\windows\system32\perfc00C.dat 2009-04-16 21:25 . 2003-04-24 16:00 515042 ----a-w- c:\windows\system32\perfh00C.dat 2009-04-15 14:53 . 2004-08-04 08:54 585216 ----a-w- c:\windows\system32\rpcrt4.dll 2008-05-04 04:42 . 2008-05-04 04:42 16865248 ----a-w- c:\program files\gimp-2.4.4-i686-setup.exe 2007-12-24 06:10 . 2007-12-24 06:10 1800920 ----a-w- c:\program files\Paint.NET.3.20.SkyOrb.exe 2007-12-24 05:54 . 2007-12-24 05:54 9439584 ----a-w- c:\program files\tuxpaint-0.9.18-win32-installer.exe 2007-11-13 05:10 . 2007-11-13 05:10 927779 ----a-w- c:\program files\SetupXnBeep.exe 2007-09-09 21:09 . 2007-09-09 21:09 1959112 ----a-w- c:\program files\FLVPlayerSetup.exe 2007-09-09 20:45 . 2007-09-09 20:45 883808 ----a-w- c:\program files\Google_Updater.exe 2007-09-08 22:50 . 2007-09-08 22:50 43423968 ----a-w- c:\program files\PalmDesktopWin414e.zip 2007-09-07 00:18 . 2007-09-07 00:18 6801128 ----a-w- c:\program files\wmcsetup.exe 2007-09-06 23:22 . 2007-09-06 23:22 25839688 ----a-w- c:\program files\wmp11-windowsxp-x86-FR-FR.exe 2007-09-04 14:28 . 2007-09-04 14:28 26730808 ----a-w- c:\program files\musicmatch-jukebox_musicmatch_jukebox_10.0.4033_anglais_10317.exe 2007-09-02 17:31 . 2007-09-02 17:31 17733474 ----a-w- c:\program files\RCALyraTrayAppInstall_v1035a.exe 2007-08-22 13:53 . 2007-08-22 13:53 2624373 ----a-w- c:\program files\XnView-win-fr.exe 2007-08-22 13:36 . 2007-08-22 13:36 7494 ----a-w- c:\program files\Image_Converter_Plus_[demo]_v4.00_by_TNT.zip 2007-08-22 13:21 . 2007-08-22 13:21 5053286 ----a-w- c:\program files\converter.exe 2007-05-13 19:22 . 2007-05-13 19:21 899414 ----a-w- c:\program files\SetupDVDDecrypter_3.5.4.0.exe 2007-03-20 00:44 . 2007-03-20 00:44 10420936 ----a-w- c:\program files\xlviewer.exe 2007-03-05 05:15 . 2007-03-05 05:15 1367553 ----a-w- c:\program files\mirc621.exe 2007-02-22 08:17 . 2007-02-22 08:17 7564315 ----a-w- c:\program files\ezcddax10.exe 2007-02-22 08:03 . 2007-02-22 08:03 6710040 ----a-w- c:\program files\smart-audio-converter-pro-setup.exe 2007-01-25 21:58 . 2007-01-25 21:57 17741094 ----a-w- c:\program files\VideoConvertMaster_Fr.exe 2007-01-20 15:17 . 2007-01-20 15:17 27100264 ----a-w- c:\program files\PowerPointViewer.exe 2007-01-19 19:44 . 2007-01-19 19:44 5646848 ----a-w- c:\program files\PC [email protected] 2007-01-19 19:44 . 2007-01-19 19:44 31232 ----a-w- c:\program files\1036.MST 2007-01-19 19:43 . 2007-01-19 19:44 5481 ----a-w- c:\program files\0x040c.ini 2008-02-27 01:56 . 2008-02-27 01:56 24 --sh--w- c:\windows\SC9A2AE4F.tmp . ((((((((((((((((((((((((((((( SnapShot@2009-06-22_00.07.27 ))))))))))))))))))))))))))))))))))))))))) . + 2009-06-22 12:37 . 2009-06-22 12:37 16384 c:\windows\temp\Perflib_Perfdata_53c.dat + 2009-06-22 04:01 . 2006-09-25 21:58 14640 c:\windows\system32\spmsg.dll - 2008-09-24 04:51 . 2009-06-21 23:48 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat + 2008-09-24 04:51 . 2009-06-22 04:11 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat + 2005-10-18 00:17 . 2009-06-22 04:11 32768 c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat - 2005-10-18 00:17 . 2009-06-21 23:48 32768 c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat + 2005-10-18 00:17 . 2009-06-22 04:11 32768 c:\windows\system32\config\systemprofile\Cookies\index.dat - 2005-10-18 00:17 . 2009-06-21 23:48 32768 c:\windows\system32\config\systemprofile\Cookies\index.dat . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-05-16 153136] "X'nBeep"="c:\program files\X'nBeep 1.1\XnBeep.exe" [2007-01-09 1067520] "ISUSScheduler"="c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2006-09-11 86960] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "igfxtray"="c:\windows\system32\igfxtray.exe" [2006-09-24 94208] "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-09-24 77824] "igfxpers"="c:\windows\system32\igfxpers.exe" [2006-09-24 114688] "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-09-24 1404928] "avgnt"="c:\program files\AntiVir PersonalEdition Classic\avgnt.exe" [2008-07-19 266497] "EPSON Stylus CX3800 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIACA.EXE" [2005-02-08 98304] "VX3000"="c:\windows\vVX3000.exe" [2006-10-13 707376] "LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2006-10-13 277296] "AppleSyncNotifier"="c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-09-04 111936] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-11-04 413696] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088] "DefragTaskBar"="c:\program files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe" [2008-10-09 173408] "NeroFilterCheck"="c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888] "atwtusb"="atwtusb.exe" - c:\windows\system32\ATWTUSB.EXE [2005-09-21 290816] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] "DWQueuedReporting"="c:\progra~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-08-24 437160] c:\documents and settings\Propri‚taire\Menu D‚marrer\Programmes\D‚marrage\ Microsoft Office OneNote 2003 Quick Launch.lnk - c:\program files\Microsoft Office\OFFICE11\ONENOTEM.EXE [2007-4-19 64864] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Microsoft Office OneNote 2003 Quick Launch.lnk - c:\program files\Microsoft Office\OFFICE11\ONENOTEM.EXE [2007-4-19 64864] Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HotSync Manager.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\HotSync Manager.lnk backup=c:\windows\pss\HotSync Manager.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk backup=c:\windows\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^NkbMonitor.exe.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\NkbMonitor.exe.lnk backup=c:\windows\pss\NkbMonitor.exe.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^Propriétaire^Menu Démarrer^Programmes^Démarrage^palmOne Registration.lnk] path=c:\documents and settings\Propriétaire\Menu Démarrer\Programmes\Démarrage\palmOne Registration.lnk backup=c:\windows\pss\palmOne Registration.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UpdatesDisableNotify"=dword:00000001 "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "c:\\Program Files\\Play+Smile\\Texas Hold'em Poker 3D - Deluxe Edition\\Poker3d.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\WINDOWS\\System32\\SPOOLSV.EXE"= "c:\\Program Files\\Fichiers communs\\Microsoft Shared\\VS7DEBUG\\MDM.EXE"= "c:\\WINDOWS\\System32\\PSIService.exe"= "c:\\WINDOWS\\Microsoft.NET\\Framework\\v3.0\\Windows Communication Foundation\\infocard.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= R1 aiptektp;HyperPen;c:\windows\system32\drivers\aiptektp.sys [2008-05-06 22272] R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [2006-11-03 13592] S2 SessionLauncher;SessionLauncher;c:\docume~1\PROPRI~1\LOCALS~1\Temp\DX9\SessionLauncher.exe --> c:\docume~1\PROPRI~1\LOCALS~1\Temp\DX9\SessionLauncher.exe [?] S3 ctlsb16;Pilote Creative SB16/AWE32/AWE64 (WDM);c:\windows\system32\drivers\ctlsb16.sys [2005-10-17 96256] S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2008-12-17 38160] S3 s3legacy;s3legacy;c:\windows\system32\drivers\s3legacy.sys [2005-10-17 65664] . Contenu du dossier 'Tâches planifiées' 2009-06-22 c:\windows\Tasks\MP Scheduled Scan.job - c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 22:20] 2009-06-17 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.google.ca/ uInternet Settings,ProxyOverride = *.local IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://212.147.17.64/activex/AMC.cab FF - ProfilePath - . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-06-22 08:37 Windows 5.1.2600 Service Pack 3 FAT NTAPI Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_USERS\S-1-5-21-3765756068-1303828176-2303276007-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] "??"=hex:7f,37,94,5a,ec,38,b8,58,72,ef,1d,61,92,9f,1b,c0,b2,22,56,fc,e0,54,7b, a9,4d,0f,2b,42,94,0e,34,9f,19,62,9e,95,4e,24,93,75,7d,0c,6f,93,78,07,25,42,\ "??"=hex:27,9c,60,5c,7f,04,18,a0,af,c1,3d,62,15,c7,bd,68 . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'explorer.exe'(4060) c:\program files\iTunes\iTunesMiniPlayer.dll c:\program files\iTunes\iTunesMiniPlayer.Resources\fr.lproj\iTunesMiniPlayerLocalized.dll c:\program files\iTunes\iTunesMiniPlayer.Resources\iTunesMiniPlayer.dll c:\windows\system32\eappprxy.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Autres processus actifs ------------------------ . c:\program files\ANTIVIR PERSONALEDITION CLASSIC\SCHED.EXE c:\program files\FICHIERS COMMUNS\APPLE\MOBILE DEVICE SUPPORT\BIN\APPLEMOBILEDEVICESERVICE.EXE c:\program files\ASHAMPOO\ASHAMPOO MAGICAL DEFRAG 2\BIN\ADEFRAGSERVICE.EXE c:\program files\BONJOUR\MDNSRESPONDER.EXE c:\program files\JAVA\JRE6\BIN\JQS.EXE c:\program files\FICHIERS COMMUNS\MICROSOFT SHARED\VS7DEBUG\MDM.EXE c:\program files\MICROSOFT LIFECAM\MSCAMS32.EXE c:\windows\SYSTEM32\PSISERVICE.EXE c:\windows\SYSTEM32\MSPMSPSV.EXE c:\program files\ASHAMPOO\ASHAMPOO MAGICAL DEFRAG 2\BIN\DEFRAGACTIVITYMONITOR.EXE c:\program files\WINDOWS MEDIA PLAYER\WMPNETWK.EXE c:\windows\SYSTEM32\TBLMOUSE.EXE c:\program files\Fichiers communs\Ahead\Lib\NMIndexingService.exe c:\program files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe c:\program files\iPod\bin\iPodService.exe . ************************************************************************** . Heure de fin: 2009-06-22 8:42 - La machine a redémarré ComboFix-quarantined-files.txt 2009-06-22 12:42 ComboFix2.txt 2009-06-22 00:14 Avant-CF: 14 273 871 872 octets libres Après-CF: 14 275 837 952 octets libres 279 --- E O F --- 2009-06-20 00:51

ComboFix 09-06-20.04 - Propriétaire 2009-06-21 19:52.6 - FAT32x86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.2.1036.18.1278.829 [GMT -4:00] Lancé depuis: c:\documents and settings\Propriétaire\Bureau\Combo-Fix.exe AV: Avira AntiVir PersonalEdition *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\drivers\msqpdxpbivnrdv.sys c:\windows\system32\msqpdxumshfjtw.dll c:\windows\TEMP\SKYNETcjpyfwxvnt.tmp c:\windows\TEMP\SKYNETcvuxthlxms.tmp c:\windows\TEMP\SKYNETenmbpcnptf.tmp c:\windows\TEMP\SKYNETeqabkqoaiw.tmp c:\windows\TEMP\SKYNETfqrjkjinln.tmp c:\windows\TEMP\SKYNETgypeknctlt.tmp c:\windows\TEMP\SKYNEThxaccjwvxg.tmp c:\windows\TEMP\SKYNETiabhignfrx.tmp c:\windows\TEMP\SKYNETjldsyasuug.tmp c:\windows\TEMP\SKYNETkospqygqic.tmp c:\windows\TEMP\SKYNETmclpxjjkes.tmp c:\windows\TEMP\SKYNETmkqgegydic.tmp c:\windows\TEMP\SKYNETpduncwcagx.tmp c:\windows\TEMP\SKYNETpkeqdubyfu.tmp c:\windows\TEMP\SKYNETsngqqnkiqb.tmp c:\windows\TEMP\SKYNETtisqodbdnw.tmp c:\windows\TEMP\SKYNETuuwljmtuwo.tmp c:\windows\TEMP\SKYNETvugnjxixup.tmp c:\windows\TEMP\SKYNETwlvgqqapfu.tmp c:\windows\TEMP\SKYNETwofvcdticx.tmp c:\windows\TEMP\SKYNETwyirkaxhgo.tmp c:\windows\TEMP\SKYNETxooawxfxdw.tmp c:\windows\TEMP\SKYNETydmpvebhnr.tmp c:\windows\TEMP\SKYNETyynkcnecxp.tmp c:\windows\system32\0121mixed.bin c:\windows\system32\a.exe c:\windows\system32\drivers\msqpdxpbivnrdv.sys c:\windows\system32\msqpdxumshfjtw.dll . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_MSQPDXSERV.SYS -------\Service_msqpdxserv.sys ((((((((((((((((((((((((((((( Fichiers créés du 2009-05-22 au 2009-06-22 )))))))))))))))))))))))))))))))))))) . 2009-06-21 21:50 . 2009-06-21 21:50 -------- d-s---w- C:\ComboFix 2009-06-20 19:03 . 2009-06-20 19:04 3561743 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe 2009-06-20 17:57 . 2009-06-20 17:57 -------- d-----w- C:\rsit 2009-06-20 05:09 . 2009-06-20 05:09 -------- d-----w- c:\program files\Windows Live SkyDrive 2009-06-10 03:43 . 2009-06-10 03:43 -------- d-sh--w- C:\FOUND.010 2009-06-09 13:44 . 2009-06-09 13:44 -------- d-sh--w- C:\FOUND.009 . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-06-17 15:27 . 2008-12-17 18:54 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-06-17 15:27 . 2008-12-17 18:54 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-05-27 19:00 . 2007-04-22 06:56 75096 ----a-w- c:\windows\system32\drivers\avipbb.sys 2009-05-18 06:00 . 2009-02-16 17:57 3532 ----a-w- C:\drmHeader.bin 2009-05-07 15:33 . 2004-08-04 08:54 348672 ------w- c:\windows\system32\localspl.dll 2009-04-29 04:45 . 2004-08-04 08:54 827392 ----a-w- c:\windows\system32\wininet.dll 2009-04-29 04:45 . 2004-08-04 08:54 78336 ------w- c:\windows\system32\ieencode.dll 2009-04-19 19:50 . 2004-08-04 08:45 1847296 ------w- c:\windows\system32\win32k.sys 2009-04-16 21:25 . 2003-04-24 16:00 86566 ----a-w- c:\windows\system32\perfc00C.dat 2009-04-16 21:25 . 2003-04-24 16:00 515042 ----a-w- c:\windows\system32\perfh00C.dat 2009-04-15 14:53 . 2004-08-04 08:54 585216 ----a-w- c:\windows\system32\rpcrt4.dll 2008-05-04 04:42 . 2008-05-04 04:42 16865248 ----a-w- c:\program files\gimp-2.4.4-i686-setup.exe 2007-12-24 06:10 . 2007-12-24 06:10 1800920 ----a-w- c:\program files\Paint.NET.3.20.SkyOrb.exe 2007-12-24 05:54 . 2007-12-24 05:54 9439584 ----a-w- c:\program files\tuxpaint-0.9.18-win32-installer.exe 2007-11-13 05:10 . 2007-11-13 05:10 927779 ----a-w- c:\program files\SetupXnBeep.exe 2007-09-09 21:09 . 2007-09-09 21:09 1959112 ----a-w- c:\program files\FLVPlayerSetup.exe 2007-09-09 20:45 . 2007-09-09 20:45 883808 ----a-w- c:\program files\Google_Updater.exe 2007-09-08 22:50 . 2007-09-08 22:50 43423968 ----a-w- c:\program files\PalmDesktopWin414e.zip 2007-09-07 00:18 . 2007-09-07 00:18 6801128 ----a-w- c:\program files\wmcsetup.exe 2007-09-06 23:22 . 2007-09-06 23:22 25839688 ----a-w- c:\program files\wmp11-windowsxp-x86-FR-FR.exe 2007-09-04 14:28 . 2007-09-04 14:28 26730808 ----a-w- c:\program files\musicmatch-jukebox_musicmatch_jukebox_10.0.4033_anglais_10317.exe 2007-09-02 17:31 . 2007-09-02 17:31 17733474 ----a-w- c:\program files\RCALyraTrayAppInstall_v1035a.exe 2007-08-22 13:53 . 2007-08-22 13:53 2624373 ----a-w- c:\program files\XnView-win-fr.exe 2007-08-22 13:36 . 2007-08-22 13:36 7494 ----a-w- c:\program files\Image_Converter_Plus_[demo]_v4.00_by_TNT.zip 2007-08-22 13:21 . 2007-08-22 13:21 5053286 ----a-w- c:\program files\converter.exe 2007-05-13 19:22 . 2007-05-13 19:21 899414 ----a-w- c:\program files\SetupDVDDecrypter_3.5.4.0.exe 2007-03-20 00:44 . 2007-03-20 00:44 10420936 ----a-w- c:\program files\xlviewer.exe 2007-03-05 05:15 . 2007-03-05 05:15 1367553 ----a-w- c:\program files\mirc621.exe 2007-02-22 08:17 . 2007-02-22 08:17 7564315 ----a-w- c:\program files\ezcddax10.exe 2007-02-22 08:03 . 2007-02-22 08:03 6710040 ----a-w- c:\program files\smart-audio-converter-pro-setup.exe 2007-01-25 21:58 . 2007-01-25 21:57 17741094 ----a-w- c:\program files\VideoConvertMaster_Fr.exe 2007-01-20 15:17 . 2007-01-20 15:17 27100264 ----a-w- c:\program files\PowerPointViewer.exe 2007-01-19 19:44 . 2007-01-19 19:44 5646848 ----a-w- c:\program files\PC [email protected] 2007-01-19 19:44 . 2007-01-19 19:44 31232 ----a-w- c:\program files\1036.MST 2007-01-19 19:43 . 2007-01-19 19:44 5481 ----a-w- c:\program files\0x040c.ini 2008-02-27 01:56 . 2008-02-27 01:56 24 --sh--w- c:\windows\SC9A2AE4F.tmp . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-05-16 153136] "X'nBeep"="c:\program files\X'nBeep 1.1\XnBeep.exe" [2007-01-09 1067520] "ISUSScheduler"="c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2006-09-11 86960] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "igfxtray"="c:\windows\system32\igfxtray.exe" [2006-09-24 94208] "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-09-24 77824] "igfxpers"="c:\windows\system32\igfxpers.exe" [2006-09-24 114688] "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-09-24 1404928] "avgnt"="c:\program files\AntiVir PersonalEdition Classic\avgnt.exe" [2008-07-19 266497] "EPSON Stylus CX3800 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIACA.EXE" [2005-02-08 98304] "VX3000"="c:\windows\vVX3000.exe" [2006-10-13 707376] "LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2006-10-13 277296] "AppleSyncNotifier"="c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-09-04 111936] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-11-04 413696] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088] "DefragTaskBar"="c:\program files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe" [2008-10-09 173408] "NeroFilterCheck"="c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888] "atwtusb"="atwtusb.exe" - c:\windows\system32\ATWTUSB.EXE [2005-09-21 290816] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] "DWQueuedReporting"="c:\progra~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-08-24 437160] c:\documents and settings\Propri‚taire\Menu D‚marrer\Programmes\D‚marrage\ Microsoft Office OneNote 2003 Quick Launch.lnk - c:\program files\Microsoft Office\OFFICE11\ONENOTEM.EXE [2007-4-19 64864] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Microsoft Office OneNote 2003 Quick Launch.lnk - c:\program files\Microsoft Office\OFFICE11\ONENOTEM.EXE [2007-4-19 64864] Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HotSync Manager.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\HotSync Manager.lnk backup=c:\windows\pss\HotSync Manager.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk backup=c:\windows\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^NkbMonitor.exe.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\NkbMonitor.exe.lnk backup=c:\windows\pss\NkbMonitor.exe.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^Propriétaire^Menu Démarrer^Programmes^Démarrage^palmOne Registration.lnk] path=c:\documents and settings\Propriétaire\Menu Démarrer\Programmes\Démarrage\palmOne Registration.lnk backup=c:\windows\pss\palmOne Registration.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UpdatesDisableNotify"=dword:00000001 "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "c:\\Program Files\\Play+Smile\\Texas Hold'em Poker 3D - Deluxe Edition\\Poker3d.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\WINDOWS\\System32\\SPOOLSV.EXE"= "c:\\Program Files\\Fichiers communs\\Microsoft Shared\\VS7DEBUG\\MDM.EXE"= "c:\\WINDOWS\\System32\\PSIService.exe"= "c:\\WINDOWS\\Microsoft.NET\\Framework\\v3.0\\Windows Communication Foundation\\infocard.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= R1 aiptektp;HyperPen;c:\windows\system32\drivers\aiptektp.sys [2008-05-06 22272] R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [2006-11-03 13592] S2 SessionLauncher;SessionLauncher;c:\docume~1\PROPRI~1\LOCALS~1\Temp\DX9\SessionLauncher.exe --> c:\docume~1\PROPRI~1\LOCALS~1\Temp\DX9\SessionLauncher.exe [?] S3 ctlsb16;Pilote Creative SB16/AWE32/AWE64 (WDM);c:\windows\system32\drivers\ctlsb16.sys [2005-10-17 96256] S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2008-12-17 38160] S3 s3legacy;s3legacy;c:\windows\system32\drivers\s3legacy.sys [2005-10-17 65664] . Contenu du dossier 'Tâches planifiées' 2009-06-22 c:\windows\Tasks\MP Scheduled Scan.job - c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 22:20] 2009-06-17 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34] . - - - - ORPHELINS SUPPRIMES - - - - HKLM-Run-ISUSPM Startup - c:\progra~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.google.ca/ uInternet Settings,ProxyOverride = *.local IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://212.147.17.64/activex/AMC.cab FF - ProfilePath - . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-06-21 20:07 Windows 5.1.2600 Service Pack 3 FAT NTAPI Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... c:\windows\system32\drivers\SKYNETugegdubh.sys 98304 bytes c:\docume~1\PROPRI~1\LOCALS~1\Temp\SKYNET000 0 bytes c:\windows\TEMP\SKYNETrrsquerdjd.tmp 32768 bytes c:\windows\TEMP\SKYNETfeqoxwsuvk.tmp 32768 bytes c:\windows\TEMP\SKYNETloiefvjsiq.tmp 32768 bytes c:\windows\TEMP\SKYNETtkxdpdriui.tmp 32768 bytes c:\windows\TEMP\SKYNETcrpvncyecx.tmp 32768 bytes c:\windows\TEMP\SKYNETeqkysukxyl.tmp 32768 bytes c:\windows\TEMP\SKYNETtrqxreprsm.tmp 32768 bytes c:\windows\TEMP\SKYNETevpenrqsrs.tmp 32768 bytes c:\windows\TEMP\SKYNETrjetaltlvj.tmp 32768 bytes c:\windows\TEMP\SKYNETeibqhevkxj.tmp 32768 bytes c:\windows\TEMP\SKYNETipcrewywju.tmp 32768 bytes c:\windows\TEMP\SKYNETxigqwkolyj.tmp 32768 bytes c:\windows\TEMP\SKYNETmcvxkvwkxc.tmp 32768 bytes c:\windows\TEMP\SKYNEThbrkmmhuml.tmp 32768 bytes c:\windows\TEMP\SKYNETbwphsjfgen.tmp 32768 bytes c:\windows\TEMP\SKYNETwxvncvbyap.tmp 32768 bytes c:\windows\TEMP\SKYNETxgqqvwxosa.tmp 32768 bytes c:\windows\TEMP\SKYNETqfpuoiyyly.tmp 32768 bytes c:\windows\TEMP\SKYNETxyiqjaffml.tmp 32768 bytes c:\windows\TEMP\SKYNETeipbqtsexx.tmp 32768 bytes c:\windows\TEMP\SKYNETmttpsrbirt.tmp 32768 bytes c:\windows\TEMP\SKYNETiomrdfmiyu.tmp 32768 bytes c:\windows\TEMP\SKYNETwxrpjtqrte.tmp 32768 bytes c:\windows\TEMP\SKYNETnwbxdmbdni.tmp 32768 bytes c:\windows\TEMP\SKYNETpfulbvrnpr.tmp 32768 bytes c:\windows\TEMP\SKYNETlstspkkthx.tmp 32768 bytes Scan terminé avec succès Fichiers cachés: 28 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SKYNETmutfdqjh] "imagepath"="\systemroot\system32\drivers\SKYNETugegdubh.sys" . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_USERS\S-1-5-21-3765756068-1303828176-2303276007-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] "??"=hex:7f,37,94,5a,ec,38,b8,58,72,ef,1d,61,92,9f,1b,c0,b2,22,56,fc,e0,54,7b, a9,4d,0f,2b,42,94,0e,34,9f,19,62,9e,95,4e,24,93,75,7d,0c,6f,93,78,07,25,42,\ "??"=hex:27,9c,60,5c,7f,04,18,a0,af,c1,3d,62,15,c7,bd,68 . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'explorer.exe'(3216) c:\program files\iTunes\iTunesMiniPlayer.dll c:\program files\iTunes\iTunesMiniPlayer.Resources\fr.lproj\iTunesMiniPlayerLocalized.dll c:\program files\iTunes\iTunesMiniPlayer.Resources\iTunesMiniPlayer.dll c:\windows\system32\eappprxy.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Autres processus actifs ------------------------ . c:\program files\ANTIVIR PERSONALEDITION CLASSIC\SCHED.EXE c:\program files\FICHIERS COMMUNS\APPLE\MOBILE DEVICE SUPPORT\BIN\APPLEMOBILEDEVICESERVICE.EXE c:\program files\ASHAMPOO\ASHAMPOO MAGICAL DEFRAG 2\BIN\ADEFRAGSERVICE.EXE c:\program files\BONJOUR\MDNSRESPONDER.EXE c:\program files\JAVA\JRE6\BIN\JQS.EXE c:\program files\FICHIERS COMMUNS\MICROSOFT SHARED\VS7DEBUG\MDM.EXE c:\program files\MICROSOFT LIFECAM\MSCAMS32.EXE c:\program files\ASHAMPOO\ASHAMPOO MAGICAL DEFRAG 2\BIN\DEFRAGACTIVITYMONITOR.EXE c:\windows\SYSTEM32\PSISERVICE.EXE c:\windows\SYSTEM32\MSPMSPSV.EXE c:\program files\WINDOWS MEDIA PLAYER\WMPNETWK.EXE c:\windows\SYSTEM32\TBLMOUSE.EXE c:\program files\Fichiers communs\Ahead\Lib\NMIndexingService.exe c:\program files\iPod\bin\iPodService.exe c:\program files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe . ************************************************************************** . Heure de fin: 2009-06-22 20:14 - La machine a redémarré ComboFix-quarantined-files.txt 2009-06-22 00:14 Avant-CF: 15 432 515 584 octets libres Après-CF: 15 517 941 760 octets libres 263 --- E O F --- 2009-06-20 00:51

Avira AntiVir Personal Report file date: 21 juin 2009 12:10 Scanning for 1479837 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 3) [5.1.2600] Boot mode: Normally booted Username: SYSTEM Computer name: CLIENT-A3C075D7 Version information: BUILD.DAT : 8.2.0.353 17048 Bytes 2009-05-15 12:02:00 AVSCAN.EXE : 8.1.4.10 315649 Bytes 2008-11-26 02:44:32 AVSCAN.DLL : 8.1.4.0 40705 Bytes 2008-07-19 22:11:30 LUKE.DLL : 8.1.4.5 164097 Bytes 2008-07-19 22:11:30 LUKERES.DLL : 8.1.4.0 12033 Bytes 2008-07-19 22:11:30 ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 2008-10-27 21:33:56 ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 2009-02-11 19:02:58 ANTIVIR2.VDF : 7.1.4.87 2982912 Bytes 2009-06-12 19:08:08 ANTIVIR3.VDF : 7.1.4.120 232448 Bytes 2009-06-21 16:09:44 Engineversion : 8.2.0.193 AEVDF.DLL : 8.1.1.1 106868 Bytes 2009-04-30 23:34:24 AESCRIPT.DLL : 8.1.2.9 409978 Bytes 2009-06-17 19:01:20 AESCN.DLL : 8.1.2.3 127347 Bytes 2009-05-15 19:01:46 AERDL.DLL : 8.1.1.3 438645 Bytes 2008-11-06 19:02:34 AEPACK.DLL : 8.1.3.18 401783 Bytes 2009-05-27 19:00:46 AEOFFICE.DLL : 8.1.0.38 196987 Bytes 2009-06-17 19:01:18 AEHEUR.DLL : 8.1.0.133 1798520 Bytes 2009-06-17 19:01:16 AEHELP.DLL : 8.1.3.6 205174 Bytes 2009-06-11 19:02:52 AEGEN.DLL : 8.1.1.46 348533 Bytes 2009-06-20 00:48:56 AEEMU.DLL : 8.1.0.9 393588 Bytes 2008-10-15 19:00:48 AECORE.DLL : 8.1.6.12 180599 Bytes 2009-05-27 19:00:42 AEBB.DLL : 8.1.0.3 53618 Bytes 2008-10-15 19:00:46 AVWINLL.DLL : 1.0.0.12 15105 Bytes 2008-07-19 22:11:30 AVPREF.DLL : 8.0.2.0 38657 Bytes 2008-07-19 22:11:30 AVREP.DLL : 8.0.0.3 155688 Bytes 2009-04-20 19:00:28 AVREG.DLL : 8.0.0.1 33537 Bytes 2008-07-19 22:11:30 AVARKT.DLL : 1.0.0.23 307457 Bytes 2008-04-15 19:13:50 AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 2008-07-19 22:11:30 SQLITE3.DLL : 3.3.17.1 339968 Bytes 2008-04-15 19:13:50 SMTPLIB.DLL : 1.2.0.23 28929 Bytes 2008-07-19 22:11:30 NETNT.DLL : 8.0.0.1 7937 Bytes 2008-04-15 19:13:50 RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 2008-07-19 22:11:28 RCTEXT.DLL : 8.0.52.0 86273 Bytes 2008-07-19 22:11:28 Configuration settings for the scan: Jobname..........................: Complete system scan Configuration file...............: C:\Program Files\AntiVir PersonalEdition Classic\sysscan.avp Logging..........................: low Primary action...................: repair Secondary action.................: delete Scan master boot sector..........: on Scan boot sector.................: on Boot sectors.....................: C:, D:, Process scan.....................: on Scan registry....................: on Search for rootkits..............: on Scan all files...................: All files Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox, Macro heuristic..................: on File heuristic...................: high Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR, Start of the scan: 21 juin 2009 12:10 Starting search for hidden objects. HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SKYNETmutfdqjh\main [iNFO] The registry entry is invisible. HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SKYNETmutfdqjh\modules [iNFO] The registry entry is invisible. HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SKYNETmutfdqjh\start [iNFO] The registry entry is invisible. HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SKYNETmutfdqjh\type [iNFO] The registry entry is invisible. HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SKYNETmutfdqjh\group [iNFO] The registry entry is invisible. HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SKYNETmutfdqjh\imagepath [iNFO] The registry entry is invisible. '7863' objects were checked, '6' hidden objects were found. The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'firefox.exe' - '1' Module(s) have been scanned Scan process 'uTorrent.exe' - '1' Module(s) have been scanned Scan process 'DivXVersionChecker.exe' - '1' Module(s) have been scanned Scan process 'EXPLORER.EXE' - '1' Module(s) have been scanned Scan process 'AVGUARD.EXE' - '1' Module(s) have been scanned Scan process 'AVGNT.EXE' - '1' Module(s) have been scanned Scan process 'alg.exe' - '1' Module(s) have been scanned Scan process 'NMIndexStoreSvr.exe' - '1' Module(s) have been scanned Scan process 'iPodService.exe' - '1' Module(s) have been scanned Scan process 'NMIndexingService.exe' - '1' Module(s) have been scanned Scan process 'WMPNETWK.EXE' - '1' Module(s) have been scanned Scan process 'MsPMSPSv.exe' - '1' Module(s) have been scanned Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned Scan process 'PSIService.exe' - '1' Module(s) have been scanned Scan process 'MSCamS32.exe' - '1' Module(s) have been scanned Scan process 'defragActivityMonitor.exe' - '1' Module(s) have been scanned Scan process 'MDM.EXE' - '1' Module(s) have been scanned Scan process 'JQS.EXE' - '1' Module(s) have been scanned Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned Scan process 'aDefragService.exe' - '1' Module(s) have been scanned Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned Scan process 'TBLMOUSE.EXE' - '1' Module(s) have been scanned Scan process 'SCHED.EXE' - '1' Module(s) have been scanned Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned Scan process 'ISSCH.EXE' - '1' Module(s) have been scanned Scan process 'NMBgMonitor.exe' - '1' Module(s) have been scanned Scan process 'JUSCHED.EXE' - '1' Module(s) have been scanned Scan process 'defragTaskBar.exe' - '1' Module(s) have been scanned Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned Scan process 'ATWTUSB.EXE' - '1' Module(s) have been scanned Scan process 'vVX3000.exe' - '1' Module(s) have been scanned Scan process 'E_FATIACA.EXE' - '1' Module(s) have been scanned Scan process 'SMAX4PNP.EXE' - '1' Module(s) have been scanned Scan process 'IGFXPERS.EXE' - '1' Module(s) have been scanned Scan process 'HKCMD.EXE' - '1' Module(s) have been scanned Scan process 'IGFXTRAY.EXE' - '1' Module(s) have been scanned Scan process 'SPOOLSV.EXE' - '1' Module(s) have been scanned Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned Scan process 'MsMpEng.exe' - '1' Module(s) have been scanned Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned Scan process 'LSASS.EXE' - '1' Module(s) have been scanned Scan process 'SERVICES.EXE' - '1' Module(s) have been scanned Scan process 'WINLOGON.EXE' - '1' Module(s) have been scanned Scan process 'CSRSS.EXE' - '1' Module(s) have been scanned Scan process 'SMSS.EXE' - '1' Module(s) have been scanned 52 processes with 52 modules were scanned Starting master boot sector scan: Master boot sector HD0 [iNFO] No virus was found! [WARNING] System error [1381]: Le nombre maximal de secrets pouvant être stockés sur un système donné a été dépassé. Start scanning boot sectors: Boot sector 'C:\' [iNFO] No virus was found! Boot sector 'D:\' [iNFO] No virus was found! Starting to scan the registry. The registry was scanned ( '71' files ). Starting the file scan: Begin scan in 'C:\' <SYSTEM> C:\pagefile.sys [WARNING] The file could not be opened! C:\WINDOWS\system32\drivers\sptd.sys [WARNING] The file could not be opened! C:\WINDOWS\temp\SKYNETcdtxipojry.tmp [DETECTION] Is the TR/Small.bzc Trojan [NOTE] A backup was created as '4a975ce9.qua' ( QUARANTINE ) [NOTE] The file was deleted! Catched Exception ScanDirectory:\\?\C:\ ACCESS_VIOLATION EAX = 00000001 EBX = 08CB1008 ECX = 7C80F0D1 EDX = 004B0053 ESI = 08DADBE8 EDI = 08dd03a0 EIP = 0040FCA2 EBP = 08DD042C ESP = 09A5F448 Flg = 00010213 CS = 00000023 SS = 0000001B Begin scan in 'D:\' <DONNEES> End of the scan: 21 juin 2009 12:19 Used time: 09:04 Minute(s) The scan has been done completely. 1255 Scanning directories 37074 Files were scanned 1 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 1 files were deleted 0 files were repaired 1 files were moved to quarantine 0 files were renamed 2 Files cannot be scanned 37071 Files not concerned 263 Archives were scanned 3 Warnings 1 Notes 7863 Objects were scanned with rootkit scan 6 Hidden objects were found

j ai esseillé a 3 reprises

j avais deja le programme,j ai faite une mise a jour mais le meme probleme revien.

merci de ton aide info.txt logfile of random's system information tool 1.06 2009-06-20 13:57:45 ======Uninstall list====== -->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER -->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL -->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL -->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL -->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL -->C:\WINDOWS\UNNeroVision.exe /UNINSTALL -->C:\WINDOWS\UNRecode.exe /UNINSTALL -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 7.0.7 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70500000002} Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} Ashampoo Magical Defrag 2-->"C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\unins000.exe" Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7} Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe" Avira AntiVir Personal - Free Antivirus-->C:\Program Files\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE AXIS Media Control Embedded-->rundll32 "C:\Program Files\Axis Communications\AXIS Media Control Embedded\AxisMediaControlEmb.dll",UninstallMe Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959} Caricature Studio Green 3.6-->MsiExec.exe /I{AC5019DA-5DC2-44E6-808A-1A68F3CCA79D} Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E} CoffeeCup GIF Animator-->C:\PROGRA~1\COFFEE~1\GIFANI~1\UNWISE.EXE C:\PROGRA~1\COFFEE~1\GIFANI~1\GAinst.LOG Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe" Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe" Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Crayon Physics Deluxe - release 53-->"C:\Program Files\Crayon Physics Deluxe\unins000.exe" DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.0.9.0-->"C:\Program Files\DVDFab 5\unins000.exe" EPSON Logiciel imprimante-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R Extension HighMAT pour l'Assistant Graver un CD de Microsoft Windows XP-->MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F} Firepad Picture Viewer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3A7A1091-29E1-11D5-991C-00B0D0522EB5}\Setup.exe" FLV Player-->"C:\WINDOWS\FLV Player\uninstall.exe" "/U:C:\Program Files\FLV Player\Uninstall\uninstall.xml" Free Notes & Office Ink-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{556F2137-B772-43BB-9A45-E0275234DD16}\Setup.exe" Fusion-->C:\WINDOWS\system32\sdbinst.exe -u "C:\WINDOWS\AppPatch\Custom\{cf63012b-64a2-47ce-8d9c-38c25fc36080}.sdb" GLOBEtrotter FLEXid Drivers-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\GLOBEtrotter Software Inc.\GLOBEtrotter FLEXid Drivers\Uninst.isu" HijackThis 2.0.2-->"C:\Documents and Settings\Propriétaire\Bureau\HijackThis.exe" /uninstall Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe" Ink Monitor-->C:\Program Files\EPSON\Ink Monitor\InkMonitor.exe -U Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D} Intel® Extreme Graphics 2 Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2572 Intel® PRO Network Connections Drivers-->Prounstl.exe ioIsland.com ClearTweak-->C:\PROGRA~1\IOISLAND\CLEART~1\UNWISE.EXE C:\PROGRA~1\IOISLAND\CLEART~1\ClearTweak.LOG iPod for Windows 2005-02-22-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{B6ACFF51-248A-4290-B50B-E50C81F25B97} /l1036 iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371} IZArc 3.5 beta 3-->"C:\Program Files\IZArc\unins000.exe" Java 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF} Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3} K-Lite Codec Pack 4.4.5 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe" Le Centre de Contrôle de Licences de Syncrosoft-->C:\PROGRA~1\SYNCRO~1\UNWISE.EXE C:\PROGRA~1\SYNCRO~1\INSTALL.LOG Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall LimeWire PRO 4.12.3-->"C:\Program Files\LimeWire\uninstall.exe" Lyra Jukebox Applications-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3374B4A6-5595-4667-882D-755ABE093806}\Setup.exe" -l0x9 Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700} Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA-->MsiExec.exe /I{3F7924B9-D148-3141-87B1-68F36043A940} Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28} Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - FRA-->MsiExec.exe /I{511DF669-2930-30C0-8EB6-552887E29EC8} Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783} Microsoft .NET Framework 3.5 Language Pack - fra-->MsiExec.exe /I{5B76AEA2-D4E5-3B55-B965-ACC36AE0EAFC} Microsoft .NET Framework 3.5-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setup.exe Microsoft .NET Framework 3.5-->MsiExec.exe /I{2FC099BD-AC9B-33EB-809C-D332E1B27C40} Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft GIF Animator-->C:\Program Files\Microsoft GIF Animator\setup\GifACME.exe Microsoft Kernel-Mode Driver Framework Feature Pack 1.1-->"C:\WINDOWS\$NtUninstallWdf01001$\spuninst\spuninst.exe" Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe" Microsoft LifeCam-->MsiExec.exe /X{3C137BCF-8ADC-430D-B01C-A45593AC512B} Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE} Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE} Microsoft Office Excel Viewer 2003-->MsiExec.exe /I{90840409-6000-11D3-8CFE-0150048383C9} Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE} Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB} Microsoft Office OneNote 2003-->MsiExec.exe /I{90A10409-6000-11D3-8CFE-0150048383C9} Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0120-040C-0000-0000000FF1CE} Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE} Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE} Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE} Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE} Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE} Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE} Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE} Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE} Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server Compact 3.5 FRA-->MsiExec.exe /I{BE361597-42AC-4513-9BA6-FFAB310038FB} Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Windows XP Video Decoder Checkup Utility-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\DECCHECK.inf,Uninstall Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" Module linguistique Microsoft .NET Framework 3.5 - fra-->c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - fra\setup.exe Mozilla Firefox (3.0.11)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F} MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} Nero 7 Ultra Edition-->MsiExec.exe /X{293C9DF5-7669-4826-BBB2-E1F182D71033} neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Paint.NET v3.36-->MsiExec.exe /X{43602F34-1AA3-44FB-AEB2-D08C2C73743F} palmOne-->MsiExec.exe /X{FF8157AA-F640-45BD-B7C2-BAA1016B267A} Panneau de configuration MobileMe-->MsiExec.exe /I{6DA9102E-199F-43A0-A36B-6EF48081A658} Pivot Stickfigure Animator-->MsiExec.exe /I{BEAD39CD-901D-4267-8B8B-EAA83CB4B70D} QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4} ritePen-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7DA034A8-5963-4F24-9F8C-B50B0A3BBF24}\Setup.exe" -l0x9 Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85} Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7} Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08} Security Update for 2007 Microsoft Office System (KB969679)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C66E4A6C-6E07-4C63-8CCD-2493B5087C73} Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for Microsoft Office Excel 2007 (KB969682)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C03803BD-745A-46F8-8557-817DED578780} Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D} Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85} Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F} Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C} Security Update for Microsoft Office Word 2007 (KB969604)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {CF3D6499-709C-43D0-8908-BC5652656050} Security Update for Visio 2007 (KB947590)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6BAD036C-261F-4BEF-96CF-C20678D07A41} Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} Sentinel System Driver-->C:\WINDOWS\SYSTEM32\RNBOSENT\SETUPX86.EXE /U /q Sleepy-->"C:\Program Files\Sleepy\uninstall.exe" SpywareBlaster 4.2-->"C:\Program Files\SpywareBlaster\unins000.exe" Texas Hold'em Poker 3D - Deluxe Edition 1.0-->"C:\Program Files\Play+Smile\Texas Hold'em Poker 3D - Deluxe Edition\unins000.exe" Tux Paint 0.9.18-->"C:\Program Files\TuxPaint\unins000.exe" Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D} Update for Microsoft Office Outlook 2007 (KB969907)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {74F98B24-AFBD-4800-9BD6-87D349B5C462} Update for Outlook 2007 Junk Email Filter (kb970012)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {DC4A962B-9EC2-469C-BC9C-87312ADAEE81} USB Tablet Driver-->Rmtablet KNL VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B} VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027} Video Convert Master 8.0.11.25-->"C:\Program Files\Video Convert Master\unins000.exe" Windows Defender-->MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401} Windows Genuine Advantage v1.3.0254.0-->MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91} Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657} Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C} Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1} Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe" X'nBeep 1.1-->"C:\Program Files\X'nBeep 1.1\unins000.exe" YouTubeSpider-->"C:\WINDOWS\YouTubeSpider\uninstall.exe" "/U:C:\Program Files\YouTubeSpider\Uninstall\uninstall.xml" ======Security center information====== AV: Avira AntiVir PersonalEdition ======System event log====== Computer Name: CLIENT-A3C075D7 Event Code: 51 Message: Une erreur a été détectée sur le périphérique \Device\Harddisk1\D au cours d'une opération de pagination. Record Number: 4065 Source Name: Disk Time Written: 20090514065636.000000-240 Event Type: warning User: Computer Name: CLIENT-A3C075D7 Event Code: 4226 Message: TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées. Record Number: 4056 Source Name: Tcpip Time Written: 20090513233742.000000-240 Event Type: warning User: Computer Name: CLIENT-A3C075D7 Event Code: 10016 Message: Les paramètres d'autorisation par défaut de l'ordinateur n'accordent pas d'autorisation Locale Activation pour l'application serveur COM avec le CLSID {A0717E52-8AC8-4DD9-8682-0B76775125E6} au SID AUTORITE NT\SERVICE RÉSEAU de l'utilisateur (S-1-5-20). Cette autorisation de sécurité peut être modifiée à l'aide de l'outil d'administration Services de composants. Record Number: 4055 Source Name: DCOM Time Written: 20090513232619.000000-240 Event Type: error User: AUTORITE NT\SERVICE RÉSEAU Computer Name: CLIENT-A3C075D7 Event Code: 14104 Message: Le Service de partage réseau du lecteur Windows Media ne peut pas traiter la requête pour l'URI 'http://192.168.2.10:10243/WMPNSSv3/774338396/0_e0E2MDkwQzc3LTU0NjEtNEY3MC1CNUFCLUYxMTUwQzAxQTdCNH0uMC5BQkJEQTREQQ.avi?albumArt=true' provenant de l'adresse IP '192.168.2.12' en raison de l'erreur '0x80070490'. Record Number: 4054 Source Name: WMPNetworkSvc Time Written: 20090513232521.000000-240 Event Type: warning User: Computer Name: CLIENT-A3C075D7 Event Code: 51 Message: Une erreur a été détectée sur le périphérique \Device\Harddisk1\D au cours d'une opération de pagination. Record Number: 4046 Source Name: Disk Time Written: 20090513170041.000000-240 Event Type: warning User: =====Application event log===== Computer Name: CLIENT-A3C075D7 Event Code: 32026 Message: Le service de télécopie n'a pas pu initialiser de périphériques de télécopies attribués (virtuel ou TAPI). Aucune télécopie ne peut être envoyée ou reçue tant qu'un périphérique de télécopies n'a pas été installé. Record Number: 9361 Source Name: Microsoft Fax Time Written: 20081214130747.000000-300 Event Type: warning User: Computer Name: CLIENT-A3C075D7 Event Code: 1517 Message: Windows a sauvegardé le Registre utilisateur CLIENT-A3C075D7\Propriétaire alors qu'une application ou un service utilisait toujours le Registre pendant la fermeture de la session. La mémoire utilisée par le Registre de l'utilisateur n'a pas été libérée. le Registre sera déchargé lorsqu'il ne sera plus utilisé. Cela est souvent causé par des services s'exécutant en tant que compte d'utilisateur, essayez de configurer les services pour s'exécuter dans le compte service réseau ou service local. Record Number: 9342 Source Name: Userenv Time Written: 20081212111639.000000-300 Event Type: warning User: AUTORITE NT\SYSTEM Computer Name: CLIENT-A3C075D7 Event Code: 1524 Message: Windows ne peut pas décharger vos classes fichier de Registre - il est en cours d'utilisation par d'autres applications ou services. Le fichier sera déchargé quand il ne sera plus utilisé. Record Number: 9341 Source Name: Userenv Time Written: 20081212111627.000000-300 Event Type: warning User: CLIENT-A3C075D7\Propriétaire Computer Name: CLIENT-A3C075D7 Event Code: 32068 Message: La règle de routage de trafic sortant n'est pas valide car elle ne peut pas trouver de périphérique valide. Les télécopies sortantes qui utilisent cette règle ne peuvent pas être acheminées. Vérifiez que le ou les périphériques concernés (en cas de routage vers un groupe de périphériques) sont connectés et installés correctement et allumés. En cas de routage vers un groupe, vérifiez que le groupe est configuré correctement. Code de pays/région : '*' Indicatif régional : '*' Record Number: 9336 Source Name: Microsoft Fax Time Written: 20081212111504.000000-300 Event Type: warning User: Computer Name: CLIENT-A3C075D7 Event Code: 32026 Message: Le service de télécopie n'a pas pu initialiser de périphériques de télécopies attribués (virtuel ou TAPI). Aucune télécopie ne peut être envoyée ou reçue tant qu'un périphérique de télécopies n'a pas été installé. Record Number: 9335 Source Name: Microsoft Fax Time Written: 20081212111504.000000-300 Event Type: warning User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\ImageConverter Plus;C:\Program Files\QuickTime\QTSystem;C:\Program Files\Fichiers communs\Roxio Shared\DLLShared;C:\Program Files\Fichiers communs\Roxio Shared\10.0\DLLShared "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 1, GenuineIntel "PROCESSOR_REVISION"=0401 "NUMBER_OF_PROCESSORS"=2 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip -----------------EOF----------------- Logfile of random's system information tool 1.06 (written by random/random) Run by Propriétaire at 2009-06-20 13:57:25 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 15 GB (31%) free of 50 GB Total RAM: 1278 MB (48% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:57:36, on 2009-06-20 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16850) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACA.EXE C:\WINDOWS\vVX3000.exe C:\WINDOWS\system32\atwtusb.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\WINDOWS\system32\TBLMOUSE.EXE C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragActivityMonitor.exe C:\Program Files\Microsoft LifeCam\MSCamS32.exe C:\WINDOWS\system32\PSIService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\explorer.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\uTorrent\uTorrent.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Propriétaire\Bureau\RSIT.exe C:\Documents and Settings\Propriétaire\Bureau\Propriétaire.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Firepad FireConverter - {6427806D-3820-11D5-9939-00B0D0522EB5} - C:\Program Files\palmOne\FireConverterBrowserHelperObject.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [EPSON Stylus CX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACA.EXE /P26 "EPSON Stylus CX3800 Series" /O6 "USB001" /M "Stylus CX3800" O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe" O4 - HKLM\..\Run: [atwtusb] atwtusb.exe beta O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [DefragTaskBar] "C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [X'nBeep] C:\Program Files\X'nBeep 1.1\XnBeep.exe O4 - HKCU\..\Run: [Horloge Parlante 3000] C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Horloge Parlante 3000\Horloge Parlante 3000.appref-ms O4 - HKCU\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE O4 - Global Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://212.147.17.64/activex/AMC.cab O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ashampoo Defrag Service (AshampooDefragService) - - C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe O23 - Service: SessionLauncher - Unknown owner - C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\DX9\SessionLauncher.exe (file missing) -- End of file - 9788 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\MP Scheduled Scan.job C:\WINDOWS\tasks\AppleSoftwareUpdate.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 63128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6427806D-3820-11D5-9939-00B0D0522EB5}] FPBrowserHelperObject Class - C:\Program Files\palmOne\FireConverterBrowserHelperObject.dll [2001-04-26 69632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-09 73728] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2006-09-24 94208] "igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2006-09-24 77824] "igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2006-09-24 114688] "SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2006-09-24 1404928] "avgnt"=C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe [2008-07-19 266497] "EPSON Stylus CX3800 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACA.EXE [2005-02-07 98304] "VX3000"=C:\WINDOWS\vVX3000.exe [2006-10-13 707376] "LifeCam"=C:\Program Files\Microsoft LifeCam\LifeExp.exe [2006-10-13 277296] "atwtusb"=atwtusb.exe beta [] "AppleSyncNotifier"=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-09-03 111936] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-11-04 413696] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088] "ISUSPM Startup"=C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup [] "DefragTaskBar"=C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe [2008-10-09 173408] "NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2007-03-01 153136] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888] "KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2007-05-16 153136] "X'nBeep"=C:\Program Files\X'nBeep 1.1\XnBeep.exe [2007-01-08 1067520] "Horloge Parlante 3000"=C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Horloge Parlante 3000\Horloge Parlante 3000.appref-ms [] "ISUSScheduler"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2006-09-11 86960] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2007-05-16 153136] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ink Monitor] C:\Program Files\EPSON\Ink Monitor\InkMonitor.exe [2004-05-05 262210] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LyraHD2TrayApp] C:\Program Files\Thomson\Lyra Jukebox\LyraHDTrayApp\LYRAHD2TrayApp.exe [2004-03-31 286720] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2007-03-01 153136] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\QTTask.exe [2008-11-04 413696] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HotSync Manager.lnk] C:\PROGRA~1\palmOne\Hotsync.exe [2004-06-09 471040] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk] C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2005-09-23 29696] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk] C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LDMConf.exe /start [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^NkbMonitor.exe.lnk] C:\PROGRA~1\Nikon\PICTUR~1\NKBMON~1.EXE [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Propriétaire^Menu Démarrer^Programmes^Démarrage^palmOne Registration.lnk] C:\PROGRA~1\palmOne\register.exe [2005-02-11 2301952] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Microsoft Office OneNote 2003 Quick Launch.lnk - C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Démarrage Microsoft Office OneNote 2003 Quick Launch.lnk - C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2006-09-24 135168] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2007-02-15 236928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoDriveAutoRun"=67108863 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveAutoRun"= "NoDriveTypeAutoRun"= "NoDrives"= "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Microsoft LifeCam\LifeCam.exe"="C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire" "C:\Program Files\Play+Smile\Texas Hold'em Poker 3D - Deluxe Edition\Poker3d.exe"="C:\Program Files\Play+Smile\Texas Hold'em Poker 3D - Deluxe Edition\Poker3d.exe:*:Enabled:Poker3d" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" "C:\WINDOWS\System32\SPOOLSV.EXE"="C:\WINDOWS\System32\SPOOLSV.EXE:*:Enabled:spoolsv" "C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE"="C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE:*:Enabled:mdm" "C:\WINDOWS\System32\PSIService.exe"="C:\WINDOWS\System32\PSIService.exe:*:Enabled:PSIService" "C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe"="C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe:*:Enabled:infocard" "C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bdb40db6-bda0-11dd-8739-0016761bd459}] shell\AutoRun\command - F:\InstallTomTomHOME.exe ======List of files/folders created in the last 1 months====== 2009-06-20 13:57:25 ----D---- C:\rsit 2009-06-20 01:09:20 ----D---- C:\Program Files\Windows Live SkyDrive 2009-06-20 00:52:19 ----A---- C:\WINDOWS\IE4 Error Log.txt 2009-06-10 17:07:15 ----HD---- C:\WINDOWS\$NtUninstallKB961501$ 2009-06-10 17:06:57 ----HD---- C:\WINDOWS\$NtUninstallKB969898$ 2009-06-10 17:02:28 ----HD---- C:\WINDOWS\$NtUninstallKB970238$ 2009-06-10 17:01:21 ----HD---- C:\WINDOWS\$NtUninstallKB968537$ 2009-06-09 23:43:36 ----SHD---- C:\FOUND.010 2009-06-09 09:44:20 ----SHD---- C:\FOUND.009 ======List of files/folders modified in the last 1 months====== 2009-06-20 13:09:00 ----A---- C:\WINDOWS\NeroDigital.ini 2009-06-18 17:06:40 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-06-15 15:37:12 ----A---- C:\WINDOWS\aiptbl.ini 2009-06-10 17:07:02 ----A---- C:\WINDOWS\imsins.BAK 2009-06-09 23:20:32 ----A---- C:\WINDOWS\win.ini 2009-06-01 12:51:12 ----A---- C:\WINDOWS\system32\MRT.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 aiptektp;HyperPen; C:\WINDOWS\system32\DRIVERS\aiptektp.sys [2004-07-07 22272] R1 avgio;avgio; \??\C:\Program Files\AntiVir PersonalEdition Classic\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-05-27 75096] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 40576] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-04-22 28352] R2 DS1410D;DS1410D; \??\C:\WINDOWS\system32\drivers\ds1410d.sys [] R2 Sentinel;Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [2001-06-21 73728] R3 avgntflt;avgntflt; \??\C:\Program Files\AntiVir PersonalEdition Classic\avgntflt.sys [] R3 E100B;Intel® PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2006-09-24 163328] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2006-09-24 1302332] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 21248] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2003-04-24 5888] R3 senfilt;senfilt; C:\WINDOWS\system32\drivers\senfilt.sys [2006-09-24 732928] R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2006-09-24 260352] R3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 VX3000;VX-3000; C:\WINDOWS\system32\DRIVERS\VX3000.sys [2006-10-13 1966384] S1 msqpdxserv.sys;msqpdxserv.sys; C:\WINDOWS\system32\drivers\msqpdxpbivnrdv.sys [] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 FilterService;UVC Filter Service; C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys [] S3 Lvckap;Logitech Kernel Audio Processing Filter Driver; \??\C:\WINDOWS\system32\drivers\Lvckap.sys [] S3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys [] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 PalmUSBD;PalmUSBD; C:\WINDOWS\system32\drivers\PalmUSBD.sys [2007-05-29 16694] S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-11-07 47360] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 Sntnlusb;Rainbow USB SuperPro; C:\WINDOWS\system32\DRIVERS\SNTNLUSB.SYS [2001-06-21 20032] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-10-01 32000] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\WINDOWS\system32\DRIVERS\xusb21.sys [2007-08-28 55808] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirScheduler;AntiVir PersonalEdition Classic Scheduler; C:\Program Files\AntiVir PersonalEdition Classic\sched.exe [2008-10-23 68865] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424] R2 AshampooDefragService;Ashampoo Defrag Service; C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe [2008-10-09 750944] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-09 152984] R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872] R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2006-10-13 207664] R2 ProtexisLicensing;ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [2006-11-02 174656] R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592] R2 WMDM PMSP Service;WMDM PMSP Service; C:\WINDOWS\system32\MsPMSPSv.exe [2001-05-01 53248] R2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336] R3 AntiVirService;AntiVir PersonalEdition Classic Guard; C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe [2008-10-23 151297] R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872] R3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2007-05-16 271920] S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-13 268800] S2 SessionLauncher;SessionLauncher; C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\DX9\SessionLauncher.exe [] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256] S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880] -----------------EOF-----------------

mon ordi a commencé a me jouer des tours,il ne veut plus ce connecter a msn il ne reconnais plus les dvd vierge que je met dans mon lecteur.ils les prend pour des cd.apres avoir fais un scan il m a affiché une infection j ai donc esseillé de le suprimé a 3 reprises mais il revien tout le temp. voici mon raport antivir. Avira AntiVir Personal Report file date: 20 juin 2009 12:11 Scanning for 1478190 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 3) [5.1.2600] Boot mode: Normally booted Username: SYSTEM Computer name: CLIENT-A3C075D7 Version information: BUILD.DAT : 8.2.0.353 17048 Bytes 2009-05-15 12:02:00 AVSCAN.EXE : 8.1.4.10 315649 Bytes 2008-11-26 02:44:32 AVSCAN.DLL : 8.1.4.0 40705 Bytes 2008-07-19 22:11:30 LUKE.DLL : 8.1.4.5 164097 Bytes 2008-07-19 22:11:30 LUKERES.DLL : 8.1.4.0 12033 Bytes 2008-07-19 22:11:30 ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 2008-10-27 21:33:56 ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 2009-02-11 19:02:58 ANTIVIR2.VDF : 7.1.4.87 2982912 Bytes 2009-06-12 19:08:08 ANTIVIR3.VDF : 7.1.4.117 212480 Bytes 2009-06-19 00:48:54 Engineversion : 8.2.0.193 AEVDF.DLL : 8.1.1.1 106868 Bytes 2009-04-30 23:34:24 AESCRIPT.DLL : 8.1.2.9 409978 Bytes 2009-06-17 19:01:20 AESCN.DLL : 8.1.2.3 127347 Bytes 2009-05-15 19:01:46 AERDL.DLL : 8.1.1.3 438645 Bytes 2008-11-06 19:02:34 AEPACK.DLL : 8.1.3.18 401783 Bytes 2009-05-27 19:00:46 AEOFFICE.DLL : 8.1.0.38 196987 Bytes 2009-06-17 19:01:18 AEHEUR.DLL : 8.1.0.133 1798520 Bytes 2009-06-17 19:01:16 AEHELP.DLL : 8.1.3.6 205174 Bytes 2009-06-11 19:02:52 AEGEN.DLL : 8.1.1.46 348533 Bytes 2009-06-20 00:48:56 AEEMU.DLL : 8.1.0.9 393588 Bytes 2008-10-15 19:00:48 AECORE.DLL : 8.1.6.12 180599 Bytes 2009-05-27 19:00:42 AEBB.DLL : 8.1.0.3 53618 Bytes 2008-10-15 19:00:46 AVWINLL.DLL : 1.0.0.12 15105 Bytes 2008-07-19 22:11:30 AVPREF.DLL : 8.0.2.0 38657 Bytes 2008-07-19 22:11:30 AVREP.DLL : 8.0.0.3 155688 Bytes 2009-04-20 19:00:28 AVREG.DLL : 8.0.0.1 33537 Bytes 2008-07-19 22:11:30 AVARKT.DLL : 1.0.0.23 307457 Bytes 2008-04-15 19:13:50 AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 2008-07-19 22:11:30 SQLITE3.DLL : 3.3.17.1 339968 Bytes 2008-04-15 19:13:50 SMTPLIB.DLL : 1.2.0.23 28929 Bytes 2008-07-19 22:11:30 NETNT.DLL : 8.0.0.1 7937 Bytes 2008-04-15 19:13:50 RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 2008-07-19 22:11:28 RCTEXT.DLL : 8.0.52.0 86273 Bytes 2008-07-19 22:11:28 Configuration settings for the scan: Jobname..........................: Complete system scan Configuration file...............: c:\program files\antivir personaledition classic\sysscan.avp Logging..........................: low Primary action...................: repair Secondary action.................: delete Scan master boot sector..........: on Scan boot sector.................: on Boot sectors.....................: C:, D:, Process scan.....................: on Scan registry....................: on Search for rootkits..............: on Scan all files...................: All files Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox, Macro heuristic..................: on File heuristic...................: high Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR, Start of the scan: 20 juin 2009 12:11 Starting search for hidden objects. HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SKYNETmutfdqjh\main [iNFO] The registry entry is invisible. HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SKYNETmutfdqjh\modules [iNFO] The registry entry is invisible. HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SKYNETmutfdqjh\start [iNFO] The registry entry is invisible. HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SKYNETmutfdqjh\type [iNFO] The registry entry is invisible. HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SKYNETmutfdqjh\group [iNFO] The registry entry is invisible. HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SKYNETmutfdqjh\imagepath [iNFO] The registry entry is invisible. '7835' objects were checked, '6' hidden objects were found. The scan of running processes will be started Scan process 'AVSCAN.EXE' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'uTorrent.exe' - '1' Module(s) have been scanned Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned Scan process 'EXPLORER.EXE' - '1' Module(s) have been scanned Scan process 'AVGUARD.EXE' - '1' Module(s) have been scanned Scan process 'AVGNT.EXE' - '1' Module(s) have been scanned Scan process 'alg.exe' - '1' Module(s) have been scanned Scan process 'NMIndexStoreSvr.exe' - '1' Module(s) have been scanned Scan process 'iPodService.exe' - '1' Module(s) have been scanned Scan process 'NMIndexingService.exe' - '1' Module(s) have been scanned Scan process 'WMPNETWK.EXE' - '1' Module(s) have been scanned Scan process 'MsPMSPSv.exe' - '1' Module(s) have been scanned Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned Scan process 'PSIService.exe' - '1' Module(s) have been scanned Scan process 'MSCamS32.exe' - '1' Module(s) have been scanned Scan process 'defragActivityMonitor.exe' - '1' Module(s) have been scanned Scan process 'MDM.EXE' - '1' Module(s) have been scanned Scan process 'JQS.EXE' - '1' Module(s) have been scanned Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned Scan process 'aDefragService.exe' - '1' Module(s) have been scanned Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned Scan process 'TBLMOUSE.EXE' - '1' Module(s) have been scanned Scan process 'SCHED.EXE' - '1' Module(s) have been scanned Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned Scan process 'ISSCH.EXE' - '1' Module(s) have been scanned Scan process 'NMBgMonitor.exe' - '1' Module(s) have been scanned Scan process 'JUSCHED.EXE' - '1' Module(s) have been scanned Scan process 'defragTaskBar.exe' - '1' Module(s) have been scanned Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned Scan process 'ATWTUSB.EXE' - '1' Module(s) have been scanned Scan process 'vVX3000.exe' - '1' Module(s) have been scanned Scan process 'E_FATIACA.EXE' - '1' Module(s) have been scanned Scan process 'SMAX4PNP.EXE' - '1' Module(s) have been scanned Scan process 'IGFXPERS.EXE' - '1' Module(s) have been scanned Scan process 'HKCMD.EXE' - '1' Module(s) have been scanned Scan process 'IGFXTRAY.EXE' - '1' Module(s) have been scanned Scan process 'SPOOLSV.EXE' - '1' Module(s) have been scanned Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned Scan process 'MsMpEng.exe' - '1' Module(s) have been scanned Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned Scan process 'LSASS.EXE' - '1' Module(s) have been scanned Scan process 'SERVICES.EXE' - '1' Module(s) have been scanned Scan process 'WINLOGON.EXE' - '1' Module(s) have been scanned Scan process 'CSRSS.EXE' - '1' Module(s) have been scanned Scan process 'SMSS.EXE' - '1' Module(s) have been scanned 51 processes with 51 modules were scanned Starting master boot sector scan: Master boot sector HD0 [iNFO] No virus was found! [WARNING] System error [1381]: Le nombre maximal de secrets pouvant être stockés sur un système donné a été dépassé. Start scanning boot sectors: Boot sector 'C:\' [iNFO] No virus was found! Boot sector 'D:\' [iNFO] No virus was found! Starting to scan the registry. The registry was scanned ( '71' files ). Starting the file scan: Begin scan in 'C:\' <SYSTEM> C:\pagefile.sys [WARNING] The file could not be opened! C:\WINDOWS\system32\drivers\sptd.sys [WARNING] The file could not be opened! C:\WINDOWS\temp\SKYNETumbexjipmb.tmp [DETECTION] Is the TR/Small.bzc Trojan [NOTE] A backup was created as '4a960c01.qua' ( QUARANTINE ) [NOTE] The file was deleted! Catched Exception ScanDirectory:\\?\C:\ ACCESS_VIOLATION EAX = 00000001 EBX = 08DC1788 ECX = 7C80F0D1 EDX = 004B0053 ESI = 08E9EF30 EDI = 08ec16e8 EIP = 0040FCA2 EBP = 08EC1774 ESP = 09A5F448 Flg = 00010217 CS = 00000023 SS = 0000001B Begin scan in 'D:\' <DONNEES> End of the scan: 20 juin 2009 12:23 Used time: 11:52 Minute(s) The scan has been done completely. 1255 Scanning directories 37073 Files were scanned 1 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 1 files were deleted 0 files were repaired 1 files were moved to quarantine 0 files were renamed 2 Files cannot be scanned 37070 Files not concerned 263 Archives were scanned 3 Warnings 1 Notes 7835 Objects were scanned with rootkit scan 6 Hidden objects were found

bonjours,je ne suis plus capable de telecharger adobe flash player sur mon pc.toute les fois que je le telecharge,j ai la confirmation que tout a bien ete instalé et je voie sur leur site l annimation(l installation de adobe flash player a reussie)mais quand apres je retourne sur un site qui fonctionne avec ce programme(youtube,radio canada)ca me dit qu il n est pas instalé.j ai repeté l operation une dixaine de foix et rien ne fonctionne.merci de votre aide.

mon premier essai avec DIVX a fonctoné,long mais au moin ca marche...MERCI pour vortre aide!

j avais oublié de vous dire que quand je l ouvre et l ecoute(fichier avi) avec mon ordi ca va No 1 mais quand je le grave la il y a un decalage.douage suivre vos sugestion quand meme?