Oldcrow

Voili voila... en espérant ne plus vous donner de travail supplémentaire. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:08:37, on 17/11/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ASUS\AASP\1.00.23\aaCenter.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\WINDOWS\vsnp2std.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\dllhost.exe C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\ooVoo\ooVoo.exe C:\Program Files\JabScreen\JABScreen.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Installeurs\Programmes_PC\Antivirus\HijackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ginclasurboulzane.fr/index.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://login.live.com/ppsecure/sha1auth.srf?lc=1036 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ooVoo Toolbar - {A057A204-BACC-4D26-8087-36EE87E26986} - C:\PROGRA~1\OOVOOT~1\OOVOOT~1.DLL O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: ooVoo Toolbar - {A057A204-BACC-4D26-8087-36EE87E26986} - C:\PROGRA~1\OOVOOT~1\OOVOOT~1.DLL O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\JMRaidSetup.exe boot O4 - HKLM\..\Run: [AsusServiceProvider] C:\Program Files\ASUS\AASP\1.00.23\aaCenter.exe O4 - HKLM\..\Run: [AsusStartupHelp] C:\Program Files\ASUS\AASP\1.00.23\AsRunHelp.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Mon Carnet d'Adresses] C:\Documents and Settings\Alain\Mes documents\Carnet d'adresses\adresses.exe O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user') O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.ca.com/us/securityadvisor/virusinfo/webscan.cab O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-20cf62b4c666c10e.spaces.live.co...ad/MsnPUpld.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe O23 - Service: wampapache - Apache Software Foundation - C:\Program Files\wamp\bin\apache\apache2.2.8\bin\httpd.exe O23 - Service: wampmysqld - Unknown owner - C:\Program Files\wamp\bin\mysql\mysql5.0.51b\bin\mysqld-nt.exe -- End of file - 9965 bytes Merci à vous

Le calme semble revenu... L'horripilant key-logger ne s'est plus manifesté : après 10 jours, je suis optimiste. Au cours des nombreux nettoyages, quelques clés de registre ont probablement été altérées : certains addons ne trouvaient plus mes logiciels de simulation. Le problème disparaît après réinstallation. Merci encore à tous ceux qui m'ont aidé

Désolé pour le retard, quelques pb avec France Télécom : pas de ligne quand il pleut, et en ce moment, il pleut beaucoup. On dirait que ça s'arrange... Voici les résultats de RSIT : Logfile of random's system information tool 1.04 (written by random/random) Run by Alain at 2008-11-06 12:06:24 Microsoft Windows XP Professionnel Service Pack 3 System drive C: has 48 GB (68%) free of 71 GB Total RAM: 2047 MB (75% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:06:28, on 06/11/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ASUS\AASP\1.00.23\aaCenter.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\WINDOWS\vsnp2std.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Alain\Bureau\RSIT.exe C:\Installeurs\Programmes_PC\Antivirus\HijackThis\Alain.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ginclasurboulzane.fr/Index.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://login.live.com/ppsecure/sha1auth.srf?lc=1036 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ooVoo Toolbar - {A057A204-BACC-4D26-8087-36EE87E26986} - C:\PROGRA~1\OOVOOT~1\OOVOOT~1.DLL O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: ooVoo Toolbar - {A057A204-BACC-4D26-8087-36EE87E26986} - C:\PROGRA~1\OOVOOT~1\OOVOOT~1.DLL O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\JMRaidSetup.exe boot O4 - HKLM\..\Run: [AsusServiceProvider] C:\Program Files\ASUS\AASP\1.00.23\aaCenter.exe O4 - HKLM\..\Run: [AsusStartupHelp] C:\Program Files\ASUS\AASP\1.00.23\AsRunHelp.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Mon Carnet d'Adresses] C:\Documents and Settings\Alain\Mes documents\Carnet d'adresses\adresses.exe O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user') O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.ca.com/us/securityadvisor/virusinfo/webscan.cab O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-20cf62b4c666c10e.spaces.live.co...ad/MsnPUpld.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe O23 - Service: wampapache - Apache Software Foundation - C:\Program Files\wamp\bin\apache\apache2.2.8\bin\httpd.exe O23 - Service: wampmysqld - Unknown owner - C:\Program Files\wamp\bin\mysql\mysql5.0.51b\bin\mysqld-nt.exe -- End of file - 9680 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-8087-36EE87E26986}] ooVoo Toolbar - C:\PROGRA~1\OOVOOT~1\OOVOOT~1.DLL [2008-07-29 1987544] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll [2008-10-08 652784] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}] EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {A057A204-BACC-4D26-8087-36EE87E26986} - ooVoo Toolbar - C:\PROGRA~1\OOVOOT~1\OOVOOT~1.DLL [2008-07-29 1987544] {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "JMB36X IDE Setup"=C:\WINDOWS\JM\JMInsIDE.exe [2006-10-30 36864] "36X Raid Configurer"=C:\WINDOWS\system32\JMRaidSetup.exe [2006-11-16 1953792] "AsusServiceProvider"=C:\Program Files\ASUS\AASP\1.00.23\aaCenter.exe [2007-01-05 597504] "AsusStartupHelp"=C:\Program Files\ASUS\AASP\1.00.23\AsRunHelp.exe [2006-12-29 363008] "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784] "SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2006-10-05 868352] "SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2006-07-13 729088] "snp2std"=C:\WINDOWS\vsnp2std.exe [2006-09-15 675840] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-09-17 13574144] "nwiz"=nwiz.exe /install [] "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-09-17 86016] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672] "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-07-19 78008] "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] "Launch LCDMon"=C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe [2007-12-13 2051096] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "Mon Carnet d'Adresses"=C:\Documents and Settings\Alain\Mes documents\Carnet d'adresses\adresses.exe [2005-06-29 1908736] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 "MemCheckBoxInRunDlg"=1 "NoSMBalloonTip"=1 "NoDesktopCleanupWizard"=1 "NoWelcomeScreen"=1 "NoStrCmpLogical"=0 "NoInstrumentation"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test" "C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application" "F:\Program Files\Microsoft Games\fs9.exe"="F:\Program Files\Microsoft Games\fs9.exe:*:Enabled:Microsoft Flight Simulator" "C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server" "F:\Program Files\Microsoft Games\Flight Simulator 9\fs9.exe"="F:\Program Files\Microsoft Games\Flight Simulator 9\fs9.exe:*:Enabled:Microsoft Flight Simulator" "F:\Program Files\Microsoft Games\Microsoft Flight Simulator X\fsx.exe"="F:\Program Files\Microsoft Games\Microsoft Flight Simulator X\fsx.exe:*:Enabled:Microsoft Flight Simulator®" "C:\Program Files\FSFDT\FWInn\FWINN.exe"="C:\Program Files\FSFDT\FWInn\FWINN.exe:*:Enabled:FSInn Application" "C:\Program Files\IVAO\IvAp_FS9\ivapnetint.exe"="C:\Program Files\IVAO\IvAp_FS9\ivapnetint.exe:*:Enabled:ivapnetint" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\Program Files\ooVoo\ooVoo.exe"="C:\Program Files\ooVoo\ooVoo.exe:*:Enabled:ooVoo" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\WINDOWS\system32\drivers\svchost.exe"="C:\WINDOWS\system32\drivers\svchost.exe:*:Disabled:svchost" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3a687346-2a3b-11dd-b4dc-806d6172696f}] shell\AutoRun\command - G:\setupSNK.exe ======List of files/folders created in the last 1 months====== 2008-11-06 12:06:24 ----D---- C:\rsit 2008-10-31 17:55:58 ----D---- C:\Documents and Settings\Alain\Application Data\Malwarebytes 2008-10-31 17:55:53 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2008-10-31 17:55:53 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-10-30 12:23:09 ----A---- C:\lopR.txt 2008-10-30 12:22:15 ----D---- C:\Lop SD 2008-10-30 10:34:47 ----D---- C:\WINDOWS\ERUNT 2008-10-30 10:27:29 ----D---- C:\SDFix 2008-10-29 19:20:28 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP 2008-10-29 19:20:21 ----D---- C:\Program Files\Spyware Doctor 2008-10-29 19:20:21 ----D---- C:\Documents and Settings\Alain\Application Data\PC Tools 2008-10-25 05:53:09 ----D---- C:\Program Files\Logitech 2008-10-25 05:53:09 ----D---- C:\Documents and Settings\All Users\Application Data\Logitech 2008-10-24 13:59:21 ----A---- C:\WINDOWS\system32\aswBoot.exe 2008-10-24 13:59:19 ----D---- C:\Program Files\Alwil Software 2008-10-24 08:38:09 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$ 2008-10-21 16:28:29 ----D---- C:\Gincla 2008-10-21 07:02:56 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe 2008-10-21 07:02:51 ----D---- C:\Program Files\Fichiers communs\Adobe 2008-10-16 15:09:39 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$ 2008-10-16 15:09:36 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$ 2008-10-16 15:09:33 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$ 2008-10-16 15:09:19 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$ 2008-10-16 15:09:03 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$ 2008-10-16 14:28:57 ----A---- C:\WINDOWS\system32\PICSDK2.dll 2008-10-16 14:28:57 ----A---- C:\WINDOWS\system32\PICSDK.ini 2008-10-16 14:28:57 ----A---- C:\WINDOWS\system32\PICSDK.dll 2008-10-16 14:28:57 ----A---- C:\WINDOWS\system32\PICEntry.dll 2008-10-16 14:28:57 ----A---- C:\WINDOWS\system32\EpPicPrt.dll 2008-10-16 14:28:57 ----A---- C:\WINDOWS\system32\EPPicMgr.dll 2008-10-16 14:28:30 ----D---- C:\Documents and Settings\All Users\Application Data\EPSON 2008-10-16 14:28:28 ----A---- C:\WINDOWS\system32\E_DCINST.DLL 2008-10-16 14:28:27 ----A---- C:\WINDOWS\system32\E_FLBCAE.DLL 2008-10-16 14:28:27 ----A---- C:\WINDOWS\system32\E_FD4BCAE.DLL 2008-10-16 14:26:12 ----A---- C:\WINDOWS\CDE DX4400DEFGIPS.ini 2008-10-16 14:25:29 ----D---- C:\Program Files\epson 2008-10-16 14:25:29 ----A---- C:\WINDOWS\system32\eswiaml.dll 2008-10-16 14:25:29 ----A---- C:\WINDOWS\system32\eswia7e.dll 2008-10-16 14:25:29 ----A---- C:\WINDOWS\system32\esint7e.dll 2008-10-14 20:51:19 ----D---- C:\WINDOWS\system32\AGEIA 2008-10-14 20:51:18 ----D---- C:\Program Files\AGEIA Technologies 2008-10-14 20:51:13 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard ======List of files/folders modified in the last 1 months====== 2008-11-06 12:05:55 ----D---- C:\WINDOWS\Prefetch 2008-11-06 12:03:40 ----D---- C:\Program Files\Mozilla Firefox 2008-11-06 11:43:46 ----SHD---- C:\WINDOWS\Installer 2008-11-06 11:43:40 ----D---- C:\WINDOWS\Temp 2008-11-06 11:43:26 ----D---- C:\WINDOWS\Registration 2008-11-06 11:42:55 ----D---- C:\Documents and Settings\Alain\Application Data\nView_Wallpaper 2008-11-06 11:10:02 ----A---- C:\WINDOWS\SchedLgU.Txt 2008-11-05 12:16:23 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater 2008-11-04 19:05:31 ----D---- C:\WINDOWS\system32 2008-11-04 12:35:52 ----D---- C:\Dezip 2008-11-04 12:07:16 ----D---- C:\Program Files\Zoom Player 2008-11-03 12:46:41 ----D---- C:\Documents and Settings\Alain\Application Data\FileZilla 2008-11-01 21:19:18 ----SH---- C:\boot.ini 2008-11-01 21:19:18 ----A---- C:\WINDOWS\win.ini 2008-11-01 21:19:18 ----A---- C:\WINDOWS\system.ini 2008-11-01 09:12:32 ----D---- C:\WINDOWS\system32\drivers 2008-11-01 09:12:32 ----D---- C:\Documents and Settings\Alain\Application Data\Google 2008-10-31 17:55:53 ----RD---- C:\Program Files 2008-10-30 19:13:19 ----D---- C:\WINDOWS\system32\CatRoot2 2008-10-30 10:36:08 ----RSHDC---- C:\WINDOWS\system32\dllcache 2008-10-30 10:34:47 ----D---- C:\WINDOWS 2008-10-29 19:21:30 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2008-10-29 18:12:23 ----SD---- C:\WINDOWS\Tasks 2008-10-29 13:24:03 ----D---- C:\Travail 2008-10-29 13:01:09 ----D---- C:\Program Files\WinRAR 2008-10-25 17:23:13 ----SHD---- C:\System Volume Information 2008-10-25 17:23:13 ----D---- C:\WINDOWS\system32\Restore 2008-10-25 09:53:33 ----D---- C:\Program Files\JkDefrag 2008-10-25 09:26:58 ----D---- C:\WINDOWS\security 2008-10-25 09:23:27 ----DC---- C:\WINDOWS\system32\DRVSTORE 2008-10-25 09:21:49 ----D---- C:\Program Files\Internet Explorer 2008-10-25 07:15:54 ----HD---- C:\WINDOWS\inf 2008-10-25 05:53:03 ----D---- C:\Program Files\Fichiers communs 2008-10-24 16:12:48 ----D---- C:\WINDOWS\system32\config 2008-10-24 08:55:27 ----SD---- C:\WINDOWS\Downloaded Program Files 2008-10-24 08:53:08 ----D---- C:\WINDOWS\network diagnostic 2008-10-24 08:38:05 ----HD---- C:\WINDOWS\$hf_mig$ 2008-10-22 07:02:58 ----D---- C:\Program Files\FileZilla Client 2008-10-21 07:02:51 ----D---- C:\Program Files\Adobe 2008-10-16 15:14:13 ----D---- C:\Program Files\Brother 2008-10-16 15:06:21 ----D---- C:\Program Files\Fichiers communs\InstallShield 2008-10-16 14:32:12 ----HD---- C:\Program Files\InstallShield Installation Information 2008-10-15 17:35:43 ----A---- C:\WINDOWS\system32\netapi32.dll 2008-10-14 21:12:40 ----D---- C:\Program Files\Winstars 2008-10-14 20:52:48 ----D---- C:\WINDOWS\Help 2008-10-14 20:52:46 ----D---- C:\WINDOWS\nview 2008-10-07 20:19:40 ----A---- C:\WINDOWS\system32\MRT.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-07-19 26944] R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2006-10-18 12664] R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416] R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-07-19 42912] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560] R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-07-19 94416] R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys [] R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2006-09-08 247296] R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2006-08-29 94080] R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-07-19 23152] R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-09-17 6132576] R3 SaiH0763;SaiH0763; C:\WINDOWS\system32\DRIVERS\SaiH0763.sys [2006-06-05 179968] R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2006-03-17 392960] R3 SNP2STD;USB2.0 PC Camera (SNP2STD); C:\WINDOWS\system32\DRIVERS\snp2sxp.sys [2007-04-09 12039552] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2006-07-26 248832] S3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] S3 BDFsDrv;BDFsDrv; \??\C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys [] S3 BDRsDrv;BDRsDrv; \??\C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys [] S3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys [2004-10-15 15295] S3 catchme;catchme; \??\C:\DOCUME~1\Alain\LOCALS~1\Temp\catchme.sys [] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS [] S3 IKFileSec;File Security Driver; C:\WINDOWS\system32\drivers\ikfilesec.sys [2008-08-25 40840] S3 IKSysFlt;System Filter Driver; C:\WINDOWS\system32\drivers\iksysflt.sys [2008-08-25 66952] S3 IKSysSec;System Security Driver; C:\WINDOWS\system32\drivers\iksyssec.sys [2008-08-25 81288] S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] S3 SaiH0255;SaiH0255; C:\WINDOWS\system32\DRIVERS\SaiH0255.sys [2005-11-03 176640] S3 Ser2pl;Prolific Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2004-06-28 42752] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-07-10 116040] R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-07-19 16056] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-07-19 147640] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376] R2 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-08 168432] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-09-17 163908] R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-07-19 250040] R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-07-23 348344] R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376] S3 sdAuxService;PC Tools Auxiliary Service; C:\Program Files\Spyware Doctor\pctsAuxs.exe [2008-06-13 356920] S3 sdCoreService;PC Tools Security Service; C:\Program Files\Spyware Doctor\pctsSvc.exe [2008-10-09 1079176] S3 wampapache;wampapache; C:\Program Files\wamp\bin\apache\apache2.2.8\bin\httpd.exe [2008-01-18 24635] S3 wampmysqld;wampmysqld; C:\Program Files\wamp\bin\mysql\mysql5.0.51b\bin\mysqld-nt.exe [2008-04-17 5750784] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880] -----------------EOF----------------- info.txt logfile of random's system information tool 1.04 2008-11-06 12:06:29 ======Uninstall list====== -->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER -->MsiExec /X{A7E07C2B-2220-4415-87E3-784D5814BC93} -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf 2D Panel with FREEVIEW for G-Max Alouette III by Peter Salzgeber-->F:\PROGRAM FILES\MICROSOFT GAMES\FLIGHT SIMULATOR 9\Uninstal.exe Active Sky X-->MsiExec.exe /I{A06A6679-41D7-48C5-82F8-7D3B0B654720} Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001} aerosoft's - FlightSim Commander-->C:\Program Files\InstallShield Installation Information\{F941AABE-E868-42D9-9F38-884250F7898A}\setup.exe -runfromtemp -l0x040c -uninst -removeonly AH F9F Panther for Fs2004-->F:\Program Files\Microsoft Games\Flight Simulator 9\Uninstal.exe AlacrityPC-->MsiExec.exe /I{B6D0F294-B844-4FAF-9993-FAC10E9E0F94} Analyseur et SDK MSXML 4.0 SP2-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC} Apple Mobile Device Support-->MsiExec.exe /I{35B91753-5789-4517-9CF1-2CCE3A8CF4F1} Apple Software Update-->MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F} Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986} avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup Bonjour-->MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3} CamStudio 2.0 Fr-->"C:\Program Files\CamStudio\unins000.exe" Carenado Beechcraft T-34 Mentor-->F:\Program Files\Microsoft Games\Flight Simulator 9\UNCARMENTOR Carenado FS9 to FSX-->F:\Program Files\Microsoft Games\Microsoft Flight Simulator X\CarenadoFS9toFSX.exe Condor: The Competition Soaring Simulator 1.0.8-->F:\Program Files\Condor\uninst.exe Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe" Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe" Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Creative Docs .NET-->MsiExec.exe /I{A2FEE4F3-4426-40A3-9A88-B426DB138F4E} CX4300_5500_DX4400 Manuel-->C:\Program Files\EPSON\TPMANUAL\CX4300_5500_DX4400\FRA\USE_G\DOCUNINS.EXE DH Driver Cleaner Professional Edition-->C:\Program Files\Driver Cleaner Pro\Uninstall.exe DivX Content Uploader-->C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN EasyCleaner-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F5346614-B7C4-4E94-826A-E2363155233D}\setup.exe" -l0x9 -removeonly EPSON Copy Utility 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\SETUP.EXE" -l0x40c -UnInstall EPSON Logiciel imprimante-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R EPSON Web-To-Page-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}\SETUP.EXE" -l0x40c -anything EVEREST Ultimate Edition v4.00-->"C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe" FileZilla Client 3.1.4.1-->C:\Program Files\FileZilla Client\uninstall.exe FlightPyrenees Orientales AutogenPack-->F:\Program Files\Microsoft Games\Microsoft Flight Simulator X\uninstal_fpoap.exe FlightPyrénées Orientales BasePack-->F:\Program Files\Microsoft Games\Microsoft Flight Simulator X\uninstal_fpobp.exe FS Descent Calculator-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\Descent Calculator\ST6UNST.LOG" FSGenesis Pacific Islands 76.4m Terrain-->C:\WINDOWS\unvise32.exe F:\PROGRAM FILES\MICROSOFT GAMES\FLIGHT SIMULATOR 9\ADDON SCENERY\FSGDocs\uninstal_pidem76.log FSHELI.CH Alouette II X for Flight Simulator 2004-->F:\Program Files\Microsoft Games\Flight Simulator 9\Uninstal FS Heli.ch Alouette II for FS9.exe FSHELI.CH Alouette II X for Flight Simulator X-->F:\Program Files\Microsoft Games\Microsoft Flight Simulator X\Uninstal FS Heli.ch Alouette II for FSX.exe FSNavigator-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2F76FF6D-B992-4FD9-8686-F09F868B2C58}\Setup.exe" -l0x9 Galerie photo xhtml-->MsiExec.exe /I{09C393BF-FD7A-4B0B-8A43-CAC585ABB22D} Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3} HeliForce V1.0-->"F:\Program Files\HeliForce\unins000.exe" HijackThis 2.0.2-->"C:\Installeurs\Programmes_PC\Antivirus\HijackThis\HijackThis.exe" /uninstall Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" INFORAD MANAGER 3.3-->"C:\Program Files\INFORAD\unins000.exe" IvAe v0.8.2 Textures-->"C:\Program Files\IVAO\IvAe\unins000.exe" IvAp v1.3.4 (b1842)-->"C:\Program Files\IVAO\IvAp_FS9\unins000.exe" IvAp v1.9.4 (build 2014)-->"C:\Program Files\IVAO\IvAp_FSX\unins000.exe" Java 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020} Java 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030} Java 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050} Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070} JkDefrag 3.15 Fr-->"C:\Program Files\JkDefrag\unins000.exe" JMB36X Raid Configurer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}\setup.exe" -l0x40c -removeonly JustFlight Flying Club Archer III FSX-->F:\Program Files\Microsoft Games\Microsoft Flight Simulator X\JFAIIIFSX_Uninstal.exe K-Lite Codec Pack 3.5.3 Full-->"C:\Program Files\K-Lite Codec Pack\unins000.exe" La boite a couleurs version 1.6.14-->"C:\Program Files\LaBoiteACouleurs\unins000.exe" La Réunion-->F:\Program Files\Microsoft Games\Microsoft Flight Simulator X\uninstal_reunion.exe Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall LFRC 2007-->F:\Program Files\Microsoft Games\Flight Simulator 9\Addon Scenery\France\Uninstal.exe Logitech GamePanel Software 2.02-->MsiExec.exe /X{0523EAF4-402C-4435-A0DA-13C40193D811} Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Marvell Miniport Driver-->MsiExec.exe /X{C950420B-4182-49EA-850A-A6A2ABF06C6B} MD-311 FLAMANT-->F:\Program Files\Microsoft Games\Flight Simulator 9\Uninstal.exe Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28} Microsoft .NET Framework 3.0 French Language Pack-->MsiExec.exe /X{E3C080B0-23F5-49AF-89F8-8E8DBC89E659} Microsoft .NET Framework 3.0-->C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setup.exe Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Flight Simulator 2004 Un siècle d'aviation-->"F:\Program Files\Microsoft Games\Flight Simulator 9\UNINSTAL.EXE" /runtemp /addremove Microsoft Flight Simulator X Service Pack 1-->c:\WINDOWS\system32\msiexec.exe /qb /l*vx "%TEMP%\FlightSimPatchUninstall.log" /uninstall {EDE72ED9-E7FA-45A0-A92D-E4E6D72ECC10} /package {F535B2CF-C9BB-4162-B03A-02D6971F32CC} Microsoft Flight Simulator X-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{F535B2CF-C9BB-4162-B03A-02D6971F32CC} Microsoft Flight Simulator X-->MsiExec.exe /X{F535B2CF-C9BB-4162-B03A-02D6971F32CC} Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Office XP Professional avec FrontPage-->MsiExec.exe /I{9028040C-6000-11D3-8CFE-0050048383C9} Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7} Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0-->c:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\setup.exe Mon Carnet d'Adresses-->"C:\Documents and Settings\Alain\Mes documents\Carnet d'adresses\unins000.exe" MonProduit-->C:\Program Files\Microsoft Games\Flight Simulator 9\Aircraft\MIR2000N\Uninstal.exe Mozilla Firefox (3.0.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F} MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E} MTL v3.0.3-->"C:\Program Files\IVAO\IvAp_FS9\unins001.exe" Nero 6 Ultra Edition-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL Notepad++-->C:\Program Files\Notepad++\uninstall.exe NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI NVIDIA PhysX v8.09.04-->MsiExec.exe /X{A7E07C2B-2220-4415-87E3-784D5814BC93} ooVoo Toolbar-->C:\Program Files\oovooToolbar\uninstall.exe ooVoo-->"C:\Program Files\InstallShield Installation Information\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}\setup.exe" -runfromtemp -l0x040c -removeonly Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall PC Probe II-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F7338FA3-DAB5-49B2-900D-0AFB5760C166}\setup.exe" -l0x40c PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe" PicNic-->C:\Program Files\PicNic\Uninstal.exe QuickTime-->MsiExec.exe /I{08CA9554-B5FE-4313-938F-D4A417B81175} Service Pack 2 de Flight Simulator X de Microsoft-->MsiExec.exe /X{CBB2A905-9FF1-4215-BDA2-0DF694F1D023} SimFlyer© GPS296 (FREEWARE EDITION)-->F:\Program Files\Microsoft Games\Flight Simulator 9\GPS296_FREEWARE_FS9_Uninstal.exe Spyware Doctor 6.0-->C:\Program Files\Spyware Doctor\unins000.exe /LOG Stearman and Eagle Field Scenery for FS2004-->f:\Program Files\Microsoft Games\Flight Simulator 9\Uninstal.exe TeamSpeak 2 RC2-->"C:\Program Files\Teamspeak2_RC2\unins000.exe" Thermal Analysis Tool-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6B2C675E-8040-431B-99C4-137DF4FBF75A}\setup.exe" -l0x9 -removeonly TreeX V2-->"C:\Program Files\TreeX\unins000.exe" Trust Webcam 15007-->C:\Program Files\InstallShield Installation Information\{75438C0E-9925-412E-AD85-D0E71C6CE2ED}\setup.exe -runfromtemp -l0x040c -removeonly -u Unlocker 1.8.7-->C:\Program Files\Unlocker\uninst.exe VideoLAN VLC media player 0.8.6e-->C:\Program Files\VideoLAN\VLC\uninstall.exe Virtual E6-B 1.4-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\Virtual E6-B\ST6UNST.LOG" VNC Free Edition 4.1.2-->"C:\Program Files\RealVNC\VNC4\unins000.exe" WampServer 2.0-->"C:\Program Files\wamp\unins000.exe" Winamp3 (remove only)-->C:\Program Files\Winamp3\uninst-wa3.EXE Windows Communication Foundation-->MsiExec.exe /X{491DD792-AD81-429C-9EB4-86DD3D22E333} Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe" Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390} Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65} Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" Windows Presentation Foundation Language Pack (FRA)-->MsiExec.exe /X{6901DD22-527A-41EF-9059-E81FEDE9E494} Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840} Windows Workflow Foundation FR Language Pack-->MsiExec.exe /I{B84C141C-9A13-44BE-9A69-301D7B11D836} Windows Workflow Foundation-->MsiExec.exe /I{7D1B85BD-AA07-48B8-808D-67A4067FC6BD} Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" X Graphics-->MsiExec.exe /I{A47FC79E-FEC9-4E55-8317-538E8D3647F8} XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe" Zoom Player (remove only)-->"C:\Program Files\Zoom Player\uninstall.exe" Zoom Player French language (remove only)-->"C:\Program Files\Zoom Player\Language\uninstall.exe" ======Security center information====== AV: avast! antivirus 4.8.1229 [VPS 081105-0] ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\ "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 6, GenuineIntel "PROCESSOR_REVISION"=0f06 "NUMBER_OF_PROCESSORS"=2 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip -----------------EOF----------------- ouf... Bon courage à vous et merci.

Si tôt dit... Malwarebytes' Anti-Malware 1.30 Version de la base de données: 1349 Windows 5.1.2600 Service Pack 3 01/11/2008 21:14:38 mbam-log-2008-11-01 (21-14-38).txt Type de recherche: Examen rapide Eléments examinés: 45527 Temps écoulé: 6 minute(s), 28 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 1 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 1 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\msconfig (Backdoor.Bot) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\WINDOWS\pchealth\helpctr\binaries\msconfig.exe (Backdoor.Bot) -> Quarantined and deleted successfully. **************** Quand il y en a plus, y en a encore J'avais fait une mise à jour hier, je viens d'en refaire une : bonne idée, je suis passé de la version 1349 à la 1354 ! Un dernier scan ne trouve plus rien (c'est l'avant dernier que j'ai affiché). Vous croyez que je suis sauvé, docteur ?

Il suffit de demander... Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:11:31, on 01/11/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Safe mode Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\Explorer.EXE C:\Installeurs\Programmes_PC\Antivirus\HijackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ginclasurboulzane.fr/Index.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://login.live.com/ppsecure/sha1auth.srf?lc=1036 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ooVoo Toolbar - {A057A204-BACC-4D26-8087-36EE87E26986} - C:\PROGRA~1\OOVOOT~1\OOVOOT~1.DLL O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: ooVoo Toolbar - {A057A204-BACC-4D26-8087-36EE87E26986} - C:\PROGRA~1\OOVOOT~1\OOVOOT~1.DLL O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\JMRaidSetup.exe boot O4 - HKLM\..\Run: [AsusServiceProvider] C:\Program Files\ASUS\AASP\1.00.23\aaCenter.exe O4 - HKLM\..\Run: [AsusStartupHelp] C:\Program Files\ASUS\AASP\1.00.23\AsRunHelp.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Mon Carnet d'Adresses] C:\Documents and Settings\Alain\Mes documents\Carnet d'adresses\adresses.exe O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user') O4 - Startup: Gmail - Boîte de réception.URL O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.ca.com/us/securityadvisor/virusinfo/webscan.cab O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-20cf62b4c666c10e.spaces.live.co...ad/MsnPUpld.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe O23 - Service: wampapache - Apache Software Foundation - C:\Program Files\wamp\bin\apache\apache2.2.8\bin\httpd.exe O23 - Service: wampmysqld - Unknown owner - C:\Program Files\wamp\bin\mysql\mysql5.0.51b\bin\mysqld-nt.exe -- End of file - 8299 bytes Merci encore

Problème résolu ! Un peu de pub... Un logiciel efficace, gratuit et qui parle français, ça mérite bien ça ! Donc un bravo à Malwarebyte's Anti-Malware (facile à trouver sur Google, plus un tuto français aussi) qui a trouvé et supprimé 2 infections de Rogue.PersonnalDefender2009. Le problème est donc dû à la société Personal Defender 2009 qui n'a rien trouvé de mieux pour vendre sa camelote que de coller une fenêtre popup alarmiste (et difficile à désactiver) qui ressemble à un 'vrai' message de danger. Au choix : vente forcée ou racket, je laisse le soin aux juristes le soin de qualifier. Mais il faut que chacun dénonce ce genre de procédés => faites suivre...

" ... ce serait bien la première fois que je vois le firewall windows faire quelque chose. " C'est bien ce que me susurrait mon intuition masculine, je me suis même dit que sans la photo, personne ne me croirait. Je viens donc d'appliquer (sans difficulté) les conseils de Falkra. Dans mon essai précédent, j'avais pris l'option 1, la 2 étant plutôt conseillée aux spécialistes (no comment). Voici les rapports : --------------------\\ Lop S&D 4.2.4-8 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Multiprocessor Free : Intel® Core2 CPU X6800 @ 2.93GHz ) BIOS : BIOS Date: 01/23/07 17:49:22 Ver: 08.00.12 USER : Alain ( Administrator ) BOOT : Normal boot Antivirus : avast! antivirus 4.8.1229 [VPS 081031-0] 4.8.1229 (Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:69 Go (Free:47 Go) D:\ (CD or DVD) E:\ (CD or DVD) F:\ (Local Disk) - NTFS - Total:69 Go (Free:14 Go) "C:\Lop SD" ( MAJ : 27-10-2008|09:15 ) Option : [2] ( 31/10/2008|17:19 ) \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION Supprime! - C:\DOCUME~1\Alain\LOCALS~1\Temp\nsyCB.tmp Supprime! - C:\DOCUME~1\Alain\Cookies\alain@adopt.euroclick[1].txt - [ Fichier Hosts ] .. Restaure! \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ --------------------\\ Listing des dossiers dans APPLIC~1 [12/10/2007|11:49] C:\DOCUME~1\Alain\APPLIC~1\Adobe [13/02/2008|19:23] C:\DOCUME~1\Alain\APPLIC~1\AdobeUM [19/07/2008|15:18] C:\DOCUME~1\Alain\APPLIC~1\Apple Computer [28/07/2007|09:28] C:\DOCUME~1\Alain\APPLIC~1\Brother [13/07/2007|14:48] C:\DOCUME~1\Alain\APPLIC~1\Contacts [27/10/2007|15:51] C:\DOCUME~1\Alain\APPLIC~1\DivX [16/08/2008|11:03] C:\DOCUME~1\Alain\APPLIC~1\Epsitec Cache [26/10/2008|17:10] C:\DOCUME~1\Alain\APPLIC~1\FileZilla [29/10/2008|13:21] C:\DOCUME~1\Alain\APPLIC~1\Google [28/10/2007|15:55] C:\DOCUME~1\Alain\APPLIC~1\Help [02/03/2008|10:12] C:\DOCUME~1\Alain\APPLIC~1\HiFi [13/07/2007|06:41] C:\DOCUME~1\Alain\APPLIC~1\Identities [15/03/2008|20:17] C:\DOCUME~1\Alain\APPLIC~1\InstallShield [16/09/2007|18:01] C:\DOCUME~1\Alain\APPLIC~1\IVAO [13/07/2007|11:37] C:\DOCUME~1\Alain\APPLIC~1\Macromedia [06/09/2008|18:39] C:\DOCUME~1\Alain\APPLIC~1\Media Player Classic [18/08/2008|09:03] C:\DOCUME~1\Alain\APPLIC~1\Microsoft [30/08/2008|20:09] C:\DOCUME~1\Alain\APPLIC~1\Mozilla [18/08/2008|08:31] C:\DOCUME~1\Alain\APPLIC~1\Notepad++ [31/10/2008|16:33] C:\DOCUME~1\Alain\APPLIC~1\nView_Wallpaper [29/03/2008|19:07] C:\DOCUME~1\Alain\APPLIC~1\ooVoo Details [11/09/2008|09:49] C:\DOCUME~1\Alain\APPLIC~1\oovooToolbar [16/08/2008|11:03] C:\DOCUME~1\Alain\APPLIC~1\OPaC bright ideas [29/10/2008|19:20] C:\DOCUME~1\Alain\APPLIC~1\PC Tools [23/07/2007|16:21] C:\DOCUME~1\Alain\APPLIC~1\Sun [19/03/2008|17:30] C:\DOCUME~1\Alain\APPLIC~1\teamspeak2 [31/03/2008|11:29] C:\DOCUME~1\Alain\APPLIC~1\vlc [26/02/2008|12:54] C:\DOCUME~1\Alain\APPLIC~1\WinRAR [21/10/2008|07:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [15/07/2008|08:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple [19/07/2008|15:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer [07/12/2007|09:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Brother [16/10/2008|14:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EPSON [31/10/2008|16:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater [25/10/2008|05:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech [16/02/2008|21:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [24/05/2008|19:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nHancer [24/05/2008|19:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA [13/07/2007|20:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles [18/08/2007|17:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype [30/10/2008|14:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP [13/07/2007|11:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller [13/07/2007|11:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller [25/07/2008|16:08] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia [13/07/2007|06:35] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [13/07/2007|06:35] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [13/07/2007|06:35] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [21/10/2008 08:01][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [31/10/2008 16:33][--ah-----] C:\WINDOWS\tasks\SA.DAT [24/08/2001 12:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini --------------------\\ Listing des dossiers dans C:\Program Files [22/01/2008|15:44] C:\Program Files\(JABNavig) [15/01/2008|20:15] C:\Program Files\1st Screen Recorder [21/10/2008|07:02] C:\Program Files\Adobe [15/03/2008|20:18] C:\Program Files\Aerosoft [14/10/2008|20:51] C:\Program Files\AGEIA Technologies [13/07/2007|15:39] C:\Program Files\Ahead [24/10/2008|13:59] C:\Program Files\Alwil Software [15/09/2007|10:19] C:\Program Files\Analog Devices [15/07/2008|08:37] C:\Program Files\Apple Software Update [05/06/2008|16:02] C:\Program Files\ASUS [24/07/2007|16:10] C:\Program Files\audiograbber [31/08/2008|18:31] C:\Program Files\Bonjour [16/10/2008|15:14] C:\Program Files\Brother [16/04/2008|20:06] C:\Program Files\CamStudio [16/08/2008|11:39] C:\Program Files\Creative Docs [07/06/2008|05:56] C:\Program Files\Descent Calculator [06/09/2008|18:35] C:\Program Files\DivX [24/05/2008|17:57] C:\Program Files\Driver Cleaner Pro [06/08/2008|19:54] C:\Program Files\e-anim [16/10/2008|14:31] C:\Program Files\epson [25/10/2008|05:53] C:\Program Files\Fichiers communs [22/10/2008|07:02] C:\Program Files\FileZilla Client [25/07/2008|16:09] C:\Program Files\Google [02/03/2008|10:12] C:\Program Files\HiFi [02/03/2008|10:12] C:\Program Files\HiFiUninstaller [05/08/2008|16:10] C:\Program Files\INFORAD [05/08/2008|16:10] C:\Program Files\INFORAD_DRIVERS [16/10/2008|14:32] C:\Program Files\InstallShield Installation Information [13/07/2007|07:23] C:\Program Files\Intel [12/09/2007|08:04] C:\Program Files\Intel Corporation [25/10/2008|09:21] C:\Program Files\Internet Explorer [16/04/2008|21:23] C:\Program Files\Internet Video Converter 1.52 fr [03/08/2008|18:31] C:\Program Files\Irfanview_410 [11/10/2007|17:14] C:\Program Files\IVAO [04/05/2008|10:09] C:\Program Files\Jab_FPSx [22/01/2008|15:09] C:\Program Files\Jabnavig [18/07/2007|09:57] C:\Program Files\JabScreen [23/07/2008|08:02] C:\Program Files\Java [25/10/2008|09:53] C:\Program Files\JkDefrag [21/09/2008|17:19] C:\Program Files\JMBerthier [02/12/2007|15:29] C:\Program Files\jtk374en [07/03/2008|10:54] C:\Program Files\Ken Salter [06/09/2008|18:38] C:\Program Files\K-Lite Codec Pack [21/08/2008|14:13] C:\Program Files\LaBoiteACouleurs [03/08/2007|17:16] C:\Program Files\Lavalys [25/10/2008|05:53] C:\Program Files\Logitech [13/07/2007|07:30] C:\Program Files\Marvell [03/09/2008|11:19] C:\Program Files\Messenger [13/07/2007|06:36] C:\Program Files\microsoft frontpage [13/07/2007|22:37] C:\Program Files\Microsoft Office [15/08/2008|14:53] C:\Program Files\Mon Carnet d'Adresses [02/09/2008|08:16] C:\Program Files\Movie Maker [31/10/2008|16:43] C:\Program Files\Mozilla Firefox [25/02/2008|08:11] C:\Program Files\MSBuild [02/09/2008|08:16] C:\Program Files\msn [13/07/2007|06:36] C:\Program Files\msn gaming zone [16/02/2008|21:00] C:\Program Files\MSXML 4.0 [25/02/2008|13:07] C:\Program Files\MSXML 6.0 [13/07/2007|06:36] C:\Program Files\netmeeting [20/08/2008|17:32] C:\Program Files\Notepad++ [05/09/2008|17:10] C:\Program Files\ooVoo [05/09/2008|17:11] C:\Program Files\oovooToolbar [02/09/2008|08:15] C:\Program Files\Outlook Express [08/08/2007|10:25] C:\Program Files\PhotoFiltre [15/10/2007|14:27] C:\Program Files\PicNic [19/07/2008|15:18] C:\Program Files\QuickTime [14/08/2007|14:56] C:\Program Files\RealVNC [25/02/2008|08:10] C:\Program Files\Reference Assemblies [13/07/2007|06:35] C:\Program Files\Services en ligne [30/10/2008|09:02] C:\Program Files\Spyware Doctor [11/10/2007|16:23] C:\Program Files\Teamspeak2_RC2 [16/11/2007|17:54] C:\Program Files\ToniArts [17/02/2008|20:23] C:\Program Files\TreeX [30/07/2007|10:47] C:\Program Files\Ubisoft [13/07/2007|06:41] C:\Program Files\Uninstall Information [02/10/2008|13:55] C:\Program Files\Unlocker [31/03/2008|11:27] C:\Program Files\VideoLAN [09/12/2007|14:22] C:\Program Files\Virtual E6-B [03/09/2008|10:31] C:\Program Files\wamp [01/09/2008|16:55] C:\Program Files\Winamp [01/09/2008|17:02] C:\Program Files\Winamp3 [13/07/2007|11:36] C:\Program Files\Windows Live [10/05/2008|11:21] C:\Program Files\Windows Media Connect 2 [02/09/2008|08:15] C:\Program Files\Windows Media Player [13/07/2007|06:36] C:\Program Files\Windows NT [13/07/2007|06:35] C:\Program Files\WindowsUpdate [29/10/2008|13:01] C:\Program Files\WinRAR [14/10/2008|21:12] C:\Program Files\Winstars [13/07/2007|06:36] C:\Program Files\xerox [30/10/2008|16:40] C:\Program Files\Zoom Player --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [21/10/2008|07:02] C:\Program Files\Fichiers communs\Adobe [13/07/2007|15:39] C:\Program Files\Fichiers communs\Ahead [19/07/2008|15:17] C:\Program Files\Fichiers communs\Apple [13/07/2007|09:20] C:\Program Files\Fichiers communs\Cisco Systems [09/12/2007|14:22] C:\Program Files\Fichiers communs\Designer [17/07/2007|15:50] C:\Program Files\Fichiers communs\DirectX [16/10/2008|15:06] C:\Program Files\Fichiers communs\InstallShield [23/07/2007|16:20] C:\Program Files\Fichiers communs\Java [08/01/2008|17:52] C:\Program Files\Fichiers communs\Microsoft Shared [13/07/2007|06:34] C:\Program Files\Fichiers communs\MSSoap [13/07/2007|08:30] C:\Program Files\Fichiers communs\ODBC [13/07/2007|06:34] C:\Program Files\Fichiers communs\Services [24/04/2008|09:13] C:\Program Files\Fichiers communs\snp2std [13/03/2008|15:35] C:\Program Files\Fichiers communs\Softwin [13/07/2007|08:30] C:\Program Files\Fichiers communs\SpeechEngines [02/09/2008|08:15] C:\Program Files\Fichiers communs\System [08/01/2008|17:51] C:\Program Files\Fichiers communs\WindowsLiveInstaller [14/10/2008|20:51] C:\Program Files\Fichiers communs\Wise Installation Wizard --------------------\\ Process ( 41 Processes ) ... OK ! --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop C:\DOCUME~1\Alain\Cookies\alain@advertising[2].txt --------------------\\ Verification du Registre ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-10-31 17:20:12 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 1091 --------------------\\ Recherche d'autres infections Aucune autre infection trouvée ! [F:21][D:129]-> C:\DOCUME~1\Alain\LOCALS~1\Temp [F:84][D:0]-> C:\DOCUME~1\Alain\Cookies [F:15][D:10]-> C:\DOCUME~1\Alain\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - 30/10/2008|12:25 - Option : [1] 2 - "C:\Lop SD\LopR_2.txt" - 30/10/2008|12:37 - Option : [1] 3 - "C:\Lop SD\LopR_3.txt" - 30/10/2008|12:40 - Option : [1] 4 - "C:\Lop SD\LopR_4.txt" - 30/10/2008|15:18 - Option : [1] 5 - "C:\Lop SD\LopR_5.txt" - 31/10/2008|17:20 - Option : [2] --------------------\\ Fin du rapport a 17:20:42 ************************************************************************ Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:24:15, on 31/10/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ASUS\AASP\1.00.23\aaCenter.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\WINDOWS\vsnp2std.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe C:\WINDOWS\system32\ctfmon.exe C:\Documents and Settings\Alain\Application Data\Google\mupd1_2_1165664.exe C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\cmd.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Documents and Settings\Alain\Bureau\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ginclasurboulzane.fr/Index.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://login.live.com/ppsecure/sha1auth.srf?lc=1036 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ooVoo Toolbar - {A057A204-BACC-4D26-8087-36EE87E26986} - C:\PROGRA~1\OOVOOT~1\OOVOOT~1.DLL O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: ooVoo Toolbar - {A057A204-BACC-4D26-8087-36EE87E26986} - C:\PROGRA~1\OOVOOT~1\OOVOOT~1.DLL O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\JMRaidSetup.exe boot O4 - HKLM\..\Run: [AsusServiceProvider] C:\Program Files\ASUS\AASP\1.00.23\aaCenter.exe O4 - HKLM\..\Run: [AsusStartupHelp] C:\Program Files\ASUS\AASP\1.00.23\AsRunHelp.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Mon Carnet d'Adresses] C:\Documents and Settings\Alain\Mes documents\Carnet d'adresses\adresses.exe O4 - HKCU\..\Run: [asus32] "C:\Documents and Settings\Alain\Application Data\Google\mupd1_2_1165664.exe" O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user') O4 - Startup: Gmail - Boîte de réception.URL O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.ca.com/us/securityadvisor/virusinfo/webscan.cab O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-20cf62b4c666c10e.spaces.live.co...ad/MsnPUpld.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe O23 - Service: wampapache - Apache Software Foundation - C:\Program Files\wamp\bin\apache\apache2.2.8\bin\httpd.exe O23 - Service: wampmysqld - Unknown owner - C:\Program Files\wamp\bin\mysql\mysql5.0.51b\bin\mysqld-nt.exe -- End of file - 9785 bytes Re boot : C'est pas gagné... Je vais essayer de voir du côté de Malware Byte ? Merci de votre aide.

Bonjour à tou(te)s... Un nouveau cheval de Troie se manifeste : Trojan-Keylogger.WIN32.Fung, signalé par Windows Freewall. A noter que l'alerte de Windows Security Alert se produit même quand le pare-feu de Windows est désactivé ; ce pop-up n'offre d'ailleurs comme possiblité que d'aller acheter un produit dont on ne connaîtra le prix qu'après avoir fourni ses coordonnées personnelles... J'ai suivi scrupuleusement les conseils d'Apollo dans "infecte-par-trojan-keyloggerwin32fung" (merci à lui), je n'ai pas rencontré de difficultés ; en revanche les résultats me paraissent optimistes : voir - au moins - les lignes marquées \\ <=== A défaut de pouvoir me débarasser de Trojan-Keylogger.WIN32.Fung, si je pouvais déjà me débarrasser du message de Windows Frewall, ce serait déjà un grand pas... Voici les rapports de SDFix et de LopSD : SDFix: Version 1.238 Run by Alain on 30/10/2008 at 15:05 Microsoft Windows XP [version 5.1.2600] Running From: C:\SDFix Checking Services : Restoring Default Security Values Restoring Default Hosts File Rebooting Checking Files : No Trojan Files Found \\ <=== Removing Temp Files ADS Check : Final Check : catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-10-30 15:13:32 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden services & system hive ... scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 Remaining Services : Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test" "C:\\WINDOWS\\system32\\rundll32.exe"="C:\\WINDOWS\\system32\\rundll32.exe:*:Enabled:Ex‚cuter une DLL en tant qu'application" "F:\\Program Files\\Microsoft Games\\fs9.exe"="F:\\Program Files\\Microsoft Games\\fs9.exe:*:Enabled:Microsoft Flight Simulator" "C:\\WINDOWS\\system32\\dpnsvr.exe"="C:\\WINDOWS\\system32\\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server" "F:\\Program Files\\Microsoft Games\\Flight Simulator 9\\fs9.exe"="F:\\Program Files\\Microsoft Games\\Flight Simulator 9\\fs9.exe:*:Enabled:Microsoft Flight Simulator" "F:\\Program Files\\Microsoft Games\\Microsoft Flight Simulator X\\fsx.exe"="F:\\Program Files\\Microsoft Games\\Microsoft Flight Simulator X\\fsx.exe:*:Enabled:Microsoft Flight Simulator©" "C:\\Program Files\\FSFDT\\FWInn\\FWINN.exe"="C:\\Program Files\\FSFDT\\FWInn\\FWINN.exe:*:Enabled:FSInn Application" "C:\\Program Files\\IVAO\\IvAp_FS9\\ivapnetint.exe"="C:\\Program Files\\IVAO\\IvAp_FS9\\ivapnetint.exe:*:Enabled:ivapnetint" "C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\\Program Files\\ooVoo\\ooVoo.exe"="C:\\Program Files\\ooVoo\\ooVoo.exe:*:Enabled:ooVoo" "C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour" "C:\\WINDOWS\\system32\\drivers\\svchost.exe"="C:\\WINDOWS\\system32\\drivers\\svchost.exe:*:Disabled:svchost" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" Remaining Files : Files with Hidden Attributes : Sat 10 May 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp" Finished! **************************************************************************** --------------------\\ Lop S&D 4.2.4-8 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Multiprocessor Free : Intel® Core2 CPU X6800 @ 2.93GHz ) BIOS : BIOS Date: 01/23/07 17:49:22 Ver: 08.00.12 USER : Alain ( Administrator ) BOOT : Normal boot Antivirus : avast! antivirus 4.8.1229 [VPS 081029-0] 4.8.1229 (Not Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:69 Go (Free:47 Go) D:\ (CD or DVD) E:\ (CD or DVD) F:\ (Local Disk) - NTFS - Total:69 Go (Free:14 Go) "C:\Lop SD" ( MAJ : 27-10-2008|09:15 ) Option : [1] ( 30/10/2008|12:38 ) --------------------\\ Listing des dossiers dans APPLIC~1 [12/10/2007|11:49] C:\DOCUME~1\Alain\APPLIC~1\Adobe [13/02/2008|19:23] C:\DOCUME~1\Alain\APPLIC~1\AdobeUM [19/07/2008|15:18] C:\DOCUME~1\Alain\APPLIC~1\Apple Computer [28/07/2007|09:28] C:\DOCUME~1\Alain\APPLIC~1\Brother [13/07/2007|14:48] C:\DOCUME~1\Alain\APPLIC~1\Contacts [27/10/2007|15:51] C:\DOCUME~1\Alain\APPLIC~1\DivX [16/08/2008|11:03] C:\DOCUME~1\Alain\APPLIC~1\Epsitec Cache [26/10/2008|17:10] C:\DOCUME~1\Alain\APPLIC~1\FileZilla [29/10/2008|13:21] C:\DOCUME~1\Alain\APPLIC~1\Google [28/10/2007|15:55] C:\DOCUME~1\Alain\APPLIC~1\Help [02/03/2008|10:12] C:\DOCUME~1\Alain\APPLIC~1\HiFi [13/07/2007|06:41] C:\DOCUME~1\Alain\APPLIC~1\Identities [15/03/2008|20:17] C:\DOCUME~1\Alain\APPLIC~1\InstallShield [16/09/2007|18:01] C:\DOCUME~1\Alain\APPLIC~1\IVAO [13/07/2007|11:37] C:\DOCUME~1\Alain\APPLIC~1\Macromedia [06/09/2008|18:39] C:\DOCUME~1\Alain\APPLIC~1\Media Player Classic [18/08/2008|09:03] C:\DOCUME~1\Alain\APPLIC~1\Microsoft [30/08/2008|20:09] C:\DOCUME~1\Alain\APPLIC~1\Mozilla [18/08/2008|08:31] C:\DOCUME~1\Alain\APPLIC~1\Notepad++ [30/10/2008|12:16] C:\DOCUME~1\Alain\APPLIC~1\nView_Wallpaper [29/03/2008|19:07] C:\DOCUME~1\Alain\APPLIC~1\ooVoo Details [11/09/2008|09:49] C:\DOCUME~1\Alain\APPLIC~1\oovooToolbar [16/08/2008|11:03] C:\DOCUME~1\Alain\APPLIC~1\OPaC bright ideas [29/10/2008|19:20] C:\DOCUME~1\Alain\APPLIC~1\PC Tools [23/07/2007|16:21] C:\DOCUME~1\Alain\APPLIC~1\Sun [19/03/2008|17:30] C:\DOCUME~1\Alain\APPLIC~1\teamspeak2 [31/03/2008|11:29] C:\DOCUME~1\Alain\APPLIC~1\vlc [26/02/2008|12:54] C:\DOCUME~1\Alain\APPLIC~1\WinRAR [21/10/2008|07:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [15/07/2008|08:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple [19/07/2008|15:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer [07/12/2007|09:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Brother [16/10/2008|14:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EPSON [29/10/2008|18:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater [25/10/2008|05:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech [16/02/2008|21:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [24/05/2008|19:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nHancer [24/05/2008|19:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA [13/07/2007|20:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles [18/08/2007|17:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype [30/10/2008|12:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP [13/07/2007|11:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller [13/07/2007|11:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller [25/07/2008|16:08] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia [13/07/2007|06:35] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [13/07/2007|06:35] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [13/07/2007|06:35] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [21/10/2008 08:01][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [30/10/2008 12:16][--ah-----] C:\WINDOWS\tasks\SA.DAT [24/08/2001 12:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini --------------------\\ Listing des dossiers dans C:\Program Files [22/01/2008|15:44] C:\Program Files\(JABNavig) [15/01/2008|20:15] C:\Program Files\1st Screen Recorder [21/10/2008|07:02] C:\Program Files\Adobe [15/03/2008|20:18] C:\Program Files\Aerosoft [14/10/2008|20:51] C:\Program Files\AGEIA Technologies [13/07/2007|15:39] C:\Program Files\Ahead [24/10/2008|13:59] C:\Program Files\Alwil Software [15/09/2007|10:19] C:\Program Files\Analog Devices [15/07/2008|08:37] C:\Program Files\Apple Software Update [05/06/2008|16:02] C:\Program Files\ASUS [24/07/2007|16:10] C:\Program Files\audiograbber [31/08/2008|18:31] C:\Program Files\Bonjour [16/10/2008|15:14] C:\Program Files\Brother [16/04/2008|20:06] C:\Program Files\CamStudio [16/08/2008|11:39] C:\Program Files\Creative Docs [07/06/2008|05:56] C:\Program Files\Descent Calculator [06/09/2008|18:35] C:\Program Files\DivX [24/05/2008|17:57] C:\Program Files\Driver Cleaner Pro [06/08/2008|19:54] C:\Program Files\e-anim [16/10/2008|14:31] C:\Program Files\epson [25/10/2008|05:53] C:\Program Files\Fichiers communs [22/10/2008|07:02] C:\Program Files\FileZilla Client [25/07/2008|16:09] C:\Program Files\Google [02/03/2008|10:12] C:\Program Files\HiFi [02/03/2008|10:12] C:\Program Files\HiFiUninstaller [05/08/2008|16:10] C:\Program Files\INFORAD [05/08/2008|16:10] C:\Program Files\INFORAD_DRIVERS [16/10/2008|14:32] C:\Program Files\InstallShield Installation Information [13/07/2007|07:23] C:\Program Files\Intel [12/09/2007|08:04] C:\Program Files\Intel Corporation [25/10/2008|09:21] C:\Program Files\Internet Explorer [16/04/2008|21:23] C:\Program Files\Internet Video Converter 1.52 fr [03/08/2008|18:31] C:\Program Files\Irfanview_410 [11/10/2007|17:14] C:\Program Files\IVAO [04/05/2008|10:09] C:\Program Files\Jab_FPSx [22/01/2008|15:09] C:\Program Files\Jabnavig [18/07/2007|09:57] C:\Program Files\JabScreen [23/07/2008|08:02] C:\Program Files\Java [25/10/2008|09:53] C:\Program Files\JkDefrag [21/09/2008|17:19] C:\Program Files\JMBerthier [02/12/2007|15:29] C:\Program Files\jtk374en [07/03/2008|10:54] C:\Program Files\Ken Salter [06/09/2008|18:38] C:\Program Files\K-Lite Codec Pack [21/08/2008|14:13] C:\Program Files\LaBoiteACouleurs [03/08/2007|17:16] C:\Program Files\Lavalys [25/10/2008|05:53] C:\Program Files\Logitech [13/07/2007|07:30] C:\Program Files\Marvell [03/09/2008|11:19] C:\Program Files\Messenger [13/07/2007|06:36] C:\Program Files\microsoft frontpage [13/07/2007|22:37] C:\Program Files\Microsoft Office [15/08/2008|14:53] C:\Program Files\Mon Carnet d'Adresses [02/09/2008|08:16] C:\Program Files\Movie Maker [30/10/2008|12:18] C:\Program Files\Mozilla Firefox [25/02/2008|08:11] C:\Program Files\MSBuild [02/09/2008|08:16] C:\Program Files\msn [13/07/2007|06:36] C:\Program Files\msn gaming zone [16/02/2008|21:00] C:\Program Files\MSXML 4.0 [25/02/2008|13:07] C:\Program Files\MSXML 6.0 [13/07/2007|06:36] C:\Program Files\netmeeting [20/08/2008|17:32] C:\Program Files\Notepad++ [05/09/2008|17:10] C:\Program Files\ooVoo [05/09/2008|17:11] C:\Program Files\oovooToolbar [02/09/2008|08:15] C:\Program Files\Outlook Express [08/08/2007|10:25] C:\Program Files\PhotoFiltre [15/10/2007|14:27] C:\Program Files\PicNic [19/07/2008|15:18] C:\Program Files\QuickTime [14/08/2007|14:56] C:\Program Files\RealVNC [25/02/2008|08:10] C:\Program Files\Reference Assemblies [13/07/2007|06:35] C:\Program Files\Services en ligne [30/10/2008|09:02] C:\Program Files\Spyware Doctor [11/10/2007|16:23] C:\Program Files\Teamspeak2_RC2 [16/11/2007|17:54] C:\Program Files\ToniArts [17/02/2008|20:23] C:\Program Files\TreeX [30/07/2007|10:47] C:\Program Files\Ubisoft [13/07/2007|06:41] C:\Program Files\Uninstall Information [02/10/2008|13:55] C:\Program Files\Unlocker [31/03/2008|11:27] C:\Program Files\VideoLAN [09/12/2007|14:22] C:\Program Files\Virtual E6-B [03/09/2008|10:31] C:\Program Files\wamp [01/09/2008|16:55] C:\Program Files\Winamp [01/09/2008|17:02] C:\Program Files\Winamp3 [13/07/2007|11:36] C:\Program Files\Windows Live [10/05/2008|11:21] C:\Program Files\Windows Media Connect 2 [02/09/2008|08:15] C:\Program Files\Windows Media Player [13/07/2007|06:36] C:\Program Files\Windows NT [13/07/2007|06:35] C:\Program Files\WindowsUpdate [29/10/2008|13:01] C:\Program Files\WinRAR [14/10/2008|21:12] C:\Program Files\Winstars [13/07/2007|06:36] C:\Program Files\xerox [28/10/2008|12:09] C:\Program Files\Zoom Player --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [21/10/2008|07:02] C:\Program Files\Fichiers communs\Adobe [13/07/2007|15:39] C:\Program Files\Fichiers communs\Ahead [19/07/2008|15:17] C:\Program Files\Fichiers communs\Apple [13/07/2007|09:20] C:\Program Files\Fichiers communs\Cisco Systems [09/12/2007|14:22] C:\Program Files\Fichiers communs\Designer [17/07/2007|15:50] C:\Program Files\Fichiers communs\DirectX [16/10/2008|15:06] C:\Program Files\Fichiers communs\InstallShield [23/07/2007|16:20] C:\Program Files\Fichiers communs\Java [08/01/2008|17:52] C:\Program Files\Fichiers communs\Microsoft Shared [13/07/2007|06:34] C:\Program Files\Fichiers communs\MSSoap [13/07/2007|08:30] C:\Program Files\Fichiers communs\ODBC [13/07/2007|06:34] C:\Program Files\Fichiers communs\Services [24/04/2008|09:13] C:\Program Files\Fichiers communs\snp2std [13/03/2008|15:35] C:\Program Files\Fichiers communs\Softwin [13/07/2007|08:30] C:\Program Files\Fichiers communs\SpeechEngines [02/09/2008|08:15] C:\Program Files\Fichiers communs\System [08/01/2008|17:51] C:\Program Files\Fichiers communs\WindowsLiveInstaller [14/10/2008|20:51] C:\Program Files\Fichiers communs\Wise Installation Wizard --------------------\\ Process ( 44 Processes ) ... OK ! \\ <=== --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! \\ <=== --------------------\\ Recherche de Fichiers / Dossiers Lop C:\DOCUME~1\Alain\LOCALS~1\Temp\nsyCB.tmp C:\DOCUME~1\Alain\Cookies\alain@advertising[1].txt C:\DOCUME~1\Alain\Cookies\alain@adopt.euroclick[1].txt --------------------\\ Verification du Registre ..... OK ! \\ <=== --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE \\ <=== --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-10-30 12:39:57 Windows 5.1.2600 Service Pack 3 NTFS detected NTDLL code modification: ZwClose scanning hidden processes ... scanning hidden files ... scan completed successfully \\ <=== hidden processes: 0 hidden files: 1090 --------------------\\ Recherche d'autres infections Aucune autre infection trouvée ! \\ <=== [F:15][D:130]-> C:\DOCUME~1\Alain\LOCALS~1\Temp [F:71][D:0]-> C:\DOCUME~1\Alain\Cookies [F:12][D:10]-> C:\DOCUME~1\Alain\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - 30/10/2008|12:25 - Option : [1] 2 - "C:\Lop SD\LopR_2.txt" - 30/10/2008|12:37 - Option : [1] 3 - "C:\Lop SD\LopR_3.txt" - 30/10/2008|12:40 - Option : [1] --------------------\\ Fin du rapport a 12:40:40 O-C