AGECOBOY

probleme résolu ,merci à no3p pour le temps passé et les conseils dispensés...

bonjour, ben à partir du moment ou j'ai pu relancer des exe , notamment mbam ,puis ensuite faire les maj des differents logiciels ,par exemple j'ai pu faire le scan kaspersky, l"ordi tourne normalement, pas de déconnexion ,pas de renvoi vers sites,impec quoi, je pourrais en rester là .... àprès en cas de prob, avec ce que tu m'as appris je pourrai nettoyer, mais par exemple pour des opé de banques ou des virements paypal je ne suis pas certain d'ètre blanc. Quoi qu'il en soit ,mon problème est résolu, j'ai remplacé avast par antivir, appris plein de choses et te remercie de ton aide. amicalement. ps fait passer ton mail perso que l'on finalise le foie gras!

bonsoir,et merci ci apres rapport otmove, amicalement ========== PROCESSES ========== Process explorer.exe killed successfully. ========== FILES ========== C:\autorun.inf moved successfully. Folder move failed. G:\autorun.inf scheduled to be moved on reboot. File/Folder H:\autorun.inf not found. Folder move failed. K:\autorun.inf scheduled to be moved on reboot. ========== COMMANDS ========== File delete failed. C:\DOCUME~1\Eric\LOCALS~1\Temp\etilqs_9Hy6yWSepmCjSkjkadTO scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\Eric\LOCALS~1\Temp\~DFA52F.tmp scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\Eric\LOCALS~1\Temp\~DFA541.tmp scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\Eric\LOCALS~1\Temp\~DFB8E9.tmp scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\Eric\LOCALS~1\Temp\~DFB8FB.tmp scheduled to be deleted on reboot. User's Temp folder emptied. User's Temporary Internet Files folder emptied. User's Internet Explorer cache folder emptied. Local Service Temp folder emptied. File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. Local Service Temporary Internet Files folder emptied. Windows Temp folder emptied. Java cache emptied. File delete failed. C:\Documents and Settings\Eric\Local Settings\Application Data\Mozilla\Firefox\Profiles\ner8aoov.default\Cache\_CACHE_001_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Eric\Local Settings\Application Data\Mozilla\Firefox\Profiles\ner8aoov.default\Cache\_CACHE_002_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Eric\Local Settings\Application Data\Mozilla\Firefox\Profiles\ner8aoov.default\Cache\_CACHE_003_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Eric\Local Settings\Application Data\Mozilla\Firefox\Profiles\ner8aoov.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Eric\Local Settings\Application Data\Mozilla\Firefox\Profiles\ner8aoov.default\urlclassifier3.sqlite scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Eric\Local Settings\Application Data\Mozilla\Firefox\Profiles\ner8aoov.default\XUL.mfl scheduled to be deleted on reboot. FireFox cache emptied. Temp folders emptied. OTMoveIt3 by OldTimer - Version 1.0.7.2 log created on 12272008_192538

salut j'ai pas du faire comme il faut avec usbfix,il me parlait de suppression, c'avait l'air chaud -------------- UsbFix V2.413.7 --------------- * User : Eric - DELL * Outils mis a jours le 24/12/2008 par Chiquitine29 et Chimay8 * Recherche effectuée à 23:20:03 le 25/12/2008 * Windows Xp - Internet Explorer 7.0.5730.13 --------------- [ Processus actifs ] ---------------- C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avwsc.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\oodag.exe C:\WINDOWS\eHome\ehRec.exe C:\WINDOWS\system32\logonui.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\userinit.exe C:\WINDOWS\ehome\mcrdsvc.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\SearchIndexer.exe --------------- [ Informations lecteurs ] ---------------- C: - Lecteur fixe G: - Lecteur amovible H: - Lecteur fixe I: - Lecteur de CD-ROM J: - Lecteur de CD-ROM K: - Lecteur amovible +- Contenu de l'autorun : C:\autorun.inf +- Contenu de l'autorun : G:\autorun.inf +- Contenu de l'autorun : H:\autorun.inf [Autorun] OPEN=rundll32.exe url,FileProtocolHandler library.htm +- Contenu de l'autorun : K:\autorun.inf --------------- [ Lecteur C ] ---------------- C: - Lecteur fixe +- Listing des fichiers présents : [16/10/2007 09:51][--a------] C:\AUTOEXEC.BAT [10/08/2004 13:00][-rahs----] C:\NTDETECT.COM [12/12/2008 20:34][-rahs----] C:\boot.ini [21/12/2008 12:52][drahs----] C:\autorun.inf [23/12/2008 07:19][--a------] C:\avenger.txt [23/12/2008 07:19][--a------] C:\ComboFix.txt [23/12/2008 07:19][--a------] C:\UsbFix.txt [16/10/2007 09:51][--a------] C:\CONFIG.SYS [16/10/2007 09:51][--a------] C:\IO.SYS [16/10/2007 09:51][--a------] C:\MSDOS.SYS [16/10/2007 09:51][--a------] C:\pagefile.sys --------------- [ Lecteur G ] ---------------- G: - Lecteur amovible +- Listing des fichiers présents : [21/12/2008 12:53][drahs----] G:\autorun.inf --------------- [ Lecteur H ] ---------------- H: - Lecteur fixe +- Listing des fichiers présents : [20/01/2004 22:34][--a------] H:\ACD_smx_51213622.exe [20/01/2004 22:34][--a------] H:\avg6656fu_free.exe [20/01/2004 22:34][--a------] H:\DivX521XP2K.exe [20/01/2004 22:34][--a------] H:\dxball.exe [20/01/2004 22:34][--a------] H:\PMagic.exe [20/01/2004 22:34][--a------] H:\ToolbarSetup.exe [24/09/2005 18:26][--a------] H:\autorun.inf [05/05/2004 21:39][--a------] H:\Log.txt --------------- [ Lecteur I ] ---------------- I: - Lecteur de CD-ROM +- Listing des fichiers présents : --------------- [ Lecteur J ] ---------------- J: - Lecteur de CD-ROM +- Listing des fichiers présents : --------------- [ Lecteur K ] ---------------- K: - Lecteur amovible +- Listing des fichiers présents : [13/12/2008 16:01][--a------] K:\boum-setup.exe [13/12/2008 16:01][--a------] K:\Flash_Disinfector.exe [21/12/2008 12:53][drahs----] K:\autorun.inf --------------- [ Registre / Startup ] ---------------- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "Userinit"="C:\\WINDOWS\\system32\\userinit.exe," [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run] CTFMON.EXE=C:\WINDOWS\system32\ctfmon.exe IncrediMail=C:\Program Files\IncrediMail\bin\IncMail.exe /c SetDefaultMIDI=MIDIDef.exe msnmsgr="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background SpybotSD TeaTimer=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run] ehTray=C:\WINDOWS\ehome\ehtray.exe SunJavaUpdateSched="C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" CTHelper=CTHELPER.EXE CTxfiHlp=CTXFIHLP.EXE Adobe Reader Speed Launcher="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" P17Helper=Rundll32 P17.dll,P17Helper UpdReg=C:\WINDOWS\UpdReg.EXE OSD=C:\WINDOWS\osd.exe VisualTooltip=C:\WINDOWS\Resources\Themes\VistaXP\vt\VisualToolTip.exe NeroFilterCheck=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe HP Software Update="C:\Program Files\HP\HP Software Update\HPWuSchd.exe" HP Component Manager="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" avgnt="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min NvCplDaemon=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents= <NO NAME>= HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL= Installed=1 <NO NAME>= HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI= NoChange=1 Installed=1 <NO NAME>= HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS= Installed=1 <NO NAME>= --------------- [ Registre / Mountpoint2 ] ---------------- Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{28b87136-0b1b-11dd-be88-0060b3ce4220}\Shell\AutoRun\command Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{95c24e78-7d98-11dc-be32-0013721228db}\Shell\AutoRun\command Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e8101cce-ab10-11dc-be63-0008d3350bfe}\Shell\AutoRun\command --------------- [ Nettoyage des disques ] ---------------- Echec de la supression !! - [25/12/2008 23:21] C:\autorun.inf

bonsoir ,avec difficulté j'ai réussi mbam en mode sans échec voici le log j'avais fait avant un disinfector mais pas l'air de s'ètre passé grand chose bon ap et joyeux noel Malwarebytes' Anti-Malware 1.31 Version de la base de données: 1537 Windows 5.1.2600 Service Pack 3 23/12/2008 20:07:49 mbam-log-2008-12-23 (20-07-49).txt Type de recherche: Examen complet (C:\|D:\|E:\|F:\|G:\|I:\|J:\|) Eléments examinés: 224297 Temps écoulé: 36 minute(s), 46 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 2 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\Documents and Settings\Eric\Local Settings\temp\TDSS86d4.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Documents and Settings\Eric\Local Settings\temp\TDSS86e4.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Désolé pour ce long délai. bonsoir aucun problème je viens moi aussi de te relire ce soir à 18h30,d'autres problèmes plus graves,donc tu fais comme tu peux et c'est déjà sympa le log Logfile of random's system information tool 1.04 (written by random/random) Run by Eric at 2008-12-19 18:36:51 Microsoft Windows XP Professionnel Service Pack 3 System drive C: has 395 GB (84%) free of 472 GB Total RAM: 2046 MB (70% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:36:54, on 19/12/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\oodag.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe C:\WINDOWS\system32\CTHELPER.EXE C:\WINDOWS\system32\CTXFIHLP.EXE C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\osd.exe C:\WINDOWS\Resources\Themes\VistaXP\vt\VisualToolTip.exe C:\WINDOWS\SYSTEM32\CTXFISPI.EXE C:\Program Files\HP\HP Software Update\HPWuSchd.exe C:\WINDOWS\eHome\ehmsas.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Hercules\WiFi Station\WifiStation.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Documents and Settings\Eric\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe C:\Documents and Settings\Eric\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\Java\jre1.6.0_04\bin\jucheck.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\PROGRA~1\INCRED~1\bin\IMApp.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe C:\Documents and Settings\Eric\Bureau\RSIT.exe C:\Program Files\HP\hpcoretech\comp\hpdarc.exe C:\Program Files\trend micro\Eric.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neuf.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [OSD] C:\WINDOWS\osd.exe O4 - HKLM\..\Run: [VisualTooltip] C:\WINDOWS\Resources\Themes\VistaXP\vt\VisualToolTip.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [setDefaultMIDI] MIDIDef.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - S-1-5-18 Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\Eric\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe (User 'SYSTEM') O4 - .DEFAULT Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\Eric\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe (User 'Default user') O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\Eric\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: WiFi Station.lnk = ? O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Documents and Settings\Eric\Mes documents\mes logiciels\Titan Poker\casino.exe O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Documents and Settings\Eric\Mes documents\mes logiciels\Titan Poker\casino.exe O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: *.sony-europe.com O15 - Trusted Zone: *.sonystyle-europe.com O15 - Trusted Zone: *.vaio-link.com O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15031/CTSUEng.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su2/CTL_V02002/ocx/15033/CTPID.cab O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 9184 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2004-05-12 744960] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll [2007-12-14 509328] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2007-10-27 2436160] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-11-29 737776] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512] "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe [2007-12-14 144784] "CTHelper"=C:\WINDOWS\system32\CTHELPER.EXE [2006-11-28 19456] "CTxfiHlp"=C:\WINDOWS\system32\CTXFIHLP.EXE [2006-11-28 20480] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-10-10 39792] "P17Helper"=Rundll32 P17.dll [] "UpdReg"=C:\WINDOWS\UpdReg.EXE [2000-05-11 90112] "OSD"=C:\WINDOWS\osd.exe [2007-01-21 86016] "VisualTooltip"=C:\WINDOWS\Resources\Themes\VistaXP\vt\VisualToolTip.exe [2007-04-25 956928] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2005-07-08 7110656] "NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2007-03-15 153136] "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd.exe [2003-08-04 49152] "HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2003-12-22 241664] "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "IncrediMail"=C:\Program Files\IncrediMail\bin\IncMail.exe [2007-11-19 214456] "SetDefaultMIDI"=C:\WINDOWS\MIDIDef.exe [2006-08-17 25600] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5724184] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe WiFi Station.lnk - C:\Program Files\Hercules\WiFi Station\WifiStation.exe Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Documents and Settings\Eric\Menu Démarrer\Programmes\Démarrage Outil de notification Live Search.lnk - C:\Documents and Settings\Eric\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\GoToAssist] C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll [2007-10-17 10792] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2008-05-26 304128] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoDrives"=0 "NoDriveAutoRun"=67108863 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"= "NoDriveAutoRun"= "NoDriveTypeAutoRun"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\WINDOWS\system32\java.exe"="C:\WINDOWS\system32\java.exe:*:Enabled:Java Platform SE binary" "C:\Documents and Settings\Eric\Mes documents\mes logiciels\incredimail_install.exe"="C:\Documents and Settings\Eric\Mes documents\mes logiciels\incredimail_install.exe:*:Enabled:IncrediMail Installer" "C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail" "C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail" "C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail" "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Azureus\Azureus.exe"="C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus" "C:\Program Files\adslTV\adsltv.exe"="C:\Program Files\adslTV\adsltv.exe:*:Enabled:adsltv" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{28b87136-0b1b-11dd-be88-0060b3ce4220}] shell\AutoRun\command - H:\start.exe shell\iledefrance\command - H:\start.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{95c24e78-7d98-11dc-be32-0013721228db}] shell\AutoRun\command - wd_windows_tools\setup.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e8101cce-ab10-11dc-be63-0008d3350bfe}] shell\AutoRun\command - K:\setupSNK.exe ======List of files/folders created in the last 1 months====== 2008-12-13 09:07:14 ----SHD---- C:\RECYCLER 2008-12-12 20:42:03 ----D---- C:\WINDOWS\temp 2008-12-12 20:42:02 ----A---- C:\ComboFix.txt 2008-12-12 20:34:21 ----A---- C:\Boot.bak 2008-12-12 20:34:19 ----RASHD---- C:\cmdcons 2008-12-12 20:30:22 ----A---- C:\WINDOWS\NIRCMD.exe 2008-12-12 20:30:19 ----D---- C:\WINDOWS\ERDNT 2008-12-12 20:30:19 ----D---- C:\Qoobox 2008-12-12 18:07:33 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$ 2008-12-12 18:07:03 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$ 2008-12-12 18:06:58 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$ 2008-12-12 18:06:50 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$ 2008-12-10 20:38:37 ----D---- C:\Documents and Settings\Eric\Application Data\Malwarebytes 2008-12-10 20:38:31 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-12-09 21:45:36 ----D---- C:\_OTMoveIt 2008-12-08 22:39:17 ----D---- C:\rsit 2008-12-08 22:39:17 ----D---- C:\Program Files\trend micro 2008-12-08 22:04:53 ----A---- C:\WINDOWS\ntbtlog.txt 2008-12-07 18:01:44 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$ 2008-12-07 18:01:23 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$ 2008-12-07 18:00:55 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$ 2008-12-07 18:00:45 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$ 2008-12-07 14:51:22 ----D---- C:\WINDOWS\SxsCaPendDel 2008-12-07 13:32:10 ----D---- C:\Program Files\Avira 2008-12-07 13:32:10 ----D---- C:\Documents and Settings\All Users\Application Data\Avira 2008-12-07 11:02:48 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2008-12-06 22:17:12 ----D---- C:\Documents and Settings\Eric\Application Data\Talkback 2008-12-06 22:16:16 ----D---- C:\Program Files\Mozilla Firefox 2008-12-06 21:22:46 ----D---- C:\Program Files\AxBx 2008-12-06 09:09:33 ----D---- C:\Documents and Settings\Eric\Application Data\Windows Search 2008-12-05 23:37:22 ----HDC---- C:\WINDOWS\$NtUninstallKB943729$ 2008-12-05 23:37:18 ----D---- C:\Program Files\Microsoft Silverlight 2008-12-05 23:36:45 ----D---- C:\Documents and Settings\Eric\Application Data\Windows Desktop Search 2008-12-05 23:36:10 ----HD---- C:\WINDOWS\system32\GroupPolicy 2008-12-05 23:36:10 ----D---- C:\Program Files\Windows Desktop Search 2008-12-05 23:35:57 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$ 2008-12-05 23:35:50 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$ 2008-12-05 23:35:13 ----N---- C:\WINDOWS\system32\spmsg.dll 2008-12-05 23:35:12 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$ 2008-12-05 23:34:41 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$ 2008-12-05 23:33:37 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$ 2008-12-05 23:33:01 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$ 2008-12-05 23:32:16 ----HDC---- C:\WINDOWS\$NtUninstallKB925766$ 2008-12-05 21:02:24 ----SHD---- C:\Config.Msi 2008-12-05 08:12:20 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$ 2008-12-05 08:12:11 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$ 2008-12-04 20:03:46 ----D---- C:\WINDOWS\system32\logs 2008-12-04 20:03:22 ----D---- C:\Program Files\BitDefender 2008-12-04 20:02:03 ----D---- C:\Program Files\Fichiers communs\BitDefender 2008-12-04 19:52:46 ----D---- C:\WINDOWS\BDOSCAN8 2008-12-04 13:41:58 ----A---- C:\WINDOWS\OEWABLog.txt 2008-12-04 13:41:40 ----D---- C:\WINDOWS\Prefetch 2008-12-04 13:11:27 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$ 2008-12-04 13:11:22 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$ 2008-12-04 13:11:17 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$ 2008-12-04 13:11:10 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$ 2008-12-04 13:11:04 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$ 2008-12-04 13:10:57 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$ 2008-12-04 13:10:52 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$ 2008-12-04 13:10:46 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$ 2008-12-04 13:10:40 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$ 2008-12-04 13:10:34 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$ 2008-12-04 13:10:28 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$ 2008-12-04 13:10:23 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$ 2008-12-04 13:10:17 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$ 2008-12-04 13:10:10 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$ 2008-12-04 13:10:05 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$ 2008-12-04 13:10:00 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$ 2008-12-04 13:09:53 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$ 2008-12-04 13:09:49 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$ 2008-12-04 13:08:19 ----A---- C:\WINDOWS\setuplog.txt 2008-12-04 13:07:48 ----D---- C:\WINDOWS\system32\fr 2008-12-04 13:07:48 ----D---- C:\WINDOWS\system32\bits 2008-12-04 13:07:48 ----D---- C:\WINDOWS\l2schemas 2008-12-04 13:06:44 ----D---- C:\WINDOWS\ServicePackFiles 2008-12-04 13:05:17 ----A---- C:\WINDOWS\imsins.BAK 2008-12-04 13:04:16 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$ 2008-11-24 21:35:58 ----A---- C:\WINDOWS\system32\ltclr13n.dll 2008-11-24 21:35:58 ----A---- C:\WINDOWS\system32\lftif13n.dll 2008-11-24 21:35:58 ----A---- C:\WINDOWS\system32\lffax13n.dll ======List of files/folders modified in the last 1 months====== 2008-12-19 18:34:53 ----A---- C:\WINDOWS\lvkosd.ini 2008-12-19 18:00:22 ----SHD---- C:\WINDOWS\Installer 2008-12-18 22:19:05 ----D---- C:\WINDOWS\system32\CatRoot2 2008-12-18 18:35:30 ----D---- C:\WINDOWS 2008-12-18 18:06:37 ----D---- C:\WINDOWS\Registration 2008-12-18 18:06:17 ----D---- C:\WINDOWS\system32 2008-12-18 18:05:45 ----A---- C:\WINDOWS\SchedLgU.Txt 2008-12-18 18:00:37 ----HD---- C:\WINDOWS\inf 2008-12-18 18:00:34 ----RSHDC---- C:\WINDOWS\system32\dllcache 2008-12-18 18:00:32 ----D---- C:\WINDOWS\ie7updates 2008-12-18 18:00:27 ----HD---- C:\WINDOWS\$hf_mig$ 2008-12-16 21:53:29 ----D---- C:\WINDOWS\system32\drivers 2008-12-14 14:13:28 ----SHD---- C:\System Volume Information 2008-12-14 14:13:28 ----D---- C:\WINDOWS\system32\Restore 2008-12-14 13:51:36 ----D---- C:\Program Files\Audacity 2008-12-14 13:45:01 ----SD---- C:\WINDOWS\Downloaded Program Files 2008-12-14 13:42:27 ----RD---- C:\Program Files 2008-12-13 18:55:01 ----D---- C:\WINDOWS\system32\oodag 2008-12-13 12:20:30 ----D---- C:\Documents and Settings\Eric\Application Data\Adobe 2008-12-13 07:37:56 ----A---- C:\WINDOWS\system32\mshtml.dll 2008-12-12 20:39:25 ----A---- C:\WINDOWS\system.ini 2008-12-12 20:38:18 ----D---- C:\WINDOWS\system32\config 2008-12-12 20:37:38 ----D---- C:\WINDOWS\AppPatch 2008-12-12 20:37:38 ----D---- C:\Program Files\Fichiers communs 2008-12-12 20:34:21 ----RASH---- C:\boot.ini 2008-12-12 18:13:34 ----D---- C:\Program Files\Internet Explorer 2008-12-07 18:00:51 ----D---- C:\WINDOWS\system32\CatRoot 2008-12-07 14:51:22 ----D---- C:\WINDOWS\WinSxS 2008-12-07 11:18:28 ----D---- C:\Program Files\Yahoo! 2008-12-06 22:26:52 ----D---- C:\Documents and Settings\Eric\Application Data\Mozilla 2008-12-06 19:30:01 ----D---- C:\WINDOWS\Minidump 2008-12-06 18:23:52 ----A---- C:\WINDOWS\NeroDigital.ini 2008-12-06 00:01:00 ----D---- C:\WINDOWS\ehome 2008-12-05 23:37:25 ----D---- C:\WINDOWS\system32\wbem 2008-12-05 23:37:06 ----RSD---- C:\WINDOWS\assembly 2008-12-05 23:36:24 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2008-12-05 23:36:19 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2008-12-05 23:36:13 ----D---- C:\WINDOWS\system32\fr-fr 2008-12-05 23:35:06 ----A---- C:\WINDOWS\win.ini 2008-12-05 23:34:50 ----D---- C:\Program Files\Windows Media Connect 2 2008-12-05 23:34:49 ----D---- C:\Program Files\Windows Media Player 2008-12-05 23:34:47 ----D---- C:\WINDOWS\Help 2008-12-05 23:33:05 ----D---- C:\WINDOWS\system32\LogFiles 2008-12-05 22:57:26 ----D---- C:\WINDOWS\network diagnostic 2008-12-04 13:44:06 ----D---- C:\WINDOWS\Debug 2008-12-04 13:20:30 ----RSD---- C:\WINDOWS\Fonts 2008-12-04 13:20:30 ----D---- C:\WINDOWS\system32\Setup 2008-12-04 13:19:49 ----D---- C:\WINDOWS\security 2008-12-04 13:09:54 ----D---- C:\Program Files\Messenger 2008-12-04 13:07:55 ----D---- C:\WINDOWS\system32\inetsrv 2008-12-04 13:07:54 ----D---- C:\WINDOWS\ime 2008-12-04 13:07:48 ----D---- C:\WINDOWS\system32\usmt 2008-12-04 13:07:48 ----D---- C:\WINDOWS\PeerNet 2008-12-04 13:07:48 ----D---- C:\Program Files\Movie Maker 2008-12-04 13:06:38 ----D---- C:\WINDOWS\system32\npp 2008-12-04 13:06:38 ----D---- C:\WINDOWS\msagent 2008-12-04 13:06:37 ----D---- C:\WINDOWS\srchasst 2008-12-04 13:06:37 ----D---- C:\Program Files\NetMeeting 2008-12-04 13:06:36 ----D---- C:\WINDOWS\system32\Com 2008-12-04 13:06:35 ----D---- C:\Program Files\Windows NT 2008-12-04 13:06:35 ----D---- C:\Program Files\Outlook Express 2008-12-04 13:06:33 ----D---- C:\Program Files\Fichiers communs\System 2008-12-04 13:06:25 ----D---- C:\WINDOWS\system32\oobe 2008-12-04 13:06:24 ----D---- C:\WINDOWS\system 2008-12-03 19:43:00 ----SD---- C:\WINDOWS\Tasks 2008-12-01 16:21:02 ----D---- C:\Documents and Settings\Eric\Application Data\OpenOffice.org2 2008-12-01 09:13:49 ----D---- C:\Documents and Settings\Eric\Application Data\Azureus ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2007-12-19 43488] R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-12-10 75072] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248] R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2007-10-27 20747] R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.1.9; C:\WINDOWS\system32\DRIVERS\mdc8021x.sys [2004-09-24 15781] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [] R3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\system32\drivers\ctac32k.sys [2006-08-17 502272] R3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2006-08-17 500480] R3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\system32\drivers\ctprxy2k.sys [2006-08-17 7168] R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\drivers\ctsfm2k.sys [2006-08-17 143872] R3 e1express;Intel® PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2005-03-31 180736] R3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\system32\drivers\emupia2k.sys [2006-08-17 78336] R3 ha20x2k;Creative 20X HAL Driver; C:\WINDOWS\system32\drivers\ha20x2k.sys [2006-08-17 1110528] R3 HidIr;Pilote HID infrarouge Microsoft; C:\WINDOWS\system32\DRIVERS\hidir.sys [2008-04-13 19200] R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-01-05 51056] R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-01-05 16496] R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-01-05 21488] R3 IrBus;Pilote de filtre de bus infrarouge pour les contrôles distants eHome; C:\WINDOWS\system32\DRIVERS\IrBus.sys [2008-04-13 46592] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-10 12288] R3 NBXG7031;NB 802.11g XG703 SP1 Driver; C:\WINDOWS\system32\DRIVERS\WlanUIG.sys [2004-09-24 381312] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2005-07-08 3198304] R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2006-08-17 116224] R3 P17;Sound Blaster Audigy; C:\WINDOWS\system32\drivers\P17.sys [2005-07-07 1389056] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] S3 61883;Pilote d'unité 61883; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128] S3 Avc;Périphérique AVC; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912] S3 catchme;catchme; \??\C:\pouetpouet\catchme.sys [] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 ctdvda2k;Creative DVD-Audio Device Driver; C:\WINDOWS\system32\drivers\ctdvda2k.sys [2006-08-17 340176] S3 hcwPP2;Hauppauge WinTV PVR PCI II ([23|25|26]xxx); C:\WINDOWS\system32\DRIVERS\hcwPP2.sys [2005-03-15 148608] S3 MHNDRV;Pilote MHN; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008] S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-13 51200] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 PCANDIS5;PCANDIS5 Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS [] S3 Profos;Profos; \??\C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\profos.sys [] S3 RT2500USB;Hercules Wireless USB Dongle Driver; C:\WINDOWS\system32\DRIVERS\rt73.sys [2006-01-12 252928] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 Trufos;Trufos; \??\C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\trufos.sys [] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865] R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297] R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-12 44032] R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568] R2 ehSched;Service de planification Media Center; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 103424] R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2005-07-08 127043] R2 O&O Defrag;O&O Defrag; C:\WINDOWS\system32\oodag.exe [2005-11-02 265216] R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808] R3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-01-05 65795] R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144] S3 GoToAssist;GoToAssist; C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe [2007-10-17 16936] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-10-27 138168] S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-03-22 779824] S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2007-03-22 271920] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] -----------------EOF-----------------

bonsoir ,désolé mais malware est installé mais ne se lance pas. Essayé bien sur plusieurs fois. amicalement

bonjour ,rien de spécial sinon naviguer sur des sites gentils, montres,ebay.... pour le scan kaspersky impossible de le faire ,les maj ne se font pas jusqu'au bout ,message d'erreur, mème après 6 installations ,désinstallations.. amicalement

bonjour content de te retrouver.. le log ot et le lien capture écran http://www.zshare.net/download/52696039badf8899

ptin ça recommence depuis 1 hoo environ, la totale ,redirections google ect de plus je te joins un shot d'une page qui m'est apparu plusieurs fois avant et a nouveau ce soir (je ne sais pas comment te joindre ce fichier en fait) amicalement

bonsoir, ci après rapport combo amicalement ComboFix 08-12-11.05 - Eric 2008-12-12 20:35:36.1 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.1497 [GMT 1:00] Lancé depuis: c:\documents and settings\Eric\Bureau\pouetpouet.exe * Un nouveau point de restauration a été créé . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\drivers\tdssserv.sys . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_TDSSSERV.SYS -------\Service_TDSSserv.sys ((((((((((((((((((((((((((((( Fichiers créés du 2008-11-12 au 2008-12-12 )))))))))))))))))))))))))))))))))))) . 2008-12-10 20:38 . 2008-12-10 20:38 <REP> d-------- c:\documents and settings\Eric\Application Data\Malwarebytes 2008-12-10 20:38 . 2008-12-10 20:38 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes 2008-12-10 20:38 . 2008-12-03 19:52 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2008-12-10 20:38 . 2008-12-03 19:52 15,504 --a------ c:\windows\system32\drivers\mbam.sys 2008-12-09 21:45 . 2008-12-09 21:45 <REP> d-------- C:\_OTMoveIt 2008-12-08 22:39 . 2008-12-08 22:47 <REP> d-------- C:\rsit 2008-12-08 22:39 . 2008-12-08 22:39 <REP> d-------- c:\program files\trend micro 2008-12-07 14:51 . 2008-12-07 14:57 <REP> d-------- c:\windows\SxsCaPendDel 2008-12-07 13:32 . 2008-12-07 13:32 <REP> d-------- c:\program files\Avira 2008-12-07 13:32 . 2008-12-07 13:32 <REP> d-------- c:\documents and settings\All Users\Application Data\Avira 2008-12-07 11:02 . 2008-12-10 20:38 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware 2008-12-06 22:17 . 2008-12-06 22:17 <REP> d-------- c:\documents and settings\Eric\Application Data\Talkback 2008-12-06 22:16 . 2008-12-06 22:16 0 --a------ c:\windows\nsreg.dat 2008-12-06 21:22 . 2008-12-07 18:51 <REP> d-------- c:\program files\AxBx 2008-12-06 09:09 . 2008-12-06 09:09 <REP> d-------- c:\documents and settings\Eric\Application Data\Windows Search 2008-12-05 23:37 . 2008-12-05 23:37 <REP> d-------- c:\program files\Microsoft Silverlight 2008-12-05 23:36 . 2008-12-06 19:34 <REP> d--h----- c:\windows\system32\GroupPolicy 2008-12-05 23:36 . 2008-12-05 23:36 <REP> d-------- c:\program files\Windows Desktop Search 2008-12-05 23:36 . 2008-12-05 23:36 <REP> d-------- c:\documents and settings\Eric\Application Data\Windows Desktop Search 2008-12-05 23:35 . 2008-03-07 18:02 192,000 -----c--- c:\windows\system32\dllcache\offfilt.dll 2008-12-05 23:35 . 2008-03-07 18:02 98,304 -----c--- c:\windows\system32\dllcache\nlhtml.dll 2008-12-05 23:35 . 2008-03-07 18:02 29,696 -----c--- c:\windows\system32\dllcache\mimefilt.dll 2008-12-05 23:33 . 2008-12-05 23:33 <REP> d-------- c:\windows\system32\drivers\UMDF 2008-12-04 20:07 . 2008-12-04 20:07 850 --a------ c:\windows\system32\ProductTweaks.xml 2008-12-04 20:07 . 2008-12-04 20:07 385 --a------ c:\windows\system32\user_gensett.xml 2008-12-04 20:03 . 2008-12-04 20:03 <REP> d-------- c:\windows\system32\logs 2008-12-04 20:03 . 2008-12-07 14:50 <REP> d-------- c:\program files\BitDefender 2008-12-04 20:02 . 2008-12-07 14:50 <REP> d-------- c:\program files\Fichiers communs\BitDefender 2008-12-04 19:52 . 2008-12-04 19:53 <REP> d-------- c:\windows\BDOSCAN8 2008-12-04 13:07 . 2008-12-04 13:07 <REP> d-------- c:\windows\system32\fr 2008-12-04 13:07 . 2008-12-04 13:07 <REP> d-------- c:\windows\system32\bits 2008-12-04 13:07 . 2008-12-04 13:07 <REP> d-------- c:\windows\l2schemas 2008-12-04 13:06 . 2008-12-04 13:06 <REP> d-------- c:\windows\ServicePackFiles 2008-12-04 13:05 . 2008-12-12 18:07 1,393 --a------ c:\windows\imsins.BAK 2008-11-24 21:35 . 2003-12-12 16:06 1,693,696 --a------ c:\windows\system32\ltclr13n.dll 2008-11-24 21:35 . 2003-11-04 15:11 155,648 --a------ c:\windows\system32\lftif13n.dll 2008-11-24 21:35 . 2003-11-04 15:10 98,304 --a------ c:\windows\system32\lffax13n.dll 2008-11-16 14:16 . 2008-11-16 20:24 <REP> d-------- c:\program files\Free Video Converter 2008-11-12 01:07 . 2008-10-24 12:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-12-07 10:18 --------- d-----w c:\program files\Yahoo! 2008-12-05 22:34 --------- d-----w c:\program files\Windows Media Connect 2 2008-12-01 15:21 --------- d-----w c:\documents and settings\Eric\Application Data\OpenOffice.org2 2008-12-01 08:13 --------- d-----w c:\documents and settings\Eric\Application Data\Azureus 2008-11-16 19:39 --------- d-----w c:\program files\iWizz 2008-11-11 18:17 --------- d-----w c:\program files\CapAlpha 2008-11-10 14:42 --------- d-----w c:\program files\adslTV 2008-11-06 20:10 --------- d-----w c:\documents and settings\All Users\Application Data\DVD Shrink 2008-11-06 20:08 --------- d-----w c:\program files\DVD Shrink 2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys 2008-10-21 17:28 --------- d-----w c:\documents and settings\Eric\Application Data\vlc 2008-10-15 11:37 --------- d-----w c:\program files\Hasbro Interactive 2008-10-15 11:37 --------- d-----w c:\program files\directx . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2007-11-19 214456] "CTRegRun"="c:\windows\CTRegRun.EXE" [2006-10-06 53248] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184] "SetDefaultMIDI"="MIDIDef.exe" [2006-08-17 c:\windows\MIDIDEF.EXE] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_04\bin\jusched.exe" [2007-12-14 144784] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 39792] "CTSysVol"="c:\program files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [2005-10-31 57344] "UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112] "OSD"="c:\windows\osd.exe" [2007-01-21 86016] "VisualTooltip"="c:\windows\Resources\Themes\VistaXP\vt\VisualToolTip.exe" [2007-04-25 956928] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-07-08 7110656] "NeroFilterCheck"="c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2007-03-15 153136] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd.exe" [2003-08-04 49152] "HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2003-12-22 241664] "avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497] "CTHelper"="CTHELPER.EXE" [2006-11-28 c:\windows\system32\CtHelper.exe] "CTxfiHlp"="CTXFIHLP.EXE" [2006-11-28 c:\windows\system32\Ctxfihlp.exe] "P17Helper"="P17.dll" [2005-05-03 c:\windows\system32\P17.dll] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\Eric\Menu D‚marrer\Programmes\D‚marrage\ Outil de notification Live Search.lnk - c:\documents and settings\Eric\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe [2008-09-23 143360] c:\documents and settings\Eric\Menu D‚marrer\Programmes\D‚marrage\ Outil de notification Live Search.lnk - c:\documents and settings\Eric\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe [2008-09-23 143360] c:\documents and settings\Eric\Menu D‚marrer\Programmes\D‚marrage\ Outil de notification Live Search.lnk - c:\documents and settings\Eric\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe [2008-09-23 143360] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2003-09-16 237568] WiFi Station.lnk - c:\program files\Hercules\WiFi Station\WifiStation.exe [2007-10-27 650240] Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-05-26 123904] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist] 2007-10-17 13:29 10792 c:\program files\Citrix\GoToAssist\480\g2awinlogon.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\WINDOWS\\system32\\java.exe"= "c:\\Documents and Settings\\Eric\\Mes documents\\mes logiciels\\incredimail_install.exe"= "c:\\Program Files\\IncrediMail\\bin\\ImApp.exe"= "c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"= "c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"= "c:\\WINDOWS\\system32\\dpvsetup.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Azureus\\Azureus.exe"= "c:\\Program Files\\adslTV\\adsltv.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= S3 NBXG7031;NB 802.11g XG703 SP1 Driver;c:\windows\system32\DRIVERS\WlanUIG.sys [2007-10-27 381312] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{28b87136-0b1b-11dd-be88-0060b3ce4220}] \Shell\AutoRun\command - H:\start.exe \Shell\iledefrance\command - H:\start.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{95c24e78-7d98-11dc-be32-0013721228db}] \Shell\AutoRun\command - wd_windows_tools\setup.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e8101cce-ab10-11dc-be63-0008d3350bfe}] \Shell\AutoRun\command - K:\setupSNK.exe . - - - - ORPHELINS SUPPRIMES - - - - HKLM-Run-DXDllRegExe - dxdllreg.exe . ------- Examen supplémentaire ------- . uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uStart Page = hxxp://www.neuf.fr/ mWindow Title = uInternet Settings,ProxyOverride = localhost Trusted Zone: *.sony-europe.com Trusted Zone: *.sonystyle-europe.com Trusted Zone: *.vaio-link.com c:\windows\Downloaded Program Files\oscan81.ocx_x - c:\windows\bdoscandellang.ini c:\windows\bdoscandel.exe c:\windows\Downloaded Program Files\live.ini c:\windows\Downloaded Program Files\scanoptions.tsi c:\windows\Downloaded Program Files\lang.ini c:\windows\Downloaded Program Files\ipsupd.dll c:\windows\Downloaded Program Files\bdupd.dll c:\windows\Downloaded Program Files\libfn.dll c:\windows\Downloaded Program Files\bdcore.dll c:\windows\Downloaded Program Files\oscan8.ocx O16 -: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} hxxp://www.zebulon.fr/scan8/oscan8.cab c:\windows\Downloaded Program Files\oscan8.inf FF - ProfilePath - c:\documents and settings\Eric\Application Data\Mozilla\Firefox\Profiles\ner8aoov.default\ FF - plugin: c:\program files\Microsoft Silverlight\2.0.31005.0\npctrl.dll . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-12-12 20:39:17 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(712) c:\program files\Citrix\GoToAssist\480\G2AWinLogon.dll . ------------------------ Autres processus actifs ------------------------ . c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe c:\windows\system32\CTSVCCDA.EXE c:\windows\ehome\ehrecvr.exe c:\windows\ehome\ehSched.exe c:\windows\system32\nvsvc32.exe c:\windows\system32\oodag.exe c:\windows\system32\searchindexer.exe c:\windows\ehome\mcrdsvc.exe c:\windows\system32\dllhost.exe c:\windows\system32\CTxfispi.exe c:\windows\system32\rundll32.exe c:\windows\ehome\ehmsas.exe c:\documents and settings\Eric\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe c:\program files\IncrediMail\bin\ImApp.exe . ************************************************************************** . Heure de fin: 2008-12-12 20:42:01 - La machine a redémarré ComboFix-quarantined-files.txt 2008-12-12 19:41:58 Avant-CF: 410 919 530 496 octets libres Après-CF: 411,191,132,160 octets libres WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect 211 --- E O F --- 2008-12-12 17:07:55

bonsoir ami du soir ,mais avnt tout et avant d'attendre la fin et me faire engueuler ,tu dois savoir qu'avant de passer entre tes mains expertes ,et de connaitre zebulon, j'avais sauvegarder sur un dd externe que j'ai mis de coté depuis et qui n'est pas branché depuis qq fichiers et dossiers auquels je tenais, je pensais formater... je sais j'aurais du te le dire au début peut etre. aussi j'éspère que la fin du process me permettra de t'envoyer une petite boite de foie gras avnt les fètes.. amicalement ciaprès le lien http://www.zshare.net/download/52597216909e2b5f/

bonsoir ,pas de probleme suite a un plantage ou formatage,mème si les 3 Licences (enfin la licence sur les trois postes) ont déjà été mangées,..

Bonsoir , voilà le rapport.. amicalement Malwarebytes' Anti-Malware 1.31 Version de la base de données: 1483 Windows 5.1.2600 Service Pack 3 10/12/2008 21:27:46 mbam-log-2008-12-10 (21-27-46).txt Type de recherche: Examen complet (C:\|D:\|E:\|F:\|G:\|I:\|J:\|) Eléments examinés: 224050 Temps écoulé: 37 minute(s), 49 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 2 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 7 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\tdss (Trojan.Agent) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\System Volume Information\_restore{984FA12E-7517-40F1-8BA7-3355EB6254A5}\RP365\A0054720.dll (Trojan.TDSS) -> Quarantined and deleted successfully. C:\WINDOWS\system32\drivers\TDSSmxfe.sys (Trojan.TDSS) -> Quarantined and deleted successfully. C:\_OTMoveIt\MovedFiles\12092008_214536\WINDOWS\system32\TDSSkrrx.dll (Trojan.TDSS) -> Quarantined and deleted successfully. C:\_OTMoveIt\MovedFiles\12092008_214536\WINDOWS\system32\TDSSottu.dll (Trojan.TDSS) -> Quarantined and deleted successfully. C:\WINDOWS\system32\drivers\TDSSserv.sys (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Eric\Local Settings\Temp\TDSS5c0f.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Eric\Local Settings\Temp\TDSS5c1e.tmp (Trojan.Agent) -> Quarantined and deleted successfully.

bon je te poste ce log ,peut etre aurais je du desactiver antivir avant de lancer move it ========== PROCESSES ========== Process explorer.exe killed successfully. ========== FILES ========== C:\TB.txt moved successfully. C:\ToolBar SD\Backup-TB\Reg moved successfully. C:\ToolBar SD\Backup-TB\Program Files\AskSBar moved successfully. C:\ToolBar SD\Backup-TB\Program Files moved successfully. C:\ToolBar SD\Backup-TB moved successfully. C:\ToolBar SD moved successfully. C:\WINDOWS\system32\TDSSakao.log moved successfully. LoadLibrary failed for C:\WINDOWS\system32\TDSSkrrx.dll C:\WINDOWS\system32\TDSSkrrx.dll NOT unregistered. C:\WINDOWS\system32\TDSSkrrx.dll moved successfully. LoadLibrary failed for C:\WINDOWS\system32\TDSSottu.dll C:\WINDOWS\system32\TDSSottu.dll NOT unregistered. C:\WINDOWS\system32\TDSSottu.dll moved successfully. LoadLibrary failed for C:\WINDOWS\system32\TDSSubgj.dll C:\WINDOWS\system32\TDSSubgj.dll NOT unregistered. C:\WINDOWS\system32\TDSSubgj.dll moved successfully. C:\WINDOWS\system32\TDSSwppe.dat moved successfully. LoadLibrary failed for C:\WINDOWS\system32\TDSSyoqu.dll C:\WINDOWS\system32\TDSSyoqu.dll NOT unregistered. File move failed. C:\WINDOWS\system32\TDSSyoqu.dll scheduled to be moved on reboot. ========== REGISTRY ========== Unable to delete registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TDSSSERV.SYS\\ . Unable to delete registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_TDSSSERV.SYS\\ . Unable to delete registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TDSSSERV.SYS\\ . Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDSSserv.sys\\ not found. Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TDSSserv.sys\\ not found. Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\TDSSserv.sys\\ not found. Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TDSSserv.sys\\ not found. ========== COMMANDS ========== File delete failed. C:\DOCUME~1\Eric\LOCALS~1\Temp\etilqs_VV7tmhP5Qh7Dz8CNy66t scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\Eric\LOCALS~1\Temp\~DF6A47.tmp scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\Eric\LOCALS~1\Temp\~DF6A63.tmp scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\Eric\LOCALS~1\Temp\~DFBDF7.tmp scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\Eric\LOCALS~1\Temp\~DFBE09.tmp scheduled to be deleted on reboot. User's Temp folder emptied. User's Temporary Internet Files folder emptied. User's Internet Explorer cache folder emptied. Local Service Temp folder emptied. File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. Local Service Temporary Internet Files folder emptied. Windows Temp folder emptied. Java cache emptied. File delete failed. C:\Documents and Settings\Eric\Local Settings\Application Data\Mozilla\Firefox\Profiles\ner8aoov.default\Cache\_CACHE_001_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Eric\Local Settings\Application Data\Mozilla\Firefox\Profiles\ner8aoov.default\Cache\_CACHE_002_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Eric\Local Settings\Application Data\Mozilla\Firefox\Profiles\ner8aoov.default\Cache\_CACHE_003_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Eric\Local Settings\Application Data\Mozilla\Firefox\Profiles\ner8aoov.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Eric\Local Settings\Application Data\Mozilla\Firefox\Profiles\ner8aoov.default\urlclassifier3.sqlite scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Eric\Local Settings\Application Data\Mozilla\Firefox\Profiles\ner8aoov.default\XUL.mfl scheduled to be deleted on reboot. FireFox cache emptied. Temp folders emptied. OTMoveIt3 by OldTimer - Version 1.0.7.2 log created on 12092008_214536 Files moved on Reboot... File C:\WINDOWS\system32\TDSSyoqu.dll not found! File C:\DOCUME~1\Eric\LOCALS~1\Temp\etilqs_VV7tmhP5Qh7Dz8CNy66t not found! File C:\DOCUME~1\Eric\LOCALS~1\Temp\~DF6A47.tmp not found! File C:\DOCUME~1\Eric\LOCALS~1\Temp\~DF6A63.tmp not found! File C:\DOCUME~1\Eric\LOCALS~1\Temp\~DFBDF7.tmp not found! File C:\DOCUME~1\Eric\LOCALS~1\Temp\~DFBE09.tmp not found! File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot. C:\Documents and Settings\Eric\Local Settings\Application Data\Mozilla\Firefox\Profiles\ner8aoov.default\Cache\_CACHE_001_ moved successfully. C:\Documents and Settings\Eric\Local Settings\Application Data\Mozilla\Firefox\Profiles\ner8aoov.default\Cache\_CACHE_002_ moved successfully. C:\Documents and Settings\Eric\Local Settings\Application Data\Mozilla\Firefox\Profiles\ner8aoov.default\Cache\_CACHE_003_ moved successfully. C:\Documents and Settings\Eric\Local Settings\Application Data\Mozilla\Firefox\Profiles\ner8aoov.default\Cache\_CACHE_MAP_ moved successfully. C:\Documents and Settings\Eric\Local Settings\Application Data\Mozilla\Firefox\Profiles\ner8aoov.default\urlclassifier3.sqlite moved successfully. C:\Documents and Settings\Eric\Local Settings\Application Data\Mozilla\Firefox\Profiles\ner8aoov.default\XUL.mfl moved successfully.

salut , s'est passé la chose suivante quand j'ai lancé move it ,peu après antivir s'est lancé ,m'a trouvé un virus pss ou dans le genre puis un autre ,j'ai une fois supprimer ,ensuite tout s'est figé ,j'ai dedémarré et me voilà.... a part ca ca va toi?

donc pour demain: 1 Logfile of random's system information tool 1.04 (written by random/random) Run by Eric at 2008-12-08 22:39:17 Microsoft Windows XP Professionnel Service Pack 3 System drive C: has 392 GB (83%) free of 472 GB Total RAM: 2046 MB (74% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:39:29, on 08/12/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\oodag.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe C:\WINDOWS\system32\CTHELPER.EXE C:\WINDOWS\system32\CTXFIHLP.EXE C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\SYSTEM32\CTXFISPI.EXE C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe C:\WINDOWS\osd.exe C:\WINDOWS\Resources\Themes\VistaXP\vt\VisualToolTip.exe C:\Program Files\HP\HP Software Update\HPWuSchd.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Hercules\WiFi Station\WifiStation.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Documents and Settings\Eric\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe C:\PROGRA~1\INCRED~1\bin\IMApp.exe C:\Documents and Settings\Eric\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Java\jre1.6.0_04\bin\jucheck.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\Documents and Settings\Eric\Bureau\RSIT.exe C:\Program Files\trend micro\Eric.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.neuf.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neuf.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [OSD] C:\WINDOWS\osd.exe O4 - HKLM\..\Run: [VisualTooltip] C:\WINDOWS\Resources\Themes\VistaXP\vt\VisualToolTip.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [CTRegRun] C:\WINDOWS\CTRegRun.EXE O4 - HKCU\..\Run: [setDefaultMIDI] MIDIDef.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - S-1-5-18 Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\Eric\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe (User 'SYSTEM') O4 - .DEFAULT Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\Eric\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe (User 'Default user') O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\Eric\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: WiFi Station.lnk = ? O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Documents and Settings\Eric\Mes documents\mes logiciels\Titan Poker\casino.exe O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Documents and Settings\Eric\Mes documents\mes logiciels\Titan Poker\casino.exe O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: *.sony-europe.com O15 - Trusted Zone: *.sonystyle-europe.com O15 - Trusted Zone: *.vaio-link.com O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15031/CTSUEng.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su2/CTL_V02002/ocx/15033/CTPID.cab O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 9586 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2004-05-12 744960] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll [2007-12-14 509328] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2007-10-27 2436160] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-11-29 737776] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512] "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe [2007-12-14 144784] "CTHelper"=C:\WINDOWS\system32\CTHELPER.EXE [2006-11-28 19456] "CTxfiHlp"=C:\WINDOWS\system32\CTXFIHLP.EXE [2006-11-28 20480] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-10-10 39792] "DXDllRegExe"=dxdllreg.exe [] "P17Helper"=Rundll32 P17.dll [] "CTSysVol"=C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe [2005-10-31 57344] "UpdReg"=C:\WINDOWS\UpdReg.EXE [2000-05-11 90112] "OSD"=C:\WINDOWS\osd.exe [2007-01-21 86016] "VisualTooltip"=C:\WINDOWS\Resources\Themes\VistaXP\vt\VisualToolTip.exe [2007-04-25 956928] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2005-07-08 7110656] "NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2007-03-15 153136] "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd.exe [2003-08-04 49152] "HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2003-12-22 241664] "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "IncrediMail"=C:\Program Files\IncrediMail\bin\IncMail.exe [2007-11-19 214456] "CTRegRun"=C:\WINDOWS\CTRegRun.EXE [2006-10-06 53248] "SetDefaultMIDI"=C:\WINDOWS\MIDIDef.exe [2006-08-17 25600] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5724184] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe WiFi Station.lnk - C:\Program Files\Hercules\WiFi Station\WifiStation.exe Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Documents and Settings\Eric\Menu Démarrer\Programmes\Démarrage Outil de notification Live Search.lnk - C:\Documents and Settings\Eric\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\GoToAssist] C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll [2007-10-17 10792] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2008-05-26 304128] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\Dofus-Arena beta 2\DofusArena.exe"="C:\Program Files\Dofus-Arena beta 2\DofusArena.exe:*:Enabled:Dofus Arena Client" "C:\WINDOWS\system32\java.exe"="C:\WINDOWS\system32\java.exe:*:Enabled:Java Platform SE binary" "C:\Documents and Settings\Eric\Mes documents\mes logiciels\incredimail_install.exe"="C:\Documents and Settings\Eric\Mes documents\mes logiciels\incredimail_install.exe:*:Enabled:IncrediMail Installer" "C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail" "C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail" "C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail" "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test" "C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer" "C:\Program Files\Azureus\Azureus.exe"="C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus" "C:\Program Files\adslTV\adsltv.exe"="C:\Program Files\adslTV\adsltv.exe:*:Enabled:adsltv" "C:\Documents and Settings\Eric\Local Settings\Temp\ImInstaller\incredimail_installer.exe"="C:\Documents and Settings\Eric\Local Settings\Temp\ImInstaller\incredimail_installer.exe:*:Enabled:IncrediMail Installer" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{28b87136-0b1b-11dd-be88-0060b3ce4220}] shell\AutoRun\command - H:\start.exe shell\iledefrance\command - H:\start.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{95c24e78-7d98-11dc-be32-0013721228db}] shell\AutoRun\command - wd_windows_tools\setup.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e8101cce-ab10-11dc-be63-0008d3350bfe}] shell\AutoRun\command - K:\setupSNK.exe ======List of files/folders created in the last 1 months====== 2008-12-08 22:39:17 ----D---- C:\rsit 2008-12-08 22:39:17 ----D---- C:\Program Files\trend micro 2008-12-08 22:04:53 ----A---- C:\WINDOWS\ntbtlog.txt 2008-12-08 18:38:16 ----A---- C:\TB.txt 2008-12-08 18:37:31 ----D---- C:\ToolBar SD 2008-12-07 18:01:44 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$ 2008-12-07 18:01:23 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$ 2008-12-07 18:00:55 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$ 2008-12-07 18:00:45 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$ 2008-12-07 14:51:22 ----D---- C:\WINDOWS\SxsCaPendDel 2008-12-07 13:32:10 ----D---- C:\Program Files\Avira 2008-12-07 13:32:10 ----D---- C:\Documents and Settings\All Users\Application Data\Avira 2008-12-07 11:02:48 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2008-12-06 22:17:12 ----D---- C:\Documents and Settings\Eric\Application Data\Talkback 2008-12-06 22:16:16 ----D---- C:\Program Files\Mozilla Firefox 2008-12-06 21:22:46 ----D---- C:\Program Files\AxBx 2008-12-06 09:09:33 ----D---- C:\Documents and Settings\Eric\Application Data\Windows Search 2008-12-05 23:37:22 ----HDC---- C:\WINDOWS\$NtUninstallKB943729$ 2008-12-05 23:37:18 ----D---- C:\Program Files\Microsoft Silverlight 2008-12-05 23:36:45 ----D---- C:\Documents and Settings\Eric\Application Data\Windows Desktop Search 2008-12-05 23:36:10 ----HD---- C:\WINDOWS\system32\GroupPolicy 2008-12-05 23:36:10 ----D---- C:\Program Files\Windows Desktop Search 2008-12-05 23:35:57 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$ 2008-12-05 23:35:50 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$ 2008-12-05 23:35:13 ----N---- C:\WINDOWS\system32\spmsg.dll 2008-12-05 23:35:12 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$ 2008-12-05 23:34:41 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$ 2008-12-05 23:33:37 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$ 2008-12-05 23:33:01 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$ 2008-12-05 23:32:16 ----HDC---- C:\WINDOWS\$NtUninstallKB925766$ 2008-12-05 21:02:24 ----SHD---- C:\Config.Msi 2008-12-05 08:12:20 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$ 2008-12-05 08:12:11 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$ 2008-12-04 20:03:46 ----D---- C:\WINDOWS\system32\logs 2008-12-04 20:03:22 ----D---- C:\Program Files\BitDefender 2008-12-04 20:02:03 ----D---- C:\Program Files\Fichiers communs\BitDefender 2008-12-04 19:52:46 ----D---- C:\WINDOWS\BDOSCAN8 2008-12-04 13:41:58 ----A---- C:\WINDOWS\OEWABLog.txt 2008-12-04 13:41:40 ----D---- C:\WINDOWS\Prefetch 2008-12-04 13:11:27 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$ 2008-12-04 13:11:22 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$ 2008-12-04 13:11:17 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$ 2008-12-04 13:11:10 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$ 2008-12-04 13:11:04 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$ 2008-12-04 13:10:57 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$ 2008-12-04 13:10:52 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$ 2008-12-04 13:10:46 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$ 2008-12-04 13:10:40 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$ 2008-12-04 13:10:34 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$ 2008-12-04 13:10:28 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$ 2008-12-04 13:10:23 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$ 2008-12-04 13:10:17 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$ 2008-12-04 13:10:10 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$ 2008-12-04 13:10:05 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$ 2008-12-04 13:10:00 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$ 2008-12-04 13:09:53 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$ 2008-12-04 13:09:49 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$ 2008-12-04 13:08:19 ----A---- C:\WINDOWS\setuplog.txt 2008-12-04 13:07:48 ----D---- C:\WINDOWS\system32\fr 2008-12-04 13:07:48 ----D---- C:\WINDOWS\system32\bits 2008-12-04 13:07:48 ----D---- C:\WINDOWS\l2schemas 2008-12-04 13:06:44 ----D---- C:\WINDOWS\ServicePackFiles 2008-12-04 13:05:17 ----A---- C:\WINDOWS\imsins.BAK 2008-12-04 13:04:16 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$ 2008-12-01 09:00:32 ----A---- C:\WINDOWS\system32\TDSSubgj.dll 2008-12-01 09:00:26 ----A---- C:\WINDOWS\system32\TDSSyoqu.dll 2008-12-01 09:00:25 ----A---- C:\WINDOWS\system32\TDSSkrrx.dll 2008-12-01 09:00:21 ----A---- C:\WINDOWS\system32\TDSSottu.dll 2008-11-24 21:35:58 ----A---- C:\WINDOWS\system32\ltclr13n.dll 2008-11-24 21:35:58 ----A---- C:\WINDOWS\system32\lftif13n.dll 2008-11-24 21:35:58 ----A---- C:\WINDOWS\system32\lffax13n.dll 2008-11-16 14:16:10 ----D---- C:\Program Files\Free Video Converter 2008-11-12 18:01:31 ----HDC---- C:\WINDOWS\$NtUninstallKB957097_0$ 2008-11-12 18:01:02 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$ 2008-11-11 19:17:28 ----D---- C:\Program Files\CapAlpha ======List of files/folders modified in the last 1 months====== 2008-12-08 22:39:17 ----RD---- C:\Program Files 2008-12-08 22:11:49 ----D---- C:\WINDOWS\Temp 2008-12-08 22:11:49 ----A---- C:\WINDOWS\lvkosd.ini 2008-12-08 22:11:41 ----D---- C:\WINDOWS\Registration 2008-12-08 22:11:31 ----D---- C:\WINDOWS 2008-12-08 22:04:06 ----A---- C:\WINDOWS\SchedLgU.Txt 2008-12-08 21:48:39 ----D---- C:\WINDOWS\system32 2008-12-08 21:47:43 ----D---- C:\WINDOWS\system32\CatRoot2 2008-12-08 19:24:06 ----SHD---- C:\WINDOWS\Installer 2008-12-07 18:01:48 ----HD---- C:\WINDOWS\inf 2008-12-07 18:01:46 ----RSHDC---- C:\WINDOWS\system32\dllcache 2008-12-07 18:00:51 ----D---- C:\WINDOWS\system32\CatRoot 2008-12-07 14:55:12 ----D---- C:\WINDOWS\system32\drivers 2008-12-07 14:51:22 ----D---- C:\WINDOWS\WinSxS 2008-12-07 12:14:01 ----D---- C:\WINDOWS\system32\oodag 2008-12-07 11:18:28 ----D---- C:\Program Files\Yahoo! 2008-12-06 22:26:52 ----D---- C:\Documents and Settings\Eric\Application Data\Mozilla 2008-12-06 19:30:01 ----D---- C:\WINDOWS\Minidump 2008-12-06 18:23:52 ----A---- C:\WINDOWS\NeroDigital.ini 2008-12-06 00:01:00 ----D---- C:\WINDOWS\ehome 2008-12-05 23:37:25 ----D---- C:\WINDOWS\system32\wbem 2008-12-05 23:37:06 ----RSD---- C:\WINDOWS\assembly 2008-12-05 23:36:24 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2008-12-05 23:36:19 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2008-12-05 23:36:13 ----D---- C:\WINDOWS\system32\fr-fr 2008-12-05 23:35:06 ----A---- C:\WINDOWS\win.ini 2008-12-05 23:34:50 ----D---- C:\Program Files\Windows Media Connect 2 2008-12-05 23:34:49 ----D---- C:\Program Files\Windows Media Player 2008-12-05 23:34:47 ----D---- C:\WINDOWS\Help 2008-12-05 23:33:05 ----D---- C:\WINDOWS\system32\LogFiles 2008-12-05 22:57:26 ----D---- C:\WINDOWS\network diagnostic 2008-12-05 05:00:53 ----HD---- C:\WINDOWS\$hf_mig$ 2008-12-04 20:02:03 ----D---- C:\Program Files\Fichiers communs 2008-12-04 19:52:48 ----SD---- C:\WINDOWS\Downloaded Program Files 2008-12-04 13:44:06 ----D---- C:\WINDOWS\Debug 2008-12-04 13:20:30 ----RSD---- C:\WINDOWS\Fonts 2008-12-04 13:20:30 ----D---- C:\WINDOWS\system32\Setup 2008-12-04 13:20:30 ----D---- C:\WINDOWS\AppPatch 2008-12-04 13:19:49 ----D---- C:\WINDOWS\security 2008-12-04 13:09:54 ----D---- C:\Program Files\Messenger 2008-12-04 13:07:55 ----D---- C:\WINDOWS\system32\inetsrv 2008-12-04 13:07:54 ----D---- C:\WINDOWS\ime 2008-12-04 13:07:48 ----D---- C:\WINDOWS\system32\usmt 2008-12-04 13:07:48 ----D---- C:\WINDOWS\PeerNet 2008-12-04 13:07:48 ----D---- C:\Program Files\Movie Maker 2008-12-04 13:06:39 ----D---- C:\WINDOWS\system32\Restore 2008-12-04 13:06:38 ----D---- C:\WINDOWS\system32\npp 2008-12-04 13:06:38 ----D---- C:\WINDOWS\msagent 2008-12-04 13:06:37 ----D---- C:\WINDOWS\srchasst 2008-12-04 13:06:37 ----D---- C:\Program Files\NetMeeting 2008-12-04 13:06:36 ----D---- C:\WINDOWS\system32\Com 2008-12-04 13:06:35 ----D---- C:\Program Files\Windows NT 2008-12-04 13:06:35 ----D---- C:\Program Files\Outlook Express 2008-12-04 13:06:33 ----D---- C:\Program Files\Fichiers communs\System 2008-12-04 13:06:25 ----D---- C:\WINDOWS\system32\oobe 2008-12-04 13:06:24 ----D---- C:\WINDOWS\system 2008-12-03 19:43:00 ----SD---- C:\WINDOWS\Tasks 2008-12-01 16:21:02 ----D---- C:\Documents and Settings\Eric\Application Data\OpenOffice.org2 2008-12-01 09:13:49 ----D---- C:\Documents and Settings\Eric\Application Data\Azureus 2008-11-30 16:03:04 ----A---- C:\WINDOWS\avisplitter.INI 2008-11-16 20:39:48 ----D---- C:\Program Files\iWizz 2008-11-15 22:39:18 ----A---- C:\WINDOWS\PhotoSnapViewer.INI 2008-11-11 17:18:16 ----D---- C:\WINDOWS\Downloaded Installations 2008-11-10 15:42:19 ----D---- C:\Program Files\adslTV ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2007-12-19 43488] R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-10-30 75072] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248] R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2007-10-27 20747] R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.1.9; C:\WINDOWS\system32\DRIVERS\mdc8021x.sys [2004-09-24 15781] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [] R3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\system32\drivers\ctac32k.sys [2006-08-17 502272] R3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2006-08-17 500480] R3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\system32\drivers\ctprxy2k.sys [2006-08-17 7168] R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\drivers\ctsfm2k.sys [2006-08-17 143872] R3 e1express;Intel® PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2005-03-31 180736] R3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\system32\drivers\emupia2k.sys [2006-08-17 78336] R3 ha20x2k;Creative 20X HAL Driver; C:\WINDOWS\system32\drivers\ha20x2k.sys [2006-08-17 1110528] R3 HidIr;Pilote HID infrarouge Microsoft; C:\WINDOWS\system32\DRIVERS\hidir.sys [2008-04-13 19200] R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 IrBus;Pilote de filtre de bus infrarouge pour les contrôles distants eHome; C:\WINDOWS\system32\DRIVERS\IrBus.sys [2008-04-13 46592] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-10 12288] R3 NBXG7031;NB 802.11g XG703 SP1 Driver; C:\WINDOWS\system32\DRIVERS\WlanUIG.sys [2004-09-24 381312] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2005-07-08 3198304] R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2006-08-17 116224] R3 P17;Sound Blaster Audigy; C:\WINDOWS\system32\drivers\P17.sys [2005-07-07 1389056] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] S3 61883;Pilote d'unité 61883; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128] S3 Avc;Périphérique AVC; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 ctdvda2k;Creative DVD-Audio Device Driver; C:\WINDOWS\system32\drivers\ctdvda2k.sys [2006-08-17 340176] S3 hcwPP2;Hauppauge WinTV PVR PCI II ([23|25|26]xxx); C:\WINDOWS\system32\DRIVERS\hcwPP2.sys [2005-03-15 148608] S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-01-05 51056] S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-01-05 16496] S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-01-05 21488] S3 MHNDRV;Pilote MHN; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008] S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-13 51200] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 PCANDIS5;PCANDIS5 Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS [] S3 Profos;Profos; \??\C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\profos.sys [] S3 RT2500USB;Hercules Wireless USB Dongle Driver; C:\WINDOWS\system32\DRIVERS\rt73.sys [2006-01-12 252928] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 Trufos;Trufos; \??\C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\trufos.sys [] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865] R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297] R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-12 44032] R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568] R2 ehSched;Service de planification Media Center; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 103424] R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2005-07-08 127043] R2 O&O Defrag;O&O Defrag; C:\WINDOWS\system32\oodag.exe [2005-11-02 265216] R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144] S3 GoToAssist;GoToAssist; C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe [2007-10-17 16936] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-10-27 138168] S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-03-22 779824] S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2007-03-22 271920] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-01-05 65795] S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] -----------------EOF----------------- et 2 info.txt logfile of random's system information tool 1.04 2008-12-08 22:39:32 ======Uninstall list====== -->"C:\Program Files\Creative Installation Information\CREATIVE_MEDIASOURCE_U\Setup.exe" /remove /l0x040c -->"C:\Program Files\Creative Installation Information\CTCMSGO\Setup.exe" /remove /l0x040c -->"C:\Program Files\Creative Installation Information\E-CENTER_NET_CONTENT_U\Setup.exe" /remove /l0x040c -->"C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_CDBURNER_U\Setup.exe" /remove /l0x040c -->"C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_MINIDISC_U\Setup.exe" /remove /l0x040c -->"C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_ONLINESTORE_U\Setup.exe" /remove /l0x040c -->"C:\Program Files\Creative Installation Information\MEDIASOURCE_PLAYER_SKINPACK_U\Setup.exe" /remove /l0x040c -->"C:\Program Files\Creative\SBAudigy\Program\Setup.exe" /S /U /W /L:FRN -->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL -->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL -->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL -->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL -->C:\WINDOWS\UNNeroVision.exe /UNINSTALL -->C:\WINDOWS\UNRecode.exe /UNINSTALL -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2670895A-4E6C-4450-B868-7B7DB80A3357}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2670895A-4E6C-4450-B868-7B7DB80A3357}\setup.exe" -l0x40c /remove -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32B4B536-4443-42F0-9676-98373BE9114F}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32B4B536-4443-42F0-9676-98373BE9114F}\setup.exe" -l0x40c /remove -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34EBD418-B8E6-4E86-89C4-33B72CF5663F}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34EBD418-B8E6-4E86-89C4-33B72CF5663F}\setup.exe" -l0x40c /remove -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{52338F65-A1C3-4CDC-B733-50051682B297}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{52338F65-A1C3-4CDC-B733-50051682B297}\setup.exe" -l0x40c /remove -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x40c /remove -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x40c /remove -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x40c /remove -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x40c -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9194237B-7B58-40B4-A739-184AD59531A2}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9194237B-7B58-40B4-A739-184AD59531A2}\setup.exe" -l0x40c /remove -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD6928A2-9F8F-4AA7-9A3A-FD4A271712EE}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD6928A2-9F8F-4AA7-9A3A-FD4A271712EE}\setup.exe" -l0x40c /remove -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C64409FA-42A7-49C6-837A-D2E5D813BD57}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C64409FA-42A7-49C6-837A-D2E5D813BD57}\setup.exe" -l0x40c /remove -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C88C3C27-AECE-4137-A6CC-D7A6FFAD2F84}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE4A4C48-2232-4CCB-AD61-490ACD29BA85}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE4A4C48-2232-4CCB-AD61-490ACD29BA85}\setup.exe" -l0x40c /remove -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Reader 8.1.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81000000003} adsl TV-->C:\Program Files\adslTV\Uninstal.exe Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe Audacity 1.3.4 (Unicode)-->"C:\Program Files\Audacity 1.3 Beta (Unicode)\unins000.exe" Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE Bink and Smacker-->C:\PROGRA~1\RADVideo\UNWISE.EXE C:\PROGRA~1\RADVideo\INSTALL.LOG CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe" Clock 2.3-->C:\Program Files\Clock\uninst.exe Correctif n° 2 pour Windows XP Édition Media Center 2005-->C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe" Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe" Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Creative Audio Console-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x40c /remove Creative MediaSource 5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}\SETUP.EXE" -l0x40c /remove Creative Software AutoUpdate-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x40c /remove Creative System Information-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x40c /remove Dell Resource CD-->MsiExec.exe /X{FCD9CD52-7222-4672-94A0-A722BA702FD0} DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe" Free Video Converter V 1.3-->"C:\Program Files\Free Video Converter\unins000.exe" Frogger2-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Hasbro Interactive\Frogger2\Uninst.isu" GemMaster Mystic-->"C:\Program Files\GemMasterFrench\uninstallgemmaster.exe" Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29} Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll" GoToAssist 8.0.0.480-->C:\Program Files\Citrix\GoToAssist\480\G2AUninstaller.exe /uninstall High Definition Audio Driver Package - KB835221-->C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe HijackThis 2.0.2-->"C:\DOCUME~1\Eric\LOCALS~1\Temp\Rar$EX00.063\HijackThis.exe" /uninstall Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" Hotfix for Windows Media Player 10 (KB903157)-->"C:\WINDOWS\$NtUninstallKB903157$\spuninst\spuninst.exe" Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe" HP Image Zone 3.5-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat HP PSC & OfficeJet 3.5-->"C:\Program Files\HP\Digital Imaging\{0FABD3D7-3036-4e78-B29D-58957ADB0A12}\setup\hpzscr01.exe" -datfile hposcr03.dat HP Software Update-->MsiExec.exe /X{34957B51-9676-41CE-9E52-44AE91B73F1C} IncrediMail Xe-->C:\PROGRA~1\INCRED~1\bin\imsetup.exe /remove /addon:IncrediMail /log:IncMail.log Intel® PRO Network Connections Drivers-->Prounstl.exe iWizz-->C:\Program Files\iWizz\uninstall.exe iWizz-->C:\Program Files\iWizz\uninstall.exe Java 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030} Java 6 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040} K-Lite Codec Pack 3.5.7 Full-->"C:\Program Files\K-Lite Codec Pack\unins000.exe" l'Aide d'Audacity-->C:\Program Files\Audacity\Aide\Uninstal.exe Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall Les Sims Abracadabra-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A00D1BA-D03A-44E5-AF28-86A1F377DF61}\setup.exe" -l040c Memories Disc Creator 2.0-->MsiExec.exe /X{2E132061-C78A-48D4-A899-1D13B9D189FA} Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700} Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA-->MsiExec.exe /I{3F7924B9-D148-3141-87B1-68F36043A940} Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28} Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Office PowerPoint Viewer 2003-->MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9} Microsoft Office Word Viewer 2003-->MsiExec.exe /I{9085040C-6000-11D3-8CFE-0150048383C9} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Zoo Tycoon-->"C:\Program Files\Microsoft Games\Zoo Tycoon\UNINSTAL.EXE" /runtemp /addremove Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Mise à jour pour Lecteur Windows Media 10 (KB913800)-->"C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe" Mise à jour pour Lecteur Windows Media 10 (KB926251)-->"C:\WINDOWS\$NtUninstallKB926251$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB943729)-->"C:\WINDOWS\$NtUninstallKB943729$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Montpellier Business Plan Classic-->MsiExec.exe /I{EDA1C1F7-F27E-4B20-B9BC-39964452DBB1} Mozilla Firefox (3.0.4)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MWSnap 3-->"C:\Documents and Settings\Eric\Mes documents\mes logiciels\MWSnap\uninstall.exe" Nero 7 Essentials-->MsiExec.exe /X{282E3F81-CC37-44AF-8156-C35104D21036} NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI O&O Defrag Professional Edition-->MsiExec.exe /I{53480370-6CA2-47EC-BC05-02B4B9271C31} OpenOffice.org 2.4-->MsiExec.exe /I{1E0FF527-971B-4BBF-83D1-987E8DEE437D} Otto-->"C:\Program Files\FrenchOtto\uninstallotto.exe" PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe" PKR-->"C:\Program Files\PKR\uninstall-pkr.exe" Sonic Encoders-->MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011} Sound Blaster Audigy-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1B1DDAD2-C704-49F8-8FC2-18DAAD9A87C5}\SETUP.EXE" -l0x40c /remove Sound Blaster pour Media Center-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C88C3C27-AECE-4137-A6CC-D7A6FFAD2F84}\setup.exe" -l0x40c /remove Spybot - Search & Destroy 1.3-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" TerraExplorer-->C:\Program Files\Skyline\TerraExplorer\Setup.exe [OP]/U Titan Poker-->"C:\Documents and Settings\Eric\Mes documents\mes logiciels\Titan Poker\_SetupPoker.exe" /uninstall Turbo Lister 2-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{69640730-B830-4C24-BB5C-222DA1260548} Utilitaire de gestion du LAN Wifi IEEE 802.11g-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8F7953DB-3529-4D69-A577-CC22D4F32C51}\setup.exe" -l0x40c Vuze-->C:\Program Files\Azureus\uninstall.exe WiFi Station-->C:\Program Files\InstallShield Installation Information\{DECE22F4-EEDD-4615-BC56-2F4827FAD64B}\Setup.exe -runfromtemp -l0x040c -removeonly Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390} Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65} Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" Windows Search 4.0-->"C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe" Windows XP Media Center Edition 2005 KB925766-->"C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe" Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" Winmail Reader 1.1.12-->"C:\Program Files\Winmail Reader\unins000.exe" ======Security center information====== AV: Avira AntiVir PersonalEdition Classic ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 6 Stepping 2, GenuineIntel "PROCESSOR_REVISION"=0602 "NUMBER_OF_PROCESSORS"=2 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP -----------------EOF----------------- je n'ose plus dire merci mais quand mème..

merci buenas noches

comment désinstaller toolbar ,pas dans la liste de ccleaner ,je klik droit sur le bureau et je fais supprimer? désolé

je bois tes paroles et fait ce que tu me dis ,je te remercie et à demain donc...... amicalement

désolé un peu long mais ma spécialité à moi c'est les montres anciennes... je me suis remis en mode windows normal au fait -----------\\ ToolBar S&D 1.2.6 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Multiprocessor Free : Intel® Pentium® D CPU 3.40GHz ) BIOS : Phoenix ROM BIOS PLUS Version 1.10 A03 USER : Eric ( Administrator ) BOOT : Fail-safe boot Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Activated) C:\ (Local Disk) - NTFS - Total:460 Go (Free:383 Go) D:\ (USB) E:\ (USB) F:\ (USB) G:\ (USB) - FAT - Total:971 Mo (Free:0 Go) I:\ (CD or DVD) J:\ (CD or DVD) "C:\ToolBar SD" ( MAJ : 04-12-2008|20:40 ) Option : [2] ( 08/12/2008|22:06 ) -----------\\ SUPPRESSION Supprime! - C:\Program Files\AskSBar\bar Supprime! - C:\Program Files\AskSBar -----------\\ Recherche de Fichiers / Dossiers ... -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Default_Page_URL"="http://www.neuf.fr" "Search Bar"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "SearchMigratedDefaultURL"="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8" "Start Page"="http://www.neuf.fr/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://www.msn.com/" --------------------\\ Recherche d'autres infections --------------------\\ ROOTKIT !! Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TDSSSERV.SYS] Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_TDSSSERV.SYS] Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TDSSSERV.SYS] Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDSSserv.sys] Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TDSSserv.sys] Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\TDSSserv.sys] Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TDSSserv.sys] --------------------\\ Suspect .. C:\WINDOWS\system32\TDSSakao.log C:\WINDOWS\system32\TDSSkrrx.dll C:\WINDOWS\system32\TDSSottu.dll C:\WINDOWS\system32\TDSSubgj.dll C:\WINDOWS\system32\TDSSwppe.dat C:\WINDOWS\system32\TDSSyoqu.dll 1 - "C:\ToolBar SD\TB_1.txt" - 08/12/2008|18:41 - Option : [1] 2 - "C:\ToolBar SD\TB_2.txt" - 08/12/2008|22:08 - Option : [2] -----------\\ Fin du rapport a 22:08:39.40

salut j'ai fait la premiere partie ,desactivé 1 comme tu avais dit,redémarré,antivir m'a annoncé le comme tu m'a dit en virus que j'ai mis en quarantaine,là je lis ta réponse et je m'aprète à suivre ta procédure, right? MERCI

bonsoir no3p, me revoilà avec le rapport,merci par avance -----------\\ ToolBar S&D 1.2.6 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Multiprocessor Free : Intel® Pentium® D CPU 3.40GHz ) BIOS : Phoenix ROM BIOS PLUS Version 1.10 A03 USER : Eric ( Administrator ) BOOT : Normal boot Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Not Activated) C:\ (Local Disk) - NTFS - Total:460 Go (Free:383 Go) D:\ (USB) E:\ (USB) F:\ (USB) G:\ (USB) - FAT - Total:971 Mo (Free:0 Go) I:\ (CD or DVD) J:\ (CD or DVD) "C:\ToolBar SD" ( MAJ : 04-12-2008|20:40 ) Option : [1] ( 08/12/2008|18:38 ) -----------\\ Recherche de Fichiers / Dossiers ... C:\Program Files\AskSBar C:\Program Files\AskSBar\bar C:\Program Files\AskSBar\bar\1.bin C:\Program Files\AskSBar\bar\Cache C:\Program Files\AskSBar\bar\History C:\Program Files\AskSBar\bar\Settings C:\Program Files\AskSBar\bar\1.bin\A2FFXTBR.JAR C:\Program Files\AskSBar\bar\1.bin\A2FFXTBR.MANIFEST C:\Program Files\AskSBar\bar\1.bin\A2HIGHIN.EXE C:\Program Files\AskSBar\bar\1.bin\A2NTSTBR.JAR C:\Program Files\AskSBar\bar\1.bin\A2NTSTBR.MANIFEST C:\Program Files\AskSBar\bar\1.bin\A2PLUGIN.DLL C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL C:\Program Files\AskSBar\bar\1.bin\NPASKSBR.DLL C:\Program Files\AskSBar\bar\1.bin\V2RSSMNU.DLL C:\Program Files\AskSBar\bar\Cache\0ABC20C0 C:\Program Files\AskSBar\bar\Cache\0ABC23AE C:\Program Files\AskSBar\bar\Cache\0ABC266D.bin C:\Program Files\AskSBar\bar\Cache\0ABC29F7.bin C:\Program Files\AskSBar\bar\Cache\0ABC2B40.bin C:\Program Files\AskSBar\bar\Cache\0ABC2C68.bin C:\Program Files\AskSBar\bar\Cache\0ABC2DA1.bin C:\Program Files\AskSBar\bar\Cache\0ABC2F37.bin C:\Program Files\AskSBar\bar\Cache\files.ini C:\Program Files\AskSBar\bar\History\search2 C:\Program Files\AskSBar\bar\Settings\prevcfg2.htm -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Default_Page_URL"="http://www.neuf.fr"'>http://www.neuf.fr" pardon manquait un bout... suis novice en forum -----------\\ ToolBar S&D 1.2.6 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Multiprocessor Free : Intel® Pentium® D CPU 3.40GHz ) BIOS : Phoenix ROM BIOS PLUS Version 1.10 A03 USER : Eric ( Administrator ) BOOT : Normal boot Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Not Activated) C:\ (Local Disk) - NTFS - Total:460 Go (Free:383 Go) D:\ (USB) E:\ (USB) F:\ (USB) G:\ (USB) - FAT - Total:971 Mo (Free:0 Go) I:\ (CD or DVD) J:\ (CD or DVD) "C:\ToolBar SD" ( MAJ : 04-12-2008|20:40 ) Option : [1] ( 08/12/2008|18:38 ) -----------\\ Recherche de Fichiers / Dossiers ... C:\Program Files\AskSBar C:\Program Files\AskSBar\bar C:\Program Files\AskSBar\bar\1.bin C:\Program Files\AskSBar\bar\Cache C:\Program Files\AskSBar\bar\History C:\Program Files\AskSBar\bar\Settings C:\Program Files\AskSBar\bar\1.bin\A2FFXTBR.JAR C:\Program Files\AskSBar\bar\1.bin\A2FFXTBR.MANIFEST C:\Program Files\AskSBar\bar\1.bin\A2HIGHIN.EXE C:\Program Files\AskSBar\bar\1.bin\A2NTSTBR.JAR C:\Program Files\AskSBar\bar\1.bin\A2NTSTBR.MANIFEST C:\Program Files\AskSBar\bar\1.bin\A2PLUGIN.DLL C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL C:\Program Files\AskSBar\bar\1.bin\NPASKSBR.DLL C:\Program Files\AskSBar\bar\1.bin\V2RSSMNU.DLL C:\Program Files\AskSBar\bar\Cache\0ABC20C0 C:\Program Files\AskSBar\bar\Cache\0ABC23AE C:\Program Files\AskSBar\bar\Cache\0ABC266D.bin C:\Program Files\AskSBar\bar\Cache\0ABC29F7.bin C:\Program Files\AskSBar\bar\Cache\0ABC2B40.bin C:\Program Files\AskSBar\bar\Cache\0ABC2C68.bin C:\Program Files\AskSBar\bar\Cache\0ABC2DA1.bin C:\Program Files\AskSBar\bar\Cache\0ABC2F37.bin C:\Program Files\AskSBar\bar\Cache\files.ini C:\Program Files\AskSBar\bar\History\search2 C:\Program Files\AskSBar\bar\Settings\prevcfg2.htm -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Default_Page_URL"="http://www.neuf.fr" "Search Bar"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "SearchMigratedDefaultURL"="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8" "Start Page"="http://www.neuf.fr/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"'>http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" --------------------\\ Recherche d'autres infections --------------------\\ ROOTKIT !! Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TDSSSERV.SYS] Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_TDSSSERV.SYS] Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TDSSSERV.SYS] 1 - "C:\ToolBar SD\TB_1.txt" - 08/12/2008|18:41 - Option : [1] -----------\\ Fin du rapport a 18:41:06.73

bonsoir no3p et merci de ton intérèt je vais faire ce que tu me dis mais là je dois partir donc a demain pour le résultat, en ts cas bien sympa la démarche d'aide.. amicalement.

bonjour ai chopé qqchose, suivi les procédures avant post message:avira chargé et qui m'a d'ailleurs trouvé 3 trojans agent.asfr et deux fois tr:cryp.xpack.gen, internet explorer me redirige vers d'autres sites ainsi d'ailleurs que mozilla que j'ai chargé pour voir,je poste donc mon log hijack et vous remercie par avance de votre aide amicalement Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:16:40, on 07/12/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\oodag.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe C:\WINDOWS\system32\CTHELPER.EXE C:\WINDOWS\system32\CTXFIHLP.EXE C:\WINDOWS\system32\Rundll32.exe C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe C:\WINDOWS\osd.exe C:\WINDOWS\Resources\Themes\VistaXP\vt\VisualToolTip.exe C:\WINDOWS\SYSTEM32\CTXFISPI.EXE C:\Program Files\HP\HP Software Update\HPWuSchd.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\WINDOWS\eHome\ehmsas.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Hercules\WiFi Station\WifiStation.exe C:\PROGRA~1\INCRED~1\bin\IMApp.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Documents and Settings\Eric\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe C:\Documents and Settings\Eric\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe C:\Program Files\Java\jre1.6.0_04\bin\jucheck.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe c:\program files\avira\antivir personaledition classic\avcenter.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\Eric\LOCALS~1\Temp\Rar$EX00.063\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.neuf.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neuf.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [OSD] C:\WINDOWS\osd.exe O4 - HKLM\..\Run: [VisualTooltip] C:\WINDOWS\Resources\Themes\VistaXP\vt\VisualToolTip.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [CTRegRun] C:\WINDOWS\CTRegRun.EXE O4 - HKCU\..\Run: [setDefaultMIDI] MIDIDef.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - S-1-5-18 Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\Eric\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe (User 'SYSTEM') O4 - .DEFAULT Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\Eric\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe (User 'Default user') O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\Eric\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: WiFi Station.lnk = ? O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Documents and Settings\Eric\Mes documents\mes logiciels\Titan Poker\casino.exe O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Documents and Settings\Eric\Mes documents\mes logiciels\Titan Poker\casino.exe O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: *.sony-europe.com O15 - Trusted Zone: *.sonystyle-europe.com O15 - Trusted Zone: *.vaio-link.com O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15031/CTSUEng.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su2/CTL_V02002/ocx/15033/CTPID.cab O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 10126 bytes