Aller au contenu

alexwoman

Membres
  • Compteur de contenus

    15
  • Inscription

  • Dernière visite

alexwoman's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. Merci pour vos réponses ! je dois donc créer un nouveau compte administrateur ? et ça va être possible ça, sans trop galérer ! ?
  2. bonsoir, je voudrai changer le nom de mon ordi (sous vista) mais pas au niveau personnalisation de l'ordi mais au niveau profil utilisateur. je m'explique : quand j'ai acheté mon ordi le bonhomme a mis mon nom de famille lors de l'install, du coup même en ayant changé le nom de l'ordi j'ai mon nom de famille qui apparait toujours, surtout au niveau du chemin des répertoires lors de l'install de programmes. j'espère avoir été clair !!! merci pour vos réponses
  3. voila le rapport : Malwarebytes' Anti-Malware 1.34 Version de la base de données: 1780 Windows 6.0.6001 Service Pack 1 21/02/2009 12:36:21 mbam-log-2009-02-21 (12-36-21).txt Type de recherche: Examen complet (C:\|D:\|) Eléments examinés: 164352 Temps écoulé: 3 hour(s), 18 minute(s), 52 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 1 Valeur(s) du Registre infectée(s): 1 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 1 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cmds (Malware.Trace) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\Users\Galas\AppData\Local\Temp\jkKExVLD.dll (Malware.Trace) -> Delete on reboot. je fais le reste et reprend contact A+
  4. voila le rapport avec apres le nettoyage de l'antiwalwares y aurait il d'autres choses a faire pour optimiser un peu tout ça ?!!! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:55:06, on 19/02/2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\ASUS\SmartLogon\sensorsrv.exe C:\Windows\system32\taskeng.exe C:\Program Files\ASUS\ASUS Live Update\ALU.exe C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\ATK Hotkey\HControlUser.exe C:\Program Files\ATKOSD2\ATKOSD2.exe C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe C:\Windows\System32\rundll32.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Synaptics\SynTP\SynTPStart.exe C:\Windows\AsScrPro.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Common Files\Symantec Shared\SecurityHistory\mcui32.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\rundll32.exe D:\telechargements\RSIT.exe C:\Program Files\trend micro\Galas.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [P2Go_Menu] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [HControlUser] "C:\Program Files\ATK Hotkey\HcontrolUser.exe" O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\Galas\AppData\Local\Temp\mlJBSiHw.dll,#1 O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O13 - Gopher Prefix: O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/...NPUpldfr-fr.cab O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe -- End of file - 8244 bytes
  5. Salut !! comme tous le monde j'ai un souci ! j'ai été infecté par Packed.Generic.203 Norton me fait un blocage de ce virus environ toutes les heures... voici mon rapport pouvez vous m'aider a l'enlever ? merci bien ! _________________________________________________________________ Logfile of random's system information tool 1.05 (written by random/random) Run by Galas at 2009-02-19 19:53:56 Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1 System drive C: has 67 GB (56%) free of 119 GB Total RAM: 1790 MB (26% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:55:06, on 19/02/2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\ASUS\SmartLogon\sensorsrv.exe C:\Windows\system32\taskeng.exe C:\Program Files\ASUS\ASUS Live Update\ALU.exe C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\ATK Hotkey\HControlUser.exe C:\Program Files\ATKOSD2\ATKOSD2.exe C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe C:\Windows\System32\rundll32.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Synaptics\SynTP\SynTPStart.exe C:\Windows\AsScrPro.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Common Files\Symantec Shared\SecurityHistory\mcui32.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\rundll32.exe D:\telechargements\RSIT.exe C:\Program Files\trend micro\Galas.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [P2Go_Menu] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [HControlUser] "C:\Program Files\ATK Hotkey\HcontrolUser.exe" O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\Galas\AppData\Local\Temp\mlJBSiHw.dll,#1 O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O13 - Gopher Prefix: O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/...NPUpldfr-fr.cab O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe -- End of file - 8244 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Norton Internet Security - Effectuer une analyse complète du système - Galas.job C:\Windows\tasks\User_Feed_Synchronization-{FBAFEBE3-D72B-4547-BE83-9D8A318CCDCA}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}] C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll [2008-06-30 349552] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}] Symantec Intrusion Prevention - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll [2008-11-13 116088] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-10 320920] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-11-29 251504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2008-11-29 657904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}] Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2008-11-29 522224] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-10 34816] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Show Norton Toolbar - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll [2008-06-30 349552] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-11-29 251504] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184] "CLMLServer"=C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [2008-07-19 104936] "P2Go_Menu"=C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-06-14 210216] "ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2008-10-17 51048] "Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-11-13 30192] "HControlUser"=C:\Program Files\ATK Hotkey\HcontrolUser.exe [2008-01-12 98304] "ATKOSD2"=C:\Program Files\ATKOSD2\ATKOSD2.exe [2008-01-24 7766016] "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-07-25 13548064] "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-07-25 92704] "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-08-12 6265376] "SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-08-17 102400] "ASUS Screen Saver Protector"=C:\Windows\AsScrPro.exe [2008-11-13 3054136] "ASUS Camera ScreenSaver"=C:\Windows\AsScrProlog.exe [2008-11-13 47672] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-10 136600] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-11-13 39408] "MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1233920] "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240] "MSServer"=C:\Users\Galas\AppData\Local\Temp\mlJBSiHw.dll [2009-02-18 37376] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======List of files/folders created in the last 1 months====== 2009-03-14 04:32:25 ----A---- C:\NIS2008.TXT 2009-02-19 19:54:12 ----D---- C:\Program Files\trend micro 2009-02-19 19:53:56 ----D---- C:\rsit 2009-02-18 11:52:00 ----A---- C:\Windows\ODBC.INI 2009-02-18 11:50:16 ----D---- C:\Program Files\Common Files\Designer 2009-02-18 11:33:35 ----SHD---- C:\Config.Msi 2009-02-18 11:06:03 ----A---- C:\Windows\system32\geBqQHYR.dll 2009-02-16 09:33:27 ----A---- C:\Windows\system32\EncDec.dll 2009-02-16 09:33:25 ----A---- C:\Windows\system32\psisdecd.dll 2009-02-12 10:10:20 ----A---- C:\Windows\system32\mshtml.dll 2009-02-12 10:10:19 ----A---- C:\Windows\system32\urlmon.dll 2009-02-12 10:10:19 ----A---- C:\Windows\system32\ieframe.dll 2009-02-12 10:10:18 ----A---- C:\Windows\system32\wininet.dll 2009-02-12 10:10:18 ----A---- C:\Windows\system32\msfeeds.dll 2009-02-12 10:10:17 ----A---- C:\Windows\system32\mstime.dll 2009-02-12 10:10:17 ----A---- C:\Windows\system32\jsproxy.dll 2009-02-12 10:10:17 ----A---- C:\Windows\system32\iertutil.dll 2009-02-06 13:21:07 ----D---- C:\Program Files\Everest Poker 2009-02-01 14:38:19 ----D---- C:\Users\Galas\AppData\Roaming\Canneverbe_Limited 2009-02-01 14:38:05 ----D---- C:\Program Files\CDBurnerXP 2009-01-24 15:36:20 ----D---- C:\Windows\Minidump 2009-01-23 14:26:23 ----D---- C:\Users\Galas\AppData\Roaming\dvdcss 2009-01-22 13:09:13 ----D---- C:\Users\Galas\AppData\Roaming\CyberLink ======List of files/folders modified in the last 1 months====== 2009-02-19 19:54:47 ----D---- C:\Windows\Temp 2009-02-19 19:54:12 ----RD---- C:\Program Files 2009-02-19 15:45:54 ----D---- C:\Windows\System32 2009-02-19 15:45:54 ----D---- C:\Windows\inf 2009-02-19 15:45:54 ----A---- C:\Windows\system32\PerfStringBackup.INI 2009-02-19 13:39:21 ----SD---- C:\Users\Galas\AppData\Roaming\Microsoft 2009-02-18 11:52:02 ----SHD---- C:\Windows\Installer 2009-02-18 11:52:00 ----D---- C:\Windows 2009-02-18 11:51:13 ----A---- C:\Windows\win.ini 2009-02-18 11:50:24 ----D---- C:\Program Files\Common Files\microsoft shared 2009-02-18 11:50:22 ----D---- C:\Windows\ShellNew 2009-02-18 11:50:16 ----D---- C:\Program Files\Common Files 2009-02-18 11:49:44 ----D---- C:\Program Files\Microsoft Office 2009-02-18 11:49:42 ----D---- C:\Program Files\Common Files\System 2009-02-18 11:49:40 ----RSD---- C:\Windows\Fonts 2009-02-18 11:49:37 ----D---- C:\Windows\MSAgent 2009-02-18 11:49:37 ----D---- C:\Windows\Help 2009-02-18 11:49:34 ----SD---- C:\ProgramData\Microsoft 2009-02-18 11:48:43 ----D---- C:\Windows\system 2009-02-18 11:38:32 ----D---- C:\Windows\Microsoft.NET 2009-02-18 11:38:04 ----RSD---- C:\Windows\assembly 2009-02-18 11:36:17 ----D---- C:\ProgramData\Microsoft Help 2009-02-18 11:16:10 ----D---- C:\Windows\ehome 2009-02-18 11:14:50 ----D---- C:\Windows\winsxs 2009-02-18 11:14:21 ----D---- C:\Users\Galas\AppData\Roaming\Azureus 2009-02-18 07:55:49 ----D---- C:\Windows\system32\WDI 2009-02-16 20:04:31 ----D---- C:\Windows\Prefetch 2009-02-16 09:32:31 ----D---- C:\Windows\system32\catroot 2009-02-16 09:32:30 ----D---- C:\Windows\system32\catroot2 2009-02-14 09:21:55 ----A---- C:\Windows\system32\acovcnt.exe 2009-02-13 08:20:52 ----D---- C:\Program Files\Windows Mail 2009-02-12 05:56:17 ----A---- C:\Windows\system32\mrt.exe 2009-02-06 09:49:24 ----D---- C:\Program Files\Mozilla Firefox 2009-02-01 15:03:36 ----D---- C:\ProgramData\CyberLink 2009-02-01 14:08:19 ----D---- C:\ProgramData\ASUS 2009-01-27 17:34:45 ----D---- C:\ProgramData\Symantec ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2008-11-20 371248] R1 IDSvix86;Symantec Intrusion Prevention Driver; \??\C:\PROGRA~2\Symantec\DEFINI~1\SymcData\ipsdefs\20090212.002\IDSvix86.sys [2008-11-21 270384] R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [2008-09-05 447024] R1 SRTSPX;SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [2008-01-31 43696] R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2008-12-01 5632] R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys [2008-06-13 24112] R1 SYMTDI;SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [2008-06-13 184240] R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys [2007-07-24 13880] R2 CO_Mon;CO_Mon; \??\C:\Windows\system32\drivers\CO_Mon.sys [2007-08-08 36056] R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [2007-08-03 20936] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-04-06 908800] R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208] R3 DCamUSBET;USB2.0 1.3M UVC WebCam; C:\Windows\system32\DRIVERS\etDevice.sys [2007-09-06 474624] R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2008-11-20 99376] R3 FiltUSBET;ET USB Device Lower Filter; C:\Windows\system32\DRIVERS\etFilter.sys [2008-02-05 206464] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-08-12 2159384] R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2008-06-03 15928] R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680] R3 NAVENG;NAVENG; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20090219.003\NAVENG.SYS [2008-11-20 89104] R3 NAVEX15;NAVEX15; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20090219.003\NAVEX15.SYS [2008-11-20 876112] R3 NVENETFD;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2008-07-08 1050656] R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-06-25 44064] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-07-25 7547552] R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2008-07-22 15872] R3 ScanUSBET;ET USB Still Image Capture Device; C:\Windows\system32\DRIVERS\etScan.sys [2008-01-31 6528] R3 SRTSP;SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [2008-01-31 279088] R3 SYMDNS;SYMDNS; C:\Windows\System32\Drivers\SYMDNS.SYS [2008-06-13 13616] R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2009-01-09 124464] R3 SYMFW;SYMFW; C:\Windows\System32\Drivers\SYMFW.SYS [2008-06-13 96432] R3 SYMNDISV;SYMNDISV; C:\Windows\System32\Drivers\SYMNDISV.SYS [2008-06-13 41008] R3 SYMREDRV;SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [2008-06-13 22320] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-08-17 190512] R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264] S3 COH_Mon;COH_Mon; \??\C:\Windows\system32\Drivers\COH_Mon.sys [2008-07-30 23888] S3 CRFILTER;USB Mass Storage Filter; C:\Windows\system32\DRIVERS\CRFILTER.sys [2008-04-07 6656] S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632] S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192] S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888] S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016] S3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-02 1010560] S3 SRTSPL;SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [2008-01-31 317616] S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2007-07-03 80552] S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944] S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792] S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ssm_bus.sys [2007-05-02 83592] S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\Windows\system32\DRIVERS\ssm_mdfl.sys [2007-05-02 15112] S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\Windows\system32\DRIVERS\ssm_mdm.sys [2007-05-02 109704] S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328] S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328] S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048] S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656] S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616] S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-10-03 94208] R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208] R2 Automatic LiveUpdate Scheduler;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [2008-02-09 238968] R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352] R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352] R2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728] R2 LiveUpdate Notice;LiveUpdate Notice; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352] R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-07-25 196608] R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2007-08-03 125496] R3 LiveUpdate;LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE [2008-09-05 3220856] R3 Symantec Core LC;Symantec Core LC; C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe [2008-11-13 1245064] R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S3 comHost;COM Host; C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe [2007-08-22 55640] S3 GoogleDesktopManager-092308-165331;Google Desktop Manager 5.8.809.23506; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-11-13 30192] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-29 137200] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] -----------------EOF----------------- Plus celui ci info.txt logfile of random's system information tool 1.05 2009-02-19 19:55:17 ======Uninstall list====== -->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 8.1.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003} AppCore-->MsiExec.exe /I{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B} Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe ASUS InstantFun-->MsiExec.exe /I{57B15AD4-8C9D-4164-82BB-E33D8644E757} ASUS LifeFrame3-->MsiExec.exe /I{1DBD1F12-ED93-49C0-A7CC-56CBDE488158} ASUS Live Update-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}\setup.EXE" -l0x9 ASUS Power4Gear eXtreme-->MsiExec.exe /I{9B6239BF-4E85-4590-8D72-51E30DB1A9AA} ASUS SmartLogon-->MsiExec.exe /I{64452561-169F-4A36-A2FF-B5E118EC65F5} ASUS Splendid Video Enhancement Technology-->MsiExec.exe /I{0969AF05-4FF6-4C00-9406-43599238DE0D} ASUS Virtual Camera-->MsiExec.exe /I{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1} Asus_Camera_ScreenSaver-->"C:\Windows\ASUS Camera ScreenSaver Uninstaller.exe" Atheros Client Installation Program-->C:\Program Files\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\setup.exe -runfromtemp -l0x0009 -removeonly ATK Generic Function Service-->C:\Program Files\InstallShield Installation Information\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}\setup.exe -runfromtemp -l0x0009 -removeonly ATK Hotkey-->C:\Program Files\InstallShield Installation Information\{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}\setup.exe -runfromtemp -l0x0009 -removeonly ATK Media-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}\setup.EXE" -l0x9 ATKOSD2-->C:\Program Files\InstallShield Installation Information\{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}\setup.exe -runfromtemp -l0x0009 -removeonly ccCommon-->MsiExec.exe /I{B24E05CC-46FF-4787-BBB8-5CD516AFB118} CDBurnerXP-->"C:\Program Files\CDBurnerXP\unins000.exe" Cisco EAP-FAST Module-->MsiExec.exe /I{415B2719-AD3A-4944-B404-C472DB6085B3} Cisco LEAP Module-->MsiExec.exe /I{83770D14-21B9-44B3-8689-F7B523F94560} Cisco PEAP Module-->MsiExec.exe /I{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E} Component Framework-->MsiExec.exe /I{31478BE1-CDE5-4753-A8B2-F6D4BC1FBE09} CyberLink LabelPrint-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" -uninstall CyberLink Power2Go-->"C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall CyberLink Power2Go-->"C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall Dolby Control Center-->MsiExec.exe /I{A23E5590-6799-437B-9723-2627BA800B6F} Everest Poker (Remove Only)-->C:\Program Files\Everest Poker\cstart.exe /uninstall Express Gate-->MsiExec.exe /I{2862A3C1-0CD9-4D8B-A28C-8C337D4DD5EB} Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_11CB06797F2F038A.exe" /uninstall Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C} HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall Java 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF} LightScribe System Software 1.14.17.1-->MsiExec.exe /X{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB} LiveUpdate (Symantec Corporation)-->MsiExec.exe /x {E80F62FF-5D3C-4A19-8409-9721F2928206} /l*v "C:\ProgramData\LuUninstall.LiveUpdate" LiveUpdate (Symantec Corporation)-->MsiExec.exe /X{E80F62FF-5D3C-4A19-8409-9721F2928206} Microsoft Office XP Professional avec FrontPage-->MsiExec.exe /I{9028040C-6000-11D3-8CFE-0050048383C9} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Mozilla Firefox (3.0.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} Multimedia Card Reader-->C:\Program Files\InstallShield Installation Information\{DA41F9E9-B878-467F-95E7-27E4D1943533}\setup.exe -runfromtemp -l0x0409 NB Probe-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}\setup.EXE" -l0x9 Norton AntiVirus Help-->MsiExec.exe /I{E3EFA461-EB83-4C3B-9C47-2C1D58A01555} Norton AntiVirus-->MsiExec.exe /X{77FFBA7E-0973-4F39-BBDB-AC2F537578D2} Norton Confidential Core-->MsiExec.exe /I{55A6283C-638A-4EE0-B491-51118554BDA2} Norton Internet Security (Symantec Corporation)-->"C:\Program Files\Common Files\Symantec Shared\SymSetup\{C1C185CA-C531-49F5-A6FA-B838405A049D}_15_5_0_23\SETUP.EXE" /X Norton Internet Security-->MsiExec.exe /I{3672B097-EA69-4BFE-B92F-29AE6D9D2B34} Norton Internet Security-->MsiExec.exe /I{C1C185CA-C531-49F5-A6FA-B838405A049D} Norton Protection Center-->MsiExec.exe /I{62120008-8E1E-4807-860D-A8B48F8552DB} NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI Orange Plug-in messagerie vocale 888-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{16E79B1D-D1C2-4CA6-8B23-F4D890E0DCB9}\Setup.exe" -l0x40c --AddRemove PDFCreator-->C:\Program Files\PDFCreator\unins000.exe Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe" Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.exe" -removeonly SAMSUNG Mobile Composite Device Software-->C:\Windows\system32\Samsung_USB_Drivers\6\SSBCUninstall.exe SAMSUNG Mobile Modem Driver Set-->C:\Windows\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe Samsung Mobile phone USB driver Software-->C:\Windows\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe SAMSUNG Mobile USB Modem 1.0 Software-->C:\Windows\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe SAMSUNG Mobile USB Modem Software-->C:\Windows\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe Samsung PC Studio 3 USB Driver Installer-->"C:\Program Files\InstallShield Installation Information\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}\setup.exe" -runfromtemp -l0x040c -removeonly Samsung PC Studio 3-->"C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -runfromtemp -l0x040c -removeonly Samsung Samples Installer-->"C:\Program Files\InstallShield Installation Information\{7AC15160-A49B-4A89-B181-D4619C025FFF}\setup.exe" -runfromtemp -l0x040c -removeonly SPBBC 32bit-->MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56} Spelling Dictionaries Support For Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003} Symantec Real Time Storage Protection Component-->MsiExec.exe /I{D6E6FA4A-5445-4850-8365-CF216C1CBB7A} Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall USB2.0 1.3M UVC WebCam-->C:\Windows\Uninstall.exe VLC media player 0.9.4-->C:\Program Files\VideoLAN\VLC\uninstall.exe Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390} Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65} WinFlash-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE10AB76-4756-4913-BE25-55D1C1051F9A}\setup.EXE" -l0x9 Wireless Console 2-->C:\Program Files\InstallShield Installation Information\{83F73CB1-7705-49D1-9852-84D839CA2A45}\setup.exe -runfromtemp -l0x0009 -removeonly ======Security center information====== AV: Norton Internet Security FW: Norton Internet Security AS: Windows Defender AS: Norton Internet Security System event log Computer Name: PC-de-Alex Event Code: 7036 Message: Le service LiveUpdate est entré dans l'état : en cours d'exécution. Record Number: 45277 Source Name: Service Control Manager Time Written: 20090219174845.000000-000 Event Type: Information User: Computer Name: PC-de-Alex Event Code: 7036 Message: Le service LiveUpdate est entré dans l'état : arrêté. Record Number: 45278 Source Name: Service Control Manager Time Written: 20090219174855.000000-000 Event Type: Information User: Computer Name: PC-de-Alex Event Code: 7036 Message: Le service Service de découverte automatique de Proxy Web pour les services HTTP Windows est entré dans l'état : arrêté. Record Number: 45279 Source Name: Service Control Manager Time Written: 20090219180212.000000-000 Event Type: Information User: Computer Name: PC-de-Alex Event Code: 7036 Message: Le service LiveUpdate est entré dans l'état : en cours d'exécution. Record Number: 45280 Source Name: Service Control Manager Time Written: 20090219185337.000000-000 Event Type: Information User: Computer Name: PC-de-Alex Event Code: 7036 Message: Le service LiveUpdate est entré dans l'état : arrêté. Record Number: 45281 Source Name: Service Control Manager Time Written: 20090219185518.000000-000 Event Type: Information User: Application event log Computer Name: PC-de-Alex Event Code: 101 Message: Niveau d'information : success L'exécution suivante a été planifiée pour intervenir approximativement à 7:53 PM. Record Number: 11754 Source Name: Automatic LiveUpdate Scheduler Time Written: 20090219174858.000000-000 Event Type: Information User: AUTORITE NT\SYSTEM Computer Name: PC-de-Alex Event Code: 101 Message: Niveau d'information : success Le Planificateur a lancé LiveUpdate automatique. Record Number: 11755 Source Name: Automatic LiveUpdate Scheduler Time Written: 20090219185336.000000-000 Event Type: Information User: AUTORITE NT\SYSTEM Computer Name: PC-de-Alex Event Code: 5 Message: Unsupported service control request (see data below) Record Number: 11756 Source Name: LightScribeService Time Written: 20090219185513.000000-000 Event Type: Information User: Computer Name: PC-de-Alex Event Code: 101 Message: Niveau d'information : success LiveUpdate automatique a terminé. Record Number: 11757 Source Name: Automatic LiveUpdate Scheduler Time Written: 20090219185522.000000-000 Event Type: Information User: AUTORITE NT\SYSTEM Computer Name: PC-de-Alex Event Code: 101 Message: Niveau d'information : success L'exécution suivante a été planifiée pour intervenir approximativement à 8:56 PM. Record Number: 11758 Source Name: Automatic LiveUpdate Scheduler Time Written: 20090219185522.000000-000 Event Type: Information User: AUTORITE NT\SYSTEM Security event log Computer Name: PC-de-Alex Event Code: 5038 Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle. Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys Record Number: 8742 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090219185502.418173-000 Event Type: Échec de l'audit User: Computer Name: PC-de-Alex Event Code: 5038 Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle. Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys Record Number: 8743 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090219185502.486173-000 Event Type: Échec de l'audit User: Computer Name: PC-de-Alex Event Code: 5038 Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle. Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys Record Number: 8744 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090219185502.522173-000 Event Type: Échec de l'audit User: Computer Name: PC-de-Alex Event Code: 5038 Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle. Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys Record Number: 8745 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090219185502.562173-000 Event Type: Échec de l'audit User: Computer Name: PC-de-Alex Event Code: 5038 Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle. Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys Record Number: 8746 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090219185502.709173-000 Event Type: Échec de l'audit User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Samsung\Samsung PC Studio 3\ "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=x86 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel "PROCESSOR_REVISION"=0f0d "NUMBER_OF_PROCESSORS"=2 "TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat "DFSTRACINGON"=FALSE "configsetroot"=%SystemRoot%\ConfigSetRoot -----------------EOF----------------- MERCI ENCORE
  6. Bonjour à tous, merci pour vos réponses. Non je ne suis pas sur Vista mais sur Xp d'autres suggestions !!
  7. Bonjour, je souhaiterai installer antivir mais malheureusement lors de l'install, une boite de dialogue me precise que je dois etre administrateur de l'ordi pour installer. je suis l'administrateur de mon ordi et il n'existe pas d'autres comptes... avez vous une idée ? merci PS : idem pour l'install de SpywareBlaster
  8. salut !!! bon kapersky en ligne m'a trouvé l'origine du troyen. tout est nikel et remis à niveau. j'ai installé comodo et antivir, je pense que ca devrait aller !!! merci encore pour ton aide bien precieuse !!!!! bon week end
  9. ouaich !! ben le plug and play etait bien desactivé !!! ca va quand meme mieux j 'ai retrouvé mon gestionnaire et la carte son et graphique refonctionne !!! enfin bonjour la galère !!! heureusement que tu etais la !! je flippe un peu quand meme qu'il reste des troyens ou malware ou encore je ne sais quelles merd...es !!! je viens de desinstaller zonealarm et je vais installer comodo tu crois que je ne devrais pas faire une petite restauration su syteme quand meme (ca fait 2 ans que je l'ai et il n'a pas été nettoyé un peu !)
  10. Re !!! Oui j’ai fais la verif du disque mais je n’ai rien eu de spécial comme rapport. Pas de changement notoire au niveau de la carte son et graphique.. tjs rien qui apparaît dans le gestionnaire de périphérique… Sinon je n’ai pas de cd de windows XP, mais que le cd de restauration… (j’ai peut etre un vieux cd de windows 2OOO pro) tu penses qu’il vaut mieux que je me procure un cd de windows xp si je peux ?? mais n’aurais pas besoin du numero de serie ? franchement à voir mon ordi dans cet etat je me sents bien de lui mettre le cd de restauration !!! sinon Voici quelques exemples d’erreurs : En gros il revient tjs un peu la meme erreur sur le service de telephonie…. Plug and play Type de l'événement : Erreur Source de l'événement : Service Control Manager Catégorie de l'événement : Aucun ID de l'événement : 7001 Date : 17/09/2008 Heure : 18:09:28 Utilisateur : N/A Ordinateur : ALEXIA Description : Le service Audio Windows dépend du service Plug-and-Play qui n'a pas pu démarrer en raison de l'erreur : Le service ne peut pas être démarré parce qu'il est désactivé ou qu'aucun périphérique activé ne lui est associé. Pour plus d'informations, consultez le centre Aide et support à l'adresse http://go.microsoft.com/fwlink/events.asp. Type de l'événement : Erreur Source de l'événement : Service Control Manager Catégorie de l'événement : Aucun ID de l'événement : 7001 Date : 17/09/2008 Heure : 18:09:33 Utilisateur : N/A Ordinateur : ALEXIA Description : Le service Gestionnaire de connexions d'accès distant dépend du service Téléphonie qui n'a pas pu démarrer en raison de l'erreur : Le service ou le groupe de dépendance n'a pas pu démarrer. Pour plus d'informations, consultez le centre Aide et support à l'adresse http://go.microsoft.com/fwlink/events.asp. Type de l'événement : Erreur Source de l'événement : Service Control Manager Catégorie de l'événement : Aucun ID de l'événement : 7001 Date : 17/09/2008 Heure : 18:09:54 Utilisateur : N/A Ordinateur : ALEXIA Description : Le service Téléphonie dépend du service Plug-and-Play qui n'a pas pu démarrer en raison de l'erreur : Le service ne peut pas être démarré parce qu'il est désactivé ou qu'aucun périphérique activé ne lui est associé. Pour plus d'informations, consultez le centre Aide et support à l'adresse http://go.microsoft.com/fwlink/events.asp. Bonne soirée
  11. Bonjour Loup blanc, je crois bien que c'est mon Windows qui en a pris un coup. c'est la folie !! par rappport la presence d'erreurs dans le journal... impossible de te faire un cipier coller il doit y avoir une 40 ene d'erreur detectées pour la reinstall de windows je n'ai pas de "vrai" cd de windows mais 2 cd de restauration de l'os et autres drivers fourni par asus. si je fais la reinstall avec ces 2 cd penses tu que le probleme sera effacé ??? je pensai egalement garder intacte ma partition D ou penses tu je dois egalement l'ecraser ??? merci
  12. Bonsoir Loup blanc, voici mon rapport suite à l'install de DiagHelp. MERCI !!! ________________________________________________________________________________ _______ DiagHelp version v1.4 - http://www.malekal.com excute le 12/09/2008 à 18:17:11,43 Liste des derniers fichies modifies/crees dans windir\system32 et prefetch C:\WINDOWS\prefetch\CHCP.COM-17EDBDC9.pf -->12/09/2008 18:14:01 C:\WINDOWS\prefetch\CMD.EXE-034B0549.pf -->12/09/2008 18:13:50 C:\WINDOWS\prefetch\WINRAR.EXE-0AA31BB9.pf -->12/09/2008 18:13:21 C:\WINDOWS\prefetch\VERCLSID.EXE-28F52AD2.pf -->12/09/2008 18:13:09 C:\WINDOWS\prefetch\NOTEPAD.EXE-2F2D61E1.pf -->12/09/2008 18:08:30 C:\WINDOWS\prefetch\WLLOGINPROXY.EXE-090074F0.pf -->12/09/2008 18:07:04 C:\WINDOWS\prefetch\MSMSGS.EXE-0620E8B3.pf -->12/09/2008 18:06:59 C:\WINDOWS\prefetch\AVCENTER.EXE-05983540.pf -->12/09/2008 18:06:58 C:\WINDOWS\prefetch\HPQGALRY.EXE-0EA5066A.pf -->12/09/2008 18:06:57 C:\WINDOWS\prefetch\DOT1XCFG.EXE-008C9A1D.pf -->12/09/2008 18:06:52 C:\WINDOWS\System32\drivers\fidbox.dat -->12/09/2008 18:13:18 C:\WINDOWS\System32\drivers\fidbox.idx -->10/09/2008 20:55:41 C:\WINDOWS\System32\drivers\avipbb.sys -->27/06/2008 15:03:55 C:\WINDOWS\System32\drivers\tcpip.sys -->20/06/2008 13:51:12 C:\WINDOWS\System32\drivers\afd.sys -->20/06/2008 13:40:08 C:\WINDOWS\System32\drivers\tcpip6.sys -->20/06/2008 13:08:27 C:\WINDOWS\System32\drivers\bthport.sys -->14/06/2008 19:33:37 C:\WINDOWS\System32\wpa.dbl -->12/09/2008 18:04:56 C:\WINDOWS\System32\vsconfig.xml -->12/09/2008 18:03:50 C:\WINDOWS\System32\zllictbl.dat -->09/09/2008 18:14:35 C:\WINDOWS\System32\jupdate-1.6.0_07-b06.log -->08/09/2008 14:05:57 C:\WINDOWS\System32\CONFIG.NT -->08/09/2008 13:49:35 C:\WINDOWS\System32\perfh00C.dat -->04/09/2008 09:32:57 C:\WINDOWS\System32\perfh009.dat -->04/09/2008 09:32:57 C:\WINDOWS\System32\perfc00C.dat -->04/09/2008 09:32:57 C:\WINDOWS\System32\perfc009.dat -->04/09/2008 09:32:57 C:\WINDOWS\System32\PerfStringBackup.INI -->04/09/2008 09:32:56 C:\WINDOWS\System32\spupdwxp.log -->04/09/2008 09:27:42 C:\WINDOWS\System32\FNTCACHE.DAT -->04/09/2008 09:26:55 C:\WINDOWS\System32\tdk-screensaver-a03.scr -->01/09/2008 11:38:38 C:\WINDOWS\System32\MRT.exe -->26/08/2008 22:28:12 C:\WINDOWS\System32\TZLog.log -->13/08/2008 10:11:52 C:\WINDOWS\System32\cdm.dll -->18/07/2008 22:10:48 C:\WINDOWS\System32\wuauclt.exe -->18/07/2008 22:10:42 C:\WINDOWS\System32\wups2.dll -->18/07/2008 22:10:40 C:\WINDOWS\System32\wucltui.dll.mui -->18/07/2008 22:10:36 C:\WINDOWS\System32\wups.dll -->18/07/2008 22:10:20 C:\WINDOWS\System32\wuaucpl.cpl.mui -->18/07/2008 22:09:56 C:\WINDOWS\System32\wucltui.dll -->18/07/2008 22:09:46 C:\WINDOWS\System32\wuaucpl.cpl -->18/07/2008 22:09:46 C:\WINDOWS\System32\wuweb.dll -->18/07/2008 22:09:44 C:\WINDOWS\System32\wuapi.dll -->18/07/2008 22:09:44 C:\WINDOWS\WindowsUpdate.log -->12/09/2008 18:08:34 C:\WINDOWS\0.log -->12/09/2008 18:03:50 C:\WINDOWS\wiaservc.log -->12/09/2008 18:03:42 C:\WINDOWS\wiadebug.log -->12/09/2008 18:03:42 C:\WINDOWS\bootstat.dat -->12/09/2008 18:02:12 C:\WINDOWS\SchedLgU.Txt -->10/09/2008 20:55:21 C:\WINDOWS\NeroDigital.ini -->10/09/2008 19:04:59 C:\WINDOWS\tsoc.log -->09/09/2008 19:21:11 C:\WINDOWS\ocmsn.log -->09/09/2008 19:21:11 C:\WINDOWS\ocgen.log -->09/09/2008 19:21:11 C:\WINDOWS\ntdtcsetup.log -->09/09/2008 19:21:11 C:\WINDOWS\KB954154.log -->09/09/2008 19:21:11 C:\WINDOWS\imsins.log -->09/09/2008 19:21:11 C:\WINDOWS\iis6.log -->09/09/2008 19:21:11 C:\WINDOWS\comsetup.log -->09/09/2008 19:21:11 winlogon.exe Verified: Signed svchost.exe Verified: Signed ws2_32.dll Verified: Signed user32.dll Verified: Signed tcpip.sys Verified: Signed ndis.sys Verified: Signed null.sys Verified: Signed ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ explorer.exe pid: 488 Command line: C:\WINDOWS\Explorer.EXE Base Size Version Path 0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll 0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll 0x76610000 0x84000 5.131.2600.5512 C:\WINDOWS\system32\CRYPTUI.dll 0x44080000 0xd0000 7.00.6000.16705 C:\WINDOWS\system32\WININET.dll 0x00400000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll 0x43e00000 0x45000 7.00.6000.16705 C:\WINDOWS\system32\iertutil.dll 0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll 0x753c0000 0x6b000 1.420.2600.5512 C:\WINDOWS\system32\USP10.dll 0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\comctl32.dll 0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll 0x76ac0000 0x11000 3.05.2284.0001 C:\WINDOWS\system32\ATL.DLL 0x7d200000 0x2bc000 3.01.4001.5512 C:\WINDOWS\system32\msi.dll 0x44360000 0x5cd000 7.00.6000.16705 C:\WINDOWS\system32\ieframe.dll 0x44160000 0x127000 7.00.6000.16705 C:\WINDOWS\system32\urlmon.dll 0x442b0000 0x3c000 7.00.6000.16705 C:\WINDOWS\system32\webcheck.dll 0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll 0x164a0000 0x23000 5.02.5721.5145 C:\WINDOWS\system32\WPDShServiceObj.dll 0x109c0000 0x2c000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceTypes.dll 0x10930000 0x49000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceApi.dll 0x10000000 0x5b000 9.00.0000.0332 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll 0x78130000 0x9b000 8.00.50727.1433 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\MSVCR80.dll 0x012e0000 0x4c000 9.00.0000.0000 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA 0x00e50000 0xb000 7.00.0483.0000 C:\Program Files\Zone Labs\ZoneAlarm\zlavscan.dll 0x00f40000 0x4000 5.03.0017.0000 C:\Program Files\Zone Labs\ZoneAlarm\zlavscan_Loc040c.dll 0x00f50000 0x2c000 C:\Program Files\WinRAR\rarext.dll 0x01430000 0x12000 7.00.0000.0015 C:\Program Files\Avira\AntiVir PersonalEdition Classic\shlext.dll 0x7c250000 0x102000 7.10.3077.0000 C:\Program Files\Avira\AntiVir PersonalEdition Classic\MFC71U.DLL 0x01450000 0x56000 7.10.3052.0004 C:\Program Files\Avira\AntiVir PersonalEdition Classic\MSVCR71.dll 0x5d360000 0xf000 7.10.3077.0000 C:\WINDOWS\system32\MFC71FRA.DLL 0x32520000 0x12000 10.00.2609.0000 C:\Program Files\Microsoft Office\Office10\msohev.dll ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ winlogon.exe pid: 1184 Command line: winlogon.exe Base Size Version Path 0x01000000 0x82000 \??\C:\WINDOWS\system32\winlogon.exe 0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll 0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll 0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll 0x753c0000 0x6b000 1.420.2600.5512 C:\WINDOWS\system32\USP10.dll 0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\COMCTL32.dll 0x74730000 0x3d000 3.525.1132.0000 C:\WINDOWS\system32\ODBC32.dll 0x1f840000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll 0x10000000 0x11000 6.14.0010.4129 C:\WINDOWS\system32\Ati2evxx.dll 0x013c0000 0xae000 1.05.0540.0000 C:\WINDOWS\system32\WgaLogon.dll 0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 1C76-2F08 Répertoire de C:\WINDOWS\temp 23/11/2005 20:47 10 703 680 kb867460.EXE 08/06/2005 05:28 36 864 Preload.exe 2 fichier(s) 10 740 544 octets 0 Rép(s) 37 713 843 200 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 1C76-2F08 Répertoire de C:\WINDOWS\system32 14/04/2008 04:33 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 37 713 842 688 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 1C76-2F08 Répertoire de C:\WINDOWS\Downloaded Program Files 08/09/2008 17:17 <REP> . 08/09/2008 17:17 <REP> .. 12/07/2006 11:22 65 desktop.ini 29/08/2008 10:01 518 gp.inf 29/08/2008 10:01 122 688 gp.ocx 25/07/2008 15:55 1 569 hardwaredetection.inf 18/10/2007 10:04 341 296 HPDEXAXO.dll 18/10/2007 10:00 217 HPDEXAXO.inf 19/03/2008 14:52 377 ImageUploader4.inf 19/03/2008 14:52 2 987 528 ImageUploader4.ocx 14/03/2007 04:02 1 055 jinstall-6u1.inf 23/02/2007 00:41 304 544 MessengerStatsPAClient.dll 20/06/2006 15:44 379 704 MsnPUpld.dll 19/06/2006 14:40 393 MsnPUpld.inf 20/06/2006 15:44 117 560 PURen-us.dll 09/01/2007 08:30 110 592 PURfr-fr.dll 29/06/2007 00:02 144 QTPlugin.inf 09/07/2007 12:27 2 377 088 Rawflow.ocx 09/11/2006 15:36 5 019 swflash.inf 17 fichier(s) 6 750 357 octets Total des fichiers listés : 17 fichier(s) 6 750 357 octets 2 Rép(s) 37 713 841 152 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues Export des clefs sensibles.. Liste des fichiers en exception sur le pare-feu XP SP2 "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger" "C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Disabled:Bonjour" "C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Disabled:Skype" "C:\\Documents and Settings\\Alex\\Local Settings\\Temp\\WZSE0.TMP\\SymNRT.exe"="C:\\Documents and Settings\\Alex\\Local Settings\\Temp\\WZSE0.TMP\\SymNRT.exe:*:Enabled:Norton Removal Tool" "D:\\logiciel installe\\Azureus\\Azureus.exe"="D:\\logiciel installe\\Azureus\\Azureus.exe:*:Enabled:Azureus" "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" Export de la clef SharedTaskScheduler [sharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" exports des policies REGEDIT4 [system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 Export des clefs sensibles.. Rechercher adresses sensibles dans le fichier HOSTS... catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-12 18:23:47 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg] "s1"=dword:2df9c43f "s2"=dword:110480d0 "h0"=dword:00000001 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000000 "khjeh"=hex:92,fd,2c,00,eb,70,e0,ba,ca,5b,3f,c4,5c,78,5e,1b,6d,00,75,08,25,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000000 "khjeh"=hex:92,fd,2c,00,eb,70,e0,ba,ca,5b,3f,c4,5c,78,5e,1b,6d,00,75,08,25,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000000 "khjeh"=hex:92,fd,2c,00,eb,70,e0,ba,ca,5b,3f,c4,5c,78,5e,1b,6d,00,75,08,25,.. scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden services: 0 hidden files: 0 KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Process list by traversal of KiWaitListHead 4 - System 352 - ati2evxx.exe 488 - explorer.exe 640 - TosBtHid.exe 708 - avguard.exe 728 - mDNSResponder.e 1152 - csrss.exe 1184 - winlogon.exe 1228 - services.exe 1240 - lsass.exe 1400 - ati2evxx.exe 1484 - svchost.exe 1524 - svchost.exe 1564 - EvtEng.exe 1592 - S24EvMon.exe 1652 - svchost.exe 1780 - svchost.exe 1916 - vsmon.exe 2340 - msmsgs.exe 2428 - cmd.exe 2504 - HControl.exe 2620 - PDVDServ.exe 2652 - TosBtHSP.exe 2668 - ATKOSD.exe 2676 - RTHDCPL.EXE 2692 - SynTPEnh.exe 2712 - wcourier.exe 2720 - ZCfgSvc.exe 2728 - iFrmewrk.exe 2736 - EOUWiz.exe 2744 - BatteryLife.exe 2756 - ALU.exe 2796 - sm56hlpr.exe 2884 - hpwuSchd2.exe 2900 - hpcmpmgr.exe 2928 - avgnt.exe 2972 - zlclient.exe 3004 - ctfmon.exe 3096 - Dot1XCfg.exe 3316 - ChkMail.exe 3360 - TosBtMng.exe 3500 - hpqtra08.exe 3712 - hpqgalry.exe 3736 - iexplore.exe 4072 - TosA2dp.exe Total number of processes = 45 NOTE: Under WinXP, this will not show all processes. KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Driver/Module list by traversal of PsLoadedModuleList 804D7000 - \WINDOWS\system32\ntkrnlpa.exe 806E4000 - \WINDOWS\system32\hal.dll BADA8000 - \WINDOWS\system32\KDCOM.DLL BACB8000 - \WINDOWS\system32\BOOTVID.dll BA6A9000 - spmz.sys BADAA000 - \WINDOWS\System32\Drivers\WMILIB.SYS BA691000 - \WINDOWS\System32\Drivers\SCSIPORT.SYS BA662000 - ACPI.sys BA651000 - pci.sys BA8A8000 - ohci1394.sys BA8B8000 - \WINDOWS\system32\DRIVERS\1394BUS.SYS BA8C8000 - isapnp.sys BACBC000 - compbatt.sys BACC0000 - \WINDOWS\system32\DRIVERS\BATTC.SYS BAE70000 - pciide.sys BAB28000 - \WINDOWS\system32\DRIVERS\PCIIDEX.SYS BA633000 - pcmcia.sys BA8D8000 - MountMgr.sys BA614000 - ftdisk.sys BACC4000 - ACPIEC.sys BAE71000 - \WINDOWS\system32\DRIVERS\OPRGHDLR.SYS BAB30000 - PartMgr.sys BA8E8000 - VolSnap.sys BA5FC000 - atapi.sys BA8F8000 - disk.sys BA908000 - \WINDOWS\system32\DRIVERS\CLASSPNP.SYS BA5DC000 - fltmgr.sys BA5CA000 - sr.sys BA5B3000 - KSecDD.sys BA526000 - Ntfs.sys BA4F9000 - NDIS.sys BA4E5000 - srescan.sys BAB38000 - risdptsk.sys BA4CB000 - Mup.sys BA938000 - \SystemRoot\system32\DRIVERS\nic1394.sys BADC8000 - \SystemRoot\system32\DRIVERS\ATKACPI.sys BAB08000 - \SystemRoot\system32\DRIVERS\intelppm.sys BA2DD000 - \SystemRoot\system32\DRIVERS\ati2mtag.sys BA2C9000 - \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS BA2A1000 - \SystemRoot\system32\DRIVERS\HDAudBus.sys BA28D000 - \SystemRoot\system32\DRIVERS\Rtenicxp.sys BA12F000 - \SystemRoot\system32\DRIVERS\w39n51.sys BAC00000 - \SystemRoot\system32\DRIVERS\usbuhci.sys BA10B000 - \SystemRoot\system32\DRIVERS\USBPORT.SYS BAC08000 - \SystemRoot\system32\DRIVERS\usbehci.sys BAB18000 - \SystemRoot\system32\DRIVERS\rimsptsk.sys BA948000 - \SystemRoot\system32\DRIVERS\i8042prt.sys BAC10000 - \SystemRoot\system32\DRIVERS\kbdclass.sys BA0DC000 - \SystemRoot\system32\DRIVERS\SynTP.sys BADD4000 - \SystemRoot\system32\DRIVERS\USBD.SYS BAC18000 - \SystemRoot\system32\DRIVERS\mouclass.sys BA958000 - \SystemRoot\system32\DRIVERS\imapi.sys BA968000 - \SystemRoot\system32\DRIVERS\cdrom.sys BA978000 - \SystemRoot\system32\DRIVERS\redbook.sys BA0B9000 - \SystemRoot\system32\DRIVERS\ks.sys BAD98000 - \SystemRoot\system32\DRIVERS\CmBatt.sys BA988000 - \SystemRoot\System32\Drivers\tosrfcom.sys BAF7A000 - \SystemRoot\system32\DRIVERS\audstub.sys BADD6000 - \SystemRoot\System32\Drivers\RootMdm.sys BAC20000 - \SystemRoot\System32\Drivers\Modem.SYS BA998000 - \SystemRoot\system32\DRIVERS\rasl2tp.sys BAD9C000 - \SystemRoot\system32\DRIVERS\ndistapi.sys BA0A2000 - \SystemRoot\system32\DRIVERS\ndiswan.sys BA9A8000 - \SystemRoot\system32\DRIVERS\raspppoe.sys BA9B8000 - \SystemRoot\system32\DRIVERS\raspptp.sys BAC28000 - \SystemRoot\system32\DRIVERS\TDI.SYS BA091000 - \SystemRoot\system32\DRIVERS\psched.sys BA9C8000 - \SystemRoot\system32\DRIVERS\msgpc.sys BAC30000 - \SystemRoot\system32\DRIVERS\ptilink.sys BAC38000 - \SystemRoot\system32\DRIVERS\raspti.sys BA9D8000 - \SystemRoot\system32\DRIVERS\termdd.sys BADD8000 - \SystemRoot\system32\DRIVERS\swenum.sys B9F93000 - \SystemRoot\system32\DRIVERS\update.sys BA4A7000 - \SystemRoot\system32\DRIVERS\mssmbios.sys BA9F8000 - \SystemRoot\system32\DRIVERS\tosporte.sys BAA08000 - \SystemRoot\System32\Drivers\NDProxy.SYS A9B67000 - \SystemRoot\system32\drivers\RtkHDAud.sys A9B43000 - \SystemRoot\system32\drivers\portcls.sys BAA38000 - \SystemRoot\system32\drivers\drmk.sys A9A76000 - \SystemRoot\system32\DRIVERS\smserial.sys BAA58000 - \SystemRoot\system32\DRIVERS\usbhub.sys A9A2B000 - \SystemRoot\system32\DRIVERS\klif.sys BADEE000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS BAE9D000 - \SystemRoot\System32\Drivers\Null.SYS BADF0000 - \SystemRoot\System32\Drivers\Beep.SYS BAC58000 - \SystemRoot\System32\drivers\vga.sys BADF2000 - \SystemRoot\System32\Drivers\mnmdd.SYS BADF4000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys BAC60000 - \SystemRoot\System32\Drivers\Msfs.SYS BAC68000 - \SystemRoot\System32\Drivers\Npfs.SYS BA45F000 - \SystemRoot\system32\DRIVERS\rasacd.sys A99F8000 - \SystemRoot\system32\DRIVERS\ipsec.sys A999F000 - \SystemRoot\system32\DRIVERS\tcpip.sys A9977000 - \SystemRoot\system32\DRIVERS\netbt.sys A9951000 - \SystemRoot\system32\DRIVERS\ipnat.sys BAA68000 - \SystemRoot\system32\DRIVERS\wanarp.sys A9829000 - \SystemRoot\System32\vsdatant.sys BAA88000 - \SystemRoot\system32\DRIVERS\arp1394.sys A978B000 - \SystemRoot\System32\Drivers\BisonCam.sys BAA98000 - \SystemRoot\System32\Drivers\STREAM.SYS A9769000 - \SystemRoot\System32\drivers\afd.sys BAAA8000 - \SystemRoot\system32\DRIVERS\netbios.sys BAC80000 - \SystemRoot\system32\DRIVERS\ssmdrv.sys BAAB8000 - \SystemRoot\System32\Drivers\tosrfusb.sys A96E4000 - \SystemRoot\system32\DRIVERS\rdbss.sys A96C9000 - \SystemRoot\System32\Drivers\tosrfbd.sys A9659000 - \SystemRoot\system32\DRIVERS\mrxsmb.sys BAAC8000 - \SystemRoot\System32\Drivers\Fips.SYS A9620000 - \SystemRoot\system32\DRIVERS\avipbb.sys BAE02000 - \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys BAAE8000 - \SystemRoot\system32\DRIVERS\Tosrfhid.sys BAAF8000 - \SystemRoot\System32\Drivers\tosrfbnp.sys BAC88000 - \SystemRoot\system32\DRIVERS\tosrfnds.sys B9FF1000 - \SystemRoot\System32\Drivers\Cdfs.SYS A9573000 - \SystemRoot\System32\Drivers\dump_atapi.sys BAE66000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS BF800000 - \SystemRoot\System32\win32k.sys A95D7000 - \SystemRoot\System32\drivers\Dxapi.sys BAB50000 - \SystemRoot\System32\watchdog.sys BF9C3000 - \SystemRoot\System32\drivers\dxg.sys BAEAA000 - \SystemRoot\System32\drivers\dxgthk.sys BF9D5000 - \SystemRoot\System32\ati2dvag.dll BFA17000 - \SystemRoot\System32\ati2cqag.dll BFA56000 - \SystemRoot\System32\atikvmag.dll BFA8C000 - \SystemRoot\System32\ati3duag.dll BFD10000 - \SystemRoot\System32\ativvaxx.dll BFFA0000 - \SystemRoot\System32\ATMFD.DLL BABE0000 - \SystemRoot\system32\DRIVERS\AegisP.sys A746B000 - \SystemRoot\system32\DRIVERS\s24trans.sys A7453000 - \SystemRoot\system32\DRIVERS\ndisuio.sys A6EDE000 - \SystemRoot\system32\DRIVERS\mrxdav.sys A6E14000 - \SystemRoot\system32\DRIVERS\srv.sys A6C98000 - \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys A6743000 - \SystemRoot\System32\Drivers\HTTP.sys BAFC7000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys Total number of drivers = 135 Liste des programmes installes 1300 1300_Help 1300Tour 1300Trb Adobe Anchor Service CS3 Adobe Asset Services CS3 Adobe Bridge CS3 Adobe Bridge Start Meeting Adobe Camera Raw 4.0 Adobe CMaps Adobe Color - Photoshop Specific Adobe Color Common Settings Adobe Color EU Extra Settings Adobe Color JA Extra Settings Adobe Color NA Recommended Settings Adobe Default Language CS3 Adobe Device Central CS3 Adobe ExtendScript Toolkit 2 Adobe Flash Player 9 ActiveX Adobe Flash Player ActiveX Adobe Fonts All Adobe Help Viewer CS3 Adobe Linguistics CS3 Adobe PDF Library Files Adobe Photoshop CS3 Adobe Photoshop CS3 Adobe Reader 9 - Français Adobe Setup Adobe Stock Photos CS3 Adobe Type Support Adobe Update Manager CS3 Adobe Version Cue CS3 Client Adobe WinSoft Linguistics Plugin Adobe XMP Panels CS3 AiO_Scan AiOSoftware Archiveur WinRAR Assistant de connexion Windows Live Asus ChkMail ASUS Live Update Asus_A_Series_ScreenSaver ASUSDVD ATI - Utilitaire de désinstallation du logiciel ATI Catalyst Control Center ATI Display Driver ATI Parental Control & Encoder ATK0100 ACPI UTILITY Avira AntiVir Personal - Free Antivirus Azureus Vuze BisonCam, NB Pro Bluetooth Stack for Windows BufferChm Copy Correctif pour Lecteur Windows Media 11 (KB939683) Correctif pour Windows Internet Explorer 7 (KB947864) Correctif pour Windows XP (KB952287) CreativeProjects CreativeProjectsTemplates CueTour Destinations Director DocProc DocumentViewer eMule Fax getPlus® for Adobe High Definition Audio - KB888111 HijackThis 2.0.2 Hotfix for Windows Media Format 11 SDK (KB929399) HP Diagnostic Assistant HP Image Zone 4.2 HP PSC & OfficeJet 4.2 HP Software Update HPSystemDiagnostics InstantShare Java 6 Update 7 Lecteur Windows Media 11 Logiciel Intel® PROSet/Wireless mCore mDriver mDrWiFi mEoU mHelp Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 French Language Pack Microsoft .NET Framework 1.1 Hotfix (KB928366) Microsoft .NET Framework 2.0 Language Pack - FRA Microsoft .NET Framework 2.0 Service Pack 1 Microsoft .NET Framework 3.0 French Language Pack Microsoft .NET Framework 3.0 Service Pack 1 Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Office XP Professional avec FrontPage Microsoft User-Mode Driver Framework Feature Pack 1.0 Mise à jour de sécurité pour Lecteur Windows Media (KB911564) Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734) Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782) Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154) Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398) Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734) Mise à jour de sécurité pour Step by Step Interactive Training (KB898458) Mise à jour de sécurité pour Step by Step Interactive Training (KB923723) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838) Mise à jour de sécurité pour Windows XP (KB923689) Mise à jour de sécurité pour Windows XP (KB938464) Mise à jour de sécurité pour Windows XP (KB941569) Mise à jour de sécurité pour Windows XP (KB946648) Mise à jour de sécurité pour Windows XP (KB950760) Mise à jour de sécurité pour Windows XP (KB950762) Mise à jour de sécurité pour Windows XP (KB950974) Mise à jour de sécurité pour Windows XP (KB951066) Mise à jour de sécurité pour Windows XP (KB951376-v2) Mise à jour de sécurité pour Windows XP (KB951376) Mise à jour de sécurité pour Windows XP (KB951698) Mise à jour de sécurité pour Windows XP (KB951748) Mise à jour de sécurité pour Windows XP (KB952954) Mise à jour de sécurité pour Windows XP (KB953839) Mise à jour pour Windows XP (KB951072-v2) Mise à jour pour Windows XP (KB951978) mIWA mLogView mMHouse Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0 Monkey's Audio Motorola SM56 Data Fax Modem mPfMgr mPfWiz mProSafe MSN MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB936181) MSXML 6.0 Parser (KB933579) mWlsSafe mXML mZConfig Nero OEM Overland Package de base Microsoft de service de chiffrement pour cartes à puce PDF Settings PDFCreator PhotoGallery Power4 Gear PrintScreen ProductContext QFolder QuickProjects Readme Realtek High Definition Audio Driver REALTEK PCIE NIC Driver SAMSUNG CDMA Modem Driver Set SAMSUNG Mobile USB Modem 1.0 Software SAMSUNG Mobile USB Modem Software Samsung PC Studio Samsung PC Studio Samsung PC Studio 3 USB Driver Installer Scan Security Update for CAPICOM (KB931906) Security Update for CAPICOM (KB931906) SkinsHP1 Synaptics Pointing Device Driver tdk-screensaver-a03 The KMPlayer (remove only) TrayApp Unload Vodafone 804SS USB driver Software WebFldrs XP WebReg Windows Communication Foundation Language Pack - FRA Windows Genuine Advantage Notifications (KB905474) Windows Genuine Advantage Validation Tool (KB892130) Windows Genuine Advantage Validation Tool (KB892130) Windows Imaging Component Windows Internet Explorer 7 Windows Live installer Windows Live Messenger Windows Media Format 11 runtime Windows Media Format 11 runtime Windows Media Player 11 Windows Presentation Foundation Windows Presentation Foundation Language Pack (FRA) Windows Workflow Foundation FR Language Pack Windows XP Service Pack 3 WinFlash Wireless Console 2 XML Paper Specification Shared Components Language Pack 1.0 XML Paper Specification Shared Components Pack 1.0 ZoneAlarm Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 1C76-2F08 Répertoire de C:\Program Files 08/09/2008 17:23 <REP> . 08/09/2008 17:23 <REP> .. 08/09/2008 14:51 <REP> Adobe 12/07/2006 11:35 <REP> Ahead 26/07/2008 12:47 <REP> Alwil Software 26/07/2008 12:39 <REP> a-squared Anti-Malware 12/07/2006 11:54 <REP> ASUS 12/07/2006 11:33 <REP> ASUSTeK 12/07/2006 11:38 <REP> ATI Technologies 08/09/2008 13:38 <REP> Avira 03/09/2008 14:43 <REP> Bonjour 12/07/2006 11:21 <REP> ComPlus Applications 09/09/2008 19:24 <REP> eMule 08/09/2008 14:20 <REP> Fichiers communs 04/09/2008 13:57 <REP> Hewlett-Packard 04/09/2008 14:36 <REP> HP 12/07/2006 11:27 <REP> Intel 13/08/2008 10:11 <REP> Internet Explorer 08/09/2008 14:07 <REP> Java 04/09/2008 09:25 <REP> Messenger 21/05/2008 16:35 <REP> Microsoft CAPICOM 2.1.0.2 14/09/2006 19:15 <REP> microsoft frontpage 03/09/2008 17:32 <REP> Microsoft Office 04/09/2008 08:52 <REP> Movie Maker 09/04/2007 12:18 <REP> MSBuild 14/08/2006 23:38 <REP> MSN 12/07/2006 11:20 <REP> MSN Gaming Zone 20/11/2006 23:43 <REP> MSXML 4.0 22/08/2007 12:16 <REP> MSXML 6.0 04/09/2008 08:48 <REP> NetMeeting 08/09/2008 14:46 <REP> NOS 12/07/2006 11:20 <REP> Online Services 04/09/2008 08:48 <REP> Outlook Express 14/09/2006 20:16 <REP> PDFCreator 11/10/2007 15:51 <REP> QuickTime 12/07/2006 11:47 <REP> Realtek 09/04/2007 12:14 <REP> Reference Assemblies 23/09/2006 17:45 <REP> Samsung 12/07/2006 11:21 <REP> Services en ligne 12/07/2006 11:49 <REP> Synaptics 12/07/2006 11:59 <REP> Toshiba 08/09/2008 10:16 <REP> Trend Micro 04/02/2008 17:06 <REP> Winamp 21/05/2008 15:11 <REP> Windows Live 19/12/2006 20:51 <REP> Windows Media Connect 2 04/09/2008 08:48 <REP> Windows Media Player 04/09/2008 08:48 <REP> Windows NT 15/09/2006 18:54 <REP> WinRAR 12/07/2006 11:50 <REP> Wireless Console 2 12/07/2006 11:23 <REP> xerox 08/09/2008 17:23 <REP> Zone Labs 0 fichier(s) 0 octets 51 Rép(s) 37 710 238 208 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 1C76-2F08 Répertoire de C:\Program Files\fichiers communs 08/09/2008 14:20 <REP> . 08/09/2008 14:20 <REP> .. 08/09/2008 14:52 <REP> Adobe 12/07/2006 11:35 <REP> Ahead 12/07/2006 11:40 <REP> ATI Technologies 03/09/2008 17:32 <REP> Designer 02/08/2008 11:57 <REP> Hewlett-Packard 04/09/2008 14:02 <REP> HP 12/07/2006 11:30 <REP> InstallShield 08/07/2007 00:34 <REP> Java 03/09/2008 10:16 <REP> Macrovision Shared 06/09/2008 10:16 <REP> Microsoft Shared 12/07/2006 11:21 <REP> MSSoap 12/07/2006 11:16 <REP> ODBC 12/07/2006 11:21 <REP> Services 12/07/2006 11:16 <REP> SpeechEngines 04/09/2008 08:48 <REP> System 0 fichier(s) 0 octets 17 Rép(s) 37 710 235 136 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 1C76-2F08 Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 06/09/2008 10:15 <REP> . 06/09/2008 10:15 <REP> .. 03/09/2008 17:32 <REP> 1033 06/09/2008 10:15 <REP> 1036 29/01/2004 16:08 1 277 952 MSONSEXT.DLL 13/02/2001 10:23 58 784 MSOSV.DLL 03/06/1999 12:09 122 937 MSOWS409.DLL 07/03/2001 07:00 127 033 MSOWS40c.DLL 06/08/2000 12:04 401 462 MSVCP60.DLL 29/01/2004 16:08 69 632 PKMAXCTL.DLL 29/01/2004 16:08 868 352 PKMCDO.DLL 29/01/2004 16:08 53 248 PKMCORE.DLL 29/01/2004 16:08 102 400 PKMFORMS.DLL 29/01/2004 16:38 634 880 PKMRES.DLL 29/01/2004 16:08 28 672 PKMSSTLB.DLL 22/01/2001 05:25 40 960 PKMTEMPL.DLL 29/01/2004 16:08 24 576 PKMTRACE.DLL 29/01/2004 16:08 86 016 PKMWS.DLL 29/01/2004 16:08 237 568 PROMDEMO.DLL 18/03/1999 14:37 593 977 RAGENT.DLL 29/01/2004 16:08 184 320 SECMGR.DLL 29/01/2004 16:08 315 392 VAIDDMGR.DLL 29/01/2004 16:08 32 768 VAIMEM.DLL 19 fichier(s) 5 260 929 octets 4 Rép(s) 37 710 234 112 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 1C76-2F08 Répertoire de C:\ 24/05/2001 13:59 162 304 UNWISE.EXE 1 fichier(s) 162 304 octets 0 Rép(s) 37 710 234 112 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 1C76-2F08 Répertoire de C:\ c:\Documents and Settings\Alex\Application Data\Adobe\Acrobat\7.0\Updater\AdbeRdr710_en_US.exe c:\Documents and Settings\Alex\Application Data\Microsoft\Installer\{457791C5-D702-4143-A7B2-2744BE9573F2}\NewShortcut1_5B69D3033CA54B39B5ECE7D051297E77.exe c:\Documents and Settings\Alex\Bureau\DiagHelp\catchme.exe c:\Documents and Settings\Alex\Bureau\DiagHelp\diff.exe c:\Documents and Settings\Alex\Bureau\DiagHelp\dumphive.exe c:\Documents and Settings\Alex\Bureau\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\Alex\Bureau\DiagHelp\find2.exe c:\Documents and Settings\Alex\Bureau\DiagHelp\Fport.exe c:\Documents and Settings\Alex\Bureau\DiagHelp\grep.exe c:\Documents and Settings\Alex\Bureau\DiagHelp\gzip.exe c:\Documents and Settings\Alex\Bureau\DiagHelp\KProcCheck.exe c:\Documents and Settings\Alex\Bureau\DiagHelp\LFiles.exe c:\Documents and Settings\Alex\Bureau\DiagHelp\LISTDLLS.exe c:\Documents and Settings\Alex\Bureau\DiagHelp\md5sums.exe c:\Documents and Settings\Alex\Bureau\DiagHelp\pslist.exe c:\Documents and Settings\Alex\Bureau\DiagHelp\sigcheck.exe c:\Documents and Settings\Alex\Bureau\DiagHelp\streams.exe c:\Documents and Settings\Alex\Bureau\DiagHelp\swreg.exe c:\Documents and Settings\Alex\Bureau\DiagHelp\tar.exe c:\Documents and Settings\Alex\Local Settings\Temp\hpzmsi01.exe c:\Documents and Settings\Alex\Local Settings\Temp\HPZscr01.exe c:\Documents and Settings\Alex\Local Settings\Temp\LUInit.exe c:\Documents and Settings\Alex\Local Settings\Temp\090808172229\z4barSpInstall.exe c:\Documents and Settings\Alex\Local Settings\Temporary Internet Files\Content.IE5\88IKSW7G\zlsSetup_70_483_000_fr[1].exe c:\Documents and Settings\Alex\Mes documents\sauvegarde-septembre2008\xav\Mes documents\Mes fichiers reçus\_ISDEL.EXE c:\Documents and Settings\Alex\Mes documents\sauvegarde-septembre2008\xav\Mes documents\Mes fichiers reçus\Fight_For_Kisses_Setup.exe c:\Documents and Settings\Alex\Mes documents\sauvegarde-septembre2008\xav\Mes documents\Mes fichiers reçus\SETUP.EXE c:\Documents and Settings\Alex\Mes documents\sauvegarde-septembre2008\xav\Mes documents\Mes fichiers reçus\SoftCAD_3D_Lite_1.16.exe c:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\CDSTART.EXE c:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\SymSetup.EXE c:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\asCore\COMMON\SYMSHARE\AntiSpam\asOELnch.exe c:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\asCore\COMMON\SYMSHARE\AntiSpam\EudoHelp.exe c:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\Firewall\APP\HNetWiz.exe c:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\APP\AlertAst.exe c:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\APP\ALEScan.exe c:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\APP\ALEUpdat.exe c:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\APP\ccEmFlSv.exe c:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\APP\iamstats.exe c:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\APP\ISSVC.exe c:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\SYMSHARE\ADBLCK\NSMdtr.exe c:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\PControl\APP\PCWiz.exe c:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\PControl\APP\UrlLstCk.exe c:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\PControl\APP\Urlupdat.exe c:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\SymLT\CfgWiz.exe c:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\SymLT\SYMSHARE\SMNLnch.exe c:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\ccCommon\ccCommon\ccApp.exe c:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\ccCommon\ccCommon\ccEvtMgr.exe c:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\ccCommon\ccCommon\ccLgView.exe c:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\ccCommon\ccCommon\ccPwdSvc.exe c:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\ccCommon\ccCommon\ccSetMgr.exe c:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\ccCommon\ccCommon\NMain.exe c:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\DCOM98\dcom98.exe c:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\FRE\FREMSI.exe c:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\FRE\FREUpdt.exe c:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\LiveReg\Advisor.exe c:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\LiveReg\IraLrShl.exe c:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\LiveReg\symcsub.exe c:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\LiveReg\VcClnUp.exe c:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\LiveReg\VcSetup.exe c:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\LUpdate\LUSetup.exe c:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\MSI\InstMSIa.exe c:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\MSI\InstMSIw.exe c:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\NISTools\ISRlRstr.exe c:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\Proxy\ccPxyCre\ccProxy.exe c:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SEVINST\sevinst.exe c:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SPBBC\Common\SYMSHARE\SPBBC\SPBBCSvc.exe c:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SPBBC\Common\SYMSHARE\SPBBC\UpdMgr.exe c:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SymLnch\SymLnch.exe c:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet\SymNet\SYMSHARE\SNDInst.exe c:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet\SymNet\SYMSHARE\SNDSrvc.exe c:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet\SymNet\SYMSHARE\IDS\IdsInst.exe c:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SymSC\SYMWMIAV\SymSC\UsrPrmpt.exe c:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SymSC\SYMWMIIS\SymSC\UsrPrmpt.exe c:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\VirusDef\DefInst.exe c:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\CDSTART.EXE c:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\SymSetup.EXE c:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\asCore\COMMON\SYMSHARE\AntiSpam\asOELnch.exe c:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\asCore\COMMON\SYMSHARE\AntiSpam\EudoHelp.exe c:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\Firewall\APP\HNetWiz.exe c:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\APP\AlertAst.exe c:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\APP\ALEScan.exe c:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\APP\ALEUpdat.exe c:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\APP\ccEmFlSv.exe c:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\APP\iamstats.exe c:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\APP\ISSVC.exe c:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\SYMSHARE\ADBLCK\NSMdtr.exe c:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\PControl\APP\PCWiz.exe c:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\PControl\APP\UrlLstCk.exe c:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\PControl\APP\Urlupdat.exe c:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\SymLT\CfgWiz.exe c:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\SymLT\SYMSHARE\SMNLnch.exe c:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\ccCommon\ccCommon\ccApp.exe c:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\ccCommon\ccCommon\ccEvtMgr.exe c:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\ccCommon\ccCommon\ccLgView.exe c:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\ccCommon\ccCommon\ccPwdSvc.exe c:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\ccCommon\ccCommon\ccSetMgr.exe c:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\ccCommon\ccCommon\NMain.exe c:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\DCOM98\dcom98.exe c:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\FRE\FREMSI.exe c:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\FRE\FREUpdt.exe c:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\LiveReg\Advisor.exe c:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\LiveReg\IraLrShl.exe c:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\LiveReg\symcsub.exe c:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\LiveReg\VcClnUp.exe c:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\LiveReg\VcSetup.exe c:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\LUpdate\LUSetup.exe c:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\MSI\InstMSIa.exe c:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\MSI\InstMSIw.exe c:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\NISTools\ISRlRstr.exe c:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\Proxy\ccPxyCre\ccProxy.exe c:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SEVINST\sevinst.exe c:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SPBBC\Common\SYMSHARE\SPBBC\SPBBCSvc.exe c:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SPBBC\Common\SYMSHARE\SPBBC\UpdMgr.exe c:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SymLnch\SymLnch.exe c:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet\SymNet\SYMSHARE\SNDInst.exe c:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet\SymNet\SYMSHARE\SNDSrvc.exe c:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet\SymNet\SYMSHARE\IDS\IdsInst.exe c:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SymSC\SYMWMIAV\SymSC\UsrPrmpt.exe c:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SymSC\SYMWMIIS\SymSC\UsrPrmpt.exe c:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\VirusDef\DefInst.exe c:\Documents and Settings\Invité\Local Settings\Temp\SoftCAD.3D\_ISDEL.EXE c:\Documents and Settings\Invité\Local Settings\Temp\SoftCAD.3D\SETUP.EXE c:\Documents and Settings\Invité\Mes documents\Mes fichiers reçus\_ISDEL.EXE c:\Documents and Settings\Invité\Mes documents\Mes fichiers reçus\Fight_For_Kisses_Setup.exe c:\Documents and Settings\Invité\Mes documents\Mes fichiers reçus\SETUP.EXE c:\Documents and Settings\Invité\Mes documents\Mes fichiers reçus\SoftCAD_3D_Lite_1.16.exe c:\Documents and Settings\Alex\Application Data\Microsoft\IdentityCRL\Production\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Hewlett-Packard\Diagnostic Assistant\data\hprbevdb.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll ****** Fin du rapport DiagHelp Veuillez svp envoyer le fichier C:\upload_moi_ALEXIA.tar.gz a l'adresse http://upload.malekal.com
  13. Salut Loup blanc, Je crois que je vais encore avoir besoin de toi !!! c’est de pire en pire !! ca rame encore !! et de plus maintenant je n’ai plus de son (il me dit qu’il n’y a pas de carte son installé) et un gros problème de carte graphique (plus accès au gestionnaire de la carte vidéo). Je n’ai plus rien qui apparaît dans le gestionnaire de périphérique… c’est la cata… J’avais fais ce que tu m’as dis au dessus soit desinstaller ce qui restait de norton et avast j'ai installé zonealarm... je te remets un rapport en dessous mais je crois que c'es grave là !!! qu'en penses tu ?? MERCI ENCOREEEEEEEEE !!!!!!!!!!!!!!!!!!!! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:46:27, on 10/09/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\ATK0100\HControl.exe C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Wireless Console 2\wcourier.exe C:\WINDOWS\ATK0100\ATKOSD.exe C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe C:\Program Files\ASUS\ASUS Live Update\ALU.exe C:\WINDOWS\sm56hlpr.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Microsoft Office\Office10\WINWORD.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [EOUApp] "C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe" O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1 O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe O4 - HKLM\..\Run: [ABLKSR] C:\WINDOWS\ABLKSR\ABLKSR.exe O4 - HKLM\..\Run: [sMSERIAL] sm56hlpr.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [HP Software Update] "c:\Program Files\HP\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0 O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe O4 - Global Startup: Bluetooth Manager.lnk = ? O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com O15 - Trusted Zone: http://www.secuser.com O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clien...1.0/Rawflow.cab O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/co...ex/qtplugin.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mypix.com/importer/ImageUploader4.cab O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://config.zebulon.fr/plugins/hardwaredetection.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing) O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 10320 bytes
  14. Salut Loup blanc , merci pour ton aide et surtout tes conseils!!!! alors j'ai suivi a la lettre tes recommandations !! j'ai enlever norton et avast pour installer antivir, j'ai mis à jour java et acrobat et il est vrai que ca rame moins ! concernant l'infection, dois-je quand meme faire ces manips dans l'installation system ??? de toute facon il y aura bien un moment ou je vais restaurer mes données alors si c'est pour que de truc apparaisse à ce moment là !! c'est le firewall de windows maitenant qui fonctionne... aurais tu d'autres logiciels utiles à me donner ? je t'ai refais un scan avec HijackThis qu'en penses tu maintenant !!? Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:20:11, on 08/09/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\ATK0100\HControl.exe C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Wireless Console 2\wcourier.exe C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe C:\Program Files\ASUS\ASUS Live Update\ALU.exe C:\WINDOWS\sm56hlpr.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\ATK0100\ATKOSD.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe c:\program files\avira\antivir personaledition classic\avcenter.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [EOUApp] "C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe" O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1 O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe O4 - HKLM\..\Run: [ABLKSR] C:\WINDOWS\ABLKSR\ABLKSR.exe O4 - HKLM\..\Run: [sMSERIAL] sm56hlpr.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [HP Software Update] "c:\Program Files\HP\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0 O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe O4 - Global Startup: Bluetooth Manager.lnk = ? O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com O15 - Trusted Zone: http://www.secuser.com O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clien...1.0/Rawflow.cab O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/co...ex/qtplugin.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mypix.com/importer/ImageUploader4.cab O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing) O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- End of file - 10049 bytes ________________________________________________________________________________ _________________________________________ de plus voici le rapport de : JavaRa 1.11 Removal Log. Report follows after line. ------------------------------------ The JavaRa removal process was started on Mon Sep 08 14:06:46 2008 Found and removed: C:\Program Files\Java\jre1.6.0_01 Found and removed: C:\Program Files\Java\jre1.6.0_02 There was an error removing C:\Program Files\Java\jre1.6.0_03. The error returned was 32. Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC} Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610001 Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610002 Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610003 Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610001 Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610002 Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610003 Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610001 Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610002 Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610003 Found and removed: SOFTWARE\Classes\JavaPlugin.160_01 Found and removed: SOFTWARE\Classes\JavaPlugin.160_02 Found and removed: SOFTWARE\Classes\JavaPlugin.160_03 Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_01 Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_02 Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_03 Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_01 Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_02 Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_03 Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610001 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610002 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610003 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610001 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610002 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610003 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610001 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610002 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610003 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160010} Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160020} Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160030} Found and removed: Software\Classes\JavaPlugin.160_01 Found and removed: Software\Classes\JavaPlugin.160_02 Found and removed: Software\Classes\JavaPlugin.160_03 Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA} Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_01\ Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_02\ Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_03\ Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_01\bin\ Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_02\bin\ Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_03\bin\ Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_01 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_02 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_03 Found and removed: Software\JavaSoft\Java2D\1.6.0_01 Found and removed: Software\JavaSoft\Java2D\1.6.0_02 Found and removed: Software\JavaSoft\Java2D\1.6.0_03 Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_01 Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_02 Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_03 Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB} ------------------------------------ Finished reporting. MERCI ENCORE !!!!!
  15. bonjour, Meme probleme !! je suis infecté par le trojan Win32:whenu. je m'en suis redu compte quand l'ordi a commencé à ramer au niveau de la connexion et que le DD n'arretait pas de travailler !! j'ai fais un scan avec AVASt antivirus et il m'a trouvé ceci : 03/09/2008 13:54:11 SYSTEM 312 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 03/09/2008 13:54:12 SYSTEM 312 An error has occured while attempting to update. Please check the logs. 07/09/2008 12:47:52 Alex 4968 Sign of "Win32:Whenu [Tool]" has been found in "C:\System Volume Information\_restore{BF6BF400-5E5A-4596-BE5F-D78A6A5D761B}\RP293\A0041334.exe" file. 07/09/2008 17:50:01 SYSTEM 1912 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 07/09/2008 17:50:01 SYSTEM 1912 An error has occured while attempting to update. Please check the logs. il l'a donc trouvé et je l'avais normalement enlevé du system, mais apres redemarrage de l'ordi le probleme etait tjs là : connexion super lente et DD qui rame. je me suis rendu sur le forum et ai installé TREND MICRO comme vous le précisiez, voici mon rapport : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:17:02, on 08/09/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe c:\Program Files\Norton Internet Security\ISSVC.exe c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\ATK0100\HControl.exe C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Wireless Console 2\wcourier.exe C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe C:\Program Files\ASUS\ASUS Live Update\ALU.exe C:\WINDOWS\sm56hlpr.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\WINDOWS\ATK0100\ATKOSD.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe C:\Program Files\Alwil Software\Avast4\ashSimpl.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Program Files\Messenger\msmsgs.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - c:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - c:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [EOUApp] "C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe" O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1 O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe O4 - HKLM\..\Run: [ABLKSR] C:\WINDOWS\ABLKSR\ABLKSR.exe O4 - HKLM\..\Run: [sMSERIAL] sm56hlpr.exe O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [HP Software Update] "c:\Program Files\HP\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0 O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe O4 - Global Startup: Bluetooth Manager.lnk = ? O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com O15 - Trusted Zone: http://www.secuser.com O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clien...1.0/Rawflow.cab O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/co...kTime/qtac(...) O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mypix.com/importer/ImageUploader4.cab O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: ISSvc (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe -- End of file - 12894 bytes Pouvez- vous m'aider à m'en debarrasser ???? MERCI D'AVANCE POUR VOTRE AIDE TRES PRECIEUSE
×
×
  • Créer...