fanch29

Rapport mbam Malwarebytes' Anti-Malware 1.44 Version de la base de données: 3739 Windows 5.1.2600 Service Pack 3 Internet Explorer 7.0.5730.11 14/02/2010 18:47:29 mbam-log-2010-02-14 (18-47-29).txt Type de recherche: Examen rapide Eléments examinés: 153001 Temps écoulé: 6 minute(s), 44 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 1 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 1 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\poof (Rootkit.Agent) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\WINDOWS\system32\TDSSpqxt.dll (Rootkit.TDSS) -> Quarantined and deleted successfully.

virtumonde n'a rien trouvé [02/14/2010, 15:03:33] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\F\Bureau\VirtumundoBeGone.exe" ) [02/14/2010, 15:03:36] - Detected System Information: [02/14/2010, 15:03:36] - Windows Version: 5.1.2600, Service Pack 3 [02/14/2010, 15:03:36] - Current Username: F (Admin) [02/14/2010, 15:03:36] - Windows is in SAFE mode with Networking. [02/14/2010, 15:03:36] - Searching for Browser Helper Objects: [02/14/2010, 15:03:36] - BHO 1: {02478D38-C3F9-4EFB-9B51-7695ECA05670} (Yahoo! Toolbar Helper) [02/14/2010, 15:03:36] - BHO 2: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} (Adobe PDF Link Helper) [02/14/2010, 15:03:36] - BHO 3: {53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection) [02/14/2010, 15:03:36] - BHO 4: {7E853D72-626A-48EC-A868-BA8D5E23E045} () [02/14/2010, 15:03:36] - WARNING: BHO has no default name. Checking for Winlogon reference. [02/14/2010, 15:03:36] - No filename found. Continuing. [02/14/2010, 15:03:36] - BHO 5: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper) [02/14/2010, 15:03:36] - BHO 6: {F62A47A7-4CA3-9D00-95A3-6724d43a9E8C} (IEHlprObj Class) [02/14/2010, 15:03:36] - Finished Searching Browser Helper Objects [02/14/2010, 15:03:36] - Finishing up... [02/14/2010, 15:03:36] - Nothing found! Exiting... Je continue avec Mbam?

vundo fix n'a rien trouvé

Toutes mes excuses, j'ai fait le boulet et transcrit deux fois le même lapsus. Spybot plante sur virtumonde.sdn.

J'ai les rapports tdskiller et rkill par contre MBam plante, le pc s'éteint et windows récupère une "erreur sérieuse". 13:26:01:015 3604 TDSS rootkit removing tool 2.2.3 Feb 4 2010 14:34:00 13:26:01:015 3604 ================================================================================ 13:26:01:015 3604 SystemInfo: 13:26:01:015 3604 OS Version: 5.1.2600 ServicePack: 3.0 13:26:01:015 3604 Product type: Workstation 13:26:01:015 3604 ComputerName: SN203659450008 13:26:01:015 3604 UserName: F 13:26:01:015 3604 Windows directory: C:\WINDOWS 13:26:01:015 3604 Processor architecture: Intel x86 13:26:01:015 3604 Number of processors: 1 13:26:01:015 3604 Page size: 0x1000 13:26:01:015 3604 Boot type: Normal boot 13:26:01:015 3604 ================================================================================ 13:26:01:015 3604 UnloadDriverW: NtUnloadDriver error 2 13:26:01:015 3604 ForceUnloadDriverW: UnloadDriverW(klmd21) error 2 13:26:01:015 3604 MyNtCreateFileW: NtCreateFile(\??\C:\WINDOWS\system32\drivers\klmd.sys) returned status 00000000 13:26:01:031 3604 UtilityInit: KLMD drop and load success 13:26:01:031 3604 KLMD_OpenDevice: Trying to open KLMD Device(KLMD201010) 13:26:01:031 3604 UtilityInit: KLMD open success 13:26:01:031 3604 UtilityInit: Initialize success 13:26:01:031 3604 13:26:01:031 3604 Scanning Services ... 13:26:01:031 3604 CreateRegParser: Registry parser init started 13:26:01:031 3604 DisableWow64Redirection: GetProcAddress(Wow64DisableWow64FsRedirection) error 127 13:26:01:031 3604 CreateRegParser: DisableWow64Redirection error 13:26:01:031 3604 wfopen_ex: Trying to open file C:\WINDOWS\system32\config\system 13:26:01:031 3604 MyNtCreateFileW: NtCreateFile(\??\C:\WINDOWS\system32\config\system) returned status C0000043 13:26:01:031 3604 wfopen_ex: MyNtCreateFileW error 32 (C0000043) 13:26:01:031 3604 wfopen_ex: Trying to KLMD file open 13:26:01:031 3604 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\config\system 13:26:01:031 3604 wfopen_ex: File opened ok (Flags 2) 13:26:01:031 3604 CreateRegParser: HIVE_ADAPTER(C:\WINDOWS\system32\config\system) init success: 394AC8 13:26:01:031 3604 wfopen_ex: Trying to open file C:\WINDOWS\system32\config\software 13:26:01:031 3604 MyNtCreateFileW: NtCreateFile(\??\C:\WINDOWS\system32\config\software) returned status C0000043 13:26:01:031 3604 wfopen_ex: MyNtCreateFileW error 32 (C0000043) 13:26:01:031 3604 wfopen_ex: Trying to KLMD file open 13:26:01:031 3604 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\config\software 13:26:01:031 3604 wfopen_ex: File opened ok (Flags 2) 13:26:01:031 3604 CreateRegParser: HIVE_ADAPTER(C:\WINDOWS\system32\config\software) init success: 394B30 13:26:01:031 3604 EnableWow64Redirection: GetProcAddress(Wow64RevertWow64FsRedirection) error 127 13:26:01:031 3604 CreateRegParser: EnableWow64Redirection error 13:26:01:031 3604 CreateRegParser: RegParser init completed 13:26:01:437 3604 GetAdvancedServicesInfo: Raw services enum returned 347 services 13:26:01:437 3604 fclose_ex: Trying to close file C:\WINDOWS\system32\config\system 13:26:01:437 3604 fclose_ex: Trying to close file C:\WINDOWS\system32\config\software 13:26:01:437 3604 13:26:01:437 3604 Scanning Kernel memory ... 13:26:01:437 3604 KLMD_GetSystemObjectAddressByNameW: Trying to get system object address by name \Driver\Disk 13:26:01:437 3604 DetectCureTDL3: \Driver\Disk PDRIVER_OBJECT: 82D628C0 13:26:01:437 3604 DetectCureTDL3: KLMD_GetDeviceObjectList returned 10 DevObjects 13:26:01:437 3604 13:26:01:437 3604 DetectCureTDL3: DEVICE_OBJECT: 8286CC68 13:26:01:437 3604 KLMD_GetLowerDeviceObject: Trying to get lower device object for 8286CC68 13:26:01:437 3604 KLMD_ReadMem: Trying to ReadMemory 0x8286CC68[0x38] 13:26:01:437 3604 DetectCureTDL3: DRIVER_OBJECT: 82D628C0 13:26:01:437 3604 KLMD_ReadMem: Trying to ReadMemory 0x82D628C0[0xA8] 13:26:01:437 3604 KLMD_ReadMem: Trying to ReadMemory 0xE173CA78[0x18] 13:26:01:437 3604 DetectCureTDL3: DRIVER_OBJECT name: \Driver\Disk, Driver Name: Disk 13:26:01:437 3604 DetectCureTDL3: IrpHandler (0) addr: F862BBB0 13:26:01:437 3604 DetectCureTDL3: IrpHandler (1) addr: 804F355A 13:26:01:437 3604 DetectCureTDL3: IrpHandler (2) addr: F862BBB0 13:26:01:437 3604 DetectCureTDL3: IrpHandler (3) addr: F8625D1F 13:26:01:437 3604 DetectCureTDL3: IrpHandler (4) addr: F8625D1F 13:26:01:437 3604 DetectCureTDL3: IrpHandler (5) addr: 804F355A 13:26:01:437 3604 DetectCureTDL3: IrpHandler (6) addr: 804F355A 13:26:01:437 3604 DetectCureTDL3: IrpHandler (7) addr: 804F355A 13:26:01:437 3604 DetectCureTDL3: IrpHandler ( addr: 804F355A 13:26:01:437 3604 DetectCureTDL3: IrpHandler (9) addr: F86262E2 13:26:01:437 3604 DetectCureTDL3: IrpHandler (10) addr: 804F355A 13:26:01:437 3604 DetectCureTDL3: IrpHandler (11) addr: 804F355A 13:26:01:437 3604 DetectCureTDL3: IrpHandler (12) addr: 804F355A 13:26:01:437 3604 DetectCureTDL3: IrpHandler (13) addr: 804F355A 13:26:01:437 3604 DetectCureTDL3: IrpHandler (14) addr: F86263BB 13:26:01:437 3604 DetectCureTDL3: IrpHandler (15) addr: F8629F28 13:26:01:437 3604 DetectCureTDL3: IrpHandler (16) addr: F86262E2 13:26:01:437 3604 DetectCureTDL3: IrpHandler (17) addr: 804F355A 13:26:01:437 3604 DetectCureTDL3: IrpHandler (18) addr: 804F355A 13:26:01:437 3604 DetectCureTDL3: IrpHandler (19) addr: 804F355A 13:26:01:437 3604 DetectCureTDL3: IrpHandler (20) addr: 804F355A 13:26:01:437 3604 DetectCureTDL3: IrpHandler (21) addr: 804F355A 13:26:01:437 3604 DetectCureTDL3: IrpHandler (22) addr: F8627C82 13:26:01:437 3604 DetectCureTDL3: IrpHandler (23) addr: F862C99E 13:26:01:437 3604 DetectCureTDL3: IrpHandler (24) addr: 804F355A 13:26:01:437 3604 DetectCureTDL3: IrpHandler (25) addr: 804F355A 13:26:01:437 3604 DetectCureTDL3: IrpHandler (26) addr: 804F355A 13:26:01:437 3604 TDL3_FileDetect: Processing driver: Disk 13:26:01:453 3604 TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\DRIVERS\disk.sys 13:26:01:453 3604 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\DRIVERS\disk.sys 13:26:01:468 3604 TDL3_FileDetect: C:\WINDOWS\system32\DRIVERS\disk.sys - Verdict: Clean 13:26:01:468 3604 13:26:01:468 3604 DetectCureTDL3: DEVICE_OBJECT: 8286EC68 13:26:01:468 3604 KLMD_GetLowerDeviceObject: Trying to get lower device object for 8286EC68 13:26:01:468 3604 KLMD_ReadMem: Trying to ReadMemory 0x8286EC68[0x38] 13:26:01:468 3604 DetectCureTDL3: DRIVER_OBJECT: 82D628C0 13:26:01:468 3604 KLMD_ReadMem: Trying to ReadMemory 0x82D628C0[0xA8] 13:26:01:468 3604 KLMD_ReadMem: Trying to ReadMemory 0xE173CA78[0x18] 13:26:01:468 3604 DetectCureTDL3: DRIVER_OBJECT name: \Driver\Disk, Driver Name: Disk 13:26:01:468 3604 DetectCureTDL3: IrpHandler (0) addr: F862BBB0 13:26:01:468 3604 DetectCureTDL3: IrpHandler (1) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (2) addr: F862BBB0 13:26:01:468 3604 DetectCureTDL3: IrpHandler (3) addr: F8625D1F 13:26:01:468 3604 DetectCureTDL3: IrpHandler (4) addr: F8625D1F 13:26:01:468 3604 DetectCureTDL3: IrpHandler (5) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (6) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (7) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler ( addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (9) addr: F86262E2 13:26:01:468 3604 DetectCureTDL3: IrpHandler (10) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (11) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (12) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (13) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (14) addr: F86263BB 13:26:01:468 3604 DetectCureTDL3: IrpHandler (15) addr: F8629F28 13:26:01:468 3604 DetectCureTDL3: IrpHandler (16) addr: F86262E2 13:26:01:468 3604 DetectCureTDL3: IrpHandler (17) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (18) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (19) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (20) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (21) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (22) addr: F8627C82 13:26:01:468 3604 DetectCureTDL3: IrpHandler (23) addr: F862C99E 13:26:01:468 3604 DetectCureTDL3: IrpHandler (24) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (25) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (26) addr: 804F355A 13:26:01:468 3604 TDL3_FileDetect: Processing driver: Disk 13:26:01:468 3604 TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\DRIVERS\disk.sys 13:26:01:468 3604 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\DRIVERS\disk.sys 13:26:01:468 3604 TDL3_FileDetect: C:\WINDOWS\system32\DRIVERS\disk.sys - Verdict: Clean 13:26:01:468 3604 13:26:01:468 3604 DetectCureTDL3: DEVICE_OBJECT: 82968C68 13:26:01:468 3604 KLMD_GetLowerDeviceObject: Trying to get lower device object for 82968C68 13:26:01:468 3604 KLMD_ReadMem: Trying to ReadMemory 0x82968C68[0x38] 13:26:01:468 3604 DetectCureTDL3: DRIVER_OBJECT: 82D628C0 13:26:01:468 3604 KLMD_ReadMem: Trying to ReadMemory 0x82D628C0[0xA8] 13:26:01:468 3604 KLMD_ReadMem: Trying to ReadMemory 0xE173CA78[0x18] 13:26:01:468 3604 DetectCureTDL3: DRIVER_OBJECT name: \Driver\Disk, Driver Name: Disk 13:26:01:468 3604 DetectCureTDL3: IrpHandler (0) addr: F862BBB0 13:26:01:468 3604 DetectCureTDL3: IrpHandler (1) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (2) addr: F862BBB0 13:26:01:468 3604 DetectCureTDL3: IrpHandler (3) addr: F8625D1F 13:26:01:468 3604 DetectCureTDL3: IrpHandler (4) addr: F8625D1F 13:26:01:468 3604 DetectCureTDL3: IrpHandler (5) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (6) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (7) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler ( addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (9) addr: F86262E2 13:26:01:468 3604 DetectCureTDL3: IrpHandler (10) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (11) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (12) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (13) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (14) addr: F86263BB 13:26:01:468 3604 DetectCureTDL3: IrpHandler (15) addr: F8629F28 13:26:01:468 3604 DetectCureTDL3: IrpHandler (16) addr: F86262E2 13:26:01:468 3604 DetectCureTDL3: IrpHandler (17) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (18) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (19) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (20) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (21) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (22) addr: F8627C82 13:26:01:468 3604 DetectCureTDL3: IrpHandler (23) addr: F862C99E 13:26:01:468 3604 DetectCureTDL3: IrpHandler (24) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (25) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (26) addr: 804F355A 13:26:01:468 3604 TDL3_FileDetect: Processing driver: Disk 13:26:01:468 3604 TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\DRIVERS\disk.sys 13:26:01:468 3604 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\DRIVERS\disk.sys 13:26:01:468 3604 TDL3_FileDetect: C:\WINDOWS\system32\DRIVERS\disk.sys - Verdict: Clean 13:26:01:468 3604 13:26:01:468 3604 DetectCureTDL3: DEVICE_OBJECT: 829DDC68 13:26:01:468 3604 KLMD_GetLowerDeviceObject: Trying to get lower device object for 829DDC68 13:26:01:468 3604 KLMD_ReadMem: Trying to ReadMemory 0x829DDC68[0x38] 13:26:01:468 3604 DetectCureTDL3: DRIVER_OBJECT: 82D628C0 13:26:01:468 3604 KLMD_ReadMem: Trying to ReadMemory 0x82D628C0[0xA8] 13:26:01:468 3604 KLMD_ReadMem: Trying to ReadMemory 0xE173CA78[0x18] 13:26:01:468 3604 DetectCureTDL3: DRIVER_OBJECT name: \Driver\Disk, Driver Name: Disk 13:26:01:468 3604 DetectCureTDL3: IrpHandler (0) addr: F862BBB0 13:26:01:468 3604 DetectCureTDL3: IrpHandler (1) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (2) addr: F862BBB0 13:26:01:468 3604 DetectCureTDL3: IrpHandler (3) addr: F8625D1F 13:26:01:468 3604 DetectCureTDL3: IrpHandler (4) addr: F8625D1F 13:26:01:468 3604 DetectCureTDL3: IrpHandler (5) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (6) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (7) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler ( addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (9) addr: F86262E2 13:26:01:468 3604 DetectCureTDL3: IrpHandler (10) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (11) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (12) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (13) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (14) addr: F86263BB 13:26:01:468 3604 DetectCureTDL3: IrpHandler (15) addr: F8629F28 13:26:01:468 3604 DetectCureTDL3: IrpHandler (16) addr: F86262E2 13:26:01:468 3604 DetectCureTDL3: IrpHandler (17) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (18) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (19) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (20) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (21) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (22) addr: F8627C82 13:26:01:468 3604 DetectCureTDL3: IrpHandler (23) addr: F862C99E 13:26:01:468 3604 DetectCureTDL3: IrpHandler (24) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (25) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (26) addr: 804F355A 13:26:01:468 3604 TDL3_FileDetect: Processing driver: Disk 13:26:01:468 3604 TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\DRIVERS\disk.sys 13:26:01:468 3604 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\DRIVERS\disk.sys 13:26:01:468 3604 TDL3_FileDetect: C:\WINDOWS\system32\DRIVERS\disk.sys - Verdict: Clean 13:26:01:468 3604 13:26:01:468 3604 DetectCureTDL3: DEVICE_OBJECT: 8284FAB8 13:26:01:468 3604 KLMD_GetLowerDeviceObject: Trying to get lower device object for 8284FAB8 13:26:01:468 3604 DetectCureTDL3: DEVICE_OBJECT: 828B5898 13:26:01:468 3604 KLMD_GetLowerDeviceObject: Trying to get lower device object for 828B5898 13:26:01:468 3604 KLMD_ReadMem: Trying to ReadMemory 0x828B5898[0x38] 13:26:01:468 3604 DetectCureTDL3: DRIVER_OBJECT: 829C1458 13:26:01:468 3604 KLMD_ReadMem: Trying to ReadMemory 0x829C1458[0xA8] 13:26:01:468 3604 KLMD_ReadMem: Trying to ReadMemory 0xE1008088[0x1E] 13:26:01:468 3604 DetectCureTDL3: DRIVER_OBJECT name: \Driver\USBSTOR, Driver Name: USBSTOR 13:26:01:468 3604 DetectCureTDL3: IrpHandler (0) addr: F888A218 13:26:01:468 3604 DetectCureTDL3: IrpHandler (1) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (2) addr: F888A218 13:26:01:468 3604 DetectCureTDL3: IrpHandler (3) addr: F888A23C 13:26:01:468 3604 DetectCureTDL3: IrpHandler (4) addr: F888A23C 13:26:01:468 3604 DetectCureTDL3: IrpHandler (5) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (6) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (7) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler ( addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (9) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (10) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (11) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (12) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (13) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (14) addr: F888A180 13:26:01:468 3604 DetectCureTDL3: IrpHandler (15) addr: F88859E6 13:26:01:468 3604 DetectCureTDL3: IrpHandler (16) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (17) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (18) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (19) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (20) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (21) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (22) addr: F88895F0 13:26:01:468 3604 DetectCureTDL3: IrpHandler (23) addr: F8887A6E 13:26:01:468 3604 DetectCureTDL3: IrpHandler (24) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (25) addr: 804F355A 13:26:01:468 3604 DetectCureTDL3: IrpHandler (26) addr: 804F355A 13:26:01:468 3604 KLMD_ReadMem: Trying to ReadMemory 0xF8886F26[0x400] 13:26:01:468 3604 TDL3_StartIoHookDetect: CheckParameters: 0, 00000000, 0 13:26:01:468 3604 TDL3_FileDetect: Processing driver: USBSTOR 13:26:01:468 3604 TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 13:26:01:468 3604 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 13:26:01:484 3604 TDL3_FileDetect: C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS - Verdict: Clean 13:26:01:484 3604 13:26:01:484 3604 DetectCureTDL3: DEVICE_OBJECT: 82837AB8 13:26:01:484 3604 KLMD_GetLowerDeviceObject: Trying to get lower device object for 82837AB8 13:26:01:484 3604 DetectCureTDL3: DEVICE_OBJECT: 82996030 13:26:01:484 3604 KLMD_GetLowerDeviceObject: Trying to get lower device object for 82996030 13:26:01:484 3604 KLMD_ReadMem: Trying to ReadMemory 0x82996030[0x38] 13:26:01:484 3604 DetectCureTDL3: DRIVER_OBJECT: 829C1458 13:26:01:484 3604 KLMD_ReadMem: Trying to ReadMemory 0x829C1458[0xA8] 13:26:01:484 3604 KLMD_ReadMem: Trying to ReadMemory 0xE1008088[0x1E] 13:26:01:484 3604 DetectCureTDL3: DRIVER_OBJECT name: \Driver\USBSTOR, Driver Name: USBSTOR 13:26:01:484 3604 DetectCureTDL3: IrpHandler (0) addr: F888A218 13:26:01:484 3604 DetectCureTDL3: IrpHandler (1) addr: 804F355A 13:26:01:484 3604 DetectCureTDL3: IrpHandler (2) addr: F888A218 13:26:01:484 3604 DetectCureTDL3: IrpHandler (3) addr: F888A23C 13:26:01:484 3604 DetectCureTDL3: IrpHandler (4) addr: F888A23C 13:26:01:484 3604 DetectCureTDL3: IrpHandler (5) addr: 804F355A 13:26:01:484 3604 DetectCureTDL3: IrpHandler (6) addr: 804F355A 13:26:01:484 3604 DetectCureTDL3: IrpHandler (7) addr: 804F355A 13:26:01:484 3604 DetectCureTDL3: IrpHandler ( addr: 804F355A 13:26:01:484 3604 DetectCureTDL3: IrpHandler (9) addr: 804F355A 13:26:01:484 3604 DetectCureTDL3: IrpHandler (10) addr: 804F355A 13:26:01:484 3604 DetectCureTDL3: IrpHandler (11) addr: 804F355A 13:26:01:484 3604 DetectCureTDL3: IrpHandler (12) addr: 804F355A 13:26:01:484 3604 DetectCureTDL3: IrpHandler (13) addr: 804F355A 13:26:01:484 3604 DetectCureTDL3: IrpHandler (14) addr: F888A180 13:26:01:484 3604 DetectCureTDL3: IrpHandler (15) addr: F88859E6 13:26:01:484 3604 DetectCureTDL3: IrpHandler (16) addr: 804F355A 13:26:01:484 3604 DetectCureTDL3: IrpHandler (17) addr: 804F355A 13:26:01:484 3604 DetectCureTDL3: IrpHandler (18) addr: 804F355A 13:26:01:484 3604 DetectCureTDL3: IrpHandler (19) addr: 804F355A 13:26:01:484 3604 DetectCureTDL3: IrpHandler (20) addr: 804F355A 13:26:01:484 3604 DetectCureTDL3: IrpHandler (21) addr: 804F355A 13:26:01:484 3604 DetectCureTDL3: IrpHandler (22) addr: F88895F0 13:26:01:484 3604 DetectCureTDL3: IrpHandler (23) addr: F8887A6E 13:26:01:484 3604 DetectCureTDL3: IrpHandler (24) addr: 804F355A 13:26:01:484 3604 DetectCureTDL3: IrpHandler (25) addr: 804F355A 13:26:01:484 3604 DetectCureTDL3: IrpHandler (26) addr: 804F355A 13:26:01:484 3604 KLMD_ReadMem: Trying to ReadMemory 0xF8886F26[0x400] 13:26:01:484 3604 TDL3_StartIoHookDetect: CheckParameters: 0, 00000000, 0 13:26:01:484 3604 TDL3_FileDetect: Processing driver: USBSTOR 13:26:01:484 3604 TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 13:26:01:484 3604 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 13:26:01:484 3604 TDL3_FileDetect: C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS - Verdict: Clean 13:26:01:484 3604 13:26:01:484 3604 DetectCureTDL3: DEVICE_OBJECT: 828B7030 13:26:01:484 3604 KLMD_GetLowerDeviceObject: Trying to get lower device object for 828B7030 13:26:01:484 3604 DetectCureTDL3: DEVICE_OBJECT: 829C86A8 13:26:01:484 3604 KLMD_GetLowerDeviceObject: Trying to get lower device object for 829C86A8 13:26:01:484 3604 KLMD_ReadMem: Trying to ReadMemory 0x829C86A8[0x38] 13:26:01:484 3604 DetectCureTDL3: DRIVER_OBJECT: 829C1458 13:26:01:484 3604 KLMD_ReadMem: Trying to ReadMemory 0x829C1458[0xA8] 13:26:01:484 3604 KLMD_ReadMem: Trying to ReadMemory 0xE1008088[0x1E] 13:26:01:484 3604 DetectCureTDL3: DRIVER_OBJECT name: \Driver\USBSTOR, Driver Name: USBSTOR 13:26:01:484 3604 DetectCureTDL3: IrpHandler (0) addr: F888A218 13:26:01:484 3604 DetectCureTDL3: IrpHandler (1) addr: 804F355A 13:26:01:484 3604 DetectCureTDL3: IrpHandler (2) addr: F888A218 13:26:01:484 3604 DetectCureTDL3: IrpHandler (3) addr: F888A23C 13:26:01:484 3604 DetectCureTDL3: IrpHandler (4) addr: F888A23C 13:26:01:484 3604 DetectCureTDL3: IrpHandler (5) addr: 804F355A 13:26:01:484 3604 DetectCureTDL3: IrpHandler (6) addr: 804F355A 13:26:01:484 3604 DetectCureTDL3: IrpHandler (7) addr: 804F355A 13:26:01:484 3604 DetectCureTDL3: IrpHandler ( addr: 804F355A 13:26:01:484 3604 DetectCureTDL3: IrpHandler (9) addr: 804F355A 13:26:01:484 3604 DetectCureTDL3: IrpHandler (10) addr: 804F355A 13:26:01:484 3604 DetectCureTDL3: IrpHandler (11) addr: 804F355A 13:26:01:484 3604 DetectCureTDL3: IrpHandler (12) addr: 804F355A 13:26:01:484 3604 DetectCureTDL3: IrpHandler (13) addr: 804F355A 13:26:01:484 3604 DetectCureTDL3: IrpHandler (14) addr: F888A180 13:26:01:484 3604 DetectCureTDL3: IrpHandler (15) addr: F88859E6 13:26:01:484 3604 DetectCureTDL3: IrpHandler (16) addr: 804F355A 13:26:01:484 3604 DetectCureTDL3: IrpHandler (17) addr: 804F355A 13:26:01:484 3604 DetectCureTDL3: IrpHandler (18) addr: 804F355A 13:26:01:484 3604 DetectCureTDL3: IrpHandler (19) addr: 804F355A 13:26:01:484 3604 DetectCureTDL3: IrpHandler (20) addr: 804F355A 13:26:01:484 3604 DetectCureTDL3: IrpHandler (21) addr: 804F355A 13:26:01:484 3604 DetectCureTDL3: IrpHandler (22) addr: F88895F0 13:26:01:484 3604 DetectCureTDL3: IrpHandler (23) addr: F8887A6E 13:26:01:484 3604 DetectCureTDL3: IrpHandler (24) addr: 804F355A 13:26:01:484 3604 DetectCureTDL3: IrpHandler (25) addr: 804F355A 13:26:01:484 3604 DetectCureTDL3: IrpHandler (26) addr: 804F355A 13:26:01:484 3604 KLMD_ReadMem: Trying to ReadMemory 0xF8886F26[0x400] 13:26:01:484 3604 TDL3_StartIoHookDetect: CheckParameters: 0, 00000000, 0 13:26:01:484 3604 TDL3_FileDetect: Processing driver: USBSTOR 13:26:01:484 3604 TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 13:26:01:484 3604 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 13:26:01:500 3604 TDL3_FileDetect: C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS - Verdict: Clean 13:26:01:500 3604 13:26:01:500 3604 DetectCureTDL3: DEVICE_OBJECT: 82880AB8 13:26:01:500 3604 KLMD_GetLowerDeviceObject: Trying to get lower device object for 82880AB8 13:26:01:500 3604 DetectCureTDL3: DEVICE_OBJECT: 828CAEA0 13:26:01:500 3604 KLMD_GetLowerDeviceObject: Trying to get lower device object for 828CAEA0 13:26:01:500 3604 KLMD_ReadMem: Trying to ReadMemory 0x828CAEA0[0x38] 13:26:01:500 3604 DetectCureTDL3: DRIVER_OBJECT: 829C1458 13:26:01:500 3604 KLMD_ReadMem: Trying to ReadMemory 0x829C1458[0xA8] 13:26:01:500 3604 KLMD_ReadMem: Trying to ReadMemory 0xE1008088[0x1E] 13:26:01:500 3604 DetectCureTDL3: DRIVER_OBJECT name: \Driver\USBSTOR, Driver Name: USBSTOR 13:26:01:500 3604 DetectCureTDL3: IrpHandler (0) addr: F888A218 13:26:01:500 3604 DetectCureTDL3: IrpHandler (1) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (2) addr: F888A218 13:26:01:500 3604 DetectCureTDL3: IrpHandler (3) addr: F888A23C 13:26:01:500 3604 DetectCureTDL3: IrpHandler (4) addr: F888A23C 13:26:01:500 3604 DetectCureTDL3: IrpHandler (5) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (6) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (7) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler ( addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (9) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (10) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (11) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (12) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (13) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (14) addr: F888A180 13:26:01:500 3604 DetectCureTDL3: IrpHandler (15) addr: F88859E6 13:26:01:500 3604 DetectCureTDL3: IrpHandler (16) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (17) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (18) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (19) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (20) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (21) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (22) addr: F88895F0 13:26:01:500 3604 DetectCureTDL3: IrpHandler (23) addr: F8887A6E 13:26:01:500 3604 DetectCureTDL3: IrpHandler (24) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (25) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (26) addr: 804F355A 13:26:01:500 3604 KLMD_ReadMem: Trying to ReadMemory 0xF8886F26[0x400] 13:26:01:500 3604 TDL3_StartIoHookDetect: CheckParameters: 0, 00000000, 0 13:26:01:500 3604 TDL3_FileDetect: Processing driver: USBSTOR 13:26:01:500 3604 TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 13:26:01:500 3604 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 13:26:01:500 3604 TDL3_FileDetect: C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS - Verdict: Clean 13:26:01:500 3604 13:26:01:500 3604 DetectCureTDL3: DEVICE_OBJECT: 82D7FC68 13:26:01:500 3604 KLMD_GetLowerDeviceObject: Trying to get lower device object for 82D7FC68 13:26:01:500 3604 KLMD_ReadMem: Trying to ReadMemory 0x82D7FC68[0x38] 13:26:01:500 3604 DetectCureTDL3: DRIVER_OBJECT: 82D628C0 13:26:01:500 3604 KLMD_ReadMem: Trying to ReadMemory 0x82D628C0[0xA8] 13:26:01:500 3604 KLMD_ReadMem: Trying to ReadMemory 0xE173CA78[0x18] 13:26:01:500 3604 DetectCureTDL3: DRIVER_OBJECT name: \Driver\Disk, Driver Name: Disk 13:26:01:500 3604 DetectCureTDL3: IrpHandler (0) addr: F862BBB0 13:26:01:500 3604 DetectCureTDL3: IrpHandler (1) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (2) addr: F862BBB0 13:26:01:500 3604 DetectCureTDL3: IrpHandler (3) addr: F8625D1F 13:26:01:500 3604 DetectCureTDL3: IrpHandler (4) addr: F8625D1F 13:26:01:500 3604 DetectCureTDL3: IrpHandler (5) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (6) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (7) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler ( addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (9) addr: F86262E2 13:26:01:500 3604 DetectCureTDL3: IrpHandler (10) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (11) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (12) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (13) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (14) addr: F86263BB 13:26:01:500 3604 DetectCureTDL3: IrpHandler (15) addr: F8629F28 13:26:01:500 3604 DetectCureTDL3: IrpHandler (16) addr: F86262E2 13:26:01:500 3604 DetectCureTDL3: IrpHandler (17) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (18) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (19) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (20) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (21) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (22) addr: F8627C82 13:26:01:500 3604 DetectCureTDL3: IrpHandler (23) addr: F862C99E 13:26:01:500 3604 DetectCureTDL3: IrpHandler (24) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (25) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (26) addr: 804F355A 13:26:01:500 3604 TDL3_FileDetect: Processing driver: Disk 13:26:01:500 3604 TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\DRIVERS\disk.sys 13:26:01:500 3604 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\DRIVERS\disk.sys 13:26:01:500 3604 TDL3_FileDetect: C:\WINDOWS\system32\DRIVERS\disk.sys - Verdict: Clean 13:26:01:500 3604 13:26:01:500 3604 DetectCureTDL3: DEVICE_OBJECT: 82D78AB8 13:26:01:500 3604 KLMD_GetLowerDeviceObject: Trying to get lower device object for 82D78AB8 13:26:01:500 3604 DetectCureTDL3: DEVICE_OBJECT: 82D73F18 13:26:01:500 3604 KLMD_GetLowerDeviceObject: Trying to get lower device object for 82D73F18 13:26:01:500 3604 DetectCureTDL3: DEVICE_OBJECT: 82D71940 13:26:01:500 3604 KLMD_GetLowerDeviceObject: Trying to get lower device object for 82D71940 13:26:01:500 3604 KLMD_ReadMem: Trying to ReadMemory 0x82D71940[0x38] 13:26:01:500 3604 DetectCureTDL3: DRIVER_OBJECT: 82D90A68 13:26:01:500 3604 KLMD_ReadMem: Trying to ReadMemory 0x82D90A68[0xA8] 13:26:01:500 3604 KLMD_ReadMem: Trying to ReadMemory 0xE1012AE8[0x1A] 13:26:01:500 3604 DetectCureTDL3: DRIVER_OBJECT name: \Driver\atapi, Driver Name: atapi 13:26:01:500 3604 DetectCureTDL3: IrpHandler (0) addr: F83DF6F2 13:26:01:500 3604 DetectCureTDL3: IrpHandler (1) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (2) addr: F83DF6F2 13:26:01:500 3604 DetectCureTDL3: IrpHandler (3) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (4) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (5) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (6) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (7) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler ( addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (9) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (10) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (11) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (12) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (13) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (14) addr: F83DF712 13:26:01:500 3604 DetectCureTDL3: IrpHandler (15) addr: F83DB852 13:26:01:500 3604 DetectCureTDL3: IrpHandler (16) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (17) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (18) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (19) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (20) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (21) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (22) addr: F83DF73C 13:26:01:500 3604 DetectCureTDL3: IrpHandler (23) addr: F83E6336 13:26:01:500 3604 DetectCureTDL3: IrpHandler (24) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (25) addr: 804F355A 13:26:01:500 3604 DetectCureTDL3: IrpHandler (26) addr: 804F355A 13:26:01:500 3604 KLMD_ReadMem: Trying to ReadMemory 0xF83DC864[0x400] 13:26:01:500 3604 TDL3_StartIoHookDetect: CheckParameters: 0, 00000000, 0 13:26:01:500 3604 TDL3_FileDetect: Processing driver: atapi 13:26:01:500 3604 TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\DRIVERS\atapi.sys 13:26:01:500 3604 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\DRIVERS\atapi.sys 13:26:01:515 3604 TDL3_FileDetect: C:\WINDOWS\system32\DRIVERS\atapi.sys - Verdict: Clean 13:26:01:515 3604 13:26:01:515 3604 Completed 13:26:01:531 3604 13:26:01:531 3604 Results: 13:26:01:531 3604 Memory objects infected / cured / cured on reboot: 0 / 0 / 0 13:26:01:531 3604 Registry objects infected / cured / cured on reboot: 0 / 0 / 0 13:26:01:531 3604 File objects infected / cured / cured on reboot: 0 / 0 / 0 13:26:01:531 3604 13:26:01:531 3604 MyNtCreateFileW: NtCreateFile(\??\C:\WINDOWS\system32\drivers\klmd.sys) returned status 00000000 13:26:01:531 3604 UtilityDeinit: KLMD(ARK) unloaded successfully This log file is located at C:\rkill.log. Please post this only if requested to by the person helping you. Otherwise you can close this log when you wish. Ran as F on 13/02/2010 at 13:30:38. Processes terminated by Rkill or while it was running: C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\ScanSoft\OmniPageSE\opware32.exe C:\Documents and Settings\F\Bureau\rkill.com Rkill completed on 13/02/2010 at 13:30:41.

C'est bien vilusmonde Qu'est-ce un outil de p2p? Je fais les manips dès que possible Merci

Après quelques essais, j'ai obtenu le rapport. Mais je n'arrive pas à envoyer le fichier zip sur mon poste. DiagHelp version v1.4 - http://www.malekal.com excute le 11/02/2010 à 12:36:11,51 System information for \\SN203659450008: Uptime: Error reading uptime Kernel version: Microsoft Windows XP, Uniprocessor Free Product type: Professional Product version: 5.1 Service pack: 3 Kernel build number: 2600 Registered organization: Registered owner: J Install date: 17/03/2006, 18:40:18 Activation status: Error reading status IE version: 7.0000 System root: C:\WINDOWS Processors: 1 Processor speed: 2.2 GHz Processor type: AMD Athlon 64 Processor 3200+ Physical memory: 512 MB Video driver: NVIDIA GeForce FX 5200LE Volume Type Format Label Size Free Free C: Fixed NTFS HDD 149.04 GB 103.33 GB 69.3% D: CD-ROM 0.0% E: CD-ROM 0.0% F: Removable 0.0% G: Removable 0.0% H: Removable 0.0% I: Removable 0.0% C:\WINDOWS\prefetch\AVWSC.EXE-0283F9DD.pf -->11/02/2010 12:35:36 C:\WINDOWS\prefetch\WINWORD.EXE-07381162.pf -->11/02/2010 12:33:42 C:\WINDOWS\prefetch\VERCLSID.EXE-3667BD89.pf -->11/02/2010 12:32:17 C:\WINDOWS\prefetch\FIREFOX.EXE-28641590.pf -->11/02/2010 12:29:32 C:\WINDOWS\prefetch\WMPLAYER.EXE-18DDEFA3.pf -->11/02/2010 12:28:56 C:\WINDOWS\prefetch\THUNDERBIRD.EXE-38CA75D9.pf -->11/02/2010 12:26:58 C:\WINDOWS\prefetch\SOFFICE.BIN-2219018C.pf -->11/02/2010 12:22:50 C:\WINDOWS\prefetch\SOFFICE.EXE-1A296C65.pf -->11/02/2010 12:22:39 C:\WINDOWS\prefetch\MSNMSGR.EXE-366A1A81.pf -->11/02/2010 12:22:32 C:\WINDOWS\prefetch\QUICKSTART.EXE-2DF9B9E8.pf -->11/02/2010 12:22:30 C:\WINDOWS\System32\drivers\avgntflt.sys -->10/12/2009 17:27:20 C:\WINDOWS\System32\drivers\http.sys -->20/10/2009 17:20:16 C:\WINDOWS\System32\drivers\ssmdrv.sys -->14/07/2009 17:23:39 C:\WINDOWS\System32\drivers\ksecdd.sys -->24/06/2009 12:18:41 C:\WINDOWS\System32\drivers\avipbb.sys -->30/03/2009 09:32:47 C:\WINDOWS\System32\drivers\avgntmgr.sys -->13/02/2009 11:28:39 C:\WINDOWS\System32\drivers\avgntdd.sys -->13/02/2009 11:17:49 C:\WINDOWS\System32\nvapps.xml -->11/02/2010 12:22:08 C:\WINDOWS\System32\wpa.dbl -->07/02/2010 19:31:55 C:\WINDOWS\System32\wininet.dll -->05/01/2010 10:56:14 C:\WINDOWS\System32\webcheck.dll -->05/01/2010 10:56:13 C:\WINDOWS\System32\urlmon.dll -->05/01/2010 10:56:13 C:\WINDOWS\System32\url.dll -->05/01/2010 10:56:13 C:\WINDOWS\System32\pngfilt.dll -->05/01/2010 10:56:13 C:\WINDOWS\System32\occache.dll -->05/01/2010 10:56:13 C:\WINDOWS\System32\mstime.dll -->05/01/2010 10:56:12 C:\WINDOWS\System32\msrating.dll -->05/01/2010 10:56:12 C:\WINDOWS\System32\mshtmled.dll -->05/01/2010 10:56:12 C:\WINDOWS\System32\mshtml.dll -->05/01/2010 10:56:12 C:\WINDOWS\System32\msfeedsbs.dll -->05/01/2010 10:56:10 C:\WINDOWS\System32\msfeeds.dll -->05/01/2010 10:56:10 C:\WINDOWS\System32\jsproxy.dll -->05/01/2010 10:56:10 C:\WINDOWS\System32\inetcpl.cpl -->05/01/2010 10:56:10 C:\WINDOWS\System32\iertutil.dll -->05/01/2010 10:56:10 C:\WINDOWS\System32\iernonce.dll -->05/01/2010 10:56:09 C:\WINDOWS\System32\iepeers.dll -->05/01/2010 10:56:09 C:\WINDOWS\System32\ieframe.dll -->05/01/2010 10:56:09 C:\WINDOWS\System32\ieencode.dll -->05/01/2010 10:56:08 C:\WINDOWS\System32\iedkcs32.dll -->05/01/2010 10:56:08 C:\WINDOWS\System32\ieapfltr.dll -->05/01/2010 10:56:07 C:\WINDOWS\System32\ieaksie.dll -->05/01/2010 10:56:07 C:\WINDOWS\System32\ieakeng.dll -->05/01/2010 10:56:07 C:\WINDOWS\WindowsUpdate.log -->11/02/2010 12:22:03 C:\WINDOWS\setupapi.log -->11/02/2010 12:22:03 C:\WINDOWS\KB978037.log -->11/02/2010 12:21:48 C:\WINDOWS\KB975713.log -->11/02/2010 12:21:47 C:\WINDOWS\KB975560.log -->11/02/2010 12:21:19 C:\WINDOWS\0.log -->11/02/2010 12:20:34 C:\WINDOWS\wiadebug.log -->11/02/2010 12:20:08 C:\WINDOWS\wiaservc.log -->11/02/2010 12:20:06 C:\WINDOWS\bootstat.dat -->11/02/2010 12:19:34 C:\WINDOWS\KB977914.log -->11/02/2010 07:37:22 C:\WINDOWS\KB978706.log -->11/02/2010 07:36:42 C:\WINDOWS\SchedLgU.Txt -->10/02/2010 21:35:50 C:\WINDOWS\win.ini -->09/02/2010 20:27:25 C:\WINDOWS\DUMP4e3f.tmp -->19/07/2009 17:53:55 C:\WINDOWS\system.ini -->02/03/2009 17:53:13 Le volume dans le lecteur C s'appelle HDD Le numéro de série du volume est 982D-A22A Répertoire de C:\WINDOWS 11/02/2010 12:21 <REP> $hf_mig$ 18/03/2006 11:38 <REP> $MSI31Uninstall_KB893803v2$ 06/09/2008 18:03 <REP> $NtServicePackUninstall$ 06/12/2006 08:29 <REP> $NtServicePackUninstallIDNMitigationAPIs$ 06/12/2006 08:28 <REP> $NtServicePackUninstallNLSDownlevelMapping$ 18/03/2006 21:57 <REP> $NtUninstallKB873339$ 18/03/2006 21:58 <REP> $NtUninstallKB885250$ 17/03/2006 19:21 <REP> $NtUninstallKB885295$ 18/03/2006 21:58 <REP> $NtUninstallKB885835$ 18/03/2006 21:58 <REP> $NtUninstallKB885836$ 18/03/2006 13:53 <REP> $NtUninstallKB886185$ 18/03/2006 21:57 <REP> $NtUninstallKB887472$ 18/03/2006 21:57 <REP> $NtUninstallKB887742$ 18/03/2006 21:57 <REP> $NtUninstallKB888113$ 18/03/2006 21:56 <REP> $NtUninstallKB888302$ 18/03/2006 21:57 <REP> $NtUninstallKB890046$ 18/03/2006 21:56 <REP> $NtUninstallKB890859$ 18/03/2006 21:57 <REP> $NtUninstallKB891781$ 18/03/2006 21:57 <REP> $NtUninstallKB893756$ 18/03/2006 13:44 <REP> $NtUninstallKB894391$ 18/03/2006 21:57 <REP> $NtUninstallKB896358$ 18/03/2006 21:58 <REP> $NtUninstallKB896422$ 18/03/2006 14:00 <REP> $NtUninstallKB896423$ 18/03/2006 21:57 <REP> $NtUninstallKB896424$ 18/03/2006 13:47 <REP> $NtUninstallKB896428$ 18/03/2006 13:57 <REP> $NtUninstallKB898458$ 18/03/2006 11:38 <REP> $NtUninstallKB898461$ 18/03/2006 21:58 <REP> $NtUninstallKB899587$ 18/03/2006 21:57 <REP> $NtUninstallKB899591$ 26/04/2006 10:08 <REP> $NtUninstallKB900485$ 18/03/2006 21:56 <REP> $NtUninstallKB900725$ 18/03/2006 21:57 <REP> $NtUninstallKB901017$ 18/03/2006 13:50 <REP> $NtUninstallKB901190$ 18/03/2006 21:56 <REP> $NtUninstallKB901214$ 18/03/2006 21:57 <REP> $NtUninstallKB902400$ 18/03/2006 13:51 <REP> $NtUninstallKB904706$ 06/12/2006 08:27 <REP> $NtUninstallKB904942$ 18/03/2006 21:57 <REP> $NtUninstallKB905414$ 18/03/2006 13:49 <REP> $NtUninstallKB905749$ 18/03/2006 21:57 <REP> $NtUninstallKB905915$ 18/03/2006 21:56 <REP> $NtUninstallKB908519$ 11/04/2006 22:21 <REP> $NtUninstallKB908531$ 18/03/2006 13:59 <REP> $NtUninstallKB910437$ 17/06/2006 00:36 <REP> $NtUninstallKB911280$ 11/04/2006 22:21 <REP> $NtUninstallKB911562$ 18/03/2006 13:56 <REP> $NtUninstallKB911564$ 18/03/2006 13:45 <REP> $NtUninstallKB911565$ 11/04/2006 22:21 <REP> $NtUninstallKB911567$ 18/03/2006 21:58 <REP> $NtUninstallKB911927$ 11/04/2006 22:21 <REP> $NtUninstallKB912812$ 18/03/2006 13:54 <REP> $NtUninstallKB912919$ 18/03/2006 13:42 <REP> $NtUninstallKB913446$ 11/05/2006 20:34 <REP> $NtUninstallKB913580$ 13/07/2006 07:57 <REP> $NtUninstallKB914388$ 17/06/2006 00:35 <REP> $NtUninstallKB914389$ 06/12/2006 08:28 <REP> $NtUninstallKB914440$ 06/12/2006 08:28 <REP> $NtUninstallKB915865$ 17/06/2006 00:36 <REP> $NtUninstallKB916281$ 13/07/2006 07:57 <REP> $NtUninstallKB916595$ 13/07/2006 07:57 <REP> $NtUninstallKB917159$ 17/06/2006 00:36 <REP> $NtUninstallKB917344$ 15/08/2006 17:04 <REP> $NtUninstallKB917422$ 17/06/2006 00:36 <REP> $NtUninstallKB917734_WMP10$ 17/06/2006 00:36 <REP> $NtUninstallKB917953$ 15/02/2007 13:22 <REP> $NtUninstallKB918118$ 17/06/2006 00:36 <REP> $NtUninstallKB918439$ 15/08/2006 17:05 <REP> $NtUninstallKB918899$ 15/09/2006 17:42 <REP> $NtUninstallKB919007$ 06/12/2006 08:28 <REP> $NtUninstallKB920213$ 19/11/2006 01:47 <REP> $NtUninstallKB920213_0$ 15/08/2006 17:05 <REP> $NtUninstallKB920214$ 15/08/2006 17:05 <REP> $NtUninstallKB920670$ 15/08/2006 17:04 <REP> $NtUninstallKB920683$ 15/09/2006 17:42 <REP> $NtUninstallKB920685$ 15/09/2006 17:42 <REP> $NtUninstallKB920872$ 15/08/2006 17:05 <REP> $NtUninstallKB921398$ 19/08/2007 21:05 <REP> $NtUninstallKB921503$ 15/08/2006 17:05 <REP> $NtUninstallKB921883$ 15/09/2006 17:41 <REP> $NtUninstallKB922582$ 15/08/2006 17:05 <REP> $NtUninstallKB922616$ 19/11/2006 01:46 <REP> $NtUninstallKB922760$ 12/10/2006 13:33 <REP> $NtUninstallKB922819$ 12/10/2006 13:33 <REP> $NtUninstallKB923191$ 12/10/2006 13:33 <REP> $NtUninstallKB923414$ 17/04/2009 11:37 <REP> $NtUninstallKB923561$ 14/12/2006 16:58 <REP> $NtUninstallKB923689$ 14/12/2006 16:57 <REP> $NtUninstallKB923694$ 15/02/2007 13:23 <REP> $NtUninstallKB923723$ 19/11/2006 01:47 <REP> $NtUninstallKB923980$ 12/10/2006 13:33 <REP> $NtUninstallKB924191$ 19/11/2006 01:47 <REP> $NtUninstallKB924270$ 12/10/2006 13:33 <REP> $NtUninstallKB924496$ 15/02/2007 13:22 <REP> $NtUninstallKB924667$ 14/12/2006 16:58 <REP> $NtUninstallKB925398_WMP64$ 27/09/2006 13:52 <REP> $NtUninstallKB925486$ 04/04/2007 13:37 <REP> $NtUninstallKB925902$ 22/09/2007 19:25 <REP> $NtUninstallKB926239$ 14/12/2006 16:57 <REP> $NtUninstallKB926255$ 15/02/2007 13:22 <REP> $NtUninstallKB926436$ 15/02/2007 13:23 <REP> $NtUninstallKB927779$ 15/02/2007 13:23 <REP> $NtUninstallKB927802$ 25/05/2007 06:46 <REP> $NtUninstallKB927891$ 15/02/2007 13:23 <REP> $NtUninstallKB928255$ 15/02/2007 13:21 <REP> $NtUninstallKB928843$ 12/06/2007 21:27 <REP> $NtUninstallKB929123$ 15/03/2007 11:39 <REP> $NtUninstallKB929338$ 26/09/2007 20:02 <REP> $NtUninstallKB929399$ 11/04/2007 23:15 <REP> $NtUninstallKB930178$ 11/05/2007 16:25 <REP> $NtUninstallKB930916$ 11/04/2007 23:15 <REP> $NtUninstallKB931261$ 11/04/2007 23:15 <REP> $NtUninstallKB931784$ 15/02/2007 13:22 <REP> $NtUninstallKB931836$ 11/04/2007 23:15 <REP> $NtUninstallKB932168$ 27/05/2008 20:19 <REP> $NtUninstallKB932823-v3$ 31/08/2007 15:56 <REP> $NtUninstallKB933360$ 12/10/2007 20:30 <REP> $NtUninstallKB933729$ 12/06/2007 21:26 <REP> $NtUninstallKB935839$ 12/06/2007 21:27 <REP> $NtUninstallKB935840$ 19/08/2007 22:28 <REP> $NtUninstallKB936021$ 19/08/2007 09:28 <REP> $NtUninstallKB936782_WMP10$ 27/09/2007 13:29 <REP> $NtUninstallKB936782_WMP11$ 10/09/2008 13:02 <REP> $NtUninstallKB938464$ 19/08/2007 21:05 <REP> $NtUninstallKB938828$ 19/08/2007 09:30 <REP> $NtUninstallKB938829$ 27/09/2007 13:30 <REP> $NtUninstallKB939683$ 12/10/2007 20:28 <REP> $NtUninstallKB941202$ 15/12/2007 23:36 <REP> $NtUninstallKB941568$ 15/12/2007 23:37 <REP> $NtUninstallKB941569$ 10/01/2008 13:21 <REP> $NtUninstallKB941644$ 09/04/2008 22:34 <REP> $NtUninstallKB941693$ 15/12/2007 23:37 <REP> $NtUninstallKB942763$ 13/02/2008 22:34 <REP> $NtUninstallKB943055$ 15/11/2007 12:46 <REP> $NtUninstallKB943460$ 10/01/2008 13:21 <REP> $NtUninstallKB943485$ 15/12/2007 23:36 <REP> $NtUninstallKB944653$ 09/04/2008 22:32 <REP> $NtUninstallKB945553$ 13/02/2008 22:34 <REP> $NtUninstallKB946026$ 06/09/2008 18:28 <REP> $NtUninstallKB946648$ 15/08/2008 20:23 <REP> $NtUninstallKB946648_0$ 09/04/2008 22:34 <REP> $NtUninstallKB948590$ 09/04/2008 22:34 <REP> $NtUninstallKB948881$ 14/05/2008 21:43 <REP> $NtUninstallKB950749$ 11/06/2008 22:24 <REP> $NtUninstallKB950760$ 06/09/2008 18:29 <REP> $NtUninstallKB950762$ 11/06/2008 22:24 <REP> $NtUninstallKB950762_0$ 06/09/2008 18:29 <REP> $NtUninstallKB950974$ 15/08/2008 20:22 <REP> $NtUninstallKB950974_0$ 06/09/2008 18:29 <REP> $NtUninstallKB951066$ 15/08/2008 20:20 <REP> $NtUninstallKB951066_0$ 15/08/2008 20:21 <REP> $NtUninstallKB951072-v2$ 06/09/2008 18:29 <REP> $NtUninstallKB951376$ 06/09/2008 18:29 <REP> $NtUninstallKB951376-v2$ 20/06/2008 07:20 <REP> $NtUninstallKB951376-v2_0$ 11/06/2008 22:24 <REP> $NtUninstallKB951376_0$ 06/09/2008 18:29 <REP> $NtUninstallKB951698$ 11/06/2008 22:24 <REP> $NtUninstallKB951698_0$ 06/09/2008 18:29 <REP> $NtUninstallKB951748$ 09/07/2008 10:02 <REP> $NtUninstallKB951748_0$ 07/09/2008 23:11 <REP> $NtUninstallKB951978$ 17/04/2009 11:38 <REP> $NtUninstallKB952004$ 11/12/2008 20:36 <REP> $NtUninstallKB952069_WM9$ 06/09/2008 18:29 <REP> $NtUninstallKB952287$ 15/08/2008 20:21 <REP> $NtUninstallKB952287_0$ 06/09/2008 18:29 <REP> $NtUninstallKB952954$ 15/08/2008 20:23 <REP> $NtUninstallKB952954_0$ 15/08/2008 20:23 <REP> $NtUninstallKB953839$ 10/09/2008 13:01 <REP> $NtUninstallKB954154_WM11$ 14/10/2009 22:53 <REP> $NtUninstallKB954155_WM9$ 16/10/2008 06:54 <REP> $NtUninstallKB954211$ 16/11/2008 12:12 <REP> $NtUninstallKB954459$ 11/12/2008 20:35 <REP> $NtUninstallKB954600$ 16/11/2008 12:12 <REP> $NtUninstallKB955069$ 14/01/2010 09:19 <REP> $NtUninstallKB955759$ 11/12/2008 20:39 <REP> $NtUninstallKB955839$ 15/10/2008 20:47 <REP> $NtUninstallKB956391$ 17/04/2009 11:39 <REP> $NtUninstallKB956572$ 21/08/2009 16:24 <REP> $NtUninstallKB956744$ 11/12/2008 20:35 <REP> $NtUninstallKB956802$ 15/10/2008 20:47 <REP> $NtUninstallKB956803$ 16/10/2008 06:53 <REP> $NtUninstallKB956841$ 10/09/2009 08:02 <REP> $NtUninstallKB956844$ 15/10/2008 20:47 <REP> $NtUninstallKB957095$ 16/11/2008 12:12 <REP> $NtUninstallKB957097$ 25/10/2008 11:40 <REP> $NtUninstallKB958644$ 14/01/2009 19:15 <REP> $NtUninstallKB958687$ 15/03/2009 11:41 <REP> $NtUninstallKB958690$ 14/10/2009 22:55 <REP> $NtUninstallKB958869$ 17/04/2009 11:42 <REP> $NtUninstallKB959426$ 15/03/2009 11:40 <REP> $NtUninstallKB959772_WM11$ 15/03/2009 11:41 <REP> $NtUninstallKB960225$ 15/02/2009 10:18 <REP> $NtUninstallKB960715$ 17/04/2009 11:37 <REP> $NtUninstallKB960803$ 21/08/2009 16:25 <REP> $NtUninstallKB960859$ 16/07/2009 09:10 <REP> $NtUninstallKB961371$ 17/04/2009 11:42 <REP> $NtUninstallKB961373$ 13/06/2009 19:49 <REP> $NtUninstallKB961501$ 28/02/2009 08:31 <REP> $NtUninstallKB967715$ 23/08/2009 22:53 <REP> $NtUninstallKB968389$ 13/06/2009 19:45 <REP> $NtUninstallKB968537$ 10/09/2009 08:02 <REP> $NtUninstallKB968816_WM9$ 14/10/2009 22:53 <REP> $NtUninstallKB969059$ 13/06/2009 19:49 <REP> $NtUninstallKB969898$ 10/11/2009 22:12 <REP> $NtUninstallKB969947$ 13/06/2009 19:46 <REP> $NtUninstallKB970238$ 10/12/2009 18:28 <REP> $NtUninstallKB970430$ 26/08/2009 09:02 <REP> $NtUninstallKB970653-v3$ 14/10/2009 22:48 <REP> $NtUninstallKB971486$ 21/08/2009 16:25 <REP> $NtUninstallKB971557$ 16/07/2009 09:13 <REP> $NtUninstallKB971633$ 21/08/2009 16:25 <REP> $NtUninstallKB971657$ 10/12/2009 18:27 <REP> $NtUninstallKB971737$ 10/09/2009 08:01 <REP> $NtUninstallKB971961$ 16/01/2010 10:50 <REP> $NtUninstallKB972270$ 16/07/2009 09:13 <REP> $NtUninstallKB973346$ 21/08/2009 16:23 <REP> $NtUninstallKB973354$ 21/08/2009 16:23 <REP> $NtUninstallKB973507$ 14/10/2009 22:48 <REP> $NtUninstallKB973525$ 21/08/2009 16:22 <REP> $NtUninstallKB973540_WM9$ 25/11/2009 13:57 <REP> $NtUninstallKB973687$ 21/08/2009 16:19 <REP> $NtUninstallKB973815$ 21/08/2009 16:24 <REP> $NtUninstallKB973869$ 10/12/2009 08:23 <REP> $NtUninstallKB973904$ 14/10/2009 22:52 <REP> $NtUninstallKB974112$ 10/12/2009 18:28 <REP> $NtUninstallKB974318$ 10/12/2009 18:27 <REP> $NtUninstallKB974392$ 14/10/2009 22:51 <REP> $NtUninstallKB974571$ 14/10/2009 22:52 <REP> $NtUninstallKB975025$ 14/10/2009 22:47 <REP> $NtUninstallKB975467$ 25/11/2009 13:57 <REP> $NtUninstallKB976098-v2$ 22/09/2007 19:25 <REP> $NtUninstallMSCompPackV1$ 22/09/2007 19:23 <REP> $NtUninstallWMFDist11$ 22/09/2007 19:24 <REP> $NtUninstallwmp11$ 22/09/2007 19:22 <REP> $NtUninstallWudf01000$ 30/01/2010 00:19 <REP> ftpcache 17/03/2006 19:23 <REP> I386 06/12/2006 08:30 <REP> ie7 11/02/2010 12:21 <REP> inf 24/01/2010 09:55 <REP> Installer 07/11/2008 23:43 54 156 QTFont.qfn 05/08/2004 14:00 49 102 winnt.bmp 05/08/2004 14:00 49 102 winnt256.bmp 4 fichier(s) 153 109 octets 238 Rép(s) 110 945 869 824 octets libres Le volume dans le lecteur C s'appelle HDD Le numéro de série du volume est 982D-A22A Répertoire de C:\WINDOWS\system32 22/01/2010 13:21 <REP> dllcache 23/05/2008 22:56 2 516 KGyGaAvL.sys 08/07/2007 22:50 4 212 zllictbl.dat 9 fichier(s) 11 449 octets 1 Rép(s) 110 945 857 536 octets libres winlogon.exe Verified: Unsigned svchost.exe Verified: Unsigned ws2_32.dll Verified: Unsigned user32.dll Verified: Unsigned tcpip.sys Verified: Unsigned ndis.sys Verified: Unsigned null.sys Verified: Unsigned userinit.exe kernel32.dll ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ explorer.exe pid: 2132 Command line: C:\WINDOWS\Explorer.EXE Base Size Version Path 0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll 0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll 0x76610000 0x84000 5.131.2600.5512 C:\WINDOWS\system32\CRYPTUI.dll 0x404a0000 0xd1000 7.00.6000.16981 C:\WINDOWS\system32\WININET.dll 0x00400000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll 0x40b40000 0x45000 7.00.6000.16981 C:\WINDOWS\system32\iertutil.dll 0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll 0x753c0000 0x6b000 1.420.2600.5512 C:\WINDOWS\system32\USP10.dll 0x71950000 0xe4000 6.00.2600.0000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll 0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\comctl32.dll 0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll 0x76ac0000 0x11000 3.05.2284.0002 C:\WINDOWS\system32\ATL.DLL 0x40d30000 0x5cd000 7.00.6000.16981 C:\WINDOWS\system32\ieframe.dll 0x45180000 0x128000 7.00.6000.16981 C:\WINDOWS\system32\urlmon.dll 0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll 0x7d200000 0x2bc000 3.01.4001.5512 C:\WINDOWS\system32\msi.dll 0x442b0000 0x3c000 7.00.6000.16981 C:\WINDOWS\system32\webcheck.dll 0x164a0000 0x23000 5.02.5721.5145 C:\WINDOWS\system32\WPDShServiceObj.dll 0x67080000 0x1c000 3.00.0006.0000 C:\Program Files\FileZilla FTP Client\fzshellext.dll 0x109c0000 0x2c000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceTypes.dll 0x10930000 0x49000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceApi.dll 0x10000000 0x2b000 11.00.0000.0001 C:\Program Files\ScanSoft\OmniPageSE\ophook32.dll 0x62350000 0x53000 2.00.0500.0000 C:\Program Files\OpenOffice.org 2.3\program\shlxthdl.dll 0x60400000 0x18000 2.00.0500.0000 C:\Program Files\OpenOffice.org 2.3\program\uwinapi.dll 0x7c340000 0x56000 7.10.3052.0004 C:\Program Files\OpenOffice.org 2.3\program\MSVCR71.dll 0x70d00000 0x1a0000 5.01.3097.0000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.0.0_x-ww_8d353f13\gdiplus.dll 0x61e70000 0x8e000 4.05.2003.0120 C:\Program Files\OpenOffice.org 2.3\program\stlport_vc7145.dll 0x7c3a0000 0x7b000 7.10.3077.0000 C:\Program Files\OpenOffice.org 2.3\program\MSVCP71.dll 0x02c80000 0x5b000 9.01.0000.0163 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll 0x78130000 0x9b000 8.00.50727.0762 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll 0x02ce0000 0x4c000 9.01.0000.0163 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA 0x031d0000 0x2c000 C:\Program Files\WinRAR\rarext.dll 0x03600000 0x4c000 9.00.0000.0004 C:\Program Files\Avira\AntiVir Desktop\shlext.dll 0x03660000 0x12000 1.01.0000.0000 C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll 0x03b80000 0xf2000 12.00.6415.1000 C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\msoshext.dll 0x78800000 0x15c000 5.20.1087.0000 C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\msxml5.dll ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ winlogon.exe pid: 448 Command line: winlogon.exe Base Size Version Path 0x01000000 0x82000 \??\C:\WINDOWS\system32\winlogon.exe 0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll 0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll 0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll 0x753c0000 0x6b000 1.420.2600.5512 C:\WINDOWS\system32\USP10.dll 0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\COMCTL32.dll 0x74730000 0x3d000 3.525.1132.0000 C:\WINDOWS\system32\ODBC32.dll 0x00980000 0xe4000 6.00.2600.0000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll 0x1f840000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll 0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll 0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL Contenu de Downloaded Program Files Le volume dans le lecteur C s'appelle HDD Le numéro de série du volume est 982D-A22A Répertoire de C:\WINDOWS\Downloaded Program Files 24/02/2009 22:29 <REP> . 24/02/2009 22:29 <REP> .. 07/12/2004 17:07 32 bdcore.dll 25/05/2006 01:21 118 784 bdupd.dll 16/08/2004 18:08 65 desktop.ini 25/07/2002 16:13 24 576 dwusplay.dll 25/07/2002 16:13 196 608 dwusplay.exe 25/05/2006 01:21 53 248 ipsupd.dll 16/02/2005 15:15 401 408 isusweb.dll 08/08/2006 10:45 576 kavwebscan.inf 16/03/2005 12:34 7 407 lang.ini 07/12/2004 17:07 32 libfn.dll 14/03/2005 14:38 126 live.ini 30/06/2005 15:19 227 MsnMessengerSetupDownloader.inf 14/08/2005 00:26 113 664 MsnMessengerSetupDownloader.ocx 01/06/2006 02:57 1 331 oscan8.inf 01/06/2006 02:54 471 040 oscan8.ocx 31/05/2006 04:15 10 oscan81.ocx_x 14/03/2005 14:58 7 073 scanoptions.tsi 26/03/2007 15:46 5 085 swflash.inf 18 fichier(s) 1 401 292 octets Total des fichiers listés : 18 fichier(s) 1 401 292 octets 2 Rép(s) 110 945 845 248 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues Export des clefs sensibles.. Liste des fichiers en exception sur le pare-feu XP SP2 "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\AOL 9.0\\waol.exe"="C:\\Program Files\\AOL 9.0\\waol.exe:*:Enabled:AOL" "C:\\Program Files\\Kazaa Lite K++\\KazaaLite.kpp"="C:\\Program Files\\Kazaa Lite K++\\KazaaLite.kpp:*:Enabled:KazaaLite" "C:\\Program Files\\Real\\RealPlayer\\realplay.exe"="C:\\Program Files\\Real\\RealPlayer\\realplay.exe:*:Enabled:RealPlayer" "C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger" "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" Export de la clef SharedTaskScheduler [sharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" exports des policies REGEDIT4 [system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 "DisableRegistryTools"=dword:00000000 Export des clefs sensibles.. Rechercher adresses sensibles dans le fichier HOSTS... catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-02-11 12:36:58 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden services & system hive ... scanning hidden registry entries ... [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\\xac ] "SlowInfoCache"=hex:28,02,00,00,01,00,00,00,00,c0,01,00,00,00,00,00,84,b4,27,7e,1a,.. "Changed"=dword:00000000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\xac ] "DisplayName"="\x20ac Convertisseur v1.2" "UninstallString"="c:\program files\\x20ac Convertisseur v1.2\Uninstal.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher] "TracesProcessed"=dword:00000182 scanning hidden files ... scan completed successfully hidden services: 0 hidden files: 0 Stealth MBR rootkit detector 0.2.4 by Gmer, http://www.gmer.net device: opened successfully user: MBR read successfully kernel: MBR read successfully user & kernel MBR OK KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Process list by traversal of KiWaitListHead 4 - System 424 - csrss.exe 448 - winlogon.exe 492 - services.exe 504 - lsass.exe 680 - svchost.exe 712 - alg.exe 728 - svchost.exe 792 - svchost.exe 896 - svchost.exe 928 - svchost.exe 1020 - spoolsv.exe 1088 - sched.exe 1592 - avguard.exe 1604 - AOLacsd.exe 1688 - MDM.EXE 1752 - nvsvc32.exe 1800 - PSIService.exe 1864 - slserv.exe 1908 - svchost.exe 2132 - explorer.exe 2208 - wmiprvse.exe 2432 - jusched.exe 2456 - dragdiag.exe 2480 - realsched.exe 2488 - vspdfprsrv.exe 2532 - opware32.exe 2568 - issch.exe 2588 - svchost.exe 2612 - QTTask.exe 2672 - avgnt.exe 2968 - ctfmon.exe 2988 - msnmsgr.exe 2996 - TeaTimer.exe 3032 - WINWORD.EXE 3040 - cmd.exe 3056 - soffice.exe 3092 - soffice.bin 3516 - wmiprvse.exe Total number of processes = 39 NOTE: Under WinXP, this will not show all processes. KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Driver/Module list by traversal of PsLoadedModuleList 804D7000 - \WINDOWS\system32\ntkrnlpa.exe 806D0000 - \WINDOWS\system32\hal.dll F8A65000 - \WINDOWS\system32\KDCOM.DLL F8975000 - \WINDOWS\system32\BOOTVID.dll F8435000 - ACPI.sys F8A67000 - \WINDOWS\system32\DRIVERS\WMILIB.SYS F8424000 - pci.sys F8565000 - isapnp.sys F8B2D000 - pciide.sys F87E5000 - \WINDOWS\system32\DRIVERS\PCIIDEX.SYS F8A69000 - aliide.sys F8A6B000 - cmdide.sys F8A6D000 - toside.sys F8A6F000 - viaide.sys F8A71000 - intelide.sys F8575000 - MountMgr.sys F8405000 - ftdisk.sys F87ED000 - PartMgr.sys F8585000 - VolSnap.sys F8979000 - cpqarray.sys F83ED000 - \WINDOWS\system32\DRIVERS\SCSIPORT.SYS F83D5000 - atapi.sys F897D000 - aha154x.sys F87F5000 - sparrow.sys F8981000 - symc810.sys F8595000 - aic78xx.sys F8985000 - dac960nt.sys F85A5000 - ql10wnt.sys F8989000 - amsint.sys F87FD000 - asc.sys F898D000 - asc3550.sys F8805000 - mraid35x.sys F880D000 - i2omp.sys F8991000 - ini910u.sys F85B5000 - ql1240.sys F85C5000 - aic78u2.sys F8815000 - symc8xx.sys F881D000 - sym_hi.sys F8825000 - sym_u3.sys F882D000 - ABP480N5.SYS F8835000 - asc3350p.sys F8A73000 - cd20xrnt.sys F85D5000 - ultra.sys F83BC000 - adpu160m.sys F883D000 - dpti2o.sys F85E5000 - ql1080.sys F85F5000 - ql1280.sys F8605000 - ql12160.sys F8845000 - perc2.sys F8A75000 - perc2hib.sys F884D000 - hpn.sys F8995000 - cbidf2k.sys F8390000 - dac2w2k.sys F8615000 - disk.sys F8625000 - \WINDOWS\system32\DRIVERS\CLASSPNP.SYS F8370000 - fltmgr.sys F835E000 - sr.sys F8635000 - PxHelp20.sys F8999000 - PzWDM.sys F8347000 - KSecDD.sys F82BA000 - Ntfs.sys F828D000 - NDIS.sys F8645000 - viaagp.sys F8855000 - viaagp1.sys F899D000 - RecAgent.sys F8655000 - ohci1394.sys F8665000 - \WINDOWS\system32\DRIVERS\1394BUS.SYS F8273000 - Mup.sys F8675000 - alim1541.sys F8685000 - amdagp.sys F8695000 - agp440.sys F86A5000 - agpCPQ.sys F86B5000 - gagp30kx.sys F86F5000 - \SystemRoot\system32\DRIVERS\nic1394.sys F8735000 - \SystemRoot\system32\DRIVERS\AmdK8.sys F75C3000 - \SystemRoot\system32\DRIVERS\nv4_mini.sys F75AF000 - \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS F893D000 - \SystemRoot\system32\DRIVERS\usbuhci.sys F758B000 - \SystemRoot\system32\DRIVERS\USBPORT.SYS F8945000 - \SystemRoot\system32\DRIVERS\usbehci.sys F8A5D000 - \SystemRoot\system32\drivers\pfc.sys F8745000 - \SystemRoot\system32\DRIVERS\cdrom.sys F8755000 - \SystemRoot\system32\DRIVERS\redbook.sys F7568000 - \SystemRoot\system32\DRIVERS\ks.sys F8765000 - \SystemRoot\system32\DRIVERS\imapi.sys F7537000 - \SystemRoot\system32\drivers\STAC97.sys F7513000 - \SystemRoot\system32\drivers\portcls.sys F8775000 - \SystemRoot\system32\drivers\drmk.sys F74C4000 - \SystemRoot\system32\DRIVERS\slntamr.sys F894D000 - \SystemRoot\system32\DRIVERS\SlWdmSup.sys F74A8000 - \SystemRoot\system32\DRIVERS\Mtlmnt5.sys F8955000 - \SystemRoot\System32\Drivers\Modem.SYS F8785000 - \SystemRoot\system32\DRIVERS\R8139n51.SYS F895D000 - \SystemRoot\system32\DRIVERS\fdc.sys F7497000 - \SystemRoot\system32\DRIVERS\serial.sys F81A7000 - \SystemRoot\system32\DRIVERS\serenum.sys F7483000 - \SystemRoot\system32\DRIVERS\parport.sys F8795000 - \SystemRoot\system32\DRIVERS\i8042prt.sys F8965000 - \SystemRoot\system32\DRIVERS\mouclass.sys F896D000 - \SystemRoot\system32\DRIVERS\kbdclass.sys F8B43000 - \SystemRoot\system32\DRIVERS\audstub.sys F87A5000 - \SystemRoot\system32\DRIVERS\rasl2tp.sys F81A3000 - \SystemRoot\system32\DRIVERS\ndistapi.sys F746C000 - \SystemRoot\system32\DRIVERS\ndiswan.sys F87B5000 - \SystemRoot\system32\DRIVERS\raspppoe.sys F87C5000 - \SystemRoot\system32\DRIVERS\raspptp.sys F886D000 - \SystemRoot\system32\DRIVERS\TDI.SYS F745B000 - \SystemRoot\system32\DRIVERS\psched.sys F87D5000 - \SystemRoot\system32\DRIVERS\msgpc.sys F8875000 - \SystemRoot\system32\DRIVERS\ptilink.sys F887D000 - \SystemRoot\system32\DRIVERS\raspti.sys F8885000 - \SystemRoot\system32\DRIVERS\wanatw4.sys F8263000 - \SystemRoot\system32\DRIVERS\termdd.sys F8A9D000 - \SystemRoot\system32\DRIVERS\swenum.sys F73FD000 - \SystemRoot\system32\DRIVERS\update.sys F819B000 - \SystemRoot\system32\DRIVERS\mssmbios.sys F8243000 - \SystemRoot\System32\Drivers\NDProxy.SYS F8233000 - \SystemRoot\system32\DRIVERS\usbhub.sys F8AA7000 - \SystemRoot\system32\DRIVERS\USBD.SYS F8167000 - \SystemRoot\system32\drivers\MODEMCSA.sys F889D000 - \SystemRoot\system32\DRIVERS\USBSTOR.SYS F8A1D000 - \SystemRoot\System32\Drivers\bc_ngn.SYS F88AD000 - \SystemRoot\System32\Drivers\bc_filter.SYS F88B5000 - \SystemRoot\System32\Drivers\bc_ip_f.SYS F8AAD000 - \SystemRoot\System32\Drivers\bc_pat_f.SYS F8AAF000 - \SystemRoot\System32\Drivers\bc_prt_f.SYS F8A29000 - \SystemRoot\System32\Drivers\bc_tdi_f.SYS F8A2D000 - \SystemRoot\System32\Drivers\i2omgmt.SYS F8AB1000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS F8C45000 - \SystemRoot\System32\Drivers\Null.SYS F8AB3000 - \SystemRoot\System32\Drivers\Beep.SYS F88CD000 - \SystemRoot\system32\DRIVERS\HIDPARSE.SYS F88D5000 - \SystemRoot\System32\drivers\vga.sys F8AB5000 - \SystemRoot\System32\Drivers\mnmdd.SYS F8AB7000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys F88DD000 - \SystemRoot\System32\Drivers\Msfs.SYS F88E5000 - \SystemRoot\System32\Drivers\Npfs.SYS F8A35000 - \SystemRoot\system32\DRIVERS\rasacd.sys F5758000 - \SystemRoot\system32\DRIVERS\ipsec.sys F56FF000 - \SystemRoot\system32\DRIVERS\tcpip.sys F789C000 - \SystemRoot\System32\Drivers\bcftdi.SYS F56AF000 - \SystemRoot\system32\DRIVERS\netbt.sys F568D000 - \SystemRoot\System32\drivers\afd.sys F788C000 - \SystemRoot\system32\DRIVERS\netbios.sys F5662000 - \SystemRoot\system32\DRIVERS\rdbss.sys F55F2000 - \SystemRoot\system32\DRIVERS\mrxsmb.sys F786C000 - \SystemRoot\System32\Drivers\Fips.SYS F55CC000 - \SystemRoot\system32\DRIVERS\ipnat.sys F785C000 - \SystemRoot\system32\DRIVERS\wanarp.sys F784C000 - \SystemRoot\system32\DRIVERS\arp1394.sys F5588000 - \SystemRoot\system32\DRIVERS\avipbb.sys F8AC7000 - \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys F81E3000 - \SystemRoot\System32\Drivers\Cdfs.SYS F5570000 - \SystemRoot\System32\Drivers\dump_atapi.sys F8AE1000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS BF800000 - \SystemRoot\System32\win32k.sys F62B1000 - \SystemRoot\System32\drivers\Dxapi.sys F8935000 - \SystemRoot\System32\watchdog.sys BF000000 - \SystemRoot\System32\drivers\dxg.sys F8C5F000 - \SystemRoot\System32\drivers\dxgthk.sys BF012000 - \SystemRoot\System32\nv4_disp.dll F45A1000 - \SystemRoot\system32\DRIVERS\avgntflt.sys F62CD000 - \SystemRoot\system32\DRIVERS\ndisuio.sys F3B1C000 - \SystemRoot\system32\DRIVERS\mrxdav.sys F39EB000 - \SystemRoot\System32\Drivers\HTTP.sys F3971000 - \SystemRoot\system32\DRIVERS\srv.sys F34D4000 - \SystemRoot\system32\drivers\wdmaud.sys F3A7C000 - \SystemRoot\system32\drivers\sysaudio.sys F23FE000 - \SystemRoot\system32\drivers\kmixer.sys F73D5000 - \SystemRoot\system32\DRIVERS\asyncmac.sys F8A8D000 - \??\C:\DOCUME~1\F\LOCALS~1\Temp\mbr.sys F8CB2000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys Total number of drivers = 172 Liste des programmes installes Adobe AIR Adobe AIR Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Reader 9.2 - Français Alcatel SpeedTouch USB Software AnmanieSMP 2.4 i Archiveur WinRAR ArcSoft Camera Suite ArcSoft PhotoBase 3 ArcSoft PhotoStudio 5 Avira AntiVir Personal - Free Antivirus AVS DVD Player version 1.3.1.82 Aztech CNR2900 V.90 Modem € Convertisseur v1.2 CanoScan LiDE20,30 Manual CanoScan Toolbox 4.1 CCleaner (remove only) CDex extraction audio CorelDRAW Graphics Suite X3 CorelDRAW Graphics Suite X3 Correctif pour Lecteur Windows Media 11 (KB939683) Correctif pour Windows Internet Explorer 7 (KB947864) Correctif pour Windows XP (KB952287) Correctif pour Windows XP (KB970653-v3) Correctif pour Windows XP (KB976098-v2) Didapages 1.1 DivxToDVD 0.5.2 eXPert PDF 4 FileZilla Client 3.0.6 Fleuves et montagnes de France FontNav FR Free Mp3 Wma Converter V 1.5.5 Google Earth HijackThis 2.0.2 Hotfix for Windows Media Format 11 SDK (KB929399) Java 2 Runtime Environment, SE v1.4.2_05 Jetico Personal Firewall 1.0 K-Lite Codec Pack 2.70 Basic Kaspersky On-line Scanner Kaspersky Online Scanner Kazaa Lite K++ v2.4.3 La carte du ciel Lecteur Windows Media 11 Les départements français Malwarebytes' Anti-Malware Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 French Language Pack Microsoft .NET Framework 1.1 Security Update (KB953297) Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office Access MUI (French) 2007 Microsoft Office Excel MUI (French) 2007 Microsoft Office Outlook MUI (French) 2007 Microsoft Office PowerPoint MUI (French) 2007 Microsoft Office Professional 2007 Microsoft Office Professional 2007 Microsoft Office Proof (Arabic) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (French) 2007 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Publisher MUI (French) 2007 Microsoft Office Shared MUI (French) 2007 Microsoft Office Word MUI (French) 2007 Microsoft Software Update for Web Folders (French) 12 Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Mise à jour critique pour Lecteur Windows Media 11 (KB959772) Mise à jour de sécurité pour Lecteur Windows Media (KB911564) Mise à jour de sécurité pour Lecteur Windows Media (KB952069) Mise à jour de sécurité pour Lecteur Windows Media (KB954155) Mise à jour de sécurité pour Lecteur Windows Media (KB968816) Mise à jour de sécurité pour Lecteur Windows Media (KB973540) Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565) Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734) Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782) Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782) Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154) Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398) Mise à jour de sécurité pour Step by Step Interactive Training (KB898458) Mise à jour de sécurité pour Step by Step Interactive Training (KB923723) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB969897) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB972260) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB974455) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB976325) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB978207) Mise à jour de sécurité pour Windows XP (KB923561) Mise à jour de sécurité pour Windows XP (KB923689) Mise à jour de sécurité pour Windows XP (KB938464) Mise à jour de sécurité pour Windows XP (KB941569) Mise à jour de sécurité pour Windows XP (KB946648) Mise à jour de sécurité pour Windows XP (KB950760) Mise à jour de sécurité pour Windows XP (KB950762) Mise à jour de sécurité pour Windows XP (KB950974) Mise à jour de sécurité pour Windows XP (KB951066) Mise à jour de sécurité pour Windows XP (KB951376-v2) Mise à jour de sécurité pour Windows XP (KB951376) Mise à jour de sécurité pour Windows XP (KB951698) Mise à jour de sécurité pour Windows XP (KB951748) Mise à jour de sécurité pour Windows XP (KB952004) Mise à jour de sécurité pour Windows XP (KB952954) Mise à jour de sécurité pour Windows XP (KB953839) Mise à jour de sécurité pour Windows XP (KB954211) Mise à jour de sécurité pour Windows XP (KB954459) Mise à jour de sécurité pour Windows XP (KB954600) Mise à jour de sécurité pour Windows XP (KB955069) Mise à jour de sécurité pour Windows XP (KB956391) Mise à jour de sécurité pour Windows XP (KB956572) Mise à jour de sécurité pour Windows XP (KB956744) Mise à jour de sécurité pour Windows XP (KB956802) Mise à jour de sécurité pour Windows XP (KB956803) Mise à jour de sécurité pour Windows XP (KB956841) Mise à jour de sécurité pour Windows XP (KB956844) Mise à jour de sécurité pour Windows XP (KB957095) Mise à jour de sécurité pour Windows XP (KB957097) Mise à jour de sécurité pour Windows XP (KB958644) Mise à jour de sécurité pour Windows XP (KB958687) Mise à jour de sécurité pour Windows XP (KB958690) Mise à jour de sécurité pour Windows XP (KB958869) Mise à jour de sécurité pour Windows XP (KB959426) Mise à jour de sécurité pour Windows XP (KB960225) Mise à jour de sécurité pour Windows XP (KB960715) Mise à jour de sécurité pour Windows XP (KB960803) Mise à jour de sécurité pour Windows XP (KB960859) Mise à jour de sécurité pour Windows XP (KB961371) Mise à jour de sécurité pour Windows XP (KB961373) Mise à jour de sécurité pour Windows XP (KB961501) Mise à jour de sécurité pour Windows XP (KB968537) Mise à jour de sécurité pour Windows XP (KB969059) Mise à jour de sécurité pour Windows XP (KB969898) Mise à jour de sécurité pour Windows XP (KB969947) Mise à jour de sécurité pour Windows XP (KB970238) Mise à jour de sécurité pour Windows XP (KB970430) Mise à jour de sécurité pour Windows XP (KB971486) Mise à jour de sécurité pour Windows XP (KB971557) Mise à jour de sécurité pour Windows XP (KB971633) Mise à jour de sécurité pour Windows XP (KB971657) Mise à jour de sécurité pour Windows XP (KB971961) Mise à jour de sécurité pour Windows XP (KB972270) Mise à jour de sécurité pour Windows XP (KB973346) Mise à jour de sécurité pour Windows XP (KB973354) Mise à jour de sécurité pour Windows XP (KB973507) Mise à jour de sécurité pour Windows XP (KB973525) Mise à jour de sécurité pour Windows XP (KB973869) Mise à jour de sécurité pour Windows XP (KB973904) Mise à jour de sécurité pour Windows XP (KB974112) Mise à jour de sécurité pour Windows XP (KB974318) Mise à jour de sécurité pour Windows XP (KB974392) Mise à jour de sécurité pour Windows XP (KB974571) Mise à jour de sécurité pour Windows XP (KB975025) Mise à jour de sécurité pour Windows XP (KB975467) Mise à jour pour Windows Internet Explorer 7 (KB976749) Mise à jour pour Windows XP (KB951072-v2) Mise à jour pour Windows XP (KB951978) Mise à jour pour Windows XP (KB955759) Mise à jour pour Windows XP (KB955839) Mise à jour pour Windows XP (KB967715) Mise à jour pour Windows XP (KB968389) Mise à jour pour Windows XP (KB971737) Mise à jour pour Windows XP (KB973687) Mise à jour pour Windows XP (KB973815) MLB.com OnBase MLB.com OnBase Mozilla Firefox (3.0.17) Mozilla Thunderbird (2.0.0.23) MP3 CD Writer MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MyDSC2 Neuf - Kit de connexion OmniPage SE ONES Trial (F) OpenOffice.org 2.3 Picasa 3 QuickTime RealPlayer ScummVM 0.9.1 Security Update for 2007 Microsoft Office System (KB969559) Security Update for 2007 Microsoft Office System (KB973704) Security Update for Microsoft Office Excel 2007 (KB973593) Security Update for Microsoft Office Outlook 2007 (KB972363) Security Update for Microsoft Office PowerPoint 2007 (KB957789) Security Update for Microsoft Office Publisher 2007 (KB969693) Security Update for Microsoft Office system 2007 (972581) Security Update for Microsoft Office system 2007 (KB969613) Security Update for Microsoft Office system 2007 (KB974234) Security Update for Microsoft Office Visio Viewer 2007 (KB973709) Security Update for Microsoft Office Word 2007 (KB969604) Sonic MyDVD Spybot - Search & Destroy TerraExplorer Theme Park World Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office InfoPath 2007 (KB976416) Update for Outlook 2007 Junk Email Filter (kb977839) Update Manager vanBasco's Karaoke Player VBA VideoLAN VLC media player 0.8.4a WebFldrs XP Windows Internet Explorer 7 Windows Live Messenger Windows Live Sign-in Assistant Windows Media Format 11 runtime Windows Media Format 11 runtime Windows Media Player 11 Windows XP Service Pack 3 XnView 1.92 Xvid 1.1.2 final uninstall Yahoo! Toolbar Yahoo! Toolbar avec bloqueur de fenêtres pop-up ZHPDiag 1.25 Zip Motion Block Video codec (Remove Only) Le volume dans le lecteur C s'appelle HDD Le numéro de série du volume est 982D-A22A Répertoire de C:\Program Files 10/02/2010 13:44 <REP> . 10/02/2010 13:44 <REP> .. 28/06/2007 14:26 <REP> € Convertisseur v1.2 01/11/2009 21:14 <REP> Adobe 06/06/2006 17:21 <REP> Alcatel 17/03/2006 18:30 <REP> AMD 15/12/2006 00:10 <REP> AnmSMP 05/09/2009 11:32 <REP> AOL 9.0 06/06/2006 22:48 <REP> AOL Compagnon 15/02/2009 16:09 <REP> Apple Software Update 01/05/2008 11:45 <REP> ArcSoft 04/07/2009 11:27 <REP> Avira 20/03/2006 15:19 <REP> AVSMedia 22/07/2007 21:54 <REP> BitTorrent Fastest Tool 25/09/2006 15:55 <REP> Bullfrog 01/05/2008 11:48 <REP> Canon 12/11/2007 22:02 <REP> CCleaner 26/03/2007 20:06 <REP> CDex_170b2 29/01/2009 11:47 <REP> Clear History 16/08/2004 18:05 <REP> ComPlus Applications 28/01/2007 16:26 <REP> Computerbrains 23/05/2008 22:50 <REP> Corel 30/01/2010 00:27 <REP> Didapages 30/05/2006 14:07 <REP> DIKO 17/12/2006 16:47 <REP> DivX 13/02/2007 22:05 <REP> DOSBox-0.65 24/01/2010 09:02 <REP> eMule 18/09/2006 21:49 4 642 748 eMule-NG-0[1].47a-Installer.zip 26/10/2007 13:25 <REP> Eraser 24/07/2009 15:37 <REP> Everest Poker 24/01/2010 15:37 <REP> Fichiers communs 24/01/2010 09:09 <REP> File Scanner Library (Spybot - Search & Destroy) 10/02/2008 18:59 <REP> FileZilla FTP Client 26/03/2007 20:47 <REP> Free Audio Pack 01/12/2007 17:00 <REP> GEOGRAPHIE 09/08/2009 21:55 <REP> Google 22/01/2010 13:21 <REP> Internet Explorer 23/05/2008 22:29 <REP> IrfanView 17/03/2006 18:33 <REP> Java 09/07/2007 17:27 <REP> Jetico 26/02/2007 15:18 <REP> Kazaa Lite K++ 18/12/2006 17:41 <REP> K-Lite Codec Pack 17/03/2006 18:49 <REP> Learn2.com 01/03/2009 22:07 <REP> Malwarebytes' Anti-Malware 25/09/2006 16:24 <REP> Maxis 06/09/2008 18:28 <REP> Messenger 16/08/2004 18:11 <REP> microsoft frontpage 25/11/2008 19:08 <REP> Microsoft Office 20/03/2006 18:28 <REP> Microsoft Visual Studio 18/11/2009 21:21 <REP> Microsoft Works 25/11/2008 19:07 <REP> Microsoft.NET 24/01/2010 09:09 <REP> Misc. Support Library (Spybot - Search & Destroy) 01/11/2009 21:07 <REP> MLB.com OnBase 06/09/2008 18:17 <REP> Movie Maker 11/02/2010 12:29 <REP> Mozilla Firefox 11/02/2010 12:26 <REP> Mozilla Thunderbird 27/05/2006 19:20 <REP> MP3CDWriter 16/08/2004 18:03 <REP> MSN 16/08/2004 18:03 <REP> MSN Gaming Zone 06/09/2008 18:45 <REP> MSN Messenger 24/05/2008 19:35 <REP> MSXML 4.0 17/07/2007 23:53 <REP> Navilog1 11/02/2007 18:16 <REP> Nero 06/09/2008 18:13 <REP> NetMeeting 19/06/2007 13:09 <REP> Neuf 26/08/2009 15:05 <REP> ONES Trial (F) 08/10/2007 20:41 <REP> OpenOffice.org 2.3 01/03/2009 17:41 <REP> Optimisation Windows 22/02/2008 11:37 <REP> orange 21/08/2009 16:23 <REP> Outlook Express 07/11/2008 23:53 <REP> QuickTime 17/03/2006 18:49 <REP> Real 30/05/2006 16:52 <REP> Real Clone DVD 01/03/2009 17:41 <REP> Registrar Registry Manager 01/05/2008 11:47 <REP> ScanSoft 22/06/2007 22:06 <REP> ScummVM 24/01/2010 09:10 <REP> SDHelper (Spybot - Search & Destroy) 16/08/2004 18:07 <REP> Services en ligne 28/06/2007 16:30 <REP> Shareaza 22/08/2007 22:33 <REP> Skyline 05/06/2006 17:49 <REP> SlySoft 02/02/2007 19:40 <REP> Sonic 24/01/2010 10:28 <REP> Spybot - Search & Destroy 24/01/2010 09:10 <REP> TeaTimer (Spybot - Search & Destroy) 10/02/2010 13:44 <REP> trend micro 24/03/2006 17:05 <REP> vanBasco's Karaoke Player 20/03/2006 15:40 <REP> VideoLAN 17/03/2006 18:49 <REP> Viewpoint 14/06/2007 20:39 <REP> Visagesoft 03/06/2006 17:02 <REP> vso 22/09/2007 19:24 <REP> Windows Media Connect 2 06/09/2008 18:13 <REP> Windows Media Player 06/09/2008 18:13 <REP> Windows NT 26/06/2006 14:50 <REP> WinRAR 16/08/2004 18:11 <REP> xerox 02/03/2008 21:09 <REP> XnView 17/12/2006 16:49 <REP> Xvid 12/11/2007 22:01 <REP> Yahoo! 09/02/2010 19:50 <REP> ZHPDiag 1 fichier(s) 4 642 748 octets 98 Rép(s) 110 946 115 584 octets libres Le volume dans le lecteur C s'appelle HDD Le numéro de série du volume est 982D-A22A Répertoire de C:\Program Files\fichiers communs 24/01/2010 15:37 <REP> . 24/01/2010 15:37 <REP> .. 01/11/2009 21:15 <REP> Adobe 01/11/2009 21:06 <REP> Adobe AIR 06/06/2006 22:48 <REP> AOL 06/06/2006 22:48 <REP> aolshare 15/02/2009 16:10 <REP> Apple 20/03/2006 15:19 <REP> AVSMedia 23/05/2008 22:50 <REP> Corel 25/11/2008 19:08 <REP> DESIGNER 23/05/2008 22:53 <REP> InstallShield 17/03/2006 18:33 <REP> Java 24/01/2010 09:55 <REP> Microsoft Shared 16/08/2004 18:06 <REP> MSSoap 17/03/2006 18:49 <REP> Nullsoft 16/08/2004 17:57 <REP> ODBC 23/05/2008 22:51 <REP> Protexis 21/06/2006 15:28 <REP> Real 01/05/2008 11:47 <REP> ScanSoft Shared 16/08/2004 18:06 <REP> Services 02/02/2007 19:41 <REP> Sonic Shared 16/08/2004 17:56 <REP> SpeechEngines 18/11/2009 21:18 <REP> System 01/03/2009 11:48 <REP> Wise Installation Wizard 21/06/2006 15:28 <REP> xing shared 0 fichier(s) 0 octets 25 Rép(s) 110 946 115 584 octets libres Le volume dans le lecteur C s'appelle HDD Le numéro de série du volume est 982D-A22A Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 18/11/2009 21:18 <REP> . 18/11/2009 21:18 <REP> .. 20/03/2006 18:28 <REP> 1033 25/11/2008 19:15 <REP> 1036 20/11/2008 23:58 972 632 MSONSEXT.DLL 26/10/2006 20:12 40 256 MSOSV.DLL 03/06/1999 12:09 122 937 MSOWS409.DLL 07/03/2001 07:00 127 033 MSOWS40c.DLL 11/07/2003 02:25 80 448 PKMWS.DLL 5 fichier(s) 1 343 306 octets 4 Rép(s) 110 946 115 584 octets libres Le volume dans le lecteur C s'appelle HDD Le numéro de série du volume est 982D-A22A Répertoire de C:\ 12/05/2007 17:22 68 096 diff.exe 12/05/2007 17:22 103 424 grep.exe 10/03/2006 23:16 5 689 344 mplayerc.exe 3 fichier(s) 5 860 864 octets 0 Rép(s) 110 946 111 488 octets libres c:\Documents and Settings\A\Application Data\U3\temp\cleanup.exe c:\Documents and Settings\A\Bureau\AVSDVDPlayer.exe c:\Documents and Settings\A\Bureau\installation_convertisseur.exe c:\Documents and Settings\A\Bureau\Setup_FreeConverter.exe c:\Documents and Settings\A\Bureau\SetupAnyDVD5941.exe c:\Documents and Settings\A\Bureau\vlc-0.8.4a-win32.exe c:\Documents and Settings\A\Mes documents\cdex_170b2_enu_nonunicode.exe c:\Documents and Settings\A\Mes documents\copytodvd3_setup.exe c:\Documents and Settings\A\Mes documents\divxtodvd_divxtodvd_0.5.2_francais_13277.exe c:\Documents and Settings\A\Mes documents\Everest Poker.exe c:\Documents and Settings\A\Mes documents\MP3CDWriter.exe c:\Documents and Settings\A\Mes documents\starsetup.exe c:\Documents and Settings\A\Mes documents\vsoConvertXtoDVD2_setup.exe c:\Documents and Settings\A\Mes documents\vsoDivxToDVD_setup.exe c:\Documents and Settings\All Users\Application Data\AOL\C_AOL 9.0\xpsp2FRfix\cswitch.exe c:\Documents and Settings\All Users\Application Data\AOL\C_AOL 9.0\xpsp2FRfix\ipchecking.exe c:\Documents and Settings\All Users\Application Data\AOL\C_AOL 9.0\xpsp2FRfix\WindowsXP-KB885295-x86-fra.exe c:\Documents and Settings\Default User\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe c:\Documents and Settings\F\Application Data\Adobe\Acrobat\7.0\Updater\AdbeRdr709_fr_FR.exe c:\Documents and Settings\F\Application Data\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\ARPPRODUCTICON.exe c:\Documents and Settings\F\Application Data\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\Shortcut0.C3A146F5_4B48_11D5_A819_00B0D0428C0C.exe c:\Documents and Settings\F\Application Data\U3\temp\cleanup.exe c:\Documents and Settings\F\Bureau\AdbeRdr910_fr_FR.exe c:\Documents and Settings\F\Bureau\AdbeRdr920_fr_FR.exe c:\Documents and Settings\F\Bureau\CorelDRAWGraphicsSuiteX3.exe c:\Documents and Settings\F\Bureau\Everest Poker.exe c:\Documents and Settings\F\Bureau\GoogleEarthWin.exe c:\Documents and Settings\F\Bureau\kit.exe c:\Documents and Settings\F\Bureau\Lavasoft_Adaware2007_fr.exe c:\Documents and Settings\F\Bureau\spy et cie\Combolita.exe c:\Documents and Settings\F\Bureau\spy et cie\Defenza.exe c:\Documents and Settings\F\Bureau\spy et cie\installer_avira_antivir_virus_definition_file_update_19_aug_2009_Français_F rench.exe c:\Documents and Settings\F\Bureau\spy et cie\karcher.exe c:\Documents and Settings\F\Bureau\spy et cie\mbam-setup(2).exe c:\Documents and Settings\F\Bureau\spy et cie\mbam-setup.exe c:\Documents and Settings\F\Bureau\spy et cie\RSIT.exe c:\Documents and Settings\F\Bureau\spy et cie\SDFix.exe c:\Documents and Settings\F\Bureau\spy et cie\sdsetup.exe c:\Documents and Settings\F\Bureau\spy et cie\SmitfraudFix(2).exe c:\Documents and Settings\F\Bureau\spy et cie\spybotsd14.exe c:\Documents and Settings\F\Bureau\spy et cie\spybotsd162.exe c:\Documents and Settings\F\Bureau\spy et cie\ToolBarSD.exe c:\Documents and Settings\F\Bureau\spy et cie\ZHPDiag 1.25.11.exe c:\Documents and Settings\F\Bureau\spy et cie\DiagHelp\catchme.exe c:\Documents and Settings\F\Bureau\spy et cie\DiagHelp\diff.exe c:\Documents and Settings\F\Bureau\spy et cie\DiagHelp\dumphive.exe c:\Documents and Settings\F\Bureau\spy et cie\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\F\Bureau\spy et cie\DiagHelp\find2.exe c:\Documents and Settings\F\Bureau\spy et cie\DiagHelp\Fport.exe c:\Documents and Settings\F\Bureau\spy et cie\DiagHelp\grep.exe c:\Documents and Settings\F\Bureau\spy et cie\DiagHelp\gzip.exe c:\Documents and Settings\F\Bureau\spy et cie\DiagHelp\KProcCheck.exe c:\Documents and Settings\F\Bureau\spy et cie\DiagHelp\LFiles.exe c:\Documents and Settings\F\Bureau\spy et cie\DiagHelp\LISTDLLS.exe c:\Documents and Settings\F\Bureau\spy et cie\DiagHelp\mbr.exe c:\Documents and Settings\F\Bureau\spy et cie\DiagHelp\md5sums.exe c:\Documents and Settings\F\Bureau\spy et cie\DiagHelp\Psinfo.exe c:\Documents and Settings\F\Bureau\spy et cie\DiagHelp\pslist.exe c:\Documents and Settings\F\Bureau\spy et cie\DiagHelp\sigcheck.exe c:\Documents and Settings\F\Bureau\spy et cie\DiagHelp\streams.exe c:\Documents and Settings\F\Bureau\spy et cie\DiagHelp\swreg.exe c:\Documents and Settings\F\Bureau\spy et cie\DiagHelp\tar.exe c:\Documents and Settings\F\Bureau\spy et cie\SmitfraudFix\404Fix.exe c:\Documents and Settings\F\Bureau\spy et cie\SmitfraudFix\Agent.OMZ.Fix.exe c:\Documents and Settings\F\Bureau\spy et cie\SmitfraudFix\dumphive.exe c:\Documents and Settings\F\Bureau\spy et cie\SmitfraudFix\exit.exe c:\Documents and Settings\F\Bureau\spy et cie\SmitfraudFix\GenericRenosFix.exe c:\Documents and Settings\F\Bureau\spy et cie\SmitfraudFix\HostsChk.exe c:\Documents and Settings\F\Bureau\spy et cie\SmitfraudFix\IEDFix.C.exe c:\Documents and Settings\F\Bureau\spy et cie\SmitfraudFix\IEDFix.exe c:\Documents and Settings\F\Bureau\spy et cie\SmitfraudFix\o4Patch.exe c:\Documents and Settings\F\Bureau\spy et cie\SmitfraudFix\Policies.exe c:\Documents and Settings\F\Bureau\spy et cie\SmitfraudFix\Process.exe c:\Documents and Settings\F\Bureau\spy et cie\SmitfraudFix\Reboot.exe c:\Documents and Settings\F\Bureau\spy et cie\SmitfraudFix\restart.exe c:\Documents and Settings\F\Bureau\spy et cie\SmitfraudFix\SmiUpdate.exe c:\Documents and Settings\F\Bureau\spy et cie\SmitfraudFix\SrchSTS.exe c:\Documents and Settings\F\Bureau\spy et cie\SmitfraudFix\swreg.exe c:\Documents and Settings\F\Bureau\spy et cie\SmitfraudFix\swsc.exe c:\Documents and Settings\F\Bureau\spy et cie\SmitfraudFix\swxcacls.exe c:\Documents and Settings\F\Bureau\spy et cie\SmitfraudFix\UIFix.exe c:\Documents and Settings\F\Bureau\spy et cie\SmitfraudFix\unzip.exe c:\Documents and Settings\F\Bureau\spy et cie\SmitfraudFix\VACFix.exe c:\Documents and Settings\F\Bureau\spy et cie\SmitfraudFix\VCCLSID.exe c:\Documents and Settings\F\Bureau\spy et cie\SmitfraudFix\WS2Fix.exe c:\Documents and Settings\F\Bureau\Téléchargement\3dhallow.exe c:\Documents and Settings\F\Bureau\Téléchargement\aaw2007.exe c:\Documents and Settings\F\Bureau\Téléchargement\Agatha_Christie-setup.exe c:\Documents and Settings\F\Bureau\Téléchargement\avira_antivir_personal_free.exe c:\Documents and Settings\F\Bureau\Téléchargement\Babylon7_setup.exe c:\Documents and Settings\F\Bureau\Téléchargement\Babylon7_setup_eng_fre_eng.exe c:\Documents and Settings\F\Bureau\Téléchargement\ccsetup202.exe c:\Documents and Settings\F\Bureau\Téléchargement\ClearHistory.exe c:\Documents and Settings\F\Bureau\Téléchargement\expertpdf4.exe c:\Documents and Settings\F\Bureau\Téléchargement\FileZilla_3.0.6_win32-setup.exe c:\Documents and Settings\F\Bureau\Téléchargement\Firefox Setup 1.5.0.4.exe c:\Documents and Settings\F\Bureau\Téléchargement\Firefox Setup 2.0.0.4.exe c:\Documents and Settings\F\Bureau\Téléchargement\Firefox Setup 3.0.5.exe c:\Documents and Settings\F\Bureau\Téléchargement\Google Updater.exe c:\Documents and Settings\F\Bureau\Téléchargement\GoogleEarthWin.exe c:\Documents and Settings\F\Bureau\Téléchargement\install_flash_player.exe c:\Documents and Settings\F\Bureau\Téléchargement\iTunes801Setup.exe c:\Documents and Settings\F\Bureau\Téléchargement\jpfwall.exe c:\Documents and Settings\F\Bureau\Téléchargement\nero_nero_7.7.5.1_francais_10297.exe c:\Documents and Settings\F\Bureau\Téléchargement\OOo_2.3.0_Win32Intel_install_fr.exe c:\Documents and Settings\F\Bureau\Téléchargement\picasa3-setup.exe c:\Documents and Settings\F\Bureau\Téléchargement\reglite.exe c:\Documents and Settings\F\Bureau\Téléchargement\setupfle.exe c:\Documents and Settings\F\Bureau\Téléchargement\setupfra.exe c:\Documents and Settings\F\Bureau\Téléchargement\stupmciel.exe c:\Documents and Settings\F\Bureau\Téléchargement\terraexplorer_terraexplorer_5.0.2.8_basic_francais_40985.exe c:\Documents and Settings\F\Bureau\Téléchargement\Thunderbird Setup 2.0.0.18.exe c:\Documents and Settings\F\Bureau\Téléchargement\WinsockxpFix.exe c:\Documents and Settings\F\Bureau\Téléchargement\wmp11-windowsxp-x86-FR-FR.exe c:\Documents and Settings\F\Bureau\Téléchargement\X12-30194.exe c:\Documents and Settings\F\Bureau\Téléchargement\XnView-win.exe c:\Documents and Settings\F\Bureau\Téléchargement\zaSetup_fr.exe c:\Documents and Settings\F\Bureau\Téléchargement\OpenOffice.org 2.3 Installation Files\instmsia.exe c:\Documents and Settings\F\Bureau\Téléchargement\OpenOffice.org 2.3 Installation Files\instmsiw.exe c:\Documents and Settings\F\Bureau\Téléchargement\OpenOffice.org 2.3 Installation Files\setup.exe c:\Documents and Settings\F\Bureau\Téléchargement\wmp11-windowsxp-x86-FR-FR\setup_wm.exe c:\Documents and Settings\F\Bureau\Téléchargement\wmp11-windowsxp-x86-FR-FR\umdf.exe c:\Documents and Settings\F\Bureau\Téléchargement\wmp11-windowsxp-x86-FR-FR\WindowsXP-MSCompPackV1-x86.exe c:\Documents and Settings\F\Bureau\Téléchargement\wmp11-windowsxp-x86-FR-FR\wmdbexport.exe c:\Documents and Settings\F\Bureau\Téléchargement\wmp11-windowsxp-x86-FR-FR\wmfdist11.exe c:\Documents and Settings\F\Local Settings\Temp\is-R50AA.tmp\iMonitor.exe c:\Documents and Settings\F\Mes documents\ff\Textes\Histoires.exe c:\Documents and Settings\F\Mes documents\ff\Textes\motys2k.exe c:\Documents and Settings\F\Mes documents\Téléchargements\QuickTimeInstaller.exe c:\Documents and Settings\F\Mes documents\Téléchargements\wmp11-windowsxp-x86-FR-FR.exe c:\Documents and Settings\F\SmitfraudFix\404Fix.exe c:\Documents and Settings\F\SmitfraudFix\Agent.OMZ.Fix.exe c:\Documents and Settings\F\SmitfraudFix\dumphive.exe c:\Documents and Settings\F\SmitfraudFix\exit.exe c:\Documents and Settings\F\SmitfraudFix\GenericRenosFix.exe c:\Documents and Settings\F\SmitfraudFix\HostsChk.exe c:\Documents and Settings\F\SmitfraudFix\IEDFix.C.exe c:\Documents and Settings\F\SmitfraudFix\IEDFix.exe c:\Documents and Settings\F\SmitfraudFix\o4Patch.exe c:\Documents and Settings\F\SmitfraudFix\Policies.exe c:\Documents and Settings\F\SmitfraudFix\Process.exe c:\Documents and Settings\F\SmitfraudFix\Reboot.exe c:\Documents and Settings\F\SmitfraudFix\restart.exe c:\Documents and Settings\F\SmitfraudFix\SmiUpdate.exe c:\Documents and Settings\F\SmitfraudFix\SrchSTS.exe c:\Documents and Settings\F\SmitfraudFix\swreg.exe c:\Documents and Settings\F\SmitfraudFix\swsc.exe c:\Documents and Settings\F\SmitfraudFix\swxcacls.exe c:\Documents and Settings\F\SmitfraudFix\UIFix.exe c:\Documents and Settings\F\SmitfraudFix\unzip.exe c:\Documents and Settings\F\SmitfraudFix\VACFix.exe c:\Documents and Settings\F\SmitfraudFix\VCCLSID.exe c:\Documents and Settings\F\SmitfraudFix\WS2Fix.exe c:\Documents and Settings\J\Bureau\Everest Poker.exe c:\Documents and Settings\J\Bureau\programmes\antivir_workstation_win7u_en_h.exe c:\Documents and Settings\J\Bureau\programmes\DOSBox0.65-win32-installer.exe c:\Documents and Settings\J\Bureau\programmes\eMule0.47a-Installer.exe c:\Documents and Settings\J\Bureau\programmes\klcodec270b.exe c:\Documents and Settings\J\Bureau\programmes\klitekpp243f.exe c:\Documents and Settings\J\Bureau\programmes\Shareaza_2.2.3.0.exe c:\Documents and Settings\J\Bureau\programmes\Shareaza_2.2.5.0.exe c:\Documents and Settings\J\Bureau\programmes\vkaraoke.exe c:\Documents and Settings\J\Bureau\programmes\wrar351fr.exe c:\Documents and Settings\J\Bureau\ScummVM\scummvm_scummvm_0.9.1_anglais_10776.exe c:\Documents and Settings\J\Bureau\ScummVM\ATLANTIS\ATLANTIS.EXE c:\Documents and Settings\J\Bureau\ScummVM\INDY3\INDY256.EXE c:\Documents and Settings\J\Bureau\ScummVM\MONKEY\MONKEY1.EXE c:\Documents and Settings\J\Bureau\ScummVM\MONKEY2\MONKEY2.EXE c:\Documents and Settings\J\Mes documents\PokerbilitySetup.exe c:\Documents and Settings\A\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\FAILSAVE\aebb.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\FAILSAVE\aecore.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\FAILSAVE\aeemu.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\FAILSAVE\aegen.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\FAILSAVE\aehelp.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\FAILSAVE\aeheur.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\FAILSAVE\aeoffice.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\FAILSAVE\aepack.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\FAILSAVE\aerdl.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\FAILSAVE\aesbx.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\FAILSAVE\aescn.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\FAILSAVE\aescript.dll c:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\FAILSAVE\aevdf.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Skyline\TEDetect.dll c:\Documents and Settings\F\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\J\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll c:\Documents and Settings\M\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll ****** Fin du rapport DiagHelp Veuillez svp envoyer le fichier C:\upload_moi_SN203659450008.tar.gz a l'adresse http://upload.malekal.com

Spybot planteà: recherche de mouchards 448 151 /819 167 vilusmonde.sdn J'ai un soucis avec diaghelp Je ne peux pas envoyer le fichier zip sur le site, quand j'appuie sur la touche envoyer, ça se plante (je peux l'envoyer d'un autre poste demain). 9a rame pendant 5min lors de l'envoi puis j'ai un message "vous n'avez pas envoyé de fichier; Ensuite dans la fenêtre noire, si j'appuie sur une touche, il ne se passe rien et je ne peux pas envoyer le rapport.

Premier rapport info.txt logfile of random's system information tool 1.06 2010-02-10 13:45:02 ======Uninstall list====== -->"C:\Program Files\Fichiers communs\aolshare\Coach\AolCInUn.exe" -lang="fr-fr" -->C:\PROGRA~1\FICHIE~1\AOL\ACS\AcsUninstall.exe /c -->C:\Program Files\Fichiers communs\AOL\Screensaver\uninst_ygpss.exe -->C:\Program Files\Fichiers communs\aolshare\Aolunins_fr.exe -->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 -->C:\Program Files\Learn2.com\StRunner\stuninst.exe -->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u -->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu -->C:\WINDOWS\system32\nvudisp.exe UninstallGUI -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0x40c -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf € Convertisseur v1.2-->c:\program files\€ Convertisseur v1.2\Uninstal.exe Adobe AIR-->C:\Program Files\Fichiers communs\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723} Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 9.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A92000000001} Alcatel SpeedTouch USB Software-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D41FAAA9-8048-4906-86B2-9AADEA1FA0B7}\Setup.exe" -Control_Panel AnmanieSMP 2.4 i-->"C:\Program Files\AnmSMP\unins000.exe" Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe ArcSoft Camera Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AE6F8DC5-8639-4E7F-A0FE-EEB0522FCAAC}\Setup.exe" -l0x40c ArcSoft PhotoBase 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C1D14C0D-FDAA-4DF2-8441-A902805CCE8C}\setup.exe" -l0x40c -uninst ArcSoft PhotoStudio 5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{03F1CC67-5BD8-4C36-8394-76311B2AE69A}\setup.exe" -l0x40c -uninst Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE AVS DVD Player version 1.3.1.82-->"C:\Program Files\AVSMedia\DVDPlayer\unins000.exe" Aztech CNR2900 V.90 Modem-->C:\WINDOWS\Modio\SLAMR2KO\Setup.exe /Remove CanoScan LiDE20,30 Manual-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B360A8E5-C171-4AAE-9777-65B3CDB0072C}\setup.exe" -l0x40c CanoScan Toolbox 4.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BCE46757-7674-4416-BEDB-68205A60409E}\setup.exe" -l0x40c CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe" CDex extraction audio-->"C:\Program Files\CDex_170b2\uninstall.exe" CorelDRAW Graphics Suite X3-->C:\Program Files\Corel\CorelDRAW Graphics Suite 13\Programs\MSILauncher {63218538-4A69-497F-8455-904261B0E9E4} C:\DOCUME~1\F\LOCALS~1\Temp\CGSX3.log CorelDRAW Graphics Suite X3-->MsiExec.exe /I{63218538-4A69-497F-8455-904261B0E9E4} Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe" Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe" Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Correctif pour Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe" Correctif pour Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe" Didapages 1.1-->C:\Program Files\Didapages\uninst.exe DivxToDVD 0.5.2-->"C:\Program Files\vso\DivxToDVD\unins000.exe" eXPert PDF 4-->MsiExec.exe /X{A6E92CAB-9E63-46DC-8ABF-0CAFF7B7CD02} FileZilla Client 3.0.6-->C:\Program Files\FileZilla FTP Client\uninstall.exe Fleuves et montagnes de France-->"C:\Program Files\GEOGRAPHIE\FLEUVES\uninstall.exe" FontNav-->MsiExec.exe /I{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE} FR-->MsiExec.exe /I{ECE923A3-A411-4494-B6E6-78F13B71BEBF} Free Mp3 Wma Converter V 1.5.5-->"C:\Program Files\Free Audio Pack\unins000.exe" Google Earth-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}\setup.exe" -l0x40c -removeonly HijackThis 2.0.2-->"C:\DOCUME~1\F\LOCALS~1\Temp\Rar$EX01.579\HijackThis.exe" /uninstall Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" Java 2 Runtime Environment, SE v1.4.2_05-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142050} Jetico Personal Firewall 1.0-->"C:\WINDOWS\BCUnInstall.exe" C:\Program Files\Jetico\Jetico Personal Firewall\UnInstall.log Kaspersky Online Scanner-->C:\WINDOWS\system32\KASPER~1\KASPER~1\kavuninstall.exe Kaspersky On-line Scanner-->C:\WINDOWS\system32\KASPER~1\KASPER~1\kavuninstall.exe Kazaa Lite K++ v2.4.3-->"C:\Program Files\Kazaa Lite K++\unins000.exe" K-Lite Codec Pack 2.70 Basic-->"C:\Program Files\K-Lite Codec Pack\unins000.exe" La carte du ciel-->"C:\Program Files\GEOGRAPHIE\CarteCiel\uninstall.exe" Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall Les départements français-->"C:\Program Files\GEOGRAPHIE\FRANCE\uninstall.exe" Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700} Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE} Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE} Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE} Microsoft Office Professional 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROR /dll OSETUP.DLL Microsoft Office Professional 2007-->MsiExec.exe /X{91120000-0014-0000-0000-0000000FF1CE} Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE} Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9} Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE} Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE} Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE} Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe" Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB972260)-->"C:\WINDOWS\ie7updates\KB972260-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB974455)-->"C:\WINDOWS\ie7updates\KB974455-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB976325)-->"C:\WINDOWS\ie7updates\KB976325-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB978207)-->"C:\WINDOWS\ie7updates\KB978207-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe" Mise à jour pour Windows Internet Explorer 7 (KB976749)-->"C:\WINDOWS\ie7updates\KB976749-IE7\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe" MLB.com OnBase-->msiexec /qb /x {75917EAC-7447-6FCC-04FF-F5FABF06E681} MLB.com OnBase-->MsiExec.exe /I{75917EAC-7447-6FCC-04FF-F5FABF06E681} Mozilla Firefox (3.0.17)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe Mozilla Thunderbird (2.0.0.23)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe MP3 CD Writer-->"C:\Program Files\MP3CDWriter\unins000.exe" MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} MyDSC2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{83D96ED0-98AA-4515-8DDC-816F3EFDD104}\Setup.exe" -l0x9 Neuf - Kit de connexion-->C:\Program Files\Neuf\Kit\uninstall.exe OmniPage SE-->MsiExec.exe /I{6249C22D-E6A8-407B-BA8B-40298848ED94} ONES Trial (F)-->C:\WINDOWS\InZU31.exe /U:C:\Program Files\ONES Trial (F)\Uninstall.inz /L:f /K:ONES(F) OpenOffice.org 2.3-->MsiExec.exe /I{417E90DF-A9C4-43C4-90D9-FD7F107B68DB} Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe" QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB} RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 ScummVM 0.9.1-->"C:\Program Files\ScummVM\unins000.exe" Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08} Security Update for 2007 Microsoft Office System (KB973704)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F} Security Update for Microsoft Office Excel 2007 (KB973593)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE} Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0} Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D} Security Update for Microsoft Office Publisher 2007 (KB969693)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E} Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF} Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C} Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC} Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D} Security Update for Microsoft Office Word 2007 (KB969604)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {CF3D6499-709C-43D0-8908-BC5652656050} Sonic MyDVD-->MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29} Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" TerraExplorer-->C:\Program Files\Skyline\TerraExplorer\Setup.exe [OP]/U Theme Park World-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Bullfrog\Theme Park World\Uninst.isu" -c"C:\Program Files\Bullfrog\Theme Park World\uninst.dll" -BFLANG=1036 Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D} Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7} Update for Outlook 2007 Junk Email Filter (kb977839)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {C568005C-5FC6-4C81-A664-BD136610A931} Update Manager-->MsiExec.exe /I{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA} vanBasco's Karaoke Player-->C:\Program Files\vanBasco's Karaoke Player\uninst.exe VBA-->MsiExec.exe /I{C94E45B0-6AA6-4FB9-9AAE-22085F631880} VideoLAN VLC media player 0.8.4a-->C:\Program Files\VideoLAN\VLC\uninstall.exe Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411} Windows Live Sign-in Assistant-->MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7} Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" XnView 1.92-->"C:\Program Files\XnView\unins000.exe" Xvid 1.1.2 final uninstall-->"C:\Program Files\Xvid\unins000.exe" Yahoo! Toolbar avec bloqueur de fenêtres pop-up-->C:\PROGRA~1\Yahoo!\Common\unyt.exe ZHPDiag 1.25-->"C:\Program Files\ZHPDiag\unins000.exe" Zip Motion Block Video codec (Remove Only)-->rundll.exe setupx.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\ZMBV.INF ======Security center information====== AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: AntiVir Desktop AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic ======System event log====== Computer Name: SN203659450008 Event Code: 16 Message: Connexion impossible : Windows ne parvient pas à se connecter au service Mises à jour automatiques et ne peut donc pas procéder au téléchargement et à l'installation des mises à jour définies par la planification. Windows continuera d'essayer d'établir la connexion. Record Number: 79103 Source Name: Windows Update Agent Time Written: 20100113121923.000000+060 Event Type: erreur User: Computer Name: SN203659450008 Event Code: 7036 Message: Le service Service COM de gravage de CD IMAPI est entré dans l'état : arrêté. Record Number: 79102 Source Name: Service Control Manager Time Written: 20100113121831.000000+060 Event Type: Informations User: Computer Name: SN203659450008 Event Code: 7036 Message: Le service Explorateur d'ordinateur est entré dans l'état : arrêté. Record Number: 79101 Source Name: Service Control Manager Time Written: 20100113121828.000000+060 Event Type: Informations User: Computer Name: SN203659450008 Event Code: 7036 Message: Le service Service de transfert intelligent en arrière-plan est entré dans l'état : en cours d'exécution. Record Number: 79100 Source Name: Service Control Manager Time Written: 20100113121826.000000+060 Event Type: Informations User: Computer Name: SN203659450008 Event Code: 7036 Message: Le service Service de la passerelle de la couche Application est entré dans l'état : en cours d'exécution. Record Number: 79099 Source Name: Service Control Manager Time Written: 20100113121825.000000+060 Event Type: Informations User: =====Application event log===== Computer Name: SN203659450008 Event Code: 1800 Message: Le service Centre de sécurité Windows a démarré. Record Number: 5 Source Name: SecurityCenter Time Written: 20090910185843.000000+120 Event Type: Informations User: Computer Name: SN203659450008 Event Code: 11728 Message: Produit : Microsoft Office Professional 2007 -- La configuration s'est terminée correctement. Record Number: 4 Source Name: MsiInstaller Time Written: 20090910090203.000000+120 Event Type: Informations User: AUTORITE NT\SYSTEM Computer Name: SN203659450008 Event Code: 1022 Message: Produit : Microsoft Office Professional 2007 - La mise à jour 'Update for Outlook 2007 Junk Email Filter (kb973514)' a été installée. Record Number: 3 Source Name: MsiInstaller Time Written: 20090910090203.000000+120 Event Type: Informations User: AUTORITE NT\SYSTEM Computer Name: SN203659450008 Event Code: 4096 Message: Le service AntiVir a bien démarré! Record Number: 2 Source Name: Avira AntiVir Time Written: 20090910085816.000000+120 Event Type: Informations User: AUTORITE NT\SYSTEM Computer Name: SN203659450008 Event Code: 1800 Message: Le service Centre de sécurité Windows a démarré. Record Number: 1 Source Name: SecurityCenter Time Written: 20090910085815.000000+120 Event Type: Informations User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\PROGRA~1\FICHIE~1\SONICS~1;C:\Program Files\QuickTime\QTSystem "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 12 Stepping 0, AuthenticAMD "PROCESSOR_REVISION"=0c00 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "CLASSPATH"=.;C:\Program Files\Java\j2re1.4.2_05\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\j2re1.4.2_05\lib\ext\QTJava.zip -----------------EOF----------------- Deuxième rapport Logfile of random's system information tool 1.06 (written by random/random) Run by F at 2010-02-10 13:44:46 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 106 GB (69%) free of 153 GB Total RAM: 511 MB (20% free) HijackThis download failed ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Sign-in Helper - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-08-31 322368] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F62A47A7-4CA3-9D00-95A3-6724d43a9E8C}] IEHlprObj Class - C:\WINDOWS\system32\LineAudio.dll [2006-03-30 122880] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168] "PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2004-07-12 4112384] "nwiz"=nwiz.exe /installquiet [] "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2004-07-12 81920] "SunJavaUpdateSched"=C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe [2004-06-03 32881] "SpeedTouch USB Diagnostics"=C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe [2002-06-06 861184] "TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2006-06-21 180269] "vspdfprsrv.exe"=C:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe [2006-05-04 998912] "JeticoPFStartup"=C:\Program Files\Jetico\Jetico Personal Firewall\fwsrv.exe [2005-07-19 118784] "Omnipage"=C:\Program Files\ScanSoft\OmniPageSE\opware32.exe [2002-06-03 49152] "ISUSPM Startup"=C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2005-02-16 221184] "ISUSScheduler"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2005-02-16 81920] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696] "Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "msnmsgr"=C:\Program Files\MSN Messenger\msnmsgr.exe [2007-01-19 5674352] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088] C:\Documents and Settings\F\Menu Démarrer\Programmes\Démarrage OpenOffice.org 2.3.lnk - C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoDriveAutoRun"=67108863 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= "NoDriveAutoRun"= "NoDriveTypeAutoRun"= "NoDrives"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\AOL 9.0\waol.exe"="C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL" "C:\Program Files\Kazaa Lite K++\KazaaLite.kpp"="C:\Program Files\Kazaa Lite K++\KazaaLite.kpp:*:Enabled:KazaaLite" "C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer" "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test" "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b3ec311e-a2f9-11db-bb6a-0090d08df06f}] shell\AutoRun\command - J:\LaunchU3.exe ======List of files/folders created in the last 1 months====== 2010-02-10 13:44:51 ----D---- C:\Program Files\trend micro 2010-02-10 13:44:46 ----D---- C:\rsit 2010-02-09 19:16:48 ----D---- C:\Program Files\ZHPDiag 2010-01-30 00:19:20 ----SHD---- C:\WINDOWS\ftpcache 2010-01-30 00:19:07 ----D---- C:\Program Files\Didapages 2010-01-24 09:55:07 ----SHD---- C:\Config.Msi 2010-01-24 09:09:59 ----D---- C:\Program Files\TeaTimer (Spybot - Search & Destroy) 2010-01-24 09:09:59 ----D---- C:\Program Files\SDHelper (Spybot - Search & Destroy) 2010-01-24 09:09:59 ----D---- C:\Program Files\Misc. Support Library (Spybot - Search & Destroy) 2010-01-24 09:09:59 ----D---- C:\Program Files\File Scanner Library (Spybot - Search & Destroy) 2010-01-16 10:50:44 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$ 2010-01-14 09:19:26 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$ ======List of files/folders modified in the last 1 months====== 2010-02-10 13:44:51 ----RD---- C:\Program Files 2010-02-10 13:39:17 ----D---- C:\Program Files\Mozilla Firefox 2010-02-10 13:26:51 ----D---- C:\Documents and Settings\F\Application Data\OpenOffice.org2 2010-02-10 13:25:17 ----D---- C:\WINDOWS\temp 2010-02-10 13:25:06 ----D---- C:\WINDOWS\system32\CatRoot2 2010-02-09 21:47:53 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-02-09 20:32:39 ----D---- C:\Program Files\Mozilla Thunderbird 2010-02-09 20:27:25 ----A---- C:\WINDOWS\win.ini 2010-02-08 08:03:51 ----D---- C:\WINDOWS 2010-01-24 15:37:56 ----D---- C:\Program Files\Fichiers communs 2010-01-24 15:34:51 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP 2010-01-24 15:34:30 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2010-01-24 15:34:23 ----D---- C:\WINDOWS\system32\drivers 2010-01-24 10:28:01 ----D---- C:\Program Files\Spybot - Search & Destroy 2010-01-24 09:55:12 ----SHD---- C:\WINDOWS\Installer 2010-01-24 09:55:11 ----D---- C:\WINDOWS\WinSxS 2010-01-24 09:55:08 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared 2010-01-24 09:02:14 ----D---- C:\Program Files\eMule 2010-01-22 18:27:39 ----HD---- C:\WINDOWS\inf 2010-01-22 18:26:54 ----D---- C:\WINDOWS\system32 2010-01-22 13:21:08 ----RSHD---- C:\WINDOWS\system32\dllcache 2010-01-22 13:21:05 ----D---- C:\WINDOWS\system32\fr-fr 2010-01-22 13:21:05 ----D---- C:\Program Files\Internet Explorer 2010-01-22 13:20:54 ----D---- C:\WINDOWS\ie7updates 2010-01-22 12:27:08 ----HD---- C:\WINDOWS\$hf_mig$ 2010-01-17 13:35:31 ----D---- C:\WINDOWS\Debug 2010-01-16 10:51:32 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help 2010-01-14 09:36:12 ----D---- C:\WINDOWS\AppPatch ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AmdK8;Pilote de processeur AMD Athlon64; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2004-05-08 38912] R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 bc_filter;BC_Filter; C:\WINDOWS\system32\drivers\bc_filter.sys [2005-06-23 16640] R1 bc_ip_f;BC_IP_Filter; C:\WINDOWS\system32\drivers\bc_ip_f.sys [2005-02-18 17536] R1 bc_ngn;BC_Engine; C:\WINDOWS\system32\drivers\bc_ngn.sys [2005-02-18 8960] R1 bc_pat_f;BC_PAT_Filter; C:\WINDOWS\system32\drivers\bc_pat_f.sys [2005-02-18 4928] R1 bc_prt_f;BC_Protocol_Filter; C:\WINDOWS\system32\drivers\bc_prt_f.sys [2005-02-18 4576] R1 bc_tdi_f;BC_TDI_Filter; C:\WINDOWS\system32\drivers\bc_tdi_f.sys [2005-02-18 13344] R1 bcftdi;BCFTDI; C:\WINDOWS\system32\drivers\bcftdi.sys [2005-05-18 45739] R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-12-10 56816] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128] R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\system32\DRIVERS\Mtlmnt5.sys [2003-02-16 210128] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-07-12 2459968] R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2002-10-02 9856] R3 rtl8139;Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver; C:\WINDOWS\system32\DRIVERS\R8139n51.SYS [2002-10-04 46976] R3 Slntamr;SmartLink AMR_PCI Driver; C:\WINDOWS\system32\DRIVERS\slntamr.sys [2003-02-16 516616] R3 SlWdmSup;SlWdmSup; C:\WINDOWS\system32\DRIVERS\SlWdmSup.sys [2003-01-17 39348] R3 STAC97;Audio Driver (WDM) - SigmaTel CODEC; C:\WINDOWS\system32\drivers\STAC97.sys [2002-12-07 199088] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-01-10 33588] S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\C:\WINDOWS\system32\drivers\NSDriver.sys [] S3 alcan5ln;Alcatel SpeedTouch USB ADSL RFC1483 Networking Driver (NDIS); C:\WINDOWS\system32\DRIVERS\alcan5ln.sys [2002-06-06 36048] S3 alcaudsl;Alcatel Speed Touch ADSL Modem ATM Transport; C:\WINDOWS\system32\DRIVERS\alcaudsl.sys [2002-06-06 743136] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 Mtlstrm;Mtlstrm; C:\WINDOWS\system32\DRIVERS\Mtlstrm.sys [2003-02-16 1293192] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 NtMtlFax;NtMtlFax; C:\WINDOWS\system32\DRIVERS\NtMtlFax.sys [2003-02-05 162136] S3 Pcouffin;Low level access layer for CD devices; C:\WINDOWS\System32\Drivers\Pcouffin.sys [] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 SlNtHal;SlNtHal; C:\WINDOWS\system32\DRIVERS\Slnthal.sys [2003-02-16 85520] S3 SQTECH905C;DualCamera; C:\WINDOWS\System32\Drivers\Capt905c.sys [2005-07-13 33890] S3 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-07-14 28520] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-07-14 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-18 185089] R2 AOL ACS;AOL Connectivity Service; C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe [2004-02-25 1123440] R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2004-07-12 114755] R2 ProtexisLicensing;ProtexisLicensing; C:\Program Files\Fichiers communs\Protexis\License Service\PSIService.exe [2006-11-02 174656] R2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2003-01-17 45056] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S4 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [] -----------------EOF----------------- Deuxième rapport Logfile of random's system information tool 1.06 (written by random/random) Run by F at 2010-02-10 13:44:46 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 106 GB (69%) free of 153 GB Total RAM: 511 MB (20% free) HijackThis download failed ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Sign-in Helper - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-08-31 322368] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F62A47A7-4CA3-9D00-95A3-6724d43a9E8C}] IEHlprObj Class - C:\WINDOWS\system32\LineAudio.dll [2006-03-30 122880] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168] "PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2004-07-12 4112384] "nwiz"=nwiz.exe /installquiet [] "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2004-07-12 81920] "SunJavaUpdateSched"=C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe [2004-06-03 32881] "SpeedTouch USB Diagnostics"=C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe [2002-06-06 861184] "TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2006-06-21 180269] "vspdfprsrv.exe"=C:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe [2006-05-04 998912] "JeticoPFStartup"=C:\Program Files\Jetico\Jetico Personal Firewall\fwsrv.exe [2005-07-19 118784] "Omnipage"=C:\Program Files\ScanSoft\OmniPageSE\opware32.exe [2002-06-03 49152] "ISUSPM Startup"=C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2005-02-16 221184] "ISUSScheduler"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2005-02-16 81920] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696] "Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "msnmsgr"=C:\Program Files\MSN Messenger\msnmsgr.exe [2007-01-19 5674352] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088] C:\Documents and Settings\F\Menu Démarrer\Programmes\Démarrage OpenOffice.org 2.3.lnk - C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoDriveAutoRun"=67108863 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= "NoDriveAutoRun"= "NoDriveTypeAutoRun"= "NoDrives"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\AOL 9.0\waol.exe"="C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL" "C:\Program Files\Kazaa Lite K++\KazaaLite.kpp"="C:\Program Files\Kazaa Lite K++\KazaaLite.kpp:*:Enabled:KazaaLite" "C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer" "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test" "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b3ec311e-a2f9-11db-bb6a-0090d08df06f}] shell\AutoRun\command - J:\LaunchU3.exe ======List of files/folders created in the last 1 months====== 2010-02-10 13:44:51 ----D---- C:\Program Files\trend micro 2010-02-10 13:44:46 ----D---- C:\rsit 2010-02-09 19:16:48 ----D---- C:\Program Files\ZHPDiag 2010-01-30 00:19:20 ----SHD---- C:\WINDOWS\ftpcache 2010-01-30 00:19:07 ----D---- C:\Program Files\Didapages 2010-01-24 09:55:07 ----SHD---- C:\Config.Msi 2010-01-24 09:09:59 ----D---- C:\Program Files\TeaTimer (Spybot - Search & Destroy) 2010-01-24 09:09:59 ----D---- C:\Program Files\SDHelper (Spybot - Search & Destroy) 2010-01-24 09:09:59 ----D---- C:\Program Files\Misc. Support Library (Spybot - Search & Destroy) 2010-01-24 09:09:59 ----D---- C:\Program Files\File Scanner Library (Spybot - Search & Destroy) 2010-01-16 10:50:44 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$ 2010-01-14 09:19:26 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$ ======List of files/folders modified in the last 1 months====== 2010-02-10 13:44:51 ----RD---- C:\Program Files 2010-02-10 13:39:17 ----D---- C:\Program Files\Mozilla Firefox 2010-02-10 13:26:51 ----D---- C:\Documents and Settings\F\Application Data\OpenOffice.org2 2010-02-10 13:25:17 ----D---- C:\WINDOWS\temp 2010-02-10 13:25:06 ----D---- C:\WINDOWS\system32\CatRoot2 2010-02-09 21:47:53 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-02-09 20:32:39 ----D---- C:\Program Files\Mozilla Thunderbird 2010-02-09 20:27:25 ----A---- C:\WINDOWS\win.ini 2010-02-08 08:03:51 ----D---- C:\WINDOWS 2010-01-24 15:37:56 ----D---- C:\Program Files\Fichiers communs 2010-01-24 15:34:51 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP 2010-01-24 15:34:30 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2010-01-24 15:34:23 ----D---- C:\WINDOWS\system32\drivers 2010-01-24 10:28:01 ----D---- C:\Program Files\Spybot - Search & Destroy 2010-01-24 09:55:12 ----SHD---- C:\WINDOWS\Installer 2010-01-24 09:55:11 ----D---- C:\WINDOWS\WinSxS 2010-01-24 09:55:08 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared 2010-01-24 09:02:14 ----D---- C:\Program Files\eMule 2010-01-22 18:27:39 ----HD---- C:\WINDOWS\inf 2010-01-22 18:26:54 ----D---- C:\WINDOWS\system32 2010-01-22 13:21:08 ----RSHD---- C:\WINDOWS\system32\dllcache 2010-01-22 13:21:05 ----D---- C:\WINDOWS\system32\fr-fr 2010-01-22 13:21:05 ----D---- C:\Program Files\Internet Explorer 2010-01-22 13:20:54 ----D---- C:\WINDOWS\ie7updates 2010-01-22 12:27:08 ----HD---- C:\WINDOWS\$hf_mig$ 2010-01-17 13:35:31 ----D---- C:\WINDOWS\Debug 2010-01-16 10:51:32 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help 2010-01-14 09:36:12 ----D---- C:\WINDOWS\AppPatch ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AmdK8;Pilote de processeur AMD Athlon64; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2004-05-08 38912] R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 bc_filter;BC_Filter; C:\WINDOWS\system32\drivers\bc_filter.sys [2005-06-23 16640] R1 bc_ip_f;BC_IP_Filter; C:\WINDOWS\system32\drivers\bc_ip_f.sys [2005-02-18 17536] R1 bc_ngn;BC_Engine; C:\WINDOWS\system32\drivers\bc_ngn.sys [2005-02-18 8960] R1 bc_pat_f;BC_PAT_Filter; C:\WINDOWS\system32\drivers\bc_pat_f.sys [2005-02-18 4928] R1 bc_prt_f;BC_Protocol_Filter; C:\WINDOWS\system32\drivers\bc_prt_f.sys [2005-02-18 4576] R1 bc_tdi_f;BC_TDI_Filter; C:\WINDOWS\system32\drivers\bc_tdi_f.sys [2005-02-18 13344] R1 bcftdi;BCFTDI; C:\WINDOWS\system32\drivers\bcftdi.sys [2005-05-18 45739] R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-12-10 56816] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128] R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\system32\DRIVERS\Mtlmnt5.sys [2003-02-16 210128] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-07-12 2459968] R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2002-10-02 9856] R3 rtl8139;Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver; C:\WINDOWS\system32\DRIVERS\R8139n51.SYS [2002-10-04 46976] R3 Slntamr;SmartLink AMR_PCI Driver; C:\WINDOWS\system32\DRIVERS\slntamr.sys [2003-02-16 516616] R3 SlWdmSup;SlWdmSup; C:\WINDOWS\system32\DRIVERS\SlWdmSup.sys [2003-01-17 39348] R3 STAC97;Audio Driver (WDM) - SigmaTel CODEC; C:\WINDOWS\system32\drivers\STAC97.sys [2002-12-07 199088] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-01-10 33588] S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\C:\WINDOWS\system32\drivers\NSDriver.sys [] S3 alcan5ln;Alcatel SpeedTouch USB ADSL RFC1483 Networking Driver (NDIS); C:\WINDOWS\system32\DRIVERS\alcan5ln.sys [2002-06-06 36048] S3 alcaudsl;Alcatel Speed Touch ADSL Modem ATM Transport; C:\WINDOWS\system32\DRIVERS\alcaudsl.sys [2002-06-06 743136] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 Mtlstrm;Mtlstrm; C:\WINDOWS\system32\DRIVERS\Mtlstrm.sys [2003-02-16 1293192] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 NtMtlFax;NtMtlFax; C:\WINDOWS\system32\DRIVERS\NtMtlFax.sys [2003-02-05 162136] S3 Pcouffin;Low level access layer for CD devices; C:\WINDOWS\System32\Drivers\Pcouffin.sys [] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 SlNtHal;SlNtHal; C:\WINDOWS\system32\DRIVERS\Slnthal.sys [2003-02-16 85520] S3 SQTECH905C;DualCamera; C:\WINDOWS\System32\Drivers\Capt905c.sys [2005-07-13 33890] S3 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-07-14 28520] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-07-14 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-18 185089] R2 AOL ACS;AOL Connectivity Service; C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe [2004-02-25 1123440] R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2004-07-12 114755] R2 ProtexisLicensing;ProtexisLicensing; C:\Program Files\Fichiers communs\Protexis\License Service\PSIService.exe [2006-11-02 174656] R2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2003-01-17 45056] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S4 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [] -----------------EOF-----------------

Zhp plante également sur la fin (5 essais)

Mon PC est ralenti. Les analyses de spybot se plantent toujours au même endroit. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:43:38, on 08/02/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16981) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Fichiers communs\Protexis\License Service\PSIService.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe C:\Program Files\Jetico\Jetico Personal Firewall\fwsrv.exe C:\Program Files\ScanSoft\OmniPageSE\opware32.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\QuickTime\QTTask.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\OpenOffice.org 2.3\program\soffice.exe C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\F\LOCALS~1\Temp\Rar$EX01.579\HijackThis.exe C:\DOCUME~1\F\LOCALS~1\Temp\Rar$EX04.360\HijackThis.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\Program Files\Fichiers communs\Protexis\License Service\PSIService.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe -- End of file - 2099 bytes

De plus j'ai une inqiétude car quand je lance spybot, il plante toujours au même endroit.

En me connectant sur mozilla ou sur explorer, ma page d'accueil avait changé, elle me proposait google ou ask (recommandé). J'ai choisi google et rechangé mes âges d'accueil. Mon PC semble plus lent. Voici mon rapport: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:12:22, on 24/01/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16981) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Fichiers communs\Protexis\License Service\PSIService.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe C:\Program Files\Jetico\Jetico Personal Firewall\fwsrv.exe C:\Program Files\ScanSoft\OmniPageSE\opware32.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\QuickTime\QTTask.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\OpenOffice.org 2.3\program\soffice.exe C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN C:\Program Files\Mozilla Thunderbird\thunderbird.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\F\LOCALS~1\Temp\Rar$EX01.344\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.icrfast.com/fr/index.php?rvs=hompag R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: IEHlprObj Class - {F62A47A7-4CA3-9D00-95A3-6724d43a9E8C} - LineAudio.dll (file missing) O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [vspdfprsrv.exe] C:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe --background O4 - HKLM\..\Run: [JeticoPFStartup] "C:\Program Files\Jetico\Jetico Personal Firewall\fwsrv.exe" O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {09CC593B-E8A9-4491-927D-A3E33534DDD4} (InstallerObj Class) - http://mm.tf1.fr/superdistribution/installer2.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\Program Files\Fichiers communs\Protexis\License Service\PSIService.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe -- End of file - 8878 bytes

Mon Pc ne fonctionne plus correctement Très long à l'allumage, chkdisk trouve régulièrement des problèmes , les logiciels office ne fonctionnent plus, windows détecte un lecteur de disquette qui n'existe pas ..... Voici mon rapport HijackThis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:18:50, on 19/10/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16915) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Fichiers communs\Protexis\License Service\PSIService.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe C:\Program Files\Jetico\Jetico Personal Firewall\fwsrv.exe C:\Program Files\ScanSoft\OmniPageSE\opware32.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\QuickTime\QTTask.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\OpenOffice.org 2.3\program\soffice.exe C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\F\LOCALS~1\Temp\Rar$EX00.812\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: IEHlprObj Class - {F62A47A7-4CA3-9D00-95A3-6724d43a9E8C} - LineAudio.dll (file missing) O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [vspdfprsrv.exe] C:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe --background O4 - HKLM\..\Run: [JeticoPFStartup] "C:\Program Files\Jetico\Jetico Personal Firewall\fwsrv.exe" O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {09CC593B-E8A9-4491-927D-A3E33534DDD4} (InstallerObj Class) - http://mm.tf1.fr/superdistribution/installer2.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\Program Files\Fichiers communs\Protexis\License Service\PSIService.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe -- End of file - 8532 bytes

Mon Pc ne fonctionne plus correctement Très long à l'allumage, chkdisk trouve régulièrement des problèmes , les logiciels office ne fonctionnent plus Voici mon rapport: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:18:50, on 19/10/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16915) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Fichiers communs\Protexis\License Service\PSIService.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe C:\Program Files\Jetico\Jetico Personal Firewall\fwsrv.exe C:\Program Files\ScanSoft\OmniPageSE\opware32.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\QuickTime\QTTask.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\OpenOffice.org 2.3\program\soffice.exe C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\F\LOCALS~1\Temp\Rar$EX00.812\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: IEHlprObj Class - {F62A47A7-4CA3-9D00-95A3-6724d43a9E8C} - LineAudio.dll (file missing) O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [vspdfprsrv.exe] C:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe --background O4 - HKLM\..\Run: [JeticoPFStartup] "C:\Program Files\Jetico\Jetico Personal Firewall\fwsrv.exe" O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {09CC593B-E8A9-4491-927D-A3E33534DDD4} (InstallerObj Class) - http://mm.tf1.fr/superdistribution/installer2.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\Program Files\Fichiers communs\Protexis\License Service\PSIService.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe -- End of file - 8532 bytes

Je n'ai plus de son. Jetico me demande: Application l'entrée croix jaune entourée de bleu C:\WINDOWS\system32\dpvsetupexe Event: attacker starts application with hidden window Attaker Rectangle bleu C:\WINDOWS\system32\dundll32.exe Description Suspicious process activity Configuration table Process attack table Log level disabled Puis-je laisser entrer?