Sophie123

Le rapport : Antivirus Version Dernière mise à jour Résultat a-squared 4.5.0.50 2010.01.23 - AhnLab-V3 5.0.0.2 2010.01.22 - AntiVir 7.9.1.146 2010.01.22 - Antiy-AVL 2.0.3.7 2010.01.22 - Authentium 5.2.0.5 2010.01.23 - Avast 4.8.1351.0 2010.01.22 - AVG 9.0.0.730 2010.01.23 - BitDefender 7.2 2010.01.23 - CAT-QuickHeal 10.00 2010.01.22 - ClamAV 0.94.1 2010.01.22 - Comodo 3680 2010.01.23 - DrWeb 5.0.1.12222 2010.01.23 - eSafe 7.0.17.0 2010.01.21 - eTrust-Vet 35.2.7255 2010.01.22 - F-Prot 4.5.1.85 2010.01.22 - F-Secure 9.0.15370.0 2010.01.23 - Fortinet 4.0.14.0 2010.01.23 - GData 19 2010.01.23 - Ikarus T3.1.1.80.0 2010.01.23 - Jiangmin 13.0.900 2010.01.23 - K7AntiVirus 7.10.952 2010.01.22 - Kaspersky 7.0.0.125 2010.01.23 - McAfee 5869 2010.01.22 - McAfee+Artemis 5869 2010.01.22 - McAfee-GW-Edition 6.8.5 2010.01.23 - Microsoft 1.5405 2010.01.23 - NOD32 4798 2010.01.22 - Norman 6.04.03 2010.01.23 - nProtect 2009.1.8.0 2010.01.23 - Panda 10.0.2.2 2010.01.22 - PCTools 7.0.3.5 2010.01.23 - Prevx 3.0 2010.01.23 - Rising 22.31.04.04 2010.01.22 - Sophos 4.50.0 2010.01.23 - Sunbelt 3.2.1858.2 2010.01.23 - Symantec 20091.2.0.41 2010.01.23 - TheHacker 6.5.0.9.160 2010.01.23 - TrendMicro 9.120.0.1004 2010.01.23 - VBA32 3.12.12.1 2010.01.21 - ViRobot 2010.1.22.2151 2010.01.22 - VirusBuster 5.0.21.0 2010.01.22 - Information additionnelle File size: 95360 bytes MD5...: cdfe4411a69c224bd1d11b2da92dac51 SHA1..: a42fbfeb5a4d94118b483d7f18113aa8c329a052 SHA256: 0e6b23a80f171550575bebc56f7500cd87a5cf03b2b9fdc49bc3de96282cd69d ssdeep: 1536:BVzXEOXUOyD8HT6OhAVJqNoQrPs2W7IDdXBoDZYkvR5TJWBwEsjG0cXFIQ0 bbZPO:BVL/Eiz6OhrNoQzsnwBoDjR51hljrckO PEiD..: - PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x155f7 timedatestamp.....: 0x41107b4d (Wed Aug 04 05:59:41 2004) machinetype.......: 0x14c (I386) ( 9 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x380 0x9672 0x9680 6.45 70b67d65eb28dcccdcba61a31c4d40e2 NONPAGE 0x9a00 0x18e8 0x1900 6.48 5629c7db94fbcf0123c267ec52f0c942 .rdata 0xb300 0xa54 0xa80 4.37 569d2979d21f645730a1a59fd512d25c .data 0xbd80 0xd94 0xe00 0.44 77b784be18c5257bf3b9c132a03019db PAGESCAN 0xcb80 0x154f 0x1580 6.15 d1c7adb0c1e5491b58c485d62076561f PAGE 0xe100 0x5f54 0x5f80 6.46 0951fe4f10eee3d01d5d5aab9a0472bc INIT 0x14080 0x22a0 0x2300 6.48 4354ab341533bda39d4f4dc3548ef9bd .rsrc 0x16380 0x3f0 0x400 3.40 0184b21986944fd39532f818b4c642ab .reloc 0x16780 0xcf0 0xd00 6.46 ae8fd4a932f7899f6257876856210914 ( 3 imports ) > ntoskrnl.exe: RtlInitUnicodeString, swprintf, KeSetEvent, IoCreateSymbolicLink, IoGetConfigurationInformation, IoDeleteSymbolicLink, MmFreeMappingAddress, IoFreeErrorLogEntry, IoDisconnectInterrupt, MmUnmapIoSpace, ObReferenceObjectByPointer, IofCompleteRequest, RtlCompareUnicodeString, IofCallDriver, MmAllocateMappingAddress, IoAllocateErrorLogEntry, IoConnectInterrupt, IoDetachDevice, KeWaitForSingleObject, KeInitializeEvent, RtlAnsiStringToUnicodeString, RtlInitAnsiString, IoBuildDeviceIoControlRequest, IoQueueWorkItem, MmMapIoSpace, IoInvalidateDeviceRelations, IoReportDetectedDevice, IoReportResourceForDetection, RtlxAnsiStringToUnicodeSize, NlsMbCodePageTag, PoRequestPowerIrp, KeInsertByKeyDeviceQueue, PoRegisterDeviceForIdleDetection, sprintf, MmMapLockedPagesSpecifyCache, ObfDereferenceObject, IoGetAttachedDeviceReference, IoInvalidateDeviceState, ZwClose, ObReferenceObjectByHandle, ZwCreateDirectoryObject, IoBuildSynchronousFsdRequest, PoStartNextPowerIrp, PoCallDriver, IoCreateDevice, IoAllocateDriverObjectExtension, RtlQueryRegistryValues, ZwOpenKey, RtlFreeUnicodeString, IoStartTimer, KeInitializeTimer, IoInitializeTimer, KeInitializeDpc, KeInitializeSpinLock, IoInitializeIrp, ZwCreateKey, RtlAppendUnicodeStringToString, RtlIntegerToUnicodeString, ZwSetValueKey, KeInsertQueueDpc, KefAcquireSpinLockAtDpcLevel, IoStartPacket, KefReleaseSpinLockFromDpcLevel, IoBuildAsynchronousFsdRequest, IoFreeMdl, MmUnlockPages, IoWriteErrorLogEntry, KeRemoveByKeyDeviceQueue, MmMapLockedPagesWithReservedMapping, MmUnmapReservedMapping, KeSynchronizeExecution, IoStartNextPacket, KeBugCheckEx, KeRemoveDeviceQueue, KeSetTimer, KeCancelTimer, _allmul, MmProbeAndLockPages, _except_handler3, PoSetPowerState, IoOpenDeviceRegistryKey, RtlWriteRegistryValue, _aulldiv, strstr, _strupr, KeQuerySystemTime, IoWMIRegistrationControl, KeTickCount, IoAttachDeviceToDeviceStack, IoDeleteDevice, ExAllocatePoolWithTag, IoAllocateWorkItem, IoAllocateIrp, IoAllocateMdl, MmBuildMdlForNonPagedPool, MmLockPagableDataSection, IoGetDriverObjectExtension, MmUnlockPagableImageSection, ExFreePoolWithTag, IoFreeIrp, IoFreeWorkItem, InitSafeBootMode, RtlCompareMemory, RtlCopyUnicodeString, memmove, MmHighestUserAddress > HAL.dll: KfAcquireSpinLock, READ_PORT_UCHAR, KeGetCurrentIrql, KfRaiseIrql, KfLowerIrql, HalGetInterruptVector, HalTranslateBusAddress, KeStallExecutionProcessor, KfReleaseSpinLock, READ_PORT_BUFFER_USHORT, READ_PORT_USHORT, WRITE_PORT_BUFFER_USHORT, WRITE_PORT_UCHAR > WMILIB.SYS: WmiSystemControl, WmiCompleteRequest ( 0 exports ) RDS...: NSRL Reference Data Set - packers (Kaspersky): PE_Patch sigcheck: publisher....: Microsoft Corporation copyright....: © Microsoft Corporation. All rights reserved. product......: Microsoft_ Windows_ Operating System description..: IDE/ATAPI Port Driver original name: atapi.sys internal name: atapi.sys file version.: 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) comments.....: n/a signers......: - signing date.: - verified.....: Unsigned trid..: Win32 Executable Generic (68.0%) Generic Win/DOS Executable (15.9%) DOS Executable Generic (15.9%) Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%) pdfid.: -

J'ai procédé comme tu m'as dit pour récupérer Internet Explorer, mais toujours pas. Heureusement que tu m'as conseillé FireFox en attendant. On peut tenter autre chose ou on verra après avoir résolu les autres problèmes ?

Bonjour Thanos, Quel plaisir de voir ce forum de nouveau accessible Voici le rapport demandé : GMER 1.0.15.15281 - http://www.gmer.net Rootkit scan 2010-01-22 19:04:48 Windows 5.1.2600 Service Pack 2 Running: stnifqnb.exe; Driver: C:\DOCUME~1\Sophie\LOCALS~1\Temp\axtiapog.sys ---- System - GMER 1.0.15 ---- SSDT 856FB109 ZwCreateThread ---- Devices - GMER 1.0.15 ---- AttachedDevice \FileSystem\Ntfs \Ntfs naiavf5x.sys (Anti-Virus File System Filter Driver/Network Associates, Inc.) AttachedDevice \Driver\Tcpip \Device\Ip mvstdi5x.sys (Anti-Virus Mini-Firewall Driver/Network Associates, Inc.) AttachedDevice \Driver\Tcpip \Device\Tcp mvstdi5x.sys (Anti-Virus Mini-Firewall Driver/Network Associates, Inc.) AttachedDevice \Driver\Tcpip \Device\Udp mvstdi5x.sys (Anti-Virus Mini-Firewall Driver/Network Associates, Inc.) AttachedDevice \Driver\Tcpip \Device\RawIp mvstdi5x.sys (Anti-Virus Mini-Firewall Driver/Network Associates, Inc.) AttachedDevice \FileSystem\Fastfat \Fat naiavf5x.sys (Anti-Virus File System Filter Driver/Network Associates, Inc.) Device -> \Driver\atapi \Device\Harddisk0\DR0 862ED856 ---- Registry - GMER 1.0.15 ---- Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@DeviceNotSelectedTimeout 15 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@GDIProcessHandleQuota 10000 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@Spooler yes Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@swapdisk Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@TransmissionRetryTimeout 90 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@USERProcessHandleQuota 10000 ---- Files - GMER 1.0.15 ---- File C:\WINDOWS\system32\drivers\atapi.sys suspicious modification ---- EOF - GMER 1.0.15 ----

Malheureusement non, ça ne s'ouvre pas. Pourquoi à ton avis ?

Je passe par le menu démarrer pour accéder aux programmes. Là je constate que ni Word, ni Windows Media Player ne fonctionnent...

Voilà, j'ai fait la mise à jour Internet Explorer 8, mais seul Firefox fonctionne. Pareil pour Outlook Express : lorsque j'appuie pour l'ouvrir, aucune réaction. Si tu pouvais m'aider pour résoudre ces derniers problèmes. Merci.

Je t'ai écouté et ai téléchargé Firefox comme tu le conseillais. Je ne l'ai pas mis comme navigateur par défaut, car j'aimerais bien avoir aussi Internet Explorer dernière version pour être à jour si possible.

A la base c'est une version légale. D'ailleurs, tu as pu noter les différentes mises à jour faites. Comment faire pour tout récupérer ? Relancer ComboFix pour avoir une console de récupération ?

Voici le rapport RSIT. Internet Explorer et Outlook Express, tout comme Word ne fonctionnent pas. C'est peut-être normal au stade où nous en sommes ? Logfile of random's system information tool 1.06 (written by random/random) Run by Sophie at 2010-01-21 12:45:34 Microsoft Windows XP Professionnel Service Pack 2 System drive C: has 2 GB (6%) free of 40 GB Total RAM: 1014 MB (60% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:45:43, on 21/01/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe C:\Program Files\HP\HP Software Update\HPWuSchd.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Network Associates\Common Framework\FrameworkService.exe C:\Program Files\Network Associates\VirusScan\Mcshield.exe C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Windows NT\Accessoires\WORDPAD.EXE C:\Documents and Settings\Sophie\Bureau\RSIT.exe C:\Documents and Settings\Sophie\Bureau\Sophie.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [shStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe" O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 6491 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\WGASetup.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-12-10 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-12-10 73728] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-04-17 141848] "HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-04-17 166424] "Persistence"=C:\WINDOWS\system32\igfxpers.exe [2008-04-17 137752] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-04-17 16859648] "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] "GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016] "ShStatEXE"=C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE [2004-09-22 94208] "McAfeeUpdaterUI"=C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe [2004-08-06 139320] "Network Associates Error Reporting Service"=C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe [2003-10-07 147514] "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd.exe [2003-06-25 49152] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-12-10 149280] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-11-10 417792] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-11-12 141600] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe [2005-11-24 94208] "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-08-04 1667584] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-03 15360] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2008-04-17 208896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoDriveAutoRun"=67108863 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= "NoDriveAutoRun"= "NoDriveTypeAutoRun"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0" "C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove" "C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0" "C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" ======List of files/folders created in the last 1 months====== 2010-01-21 10:02:37 ----D---- C:\_OTM 2010-01-20 11:48:32 ----SD---- C:\sophie.exe 2010-01-20 11:46:34 ----D---- C:\Qoobox 2010-01-19 15:11:53 ----A---- C:\Boot.bak 2010-01-19 15:11:43 ----RASHD---- C:\cmdcons 2010-01-19 15:09:00 ----A---- C:\WINDOWS\zip.exe 2010-01-19 15:09:00 ----A---- C:\WINDOWS\SWXCACLS.exe 2010-01-19 15:09:00 ----A---- C:\WINDOWS\SWSC.exe 2010-01-19 15:09:00 ----A---- C:\WINDOWS\SWREG.exe 2010-01-19 15:09:00 ----A---- C:\WINDOWS\sed.exe 2010-01-19 15:09:00 ----A---- C:\WINDOWS\PEV.exe 2010-01-19 15:09:00 ----A---- C:\WINDOWS\NIRCMD.exe 2010-01-19 15:09:00 ----A---- C:\WINDOWS\MBR.exe 2010-01-19 15:09:00 ----A---- C:\WINDOWS\grep.exe 2010-01-19 15:08:44 ----D---- C:\WINDOWS\ERDNT 2010-01-18 22:52:07 ----D---- C:\rsit 2010-01-18 22:07:17 ----D---- C:\WINDOWS\Minidump 2010-01-13 21:38:37 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$ 2010-01-13 21:38:25 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$ 2010-01-12 23:08:52 ----D---- C:\Program Files\Guitar Pro 5 2010-01-12 15:35:06 ----A---- C:\Documents and Settings\Sophie\Application Data\temp3159.txt 2010-01-09 19:22:14 ----A---- C:\Documents and Settings\Sophie\Application Data\temp20425.txt 2010-01-09 15:45:49 ----D---- C:\Documents and Settings\Sophie\Application Data\dvdcss 2010-01-09 11:07:29 ----A---- C:\Documents and Settings\Sophie\Application Data\temp21790.txt 2010-01-09 11:06:52 ----A---- C:\Documents and Settings\Sophie\Application Data\temp21669.txt 2010-01-08 17:44:01 ----D---- C:\Program Files\CDisplay 2010-01-08 17:04:19 ----D---- C:\Documents and Settings\Sophie\Application Data\JivaroPref 2010-01-04 22:32:51 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$ 2010-01-04 22:32:22 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$ 2010-01-04 22:31:55 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$ 2010-01-04 22:31:05 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$ 2010-01-03 18:31:31 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage 2010-01-03 18:25:42 ----HDC---- C:\WINDOWS\$NtUninstallKB926239$ 2010-01-03 18:25:23 ----N---- C:\WINDOWS\system32\spmsg.dll 2010-01-03 18:25:21 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$ 2010-01-03 18:25:11 ----A---- C:\WINDOWS\system32\wmpns.dll 2010-01-03 18:25:00 ----D---- C:\Program Files\Windows Media Connect 2 2010-01-03 18:24:47 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$ 2010-01-03 18:24:15 ----D---- C:\c7f5d1a7da81cdd19ff1668506c4404a 2010-01-03 18:23:51 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$ 2010-01-03 18:23:13 ----D---- C:\WINDOWS\system32\LogFiles 2010-01-03 18:23:07 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$ 2009-12-28 18:33:25 ----HDC---- C:\WINDOWS\$NtUninstallKB932823-v3$ 2009-12-26 12:37:49 ----D---- C:\Documents and Settings\Sophie\Application Data\Apple Computer 2009-12-26 12:37:21 ----A---- C:\WINDOWS\system32\GEARAspi.dll 2009-12-26 12:36:06 ----D---- C:\Program Files\iPod 2009-12-26 12:35:56 ----D---- C:\Program Files\iTunes 2009-12-26 12:35:56 ----D---- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} 2009-12-26 12:35:18 ----D---- C:\Program Files\Bonjour 2009-12-26 12:34:22 ----D---- C:\Program Files\QuickTime 2009-12-26 12:34:18 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer 2009-12-26 12:33:50 ----D---- C:\Program Files\Apple Software Update 2009-12-26 12:32:18 ----D---- C:\Program Files\Fichiers communs\Apple 2009-12-26 12:32:18 ----D---- C:\Documents and Settings\All Users\Application Data\Apple ======List of files/folders modified in the last 1 months====== 2010-01-21 12:45:43 ----D---- C:\WINDOWS\Prefetch 2010-01-21 10:20:43 ----D---- C:\WINDOWS\Temp 2010-01-21 10:15:35 ----D---- C:\WINDOWS 2010-01-21 10:14:22 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-01-21 10:05:14 ----D---- C:\WINDOWS\system32 2010-01-21 10:02:39 ----D---- C:\WINDOWS\system32\drivers 2010-01-20 11:49:39 ----D---- C:\WINDOWS\system32\CatRoot2 2010-01-19 15:11:54 ----RASH---- C:\boot.ini 2010-01-19 06:05:26 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$ 2010-01-18 23:09:40 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-01-18 22:08:33 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-01-18 20:54:28 ----D---- C:\Documents and Settings\Sophie\Application Data\GrabIt 2010-01-17 12:13:46 ----A---- C:\WINDOWS\NeroDigital.ini 2010-01-14 08:25:41 ----D---- C:\WINDOWS\AppPatch 2010-01-13 21:38:43 ----HD---- C:\WINDOWS\inf 2010-01-13 21:38:36 ----HD---- C:\WINDOWS\$hf_mig$ 2010-01-13 21:38:32 ----A---- C:\WINDOWS\imsins.BAK 2010-01-13 18:31:12 ----D---- C:\Documents and Settings\Sophie\Application Data\vlc 2010-01-12 23:29:39 ----RSD---- C:\WINDOWS\Fonts 2010-01-12 23:08:52 ----RD---- C:\Program Files 2010-01-05 01:17:46 ----A---- C:\WINDOWS\system32\MRT.exe 2010-01-03 19:51:21 ----D---- C:\WINDOWS\system32\CatRoot 2010-01-03 18:25:12 ----A---- C:\WINDOWS\win.ini 2010-01-03 18:24:59 ----D---- C:\Program Files\Windows Media Player 2010-01-03 18:24:56 ----D---- C:\WINDOWS\Help 2009-12-26 12:37:54 ----SHD---- C:\WINDOWS\Installer 2009-12-26 12:37:21 ----DC---- C:\WINDOWS\system32\DRVSTORE 2009-12-26 12:33:55 ----SD---- C:\WINDOWS\Tasks 2009-12-26 12:33:16 ----D---- C:\WINDOWS\WinSxS 2009-12-26 12:32:18 ----D---- C:\Program Files\Fichiers communs ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2009-11-15 43488] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-03 40320] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848] R1 NaiAvTdi1;NaiAvTdi1; C:\WINDOWS\system32\drivers\mvstdi5x.sys [2004-09-22 58048] R3 EntDrv51;EntDrv51; \??\C:\WINDOWS\system32\drivers\EntDrv51.sys [] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600] R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752] R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-28 9600] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-04-17 5854752] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-04-17 4652544] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-28 12288] R3 NaiAvFilter1;NaiAvFilter1; C:\WINDOWS\system32\drivers\naiavf5x.sys [2004-09-22 108256] R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-04-17 105856] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480] S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [] S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys [] S3 catchme;catchme; \??\C:\DOCUME~1\Sophie\LOCALS~1\Temp\catchme.sys [] S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2003-08-11 51056] S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2003-08-11 16496] S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2003-08-11 21488] S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-12-10 153376] R2 McAfeeFramework;McAfee Framework Service; C:\Program Files\Network Associates\Common Framework\FrameworkService.exe [2004-08-06 102463] R2 McShield;Network Associates McShield; C:\Program Files\Network Associates\VirusScan\Mcshield.exe [2004-09-22 221191] R2 McTaskManager;Network Associates Task Manager; C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe [2004-09-22 28672] R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-11-12 545568] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2003-08-11 65795] S3 usnsvc;Service Messenger Sharing USN Journal Reader; C:\WINDOWS\system32\svchost.exe [2004-08-03 14336] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-03 14336] -----------------EOF-----------------

Bonjour, Merci pour ta réponse. Voici le rapport généré : All processes killed Error: Unable to interpret <:first> in the current context! ========== PROCESSES ========== No active process named explorer.exe was found! ========== SERVICES/DRIVERS ========== Error: Unable to stop service KGootkit! Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\KGootkit deleted successfully. Service pbnrq stopped successfully! Service pbnrq deleted successfully! ========== FILES ========== File/Folder C:\WINDOWS\System32\drivers\KGootkit.sys not found. C:\WINDOWS\system32\drivers\eowxqytdpjrhvrv.sys moved successfully. File/Folder H:\ntldr.exe not found. File/Folder H:\autorun.inf not found. C:\ekfq.exe moved successfully. C:\qrig.exe moved successfully. C:\lshgrioa.exe moved successfully. C:\lqyedbfe.exe moved successfully. C:\bcgft.exe moved successfully. ========== REGISTRY ========== Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Alcmtr deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NWEReboot deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\DXDllRegExe deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully. Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{33b8ef8a-c972-11de-ade7-001cc08ee1c6}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33b8ef8a-c972-11de-ade7-001cc08ee1c6}\ not found. Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{601632e2-c970-11de-ade6-001cc08ee1c6}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{601632e2-c970-11de-ade6-001cc08ee1c6}\ not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: LocalService ->Temp folder emptied: 65984 bytes ->Temporary Internet Files folder emptied: 32902 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Sophie ->Temp folder emptied: 36672837 bytes ->Temporary Internet Files folder emptied: 69784590 bytes ->Java cache emptied: 25791749 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 2114937 bytes %systemroot%\System32 .tmp files removed: 2933248 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 2845538 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 134,00 mb OTM by OldTimer - Version 3.1.6.0 log created on 01212010_100237 Files moved on Reboot... Registry entries deleted on Reboot...

Bonjour Thanos, J'ai réinstallé ComboFix comme conseillé, mais il scanne toujours depuis midi... Il ne semble pas bloqué car le curseur fonctionne. La fenêtre bleue est ouverte normalement. Le même message qu'hier indiquant que le temps d'analyse en cas d'infection sévère de la machine peut facilement doubler. Je laisse tourner ou tu préfères qu'on agisse autrement ?

Si je parviens à la page pour sélectionner le mode sans échec, ça va tellement vite dans le processus du déroulement de Windows que je n'ai pas le temps de cliquer sur quoi que ce soit. Il se lance exactement comme d'habitude. Que faire ? Passer par msconfig pour le mettre dans ce mode plus simplement ?

Bonsoir Thanos, Oui, c'est bien Internet Explorer et Outlook Express. J'ai lancé le programme que tu m'as indiqué. Je n'avais pas de console de récupération, il l'a donc installé. Par contre, ça fait des heures qu'il est en recherche de fichiers infectés (autoscan) alors qu'il est indiqué que ça ne prend en général pas plus d'une dizaine de minutes, sauf infection. Dois-je le laisser tourner ? Le fait que mon écran se mette en veille et que je le réactive peut-il jouer dans la longueur du scan ? Que me conseilles-tu ? Merci.

Bonjour, Malware a détecté cette fois 15 infections. J'ai bien cliqué sur supprimer, puis relancé le PC. Internet, Explorer Express et autres ne fonctionnent toujours pas malgré la suppression. Normal ? Que faire ? Voici quelques rapports de ce matin : Logfile of random's system information tool 1.06 (written by random/random) Run by Sophie at 2010-01-19 09:37:00 Microsoft Windows XP Professionnel Service Pack 2 System drive C: has 2 GB (6%) free of 40 GB Total RAM: 1014 MB (61% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 09:37:06, on 19/01/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe C:\Program Files\HP\HP Software Update\HPWuSchd.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Network Associates\Common Framework\FrameworkService.exe C:\Program Files\Network Associates\VirusScan\Mcshield.exe C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\wscntfy.exe F:\Infection\RSIT.exe C:\Documents and Settings\Sophie\Bureau\Sophie.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [shStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe" O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe" O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 6793 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\WGASetup.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-12-10 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-12-10 73728] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-04-17 141848] "HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-04-17 166424] "Persistence"=C:\WINDOWS\system32\igfxpers.exe [2008-04-17 137752] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-04-17 16859648] "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-04-17 69632] "NWEReboot"= [] "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] "GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016] "ShStatEXE"=C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE [2004-09-22 94208] "McAfeeUpdaterUI"=C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe [2004-08-06 139320] "Network Associates Error Reporting Service"=C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe [2003-10-07 147514] "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd.exe [2003-06-25 49152] "DXDllRegExe"=dxdllreg.exe [] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-12-10 149280] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-11-10 417792] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-11-12 141600] "KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe [2005-11-24 94208] "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-08-04 1667584] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-03 15360] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2008-04-17 208896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0" "C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove" "C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0" "C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{33b8ef8a-c972-11de-ade7-001cc08ee1c6}] shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL ntldr.exe shell\´ò¿ª(&O)\command - ntldr.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{601632e2-c970-11de-ade6-001cc08ee1c6}] shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL ntldr.exe shell\´ò¿ª(&O)\command - H:\ntldr.exe ======List of files/folders created in the last 1 months====== 2010-01-18 22:52:07 ----D---- C:\rsit 2010-01-18 22:07:17 ----D---- C:\WINDOWS\Minidump 2010-01-18 22:06:27 ----A---- C:\ekfq.exe 2010-01-18 22:06:12 ----A---- C:\qrig.exe 2010-01-18 22:06:12 ----A---- C:\lshgrioa.exe 2010-01-18 22:06:12 ----A---- C:\lqyedbfe.exe 2010-01-18 22:06:12 ----A---- C:\bcgft.exe 2010-01-13 21:38:37 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$ 2010-01-13 21:38:25 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$ 2010-01-12 23:08:52 ----D---- C:\Program Files\Guitar Pro 5 2010-01-12 15:35:06 ----A---- C:\Documents and Settings\Sophie\Application Data\temp3159.txt 2010-01-09 19:22:14 ----A---- C:\Documents and Settings\Sophie\Application Data\temp20425.txt 2010-01-09 15:45:49 ----D---- C:\Documents and Settings\Sophie\Application Data\dvdcss 2010-01-09 11:07:29 ----A---- C:\Documents and Settings\Sophie\Application Data\temp21790.txt 2010-01-09 11:06:52 ----A---- C:\Documents and Settings\Sophie\Application Data\temp21669.txt 2010-01-08 17:44:01 ----D---- C:\Program Files\CDisplay 2010-01-08 17:04:19 ----D---- C:\Documents and Settings\Sophie\Application Data\JivaroPref 2010-01-04 22:32:51 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$ 2010-01-04 22:32:22 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$ 2010-01-04 22:31:55 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$ 2010-01-04 22:31:05 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$ 2010-01-03 18:31:31 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage 2010-01-03 18:25:42 ----HDC---- C:\WINDOWS\$NtUninstallKB926239$ 2010-01-03 18:25:23 ----N---- C:\WINDOWS\system32\spmsg.dll 2010-01-03 18:25:21 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$ 2010-01-03 18:25:11 ----A---- C:\WINDOWS\system32\wmpns.dll 2010-01-03 18:25:00 ----D---- C:\Program Files\Windows Media Connect 2 2010-01-03 18:24:47 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$ 2010-01-03 18:24:15 ----D---- C:\c7f5d1a7da81cdd19ff1668506c4404a 2010-01-03 18:23:51 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$ 2010-01-03 18:23:13 ----D---- C:\WINDOWS\system32\LogFiles 2010-01-03 18:23:07 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$ 2009-12-28 18:33:25 ----HDC---- C:\WINDOWS\$NtUninstallKB932823-v3$ 2009-12-26 12:37:49 ----D---- C:\Documents and Settings\Sophie\Application Data\Apple Computer 2009-12-26 12:37:21 ----A---- C:\WINDOWS\system32\GEARAspi.dll 2009-12-26 12:36:06 ----D---- C:\Program Files\iPod 2009-12-26 12:35:56 ----D---- C:\Program Files\iTunes 2009-12-26 12:35:56 ----D---- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} 2009-12-26 12:35:18 ----D---- C:\Program Files\Bonjour 2009-12-26 12:34:22 ----D---- C:\Program Files\QuickTime 2009-12-26 12:34:18 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer 2009-12-26 12:33:50 ----D---- C:\Program Files\Apple Software Update 2009-12-26 12:32:18 ----D---- C:\Program Files\Fichiers communs\Apple 2009-12-26 12:32:18 ----D---- C:\Documents and Settings\All Users\Application Data\Apple ======List of files/folders modified in the last 1 months====== 2010-01-19 09:37:02 ----D---- C:\WINDOWS\Prefetch 2010-01-19 08:49:29 ----D---- C:\WINDOWS\Temp 2010-01-19 08:44:01 ----D---- C:\WINDOWS 2010-01-19 06:05:25 ----D---- C:\WINDOWS\system32\drivers 2010-01-19 06:04:49 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-01-19 06:04:37 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$ 2010-01-18 23:09:40 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-01-18 23:09:32 ----D---- C:\WINDOWS\system32\CatRoot2 2010-01-18 22:08:33 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-01-18 22:06:26 ----D---- C:\WINDOWS\system32 2010-01-18 20:54:28 ----D---- C:\Documents and Settings\Sophie\Application Data\GrabIt 2010-01-17 12:13:46 ----A---- C:\WINDOWS\NeroDigital.ini 2010-01-14 08:25:41 ----D---- C:\WINDOWS\AppPatch 2010-01-13 21:38:43 ----HD---- C:\WINDOWS\inf 2010-01-13 21:38:36 ----HD---- C:\WINDOWS\$hf_mig$ 2010-01-13 21:38:32 ----A---- C:\WINDOWS\imsins.BAK 2010-01-13 18:31:12 ----D---- C:\Documents and Settings\Sophie\Application Data\vlc 2010-01-12 23:29:39 ----RSD---- C:\WINDOWS\Fonts 2010-01-12 23:08:52 ----RD---- C:\Program Files 2010-01-05 01:17:46 ----A---- C:\WINDOWS\system32\MRT.exe 2010-01-03 19:51:21 ----D---- C:\WINDOWS\system32\CatRoot 2010-01-03 18:25:12 ----A---- C:\WINDOWS\win.ini 2010-01-03 18:24:59 ----D---- C:\Program Files\Windows Media Player 2010-01-03 18:24:56 ----D---- C:\WINDOWS\Help 2009-12-26 12:37:54 ----SHD---- C:\WINDOWS\Installer 2009-12-26 12:37:21 ----DC---- C:\WINDOWS\system32\DRVSTORE 2009-12-26 12:33:55 ----SD---- C:\WINDOWS\Tasks 2009-12-26 12:33:16 ----D---- C:\WINDOWS\WinSxS 2009-12-26 12:32:18 ----D---- C:\Program Files\Fichiers communs ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2009-11-15 43488] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-03 40320] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848] R1 KGootkit;KGootkit; C:\WINDOWS\System32\drivers\KGootkit.sys [] R1 NaiAvTdi1;NaiAvTdi1; C:\WINDOWS\system32\drivers\mvstdi5x.sys [2004-09-22 58048] R3 EntDrv51;EntDrv51; \??\C:\WINDOWS\system32\drivers\EntDrv51.sys [] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600] R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752] R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-28 9600] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-04-17 5854752] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-04-17 4652544] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-28 12288] R3 NaiAvFilter1;NaiAvFilter1; C:\WINDOWS\system32\drivers\naiavf5x.sys [2004-09-22 108256] R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-04-17 105856] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480] S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [] S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys [] S2 pbnrq;pbnrq; \??\C:\WINDOWS\system32\drivers\eowxqytdpjrhvrv.sys [] S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2003-08-11 51056] S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2003-08-11 16496] S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2003-08-11 21488] S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-12-10 153376] R2 McAfeeFramework;McAfee Framework Service; C:\Program Files\Network Associates\Common Framework\FrameworkService.exe [2004-08-06 102463] R2 McShield;Network Associates McShield; C:\Program Files\Network Associates\VirusScan\Mcshield.exe [2004-09-22 221191] R2 McTaskManager;Network Associates Task Manager; C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe [2004-09-22 28672] R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-11-12 545568] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2003-08-11 65795] S3 usnsvc;Service Messenger Sharing USN Journal Reader; C:\WINDOWS\system32\svchost.exe [2004-08-03 14336] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-03 14336] -----------------EOF----------------- Malwarebytes' Anti-Malware 1.44 Version de la base de données: 3595 Windows 5.1.2600 Service Pack 2 Internet Explorer 6.0.2900.2180 19/01/2010 06:01:30 mbam-log-2010-01-19 (06-01-18).txt Type de recherche: Examen complet (C:\|D:\|E:\|G:\|H:\|) Eléments examinés: 206108 Temps écoulé: 1 hour(s), 9 minute(s), 20 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 3 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 12 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken. Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\csrrss.exe (Trojan.Dropper) -> No action taken. C:\dllhost.exe (Trojan.Dropper) -> No action taken. C:\iexplorre.exe (Trojan.Dropper) -> No action taken. C:\iymfsrlv.exe (Trojan.Downloader) -> No action taken. C:\svvchost.exe (Trojan.Dropper) -> No action taken. C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\0HEFK5Y3\wcvsg[1].htm (Trojan.Downloader) -> No action taken. C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\CL6389E7\yrbbppqzna[1].htm (Trojan.Agent) -> No action taken. C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\OH6701MF\yrbbppqzna[1].htm (Trojan.Agent) -> No action taken. C:\Documents and Settings\Sophie\Mes documents\GrabIt Downloads\Francky Vincent - Mon Fest of (2009)-(bjt-resurrection net) .exe (Trojan.Agent) -> No action taken. C:\WINDOWS\Temp\5F.tmp (Rootkit.TDSS) -> No action taken. C:\WINDOWS\Temp\60.tmp (Rootkit.TDSS) -> No action taken. C:\WINDOWS\Temp\62.tmp (Rootkit.TDSS) -> No action taken.

En effet, ne sachant que faire devant toutes ces infections, j'ai préféré avoir l'avis d'ici avant de supprimer quoique ce soit, surtout Internet Explorer. En fait, il n'y a pas qu'Explorer qui ne fonctionne plus, Outlook Express, Windows Media Player ne s'ouvrent pas davantage. C'est grave doc ? Je vais lancer Malware toute la nuit pour qu'il repère les éléments infectés. Je te posterai le tout après.

De retour. Rapport Log : Logfile of random's system information tool 1.06 (written by random/random) Run by Sophie at 2010-01-18 22:52:07 Microsoft Windows XP Professionnel Service Pack 2 System drive C: has 2 GB (6%) free of 40 GB Total RAM: 1014 MB (58% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:52:12, on 18/01/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\HP\HP Software Update\HPWuSchd.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Network Associates\Common Framework\FrameworkService.exe C:\Program Files\Network Associates\VirusScan\Mcshield.exe C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\iPod\bin\iPodService.exe F:\Infection\RSIT.exe C:\Documents and Settings\Sophie\Bureau\Sophie.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [shStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe" O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe" O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 6885 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\WGASetup.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-12-10 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-12-10 73728] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-04-17 141848] "HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-04-17 166424] "Persistence"=C:\WINDOWS\system32\igfxpers.exe [2008-04-17 137752] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-04-17 16859648] "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-04-17 69632] "NWEReboot"= [] "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] "GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016] "ShStatEXE"=C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE [2004-09-22 94208] "McAfeeUpdaterUI"=C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe [2004-08-06 139320] "Network Associates Error Reporting Service"=C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe [2003-10-07 147514] "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd.exe [2003-06-25 49152] "DXDllRegExe"=dxdllreg.exe [] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-12-10 149280] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-11-10 417792] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-11-12 141600] "KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k [] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2010-01-07 429392] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe [2005-11-24 94208] "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-08-04 1667584] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-03 15360] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2008-04-17 208896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0" "C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove" "C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0" "C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{33b8ef8a-c972-11de-ade7-001cc08ee1c6}] shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL ntldr.exe shell\´ò¿ª(&O)\command - ntldr.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{601632e2-c970-11de-ade6-001cc08ee1c6}] shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL ntldr.exe shell\´ò¿ª(&O)\command - H:\ntldr.exe ======List of files/folders created in the last 3 months====== 2010-01-18 22:52:07 ----D---- C:\rsit 2010-01-18 22:07:17 ----D---- C:\WINDOWS\Minidump 2010-01-18 22:06:27 ----A---- C:\ekfq.exe 2010-01-18 22:06:12 ----A---- C:\qrig.exe 2010-01-18 22:06:12 ----A---- C:\lshgrioa.exe 2010-01-18 22:06:12 ----A---- C:\lqyedbfe.exe 2010-01-18 22:06:12 ----A---- C:\iymfsrlv.exe 2010-01-18 22:06:12 ----A---- C:\bcgft.exe 2010-01-16 17:00:15 ----A---- C:\svvchost.exe 2010-01-16 17:00:11 ----A---- C:\dllhost.exe 2010-01-16 17:00:07 ----A---- C:\iexplorre.exe 2010-01-16 16:59:46 ----A---- C:\csrrss.exe 2010-01-13 21:38:37 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$ 2010-01-13 21:38:25 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$ 2010-01-12 23:08:52 ----D---- C:\Program Files\Guitar Pro 5 2010-01-12 15:35:06 ----A---- C:\Documents and Settings\Sophie\Application Data\temp3159.txt 2010-01-09 19:22:14 ----A---- C:\Documents and Settings\Sophie\Application Data\temp20425.txt 2010-01-09 15:45:49 ----D---- C:\Documents and Settings\Sophie\Application Data\dvdcss 2010-01-09 11:07:29 ----A---- C:\Documents and Settings\Sophie\Application Data\temp21790.txt 2010-01-09 11:06:52 ----A---- C:\Documents and Settings\Sophie\Application Data\temp21669.txt 2010-01-08 17:44:01 ----D---- C:\Program Files\CDisplay 2010-01-08 17:04:19 ----D---- C:\Documents and Settings\Sophie\Application Data\JivaroPref 2010-01-04 22:32:51 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$ 2010-01-04 22:32:22 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$ 2010-01-04 22:31:55 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$ 2010-01-04 22:31:05 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$ 2010-01-03 18:31:31 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage 2010-01-03 18:25:42 ----HDC---- C:\WINDOWS\$NtUninstallKB926239$ 2010-01-03 18:25:23 ----N---- C:\WINDOWS\system32\spmsg.dll 2010-01-03 18:25:21 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$ 2010-01-03 18:25:11 ----A---- C:\WINDOWS\system32\wmpns.dll 2010-01-03 18:25:00 ----D---- C:\Program Files\Windows Media Connect 2 2010-01-03 18:24:47 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$ 2010-01-03 18:24:15 ----D---- C:\c7f5d1a7da81cdd19ff1668506c4404a 2010-01-03 18:23:51 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$ 2010-01-03 18:23:13 ----D---- C:\WINDOWS\system32\LogFiles 2010-01-03 18:23:07 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$ 2009-12-28 18:33:25 ----HDC---- C:\WINDOWS\$NtUninstallKB932823-v3$ 2009-12-26 12:37:49 ----D---- C:\Documents and Settings\Sophie\Application Data\Apple Computer 2009-12-26 12:37:21 ----A---- C:\WINDOWS\system32\GEARAspi.dll 2009-12-26 12:36:06 ----D---- C:\Program Files\iPod 2009-12-26 12:35:56 ----D---- C:\Program Files\iTunes 2009-12-26 12:35:56 ----D---- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} 2009-12-26 12:35:18 ----D---- C:\Program Files\Bonjour 2009-12-26 12:34:22 ----D---- C:\Program Files\QuickTime 2009-12-26 12:34:18 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer 2009-12-26 12:33:50 ----D---- C:\Program Files\Apple Software Update 2009-12-26 12:32:18 ----D---- C:\Program Files\Fichiers communs\Apple 2009-12-26 12:32:18 ----D---- C:\Documents and Settings\All Users\Application Data\Apple 2009-12-17 17:57:27 ----A---- C:\WINDOWS\system32\MRT.exe 2009-12-10 08:18:35 ----A---- C:\WINDOWS\system32\javaws.exe 2009-12-10 08:18:35 ----A---- C:\WINDOWS\system32\javaw.exe 2009-12-10 08:18:35 ----A---- C:\WINDOWS\system32\java.exe 2009-12-10 08:18:35 ----A---- C:\WINDOWS\system32\deploytk.dll 2009-12-09 21:23:42 ----D---- C:\WINDOWS\Sun 2009-12-09 21:23:42 ----D---- C:\Documents and Settings\Sophie\Application Data\Sun 2009-12-09 21:22:34 ----D---- C:\Program Files\Java 2009-12-09 21:22:13 ----D---- C:\Program Files\Fichiers communs\Java 2009-12-09 08:45:23 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$ 2009-12-09 08:45:14 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$ 2009-12-09 08:44:53 ----HDC---- C:\WINDOWS\$NtUninstallKB976325$ 2009-12-09 08:44:43 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$ 2009-12-09 08:44:35 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$ 2009-12-09 08:44:24 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$ 2009-12-05 09:03:38 ----HDC---- C:\WINDOWS\$NtUninstallKB976749$ 2009-12-04 08:48:19 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$ 2009-12-04 08:48:10 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$ 2009-12-04 08:48:00 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$ 2009-12-04 08:47:51 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$ 2009-12-04 08:47:42 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$ 2009-12-04 08:47:32 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$ 2009-12-04 08:47:22 ----HDC---- C:\WINDOWS\$NtUninstallKB935448$ 2009-12-04 08:47:00 ----HDC---- C:\WINDOWS\$NtUninstallKB974455$ 2009-12-04 08:46:46 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$ 2009-12-04 08:46:38 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$ 2009-12-04 08:46:33 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$ 2009-12-04 08:46:31 ----D---- C:\WINDOWS\system32\KB905474 2009-12-04 08:46:13 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$ 2009-12-04 08:46:03 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2$ 2009-12-04 08:45:54 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$ 2009-12-04 08:45:45 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$ 2009-12-04 08:45:37 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$ 2009-12-04 08:45:29 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$ 2009-12-04 08:45:20 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$ 2009-12-04 08:45:03 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$ 2009-12-04 08:44:48 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$ 2009-12-04 08:44:40 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$ 2009-12-04 08:44:32 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$ 2009-12-04 08:44:26 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$ 2009-12-04 08:44:16 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$ 2009-12-04 08:44:11 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$ 2009-12-04 08:44:02 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$ 2009-12-04 08:43:52 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$ 2009-12-04 08:43:41 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$ 2009-12-04 08:43:31 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$ 2009-12-04 08:43:22 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$ 2009-12-04 08:43:12 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$ 2009-12-04 08:43:04 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$ 2009-12-04 08:42:56 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$ 2009-12-04 08:42:48 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$ 2009-12-04 08:42:40 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$ 2009-12-04 08:42:31 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$ 2009-12-04 08:42:18 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$ 2009-12-04 08:42:06 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$ 2009-12-04 08:41:53 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$ 2009-12-04 08:41:40 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$ 2009-12-04 08:41:29 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$ 2009-12-04 08:41:11 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$ 2009-12-04 08:40:56 ----D---- C:\WINDOWS\ServicePackFiles 2009-12-04 08:40:53 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$ 2009-12-04 08:40:41 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$ 2009-12-04 08:40:29 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$ 2009-12-04 08:38:32 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$ 2009-12-04 08:38:19 ----HDC---- C:\WINDOWS\$NtUninstallKB971032$ 2009-12-04 08:38:08 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$ 2009-12-04 08:37:58 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$ 2009-12-04 08:37:50 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$ 2009-12-04 08:37:02 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$ 2009-12-04 08:36:50 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$ 2009-12-04 08:36:41 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$ 2009-12-04 08:36:29 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$ 2009-12-04 08:36:13 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$ 2009-12-03 08:41:48 ----D---- C:\WINDOWS\system32\CatRoot_bak 2009-12-03 08:38:59 ----N---- C:\WINDOWS\system32\tzchange.exe 2009-12-02 22:32:37 ----D---- C:\WINDOWS\system32\PreInstall 2009-12-02 22:32:34 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$ 2009-12-02 22:32:34 ----HD---- C:\WINDOWS\$hf_mig$ 2009-12-02 22:05:27 ----D---- C:\WINDOWS\system32\SoftwareDistribution 2009-11-28 20:28:03 ----D---- C:\Program Files\Spybot - Search & Destroy 2009-11-28 20:28:03 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2009-11-28 16:11:51 ----D---- C:\ToolBar SD 2009-11-28 13:49:51 ----D---- C:\Documents and Settings\Sophie\Application Data\Malwarebytes 2009-11-28 13:49:43 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-11-28 13:49:43 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2009-11-24 22:14:33 ----D---- C:\Documents and Settings\Sophie\Application Data\vlc 2009-11-23 20:32:37 ----A---- C:\Documents and Settings\Sophie\Application Data\temp11623.txt 2009-11-23 20:31:35 ----A---- C:\Documents and Settings\Sophie\Application Data\temp11421.txt 2009-11-15 13:00:58 ----D---- C:\Program Files\Fichiers communs\Hewlett-Packard 2009-11-15 12:58:07 ----D---- C:\Program Files\Fichiers communs\HP 2009-11-15 12:55:48 ----RSD---- C:\WINDOWS\assembly 2009-11-15 12:55:48 ----D---- C:\WINDOWS\Microsoft.NET 2009-11-15 12:55:46 ----D---- C:\WINDOWS\system32\URTTemp 2009-11-15 12:51:21 ----D---- C:\Program Files\HP 2009-11-13 23:06:28 ----D---- C:\Program Files\VideoLAN 2009-11-13 23:00:38 ----D---- C:\Program Files\QuickPar 2009-11-13 21:18:37 ----D---- C:\Documents and Settings\Sophie\Application Data\GrabIt 2009-11-13 21:00:47 ----D---- C:\Program Files\GrabIt 2009-11-12 22:05:12 ----D---- C:\Program Files\Fichiers communs\Cisco Systems 2009-11-12 22:04:51 ----D---- C:\Documents and Settings\All Users\Application Data\Network Associates 2009-11-12 22:04:38 ----D---- C:\Program Files\Network Associates 2009-11-12 22:04:38 ----D---- C:\Program Files\Fichiers communs\Network Associates 2009-11-12 21:28:48 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe 2009-11-12 21:28:37 ----D---- C:\Program Files\Fichiers communs\Adobe 2009-11-12 21:28:37 ----D---- C:\Program Files\Adobe 2009-11-12 21:24:06 ----A---- C:\WINDOWS\system32\msonpmon.dll 2009-11-12 21:22:33 ----D---- C:\Program Files\Microsoft Works 2009-11-12 21:22:20 ----D---- C:\Program Files\MSBuild 2009-11-12 21:21:53 ----D---- C:\Program Files\Microsoft Visual Studio 2009-11-12 21:21:53 ----D---- C:\Program Files\Fichiers communs\DESIGNER 2009-11-12 21:17:39 ----D---- C:\WINDOWS\SHELLNEW 2009-11-12 21:17:10 ----D---- C:\Program Files\Microsoft Office 2009-11-12 21:17:07 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help 2009-11-12 21:16:25 ----RHD---- C:\MSOCache 2009-11-08 13:15:15 ----D---- C:\Documents and Settings\Sophie\Application Data\Adobe 2009-11-07 12:45:41 ----D---- C:\Documents and Settings\Sophie\Application Data\Macromedia 2009-11-04 21:42:56 ----A---- C:\WINDOWS\system32\hidserv.dll 2009-11-04 19:55:51 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$ 2009-11-04 19:54:57 ----SHD---- C:\RECYCLER 2009-11-04 19:54:20 ----D---- C:\Documents and Settings\Sophie\Application Data\WinRAR 2009-11-04 19:43:21 ----D---- C:\Program Files\MSN Messenger 2009-11-04 19:42:45 ----D---- C:\Documents and Settings\Sophie\Application Data\Skype 2009-11-04 19:42:42 ----D---- C:\Program Files\Fichiers communs\Skype 2009-11-04 19:42:30 ----D---- C:\Documents and Settings\All Users\Application Data\Skype 2009-11-04 19:42:26 ----D---- C:\Program Files\Skype 2009-11-04 19:39:34 ----A---- C:\WINDOWS\NeroDigital.ini 2009-11-04 19:35:03 ----D---- C:\Documents and Settings\Sophie\Application Data\Ahead 2009-11-04 19:34:40 ----D---- C:\Program Files\WinRAR 2009-11-04 19:33:54 ----D---- C:\Program Files\Nero 2009-11-04 19:33:54 ----D---- C:\Program Files\Fichiers communs\Ahead 2009-11-04 19:19:07 ----A---- C:\WINDOWS\system32\h323log.txt 2009-11-04 19:15:49 ----A---- C:\WINDOWS\system32\usbui.dll 2009-11-04 19:14:05 ----A---- C:\WINDOWS\imsins.BAK 2009-11-04 19:14:01 ----SHD---- C:\WINDOWS\Installer 2009-11-04 19:14:01 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-11-04 19:14:00 ----D---- C:\Program Files\Fichiers communs\ODBC 2009-11-04 19:14:00 ----A---- C:\WINDOWS\ODBCINST.INI 2009-11-04 19:13:56 ----D---- C:\Program Files\Fichiers communs\SpeechEngines 2009-11-04 19:13:55 ----RD---- C:\Program Files 2009-11-04 19:13:55 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared 2009-11-04 19:13:55 ----D---- C:\Program Files\Fichiers communs 2009-11-04 19:13:51 ----RA---- C:\WINDOWS\system32\kbdtuq.dll 2009-11-04 19:13:51 ----RA---- C:\WINDOWS\system32\kbdtuf.dll 2009-11-04 19:13:51 ----RA---- C:\WINDOWS\system32\kbdazel.dll 2009-11-04 19:13:49 ----RA---- C:\WINDOWS\system32\kbdtat.dll 2009-11-04 19:13:49 ----RA---- C:\WINDOWS\system32\kbdmon.dll 2009-11-04 19:13:49 ----RA---- C:\WINDOWS\system32\kbdkyr.dll 2009-11-04 19:13:48 ----RA---- C:\WINDOWS\system32\kbdycc.dll 2009-11-04 19:13:48 ----RA---- C:\WINDOWS\system32\kbduzb.dll 2009-11-04 19:13:48 ----RA---- C:\WINDOWS\system32\kbdur.dll 2009-11-04 19:13:48 ----RA---- C:\WINDOWS\system32\kbdru1.dll 2009-11-04 19:13:48 ----RA---- C:\WINDOWS\system32\kbdru.dll 2009-11-04 19:13:48 ----RA---- C:\WINDOWS\system32\kbdkaz.dll 2009-11-04 19:13:48 ----RA---- C:\WINDOWS\system32\kbdbu.dll 2009-11-04 19:13:48 ----RA---- C:\WINDOWS\system32\kbdblr.dll 2009-11-04 19:13:48 ----RA---- C:\WINDOWS\system32\kbdaze.dll 2009-11-04 19:13:46 ----RA---- C:\WINDOWS\system32\kbdhept.dll 2009-11-04 19:13:46 ----RA---- C:\WINDOWS\system32\kbdhela3.dll 2009-11-04 19:13:46 ----RA---- C:\WINDOWS\system32\kbdhela2.dll 2009-11-04 19:13:46 ----RA---- C:\WINDOWS\system32\kbdhe319.dll 2009-11-04 19:13:46 ----RA---- C:\WINDOWS\system32\kbdhe220.dll 2009-11-04 19:13:46 ----RA---- C:\WINDOWS\system32\kbdhe.dll 2009-11-04 19:13:46 ----RA---- C:\WINDOWS\system32\kbdgkl.dll 2009-11-04 19:13:44 ----RA---- C:\WINDOWS\system32\kbdlv1.dll 2009-11-04 19:13:44 ----RA---- C:\WINDOWS\system32\kbdlv.dll 2009-11-04 19:13:44 ----RA---- C:\WINDOWS\system32\kbdlt1.dll 2009-11-04 19:13:44 ----RA---- C:\WINDOWS\system32\kbdlt.dll 2009-11-04 19:13:44 ----RA---- C:\WINDOWS\system32\kbdest.dll 2009-11-04 19:13:42 ----RA---- C:\WINDOWS\system32\kbdycl.dll 2009-11-04 19:13:42 ----RA---- C:\WINDOWS\system32\kbdsl1.dll 2009-11-04 19:13:42 ----RA---- C:\WINDOWS\system32\kbdsl.dll 2009-11-04 19:13:42 ----RA---- C:\WINDOWS\system32\kbdro.dll 2009-11-04 19:13:42 ----RA---- C:\WINDOWS\system32\kbdpl1.dll 2009-11-04 19:13:42 ----RA---- C:\WINDOWS\system32\kbdpl.dll 2009-11-04 19:13:42 ----RA---- C:\WINDOWS\system32\kbdhu1.dll 2009-11-04 19:13:42 ----RA---- C:\WINDOWS\system32\kbdhu.dll 2009-11-04 19:13:42 ----RA---- C:\WINDOWS\system32\kbdcz2.dll 2009-11-04 19:13:42 ----RA---- C:\WINDOWS\system32\kbdcz1.dll 2009-11-04 19:13:42 ----RA---- C:\WINDOWS\system32\kbdcz.dll 2009-11-04 19:13:42 ----RA---- C:\WINDOWS\system32\kbdcr.dll 2009-11-04 19:13:42 ----RA---- C:\WINDOWS\system32\KBDAL.DLL 2009-11-04 19:13:38 ----A---- C:\WINDOWS\system32\spxcoins.dll 2009-11-04 19:13:38 ----A---- C:\WINDOWS\system32\irclass.dll 2009-11-04 19:13:38 ----A---- C:\WINDOWS\system32\EqnClass.Dll 2009-11-04 19:13:38 ----A---- C:\WINDOWS\system32\dgsetup.dll 2009-11-04 19:13:38 ----A---- C:\WINDOWS\system32\dgrpsetu.dll 2009-11-04 19:13:35 ----N---- C:\WINDOWS\system32\CONFIG.TMP 2009-11-04 19:13:35 ----A---- C:\WINDOWS\TASKMAN.EXE 2009-11-04 19:13:35 ----A---- C:\WINDOWS\system32\batt.dll 2009-11-04 19:13:34 ----A---- C:\WINDOWS\NOTEPAD.EXE 2009-11-04 19:13:33 ----A---- C:\WINDOWS\system32\storprop.dll 2009-11-04 19:13:21 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini 2009-11-04 19:13:15 ----RA---- C:\WINDOWS\SET8.tmp 2009-11-04 19:13:11 ----RA---- C:\WINDOWS\SET4.tmp 2009-11-04 19:13:10 ----RA---- C:\WINDOWS\SET3.tmp 2009-11-04 19:13:05 ----D---- C:\WINDOWS\system32\CatRoot2 2009-11-04 19:13:05 ----D---- C:\WINDOWS\system32\CatRoot 2009-11-04 19:12:59 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2009-11-04 19:12:41 ----A---- C:\WINDOWS\setuplog.txt 2009-11-04 19:12:37 ----D---- C:\Documents and Settings 2009-11-04 19:12:36 ----SHD---- C:\System Volume Information 2009-11-04 19:11:50 ----SH---- C:\boot.ini 2009-11-04 19:07:37 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-11-04 19:07:37 ----RSD---- C:\WINDOWS\Fonts 2009-11-04 19:07:37 ----RD---- C:\WINDOWS\Web 2009-11-04 19:07:37 ----HD---- C:\WINDOWS\inf 2009-11-04 19:07:37 ----D---- C:\WINDOWS\WinSxS 2009-11-04 19:07:37 ----D---- C:\WINDOWS\twain_32 2009-11-04 19:07:37 ----D---- C:\WINDOWS\Temp 2009-11-04 19:07:37 ----D---- C:\WINDOWS\system32\wins 2009-11-04 19:07:37 ----D---- C:\WINDOWS\system32\wbem 2009-11-04 19:07:37 ----D---- C:\WINDOWS\system32\usmt 2009-11-04 19:07:37 ----D---- C:\WINDOWS\system32\spool 2009-11-04 19:07:37 ----D---- C:\WINDOWS\system32\ShellExt 2009-11-04 19:07:37 ----D---- C:\WINDOWS\system32\Setup 2009-11-04 19:07:37 ----D---- C:\WINDOWS\system32\ras 2009-11-04 19:07:37 ----D---- C:\WINDOWS\system32\oobe 2009-11-04 19:07:37 ----D---- C:\WINDOWS\system32\npp 2009-11-04 19:07:37 ----D---- C:\WINDOWS\system32\mui 2009-11-04 19:07:37 ----D---- C:\WINDOWS\system32\inetsrv 2009-11-04 19:07:37 ----D---- C:\WINDOWS\system32\IME 2009-11-04 19:07:37 ----D---- C:\WINDOWS\system32\icsxml 2009-11-04 19:07:37 ----D---- C:\WINDOWS\system32\ias 2009-11-04 19:07:37 ----D---- C:\WINDOWS\system32\export 2009-11-04 19:07:37 ----D---- C:\WINDOWS\system32\drivers 2009-11-04 19:07:37 ----D---- C:\WINDOWS\system32\dhcp 2009-11-04 19:07:37 ----D---- C:\WINDOWS\system32\config 2009-11-04 19:07:37 ----D---- C:\WINDOWS\system32\3com_dmi 2009-11-04 19:07:37 ----D---- C:\WINDOWS\system32\3076 2009-11-04 19:07:37 ----D---- C:\WINDOWS\system32\2052 2009-11-04 19:07:37 ----D---- C:\WINDOWS\system32\1054 2009-11-04 19:07:37 ----D---- C:\WINDOWS\system32\1042 2009-11-04 19:07:37 ----D---- C:\WINDOWS\system32\1041 2009-11-04 19:07:37 ----D---- C:\WINDOWS\system32\1037 2009-11-04 19:07:37 ----D---- C:\WINDOWS\system32\1036 2009-11-04 19:07:37 ----D---- C:\WINDOWS\system32\1033 2009-11-04 19:07:37 ----D---- C:\WINDOWS\system32\1031 2009-11-04 19:07:37 ----D---- C:\WINDOWS\system32\1028 2009-11-04 19:07:37 ----D---- C:\WINDOWS\system32\1025 2009-11-04 19:07:37 ----D---- C:\WINDOWS\system32 2009-11-04 19:07:37 ----D---- C:\WINDOWS\system 2009-11-04 19:07:37 ----D---- C:\WINDOWS\security 2009-11-04 19:07:37 ----D---- C:\WINDOWS\Resources 2009-11-04 19:07:37 ----D---- C:\WINDOWS\repair 2009-11-04 19:07:37 ----D---- C:\WINDOWS\Provisioning 2009-11-04 19:07:37 ----D---- C:\WINDOWS\PeerNet 2009-11-04 19:07:37 ----D---- C:\WINDOWS\pchealth 2009-11-04 19:07:37 ----D---- C:\WINDOWS\mui 2009-11-04 19:07:37 ----D---- C:\WINDOWS\msapps 2009-11-04 19:07:37 ----D---- C:\WINDOWS\msagent 2009-11-04 19:07:37 ----D---- C:\WINDOWS\Media 2009-11-04 19:07:37 ----D---- C:\WINDOWS\java 2009-11-04 19:07:37 ----D---- C:\WINDOWS\ime 2009-11-04 19:07:37 ----D---- C:\WINDOWS\Help 2009-11-04 19:07:37 ----D---- C:\WINDOWS\ehome 2009-11-04 19:07:37 ----D---- C:\WINDOWS\Driver Cache 2009-11-04 19:07:37 ----D---- C:\WINDOWS\Debug 2009-11-04 19:07:37 ----D---- C:\WINDOWS\Cursors 2009-11-04 19:07:37 ----D---- C:\WINDOWS\Connection Wizard 2009-11-04 19:07:37 ----D---- C:\WINDOWS\Config 2009-11-04 19:07:37 ----D---- C:\WINDOWS\AppPatch 2009-11-04 19:07:37 ----D---- C:\WINDOWS\addins 2009-11-04 19:07:37 ----D---- C:\WINDOWS 2009-11-04 18:44:42 ----RA---- C:\WINDOWS\system32\igfxres.dll 2009-11-04 18:43:41 ----RA---- C:\WINDOWS\system32\RtkCoInst.dll 2009-11-04 18:43:41 ----R---- C:\WINDOWS\system32\ChCfg.exe 2009-11-04 18:43:40 ----RA---- C:\WINDOWS\system32\SRSTSHD.dll 2009-11-04 18:43:40 ----RA---- C:\WINDOWS\system32\SRSHP360.dll 2009-11-04 18:43:40 ----RA---- C:\WINDOWS\system32\RtkApoApi.dll 2009-11-04 18:43:40 ----RA---- C:\WINDOWS\system32\maxxaudioapo.dll 2009-11-04 18:43:39 ----RA---- C:\WINDOWS\system32\SRSWOW.dll 2009-11-04 18:43:39 ----RA---- C:\WINDOWS\system32\SRSTSXT.dll 2009-11-04 18:43:38 ----RA---- C:\WINDOWS\system32\RtkPgExt.dll 2009-11-04 18:43:36 ----RA---- C:\WINDOWS\system32\RtkAPO.dll 2009-11-04 18:43:30 ----RA---- C:\WINDOWS\RtHDVCpl.exe 2009-11-04 18:43:13 ----D---- C:\WINDOWS\system32\RTCOM 2009-11-04 18:43:09 ----A---- C:\WINDOWS\system32\ksuser.dll 2009-11-04 18:42:19 ----A---- C:\WINDOWS\system32\spupdsvc.exe 2009-11-04 18:42:18 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$ 2009-11-04 18:42:14 ----R---- C:\WINDOWS\SoundMan.exe 2009-11-04 18:42:12 ----R---- C:\WINDOWS\SkyTel.exe 2009-11-04 18:42:10 ----R---- C:\WINDOWS\RtlUpd.exe 2009-11-04 18:42:02 ----R---- C:\WINDOWS\RTLCPL.exe 2009-11-04 18:41:43 ----R---- C:\WINDOWS\RTHDCPL.exe 2009-11-04 18:41:41 ----R---- C:\WINDOWS\MicCal.exe 2009-11-04 18:41:35 ----R---- C:\WINDOWS\Alcmtr.exe 2009-11-04 18:41:33 ----R---- C:\WINDOWS\alcwzrd.exe 2009-11-04 18:41:27 ----R---- C:\WINDOWS\RtlExUpd.dll 2009-11-04 18:41:27 ----A---- C:\WINDOWS\HideWin.exe 2009-11-04 18:41:21 ----D---- C:\Program Files\Fichiers communs\InstallShield 2009-11-04 18:39:59 ----D---- C:\WINDOWS\OPTIONS 2009-11-04 18:39:59 ----D---- C:\Program Files\Realtek 2009-11-04 18:39:56 ----HD---- C:\Program Files\InstallShield Installation Information 2009-11-04 18:39:51 ----D---- C:\Documents and Settings\Sophie\Application Data\InstallShield 2009-11-04 18:39:32 ----RA---- C:\WINDOWS\system32\iglicd32.dll 2009-11-04 18:39:32 ----RA---- C:\WINDOWS\system32\igldev32.dll 2009-11-04 18:39:32 ----RA---- C:\WINDOWS\system32\igfxext.exe 2009-11-04 18:39:32 ----RA---- C:\WINDOWS\system32\igfxexps.dll 2009-11-04 18:39:32 ----RA---- C:\WINDOWS\system32\igfxCoIn_v4926.dll 2009-11-04 18:39:31 ----RA---- C:\WINDOWS\system32\igxprd32.dll 2009-11-04 18:39:31 ----RA---- C:\WINDOWS\system32\igxpgd32.dll 2009-11-04 18:39:31 ----RA---- C:\WINDOWS\system32\igxpdx32.dll 2009-11-04 18:39:31 ----RA---- C:\WINDOWS\system32\igxpdv32.dll 2009-11-04 18:39:31 ----RA---- C:\WINDOWS\system32\igfxzoom.exe 2009-11-04 18:39:31 ----RA---- C:\WINDOWS\system32\igfxtray.exe 2009-11-04 18:39:31 ----RA---- C:\WINDOWS\system32\igfxsrvc.exe 2009-11-04 18:39:31 ----RA---- C:\WINDOWS\system32\igfxsrvc.dll 2009-11-04 18:39:31 ----RA---- C:\WINDOWS\system32\igfxress.dll 2009-11-04 18:39:31 ----RA---- C:\WINDOWS\system32\igfxpph.dll 2009-11-04 18:39:31 ----RA---- C:\WINDOWS\system32\igfxpers.exe 2009-11-04 18:39:31 ----RA---- C:\WINDOWS\system32\igfxdo.dll 2009-11-04 18:39:31 ----RA---- C:\WINDOWS\system32\igfxdev.dll 2009-11-04 18:39:31 ----RA---- C:\WINDOWS\system32\igfxcfg.exe 2009-11-04 18:39:31 ----RA---- C:\WINDOWS\system32\hkcmd.exe 2009-11-04 18:39:31 ----RA---- C:\WINDOWS\system32\hccutils.dll 2009-11-04 18:38:57 ----D---- C:\WINDOWS\system32\Lang 2009-11-04 18:38:56 ----RA---- C:\WINDOWS\system32\difxapi.dll 2009-11-04 18:38:55 ----RA---- C:\WINDOWS\system32\igxpun.exe 2009-11-04 18:35:14 ----D---- C:\WINDOWS\system32\ReinstallBackups 2009-11-04 18:35:11 ----DC---- C:\WINDOWS\system32\DRVSTORE 2009-11-04 18:35:11 ----D---- C:\Program Files\Intel 2009-11-04 18:35:11 ----A---- C:\WINDOWS\system32\CSVer.dll 2009-11-04 18:35:03 ----D---- C:\Intel 2009-11-04 18:34:09 ----D---- C:\Program Files\MSXML 4.0 2009-11-04 18:33:54 ----D---- C:\TempEI4 2009-11-04 18:31:23 ----D---- C:\Documents and Settings\Sophie\Application Data\Identities 2009-11-04 18:31:21 ----HD---- C:\Program Files\Uninstall Information 2009-11-04 18:31:13 ----SD---- C:\Documents and Settings\Sophie\Application Data\Microsoft 2009-11-04 18:31:13 ----ASH---- C:\Documents and Settings\Sophie\Application Data\desktop.ini 2009-11-04 18:30:35 ----D---- C:\WINDOWS\SoftwareDistribution 2009-11-04 18:30:33 ----D---- C:\WINDOWS\Prefetch 2009-11-04 18:30:32 ----SD---- C:\WINDOWS\system32\Microsoft 2009-11-04 18:30:29 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-11-04 18:26:29 ----D---- C:\WINDOWS\system32\xircom 2009-11-04 18:26:29 ----D---- C:\Program Files\xerox 2009-11-04 18:26:29 ----D---- C:\Program Files\microsoft frontpage 2009-11-04 18:26:06 ----A---- C:\WINDOWS\control.ini 2009-11-04 18:26:06 ----A---- C:\AUTOEXEC.BAT 2009-11-04 18:25:52 ----A---- C:\WINDOWS\OEWABLog.txt 2009-11-04 18:25:47 ----A---- C:\WINDOWS\system32\mapi32.dll 2009-11-04 18:24:29 ----SD---- C:\WINDOWS\Downloaded Program Files 2009-11-04 18:24:29 ----RD---- C:\WINDOWS\Offline Web Pages 2009-11-04 18:24:29 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest 2009-11-04 18:24:19 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest 2009-11-04 18:24:13 ----HD---- C:\Program Files\WindowsUpdate 2009-11-04 18:24:07 ----D---- C:\Program Files\Services en ligne 2009-11-04 18:23:47 ----D---- C:\WINDOWS\system32\DirectX 2009-11-04 18:23:26 ----A---- C:\WINDOWS\system32\atrace.dll 2009-11-04 18:23:23 ----A---- C:\WINDOWS\system32\desktop.ini 2009-11-04 18:23:23 ----A---- C:\WINDOWS\desktop.ini 2009-11-04 18:23:17 ----A---- C:\WINDOWS\system32\nmevtmsg.dll 2009-11-04 18:23:15 ----D---- C:\Program Files\Fichiers communs\Services 2009-11-04 18:23:15 ----A---- C:\WINDOWS\system32\acctres.dll 2009-11-04 18:23:12 ----SD---- C:\WINDOWS\Tasks 2009-11-04 18:23:12 ----A---- C:\WINDOWS\system32\icfgnt5.dll 2009-11-04 18:23:11 ----D---- C:\Program Files\Fichiers communs\MSSoap 2009-11-04 18:23:07 ----D---- C:\WINDOWS\srchasst 2009-11-04 18:23:06 ----D---- C:\WINDOWS\system32\Macromed 2009-11-04 18:23:03 ----A---- C:\WINDOWS\system32\wuweb.dll 2009-11-04 18:23:03 ----A---- C:\WINDOWS\system32\wups.dll 2009-11-04 18:23:03 ----A---- C:\WINDOWS\system32\wucltui.dll 2009-11-04 18:23:03 ----A---- C:\WINDOWS\system32\wuauserv.dll 2009-11-04 18:23:03 ----A---- C:\WINDOWS\system32\wuaueng1.dll 2009-11-04 18:23:03 ----A---- C:\WINDOWS\system32\wuaueng.dll 2009-11-04 18:23:03 ----A---- C:\WINDOWS\system32\wuauclt1.exe 2009-11-04 18:23:03 ----A---- C:\WINDOWS\system32\wuauclt.exe 2009-11-04 18:23:03 ----A---- C:\WINDOWS\system32\wuapi.dll 2009-11-04 18:23:02 ----A---- C:\WINDOWS\system32\qmgrprxy.dll 2009-11-04 18:23:02 ----A---- C:\WINDOWS\system32\qmgr.dll 2009-11-04 18:23:02 ----A---- C:\WINDOWS\system32\bitsprx3.dll 2009-11-04 18:23:02 ----A---- C:\WINDOWS\system32\bitsprx2.dll 2009-11-04 18:22:58 ----D---- C:\Program Files\Movie Maker 2009-11-04 18:22:54 ----A---- C:\WINDOWS\system32\safrslv.dll 2009-11-04 18:22:54 ----A---- C:\WINDOWS\system32\safrdm.dll 2009-11-04 18:22:54 ----A---- C:\WINDOWS\system32\safrcdlg.dll 2009-11-04 18:22:54 ----A---- C:\WINDOWS\system32\racpldlg.dll 2009-11-04 18:22:51 ----A---- C:\WINDOWS\system32\fltlib.dll 2009-11-04 18:22:50 ----D---- C:\WINDOWS\system32\Restore 2009-11-04 18:22:50 ----A---- C:\WINDOWS\system32\srsvc.dll 2009-11-04 18:22:50 ----A---- C:\WINDOWS\system32\srrstr.dll 2009-11-04 18:22:50 ----A---- C:\WINDOWS\system32\srclient.dll 2009-11-04 18:22:50 ----A---- C:\WINDOWS\system32\fltMc.exe 2009-11-04 18:22:49 ----A---- C:\WINDOWS\system32\nmmkcert.dll 2009-11-04 18:22:49 ----A---- C:\WINDOWS\system32\mnmdd.dll 2009-11-04 18:22:49 ----A---- C:\WINDOWS\system32\isrdbg32.dll 2009-11-04 18:22:49 ----A---- C:\WINDOWS\system32\ils.dll 2009-11-04 18:22:48 ----A---- C:\WINDOWS\system32\msconf.dll 2009-11-04 18:22:48 ----A---- C:\WINDOWS\system32\mnmsrvc.exe 2009-11-04 18:22:46 ----D---- C:\Program Files\NetMeeting 2009-11-04 18:22:46 ----A---- C:\WINDOWS\system32\msoert2.dll 2009-11-04 18:22:45 ----A---- C:\WINDOWS\system32\msoeacct.dll 2009-11-04 18:22:44 ----A---- C:\WINDOWS\system32\inetres.dll 2009-11-04 18:22:44 ----A---- C:\WINDOWS\system32\inetcomm.dll 2009-11-04 18:22:43 ----D---- C:\Program Files\Outlook Express 2009-11-04 18:22:43 ----A---- C:\WINDOWS\system32\schedsvc.dll 2009-11-04 18:22:42 ----A---- C:\WINDOWS\system32\mstinit.exe 2009-11-04 18:22:42 ----A---- C:\WINDOWS\system32\mstask.dll 2009-11-04 18:22:42 ----A---- C:\WINDOWS\system32\isign32.dll 2009-11-04 18:22:42 ----A---- C:\WINDOWS\system32\inetcfg.dll 2009-11-04 18:22:42 ----A---- C:\WINDOWS\system32\icwphbk.dll 2009-11-04 18:22:42 ----A---- C:\WINDOWS\system32\icwdial.dll 2009-11-04 18:22:36 ----D---- C:\Program Files\Fichiers communs\System 2009-11-04 18:22:32 ----D---- C:\Program Files\Internet Explorer 2009-11-04 18:21:40 ----D---- C:\Program Files\ComPlus Applications 2009-11-04 18:21:37 ----A---- C:\WINDOWS\vbaddin.ini 2009-11-04 18:21:37 ----A---- C:\WINDOWS\vb.ini 2009-11-04 18:21:31 ----D---- C:\WINDOWS\Registration 2009-11-04 18:21:22 ----D---- C:\Program Files\Online Services 2009-11-04 18:21:21 ----D---- C:\Program Files\Windows Media Player 2009-11-04 18:21:14 ----D---- C:\Program Files\Messenger 2009-11-04 18:21:10 ----D---- C:\Program Files\MSN Gaming Zone 2009-11-04 18:21:10 ----A---- C:\WINDOWS\system32\write.exe 2009-11-04 18:21:00 ----A---- C:\WINDOWS\system32\sndvol32.exe 2009-11-04 18:20:59 ----A---- C:\WINDOWS\system32\winchat.exe 2009-11-04 18:20:59 ----A---- C:\WINDOWS\system32\hticons.dll 2009-11-04 18:20:59 ----A---- C:\WINDOWS\system32\avwav.dll 2009-11-04 18:20:59 ----A---- C:\WINDOWS\system32\avtapi.dll 2009-11-04 18:20:59 ----A---- C:\WINDOWS\system32\avmeter.dll 2009-11-04 18:20:52 ----A---- C:\WINDOWS\system32\getuname.dll 2009-11-04 18:20:51 ----A---- C:\WINDOWS\system32\winmine.exe 2009-11-04 18:20:51 ----A---- C:\WINDOWS\system32\sol.exe 2009-11-04 18:20:51 ----A---- C:\WINDOWS\system32\charmap.exe 2009-11-04 18:20:51 ----A---- C:\WINDOWS\system32\calc.exe 2009-11-04 18:20:50 ----A---- C:\WINDOWS\system32\usrlogon.cmd 2009-11-04 18:20:50 ----A---- C:\WINDOWS\system32\tsshutdn.exe 2009-11-04 18:20:50 ----A---- C:\WINDOWS\system32\tslabels.ini 2009-11-04 18:20:50 ----A---- C:\WINDOWS\system32\tskill.exe 2009-11-04 18:20:50 ----A---- C:\WINDOWS\system32\tsdiscon.exe 2009-11-04 18:20:50 ----A---- C:\WINDOWS\system32\tscon.exe 2009-11-04 18:20:50 ----A---- C:\WINDOWS\system32\shadow.exe 2009-11-04 18:20:50 ----A---- C:\WINDOWS\system32\reset.exe 2009-11-04 18:20:50 ----A---- C:\WINDOWS\system32\mshearts.exe 2009-11-04 18:20:50 ----A---- C:\WINDOWS\system32\freecell.exe 2009-11-04 18:20:49 ----A---- C:\WINDOWS\system32\rwinsta.exe 2009-11-04 18:20:49 ----A---- C:\WINDOWS\system32\regini.exe 2009-11-04 18:20:49 ----A---- C:\WINDOWS\system32\rdpcfgex.dll 2009-11-04 18:20:49 ----A---- C:\WINDOWS\system32\qwinsta.exe 2009-11-04 18:20:49 ----A---- C:\WINDOWS\system32\qappsrv.exe 2009-11-04 18:20:49 ----A---- C:\WINDOWS\system32\msg.exe 2009-11-04 18:20:49 ----A---- C:\WINDOWS\system32\msdtcprf.ini 2009-11-04 18:20:49 ----A---- C:\WINDOWS\system32\logoff.exe 2009-11-04 18:20:49 ----A---- C:\WINDOWS\system32\cdmodem.dll 2009-11-04 18:20:48 ----A---- C:\WINDOWS\system32\mtxlegih.dll 2009-11-04 18:20:48 ----A---- C:\WINDOWS\system32\mtxex.dll 2009-11-04 18:20:48 ----A---- C:\WINDOWS\system32\mtxdm.dll 2009-11-04 18:20:48 ----A---- C:\WINDOWS\system32\dcomcnfg.exe 2009-11-04 18:20:48 ----A---- C:\WINDOWS\system32\comaddin.dll 2009-11-04 18:20:47 ----A---- C:\WINDOWS\system32\stclient.dll 2009-11-04 18:20:47 ----A---- C:\WINDOWS\system32\comsnap.dll 2009-11-04 18:20:47 ----A---- C:\WINDOWS\system32\comrepl.dll 2009-11-04 18:20:42 ----A---- C:\WINDOWS\system32\wmimgmt.msc 2009-11-04 18:20:32 ----D---- C:\Program Files\MSN 2009-11-04 18:20:31 ----A---- C:\WINDOWS\system32\sndrec32.exe 2009-11-04 18:20:31 ----A---- C:\WINDOWS\system32\mplay32.exe 2009-11-04 18:20:31 ----A---- C:\WINDOWS\system32\accwiz.exe 2009-11-04 18:20:30 ----D---- C:\Program Files\Windows NT 2009-11-04 18:20:30 ----A---- C:\WINDOWS\system32\spider.exe 2009-11-04 18:20:30 ----A---- C:\WINDOWS\system32\mspaint.exe 2009-11-04 18:20:30 ----A---- C:\WINDOWS\system32\hypertrm.dll 2009-11-04 18:20:30 ----A---- C:\WINDOWS\system32\clipbrd.exe 2009-11-04 18:20:29 ----A---- C:\WINDOWS\system32\tscfgwmi.dll 2009-11-04 18:20:29 ----A---- C:\WINDOWS\system32\mstscax.dll 2009-11-04 18:20:29 ----A---- C:\WINDOWS\system32\mstsc.exe 2009-11-04 18:20:28 ----A---- C:\WINDOWS\system32\tscupgrd.exe 2009-11-04 18:20:28 ----A---- C:\WINDOWS\system32\termsrv.dll 2009-11-04 18:20:28 ----A---- C:\WINDOWS\system32\sessmgr.exe 2009-11-04 18:20:28 ----A---- C:\WINDOWS\system32\remotepg.dll 2009-11-04 18:20:28 ----A---- C:\WINDOWS\system32\rdshost.exe 2009-11-04 18:20:28 ----A---- C:\WINDOWS\system32\rdsaddin.exe 2009-11-04 18:20:28 ----A---- C:\WINDOWS\system32\rdpwsx.dll 2009-11-04 18:20:28 ----A---- C:\WINDOWS\system32\rdpsnd.dll 2009-11-04 18:20:28 ----A---- C:\WINDOWS\system32\rdpclip.exe 2009-11-04 18:20:28 ----A---- C:\WINDOWS\system32\rdchost.dll 2009-11-04 18:20:28 ----A---- C:\WINDOWS\system32\qprocess.exe 2009-11-04 18:20:27 ----D---- C:\WINDOWS\system32\MsDtc 2009-11-04 18:20:27 ----A---- C:\WINDOWS\system32\mtxoci.dll 2009-11-04 18:20:27 ----A---- C:\WINDOWS\system32\msdtcuiu.dll 2009-11-04 18:20:27 ----A---- C:\WINDOWS\system32\msdtctm.dll 2009-11-04 18:20:27 ----A---- C:\WINDOWS\system32\msdtcprx.dll 2009-11-04 18:20:27 ----A---- C:\WINDOWS\system32\icaapi.dll 2009-11-04 18:20:27 ----A---- C:\WINDOWS\system32\cfgbkend.dll 2009-11-04 18:20:26 ----A---- C:\WINDOWS\system32\xolehlp.dll 2009-11-04 18:20:26 ----A---- C:\WINDOWS\system32\msdtclog.dll 2009-11-04 18:20:26 ----A---- C:\WINDOWS\system32\msdtc.exe 2009-11-04 18:20:25 ----D---- C:\WINDOWS\system32\Com 2009-11-04 18:20:25 ----A---- C:\WINDOWS\system32\colbact.dll 2009-11-04 18:20:25 ----A---- C:\WINDOWS\system32\clbcatex.dll 2009-11-04 18:20:25 ----A---- C:\WINDOWS\system32\catsrvut.dll 2009-11-04 18:20:25 ----A---- C:\WINDOWS\system32\catsrvps.dll 2009-11-04 18:20:25 ----A---- C:\WINDOWS\system32\catsrv.dll 2009-11-04 18:20:24 ----A---- C:\WINDOWS\system32\comuid.dll 2009-11-04 18:20:24 ----A---- C:\WINDOWS\system32\comsvcs.dll 2009-11-04 18:20:24 ----A---- C:\WINDOWS\system32\clbcatq.dll 2009-11-04 18:20:17 ----A---- C:\WINDOWS\system32\servdeps.dll 2009-11-04 18:20:17 ----A---- C:\WINDOWS\system32\mmfutil.dll 2009-11-04 18:20:17 ----A---- C:\WINDOWS\system32\licwmi.dll 2009-11-04 18:20:17 ----A---- C:\WINDOWS\system32\cmprops.dll ======List of files/folders modified in the last 3 months====== 2010-01-03 18:25:12 ----A---- C:\WINDOWS\win.ini 2009-11-04 19:13:54 ----A---- C:\WINDOWS\system.ini 2009-10-29 06:46:29 ----A---- C:\WINDOWS\system32\wininet.dll 2009-10-29 06:46:29 ----A---- C:\WINDOWS\system32\urlmon.dll 2009-10-29 06:46:28 ----A---- C:\WINDOWS\system32\shdocvw.dll 2009-10-29 06:46:26 ----A---- C:\WINDOWS\system32\pngfilt.dll 2009-10-29 06:46:26 ----A---- C:\WINDOWS\system32\mstime.dll 2009-10-29 06:46:25 ----A---- C:\WINDOWS\system32\msrating.dll 2009-10-29 06:46:25 ----A---- C:\WINDOWS\system32\mshtmled.dll 2009-10-29 06:46:25 ----A---- C:\WINDOWS\system32\mshtml.dll 2009-10-29 06:46:20 ----A---- C:\WINDOWS\system32\jsproxy.dll 2009-10-29 06:46:20 ----A---- C:\WINDOWS\system32\inseng.dll 2009-10-29 06:46:20 ----A---- C:\WINDOWS\system32\iepeers.dll 2009-10-29 06:46:19 ----A---- C:\WINDOWS\system32\extmgr.dll 2009-10-29 06:46:19 ----A---- C:\WINDOWS\system32\dxtrans.dll 2009-10-29 06:46:19 ----A---- C:\WINDOWS\system32\dxtmsft.dll 2009-10-29 06:46:18 ----A---- C:\WINDOWS\system32\cdfview.dll 2009-10-29 06:46:17 ----A---- C:\WINDOWS\system32\browseui.dll 2009-10-28 01:43:16 ----A---- C:\WINDOWS\system32\xpsp3res.dll 2009-10-21 07:03:11 ----A---- C:\WINDOWS\system32\strmfilt.dll 2009-10-21 07:03:10 ----A---- C:\WINDOWS\system32\httpapi.dll ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2009-11-15 43488] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-03 40320] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848] R1 KGootkit;KGootkit; C:\WINDOWS\System32\drivers\KGootkit.sys [] R1 NaiAvTdi1;NaiAvTdi1; C:\WINDOWS\system32\drivers\mvstdi5x.sys [2004-09-22 58048] R3 EntDrv51;EntDrv51; \??\C:\WINDOWS\system32\drivers\EntDrv51.sys [] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600] R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752] R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-28 9600] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-04-17 5854752] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-04-17 4652544] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-28 12288] R3 NaiAvFilter1;NaiAvFilter1; C:\WINDOWS\system32\drivers\naiavf5x.sys [2004-09-22 108256] R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-04-17 105856] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480] S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [] S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys [] S2 pbnrq;pbnrq; \??\C:\WINDOWS\system32\drivers\eowxqytdpjrhvrv.sys [] S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2003-08-11 51056] S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2003-08-11 16496] S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2003-08-11 21488] S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-12-10 153376] R2 McAfeeFramework;McAfee Framework Service; C:\Program Files\Network Associates\Common Framework\FrameworkService.exe [2004-08-06 102463] R2 McShield;Network Associates McShield; C:\Program Files\Network Associates\VirusScan\Mcshield.exe [2004-09-22 221191] R2 McTaskManager;Network Associates Task Manager; C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe [2004-09-22 28672] R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-11-12 545568] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2003-08-11 65795] S3 usnsvc;Service Messenger Sharing USN Journal Reader; C:\WINDOWS\system32\svchost.exe [2004-08-03 14336] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-03 14336] -----------------EOF----------------- Rapport info : info.txt logfile of random's system information tool 1.06 2010-01-18 22:52:16 ======Uninstall list====== -->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL -->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL -->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL -->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL -->C:\WINDOWS\UNNeroVision.exe /UNINSTALL -->C:\WINDOWS\UNRecode.exe /UNINSTALL -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Reader 8 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A80000000002} Apple Application Support-->MsiExec.exe /I{3FA365DF-2D68-45ED-8F83-8C8A33E65143} Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B} CDisplay 1.8-->"C:\Program Files\CDisplay\unins000.exe" Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe" Correctif pour Windows XP (KB935448)-->"C:\WINDOWS\$NtUninstallKB935448$\spuninst\spuninst.exe" Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Correctif pour Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe" GrabIt 1.7.2 Beta 4 (build 997)-->"C:\Program Files\GrabIt\unins000.exe" Guitar Pro 5.2-->"C:\Program Files\Guitar Pro 5\unins000.exe" High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe" HijackThis 2.0.2-->"C:\Documents and Settings\Sophie\Bureau\HijackThis.exe" /uninstall Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe" HP PSC & OfficeJet 3.0-->"C:\Program Files\HP\Digital Imaging\{F38FA38A-7E5A-4209-88ED-4DE21CD20EEF}\setup\hpzscr01.exe" -datfile hposcr03.dat HP Software Update-->MsiExec.exe /X{CC0A24CB-87C9-4F1C-A1F2-F87D8D4DDCAF} Intel® Graphics Media Accelerator Driver-->C:\WINDOWS\system32\igxpun.exe -uninstall iTunes-->MsiExec.exe /I{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5} J2SE Runtime Environment 5.0 Update 17-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150170} Java 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216017FF} Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" McAfee VirusScan Enterprise-->MsiExec.exe /I{5DF3D1BB-894E-4DCD-8275-159AC9829B43} Memories Disc Creator 2.0-->MsiExec.exe /X{2E132061-C78A-48D4-A899-1D13B9D189FA} Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700} Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE} Microsoft Office Enterprise 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE} Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE} Microsoft Office Groove MUI (French) 2007-->MsiExec.exe /X{90120000-00BA-040C-0000-0000000FF1CE} Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE} Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE} Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE} Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE} Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE} Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE} Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE} Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE} Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB944338-v2)-->"C:\WINDOWS\$NtUninstallKB944338-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958470)-->"C:\WINDOWS\$NtUninstallKB958470$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961371-v2)-->"C:\WINDOWS\$NtUninstallKB961371-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971032)-->"C:\WINDOWS\$NtUninstallKB971032$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974455)-->"C:\WINDOWS\$NtUninstallKB974455$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB976325)-->"C:\WINDOWS\$NtUninstallKB976325$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB932823-v3)-->"C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB976749)-->"C:\WINDOWS\$NtUninstallKB976749$\spuninst\spuninst.exe" MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC} Nero 7 Premium-->MsiExec.exe /I{9DAA3F6E-0B56-A762-02CF-F9D80D8F1036} Photo et imagerie HP 3.1-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat QuickPar 0.9-->C:\Program Files\QuickPar\uninst.exe QuickTime-->MsiExec.exe /I{1451DE6B-ABE1-4F62-BE9A-B363A17588A2} REALTEK GbE & FE Ethernet PCI-E NIC Driver-->C:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\setup.exe -runfromtemp -l0x040c -removeonly Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly Skype 3.1-->"C:\Program Files\Skype\Phone\unins000.exe" Skype Plugin Manager-->MsiExec.exe /I{3D5E5C0A-5B36-4F98-99A7-287F7DBDCE03} Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" VLC media player 1.0.3-->C:\Program Files\VideoLAN\VLC\uninstall.exe Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe" Windows Live Messenger-->MsiExec.exe /I{E22885AB-B503-46E2-8437-73BBC6BC5487} Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" ======System event log====== Computer Name: Event Code: 7036 Message: Le service NLA (Network Location Awareness) est entré dans l'état : en cours d'exécution. Record Number: 3881 Source Name: Service Control Manager Time Written: 20091222204807.000000+060 Event Type: Informations User: Computer Name: Event Code: 7035 Message: Un contrôle Démarrer a correctement été envoyé au service NLA (Network Location Awareness). Record Number: 3880 Source Name: Service Control Manager Time Written: 20091222204807.000000+060 Event Type: Informations User: AUTORITE NT\SYSTEM Computer Name: Event Code: 7035 Message: Un contrôle Démarrer a correctement été envoyé au service Service COM de gravage de CD IMAPI. Record Number: 3879 Source Name: Service Control Manager Time Written: 20091222204807.000000+060 Event Type: Informations User: AUTORITE NT\SYSTEM Computer Name: Event Code: 7036 Message: Le service Compatibilité avec le Changement rapide d'utilisateur est entré dans l'état : en cours d'exécution. Record Number: 3878 Source Name: Service Control Manager Time Written: 20091222204807.000000+060 Event Type: Informations User: Computer Name: Event Code: 7035 Message: Un contrôle Démarrer a correctement été envoyé au service Compatibilité avec le Changement rapide d'utilisateur. Record Number: 3877 Source Name: Service Control Manager Time Written: 20091222204807.000000+060 Event Type: Informations User: AUTORITE NT\SYSTEM ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\ "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 28 Stepping 2, GenuineIntel "PROCESSOR_REVISION"=1c02 "NUMBER_OF_PROCESSORS"=2 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip -----------------EOF----------------- Merci pour la vérification et les conseils pour supprimer ce qui cloche.

Bonsoir Thanos, Merci pour la rapidité de ta réponse. Voici d'ores et déjà le rapport de Malware. Je t'envoie le prochain après, ainsi tu peux déjà avoir un premier aperçu. Malwarebytes' Anti-Malware 1.44 Version de la base de données: 3595 Windows 5.1.2600 Service Pack 2 Internet Explorer 6.0.2900.2180 18/01/2010 22:21:07 mbam-log-2010-01-18 (22-21-04).txt Type de recherche: Examen rapide Eléments examinés: 117317 Temps écoulé: 8 minute(s), 57 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 3 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 11 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken. Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\csrrss.exe (Trojan.Dropper) -> No action taken. C:\dllhost.exe (Trojan.Dropper) -> No action taken. C:\iexplorre.exe (Trojan.Dropper) -> No action taken. C:\iymfsrlv.exe (Trojan.Downloader) -> No action taken. C:\svvchost.exe (Trojan.Dropper) -> No action taken. C:\WINDOWS\Temp\5F.tmp (Rootkit.TDSS) -> No action taken. C:\WINDOWS\Temp\60.tmp (Rootkit.TDSS) -> No action taken. C:\WINDOWS\Temp\62.tmp (Rootkit.TDSS) -> No action taken. C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\0HEFK5Y3\wcvsg[1].htm (Trojan.Downloader) -> No action taken. C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\CL6389E7\yrbbppqzna[1].htm (Trojan.Agent) -> No action taken. C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\OH6701MF\yrbbppqzna[1].htm (Trojan.Agent) -> No action taken.

Bonsoir, Mon PC est infecté. Comme il s'est brutalement éteint, j'ai tout de suite fait une vérification avec Maleware qui m'a détecté 11 problèmes. Le plus important qui me paralyse, c'est Internet Explorer qui ne répond plus. Qui pourrait m'aider, svp car j'ai peur que l'infection s'étende ? Merci par avance.

Bonjour Apollo, Pour te donner des nouvelles : c'était la carte-mère qui était défectueuse. Il a fallu tout changer et ça a pris du temps... Bon week-end

Bonsoir Apollo, Merci pour toutes ces explications. J'ai gravé un CD RW comme tu m'as dit avec Dr Web dessus. Je l'ai lancé sur mon ordi, mais n'ai pas pu le mettre en "safe mode" avec les flèches du bas et du haut. Pourquoi, ça... ? Il s'est donc lancé tout seul très rapidement après le décompte. Juste quelques minutes et écran noir. J'ai retiré le disque gravé et ai allumé mon PC. Après qu'il ait bloqué sur Outlook Express, j'ai remis le CD et là ô miracle, j'ai pu accéder à mes fichiers, parmi lesquels Dr Web Scanner que j'avais installé quelques jours plus tôt. Vérification rapide, rien à signaler. Que me conseilles-tu maintenant que j'ai su grâce à toi entrer dans mes fichiers ? A bientôt

Bonjour, Gros problème : mon ordinateur n'arrive plus à démarrer. Windows se lance, puis tout bloque. J'ai essayé ce matin, aucun succès, ce soir pareil malgré X tentatives pour le mettre en marche. Je suis sur un autre ordi en attendant vos solutions et je suis dégoûtée. Merci pour votre aide !

Bonjour Falkra, Les problèmes de démarrage du PC continuent... Quelle galère !!! Quand la page "Microsoft Windows XP" peut s'afficher, alors c'est rectangle vide en dessous et aucun carré qui défile. Sinon, ça peut être aussi le PC qui bloque brutalement. J'ai aussi la page parfois : "Windows n'a pas démarré correctement..." Tout à l'heure après avoir passé l'étape du rectangle qui cette fois affichait les petits carrés bleus, j'ai eu "Windows est en cours de démarrage..." Mais tout s'est bloqué et j'aurais pu attendre longtemps... Pourrais-tu m'aider à résoudre ce gros souci, stp ? Merci

J'ai fait tout ce que tu m'as conseillé et le PC s'est relancé sans se coincer cette fois ! Il bloquait lorsque la page Windows XP apparaît au tout début avec en fin de page le rectangle où défilent trois petits carrés bleus. Ou alors après cette page, la fléche du curseur bloquait soudain. J'espère qu'avec ton travail cela va s'arranger. Tu en penses quoi ? Grand merci en tous cas pour avoir enlevé cette cochonnerie que je ne connaissais pas !!

-----------\\ ToolBar S&D 1.2.6 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : AMD Athlon 64 Processor 3000+ ) BIOS : Default System BIOS USER : users ( Administrator ) BOOT : Normal boot A:\ (USB) C:\ (Local Disk) - NTFS - Total:39 Go (Free:7 Go) D:\ (Local Disk) - NTFS - Total:127 Go (Free:0 Go) E:\ (Local Disk) - NTFS - Total:37 Go (Free:0 Go) F:\ (Local Disk) - NTFS - Total:104 Go (Free:2 Go) G:\ (CD or DVD) H:\ (CD or DVD) "C:\ToolBar SD" ( MAJ : 04-12-2008|20:40 ) Option : [2] ( dim. 13/09/2009|22:38 ) -----------\\ SUPPRESSION Supprime! - C:\Program Files\AskBarDis\bar Supprime! - C:\Program Files\AskBarDis\unins000.dat Supprime! - C:\Program Files\AskBarDis\unins000.exe Supprime! - C:\Program Files\AskBarDis -----------\\ Recherche de Fichiers / Dossiers ... -----------\\ Extensions (users) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Start Page"="http://www.google.fr/" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Start Page Redirect Cache"="http://be.msn.com/defaultf.aspx?lang=fr-be&ocid=iehp" "Url"="http://go.microsoft.com/fwlink/?LinkID=68928" "Url"="http://go.microsoft.com/fwlink/?LinkID=68929" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Start Page"="http://www.msn.com/" --------------------\\ Recherche d'autres infections Aucune autre infection trouvée ! 1 - "C:\ToolBar SD\TB_1.txt" - dim. 07/12/2008|18:20 - Option : [1] 2 - "C:\ToolBar SD\TB_2.txt" - dim. 13/09/2009|19:52 - Option : [1] 3 - "C:\ToolBar SD\TB_3.txt" - dim. 13/09/2009|22:39 - Option : [2] -----------\\ Fin du rapport a 22:39:37,65 Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:43:12, on 13/09/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Network Associates\Common Framework\FrameworkService.exe C:\Program Files\Network Associates\VirusScan\Mcshield.exe C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\Belgacom\bin\sprtsvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\WgaTray.exe C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\HP\HP Software Update\HPWuSchd.exe C:\Program Files\Belgacom\bin\sprtcmd.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE C:\Program Files\Microsoft\Office Live\OfficeLiveSignIn.exe C:\WINDOWS\explorer.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\msfeedssync.exe C:\Documents and Settings\users\Bureau\users.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [shStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe" O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe" O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [belgacom] "C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O9 - Extra button: (no name) - AutorunsDisabled - (no file) O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O15 - Trusted Zone: http://www.secuser.com O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1226672868484 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichier...ion_3_0_4_0.cab O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe (file missing) O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe (file missing) O23 - Service: Service Google Update (gupdate1c9ecd3c3c42abc) (gupdate1c9ecd3c3c42abc) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SupportSoft Sprocket Service (belgacom) (sprtsvc_belgacom) - SupportSoft, Inc. - C:\Program Files\Belgacom\bin\sprtsvc.exe O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Fichiers communs\Supportsoft\bin\ssrc.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe -- End of file - 9407 bytes

Ce serait dû à quoi à ton avis les problèmes pour démarrer ? Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:21:37, on 13/09/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AskBarDis\bar\bin\AskService.exe C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Network Associates\Common Framework\FrameworkService.exe C:\Program Files\Network Associates\VirusScan\Mcshield.exe C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\Belgacom\bin\sprtsvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\WgaTray.exe C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\HP\HP Software Update\HPWuSchd.exe C:\Program Files\Belgacom\bin\sprtcmd.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE C:\Program Files\Microsoft\Office Live\OfficeLiveSignIn.exe C:\WINDOWS\explorer.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\users\Bureau\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O4 - HKLM\..\Run: [shStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe" O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe" O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [belgacom] "C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O9 - Extra button: (no name) - AutorunsDisabled - (no file) O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O15 - Trusted Zone: http://www.secuser.com O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1226672868484 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichier...ion_3_0_4_0.cab O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe O23 - Service: Service Google Update (gupdate1c9ecd3c3c42abc) (gupdate1c9ecd3c3c42abc) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SupportSoft Sprocket Service (belgacom) (sprtsvc_belgacom) - SupportSoft, Inc. - C:\Program Files\Belgacom\bin\sprtsvc.exe O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Fichiers communs\Supportsoft\bin\ssrc.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe -- End of file - 9834 bytes