Aller au contenu

sous douée de l'ordi

Membres
  • Compteur de contenus

    17
  • Inscription

  • Dernière visite

Profile Information

  • Localisation
    nice

Autres informations

  • Mes langues
    Français

sous douée de l'ordi's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. Bonjour, J'ai fais le test mais rien ne change. Y'a t-il une autre possibilité? Merci d'avance
  2. Bonjour Pear, Veuillez m'excusez pour le laps de temps sans nouvelles de ma part....Au passage, meilleurs voeux! Vu l'état de santé de mon ordi et le peu de temps dont je dispose pour tenter de l'arranger, j'ai décidé de l'emmener chez un informaticien. J'abandonne donc. Je vous remercie pour le temps que vous avez bien voulu me consacrer.
  3. Bonsoir Pear, J'ai refais toute la manip suite à votre message de dimanche 21 décembre 2008 à 17h29 et à vos dernières indiquations. (Désolée pour mon ignorance ) Voici le rapport ========== PROCESSES ========== Process explorer.exe killed successfully. ========== FILES ========== File/Folder D:\Documents and Settings\NEHR ALEKSANDRA\Application Data\Uniblue not found. File/Folder C:\WINDOWS\tasks\RegistrySmart Scheduled Scan.job not found. C:\WINDOWS\SOUNDMAN.EXE moved successfully. C:\Program Files\HP\HP Software Update\hpwuSchd2.exe moved successfully. C:\Program Files\OFFICE One6.5\program\soffice.exe moved successfully. C:\Program Files\QuickTime\qttask.exe moved successfully. C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe moved successfully. C:\Program Files\Java\jre6\bin\jusched.exe moved successfully. C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe moved successfully. File/Folder C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe not found. ========== REGISTRY ========== Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\\ not found. Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b3f1bba8-25a3-11dd-a3d0-806d6172696f}\\ deleted successfully. ========== COMMANDS ========== File delete failed. D:\DOCUME~1\NEHRAL~1\LOCALS~1\Temp\hpodvd09.log scheduled to be deleted on reboot. File delete failed. D:\DOCUME~1\NEHRAL~1\LOCALS~1\Temp\WCESCOMM.LOG scheduled to be deleted on reboot. File delete failed. D:\DOCUME~1\NEHRAL~1\LOCALS~1\Temp\~DFE84D.tmp scheduled to be deleted on reboot. File delete failed. D:\DOCUME~1\NEHRAL~1\LOCALS~1\Temp\~DFEC14.tmp scheduled to be deleted on reboot. User's Temp folder emptied. User's Temporary Internet Files folder emptied. User's Internet Explorer cache folder emptied. File delete failed. D:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be deleted on reboot. File delete failed. D:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat scheduled to be deleted on reboot. File delete failed. D:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be deleted on reboot. Local Service Temp folder emptied. Local Service Temporary Internet Files folder emptied. File delete failed. C:\WINDOWS\temp\nvcbin.def.6E73AF6C.TMP scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_5c0.dat scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_f4.dat scheduled to be deleted on reboot. Windows Temp folder emptied. Java cache emptied. FireFox cache emptied. Temp folders emptied. Explorer started successfully OTMoveIt3 by OldTimer - Version 1.0.7.2 log created on 12232008_203308 PASSEZ DE BONNES FETES!!!
  4. Pear, VOUS M'AVEZ DEMANDE: Dans Hijackthis,cochez ces lignes puis clic sur Fix checked O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE => Realtek®Avance Logic Sound O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe => Microsoft®Windows NT O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - Startup: OFFICE One 6.5.lnk = C:\Program Files\OFFICE One6.5\program\quickstart.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - HKCU\..\Run: [RegistryBooster 2 d’Uniblue ] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S[/color] Je ne dois pas faire la bonne manip car je ne peux cocher ces lignes et n'ai rien qui se rapproche de Fix checked Si je me souviens bien pour faire un Hijackthis, il faut que je passe par RSIT.EXE? Quand je fais ça, c'est un texte qui s'affiche mais je ne peux rien cocher.
  5. Bonjour Pear, Pour internet: Lorsque j'i acheté l'ordi, AOL était installé mais je fonctionne avec neuf. Voci le rapport de OTMoveIt3 by OldTimer sans avoir cocher les lignes que vous m'avez demandé ========== PROCESSES ========== Process explorer.exe killed successfully. ========== FILES ========== D:\Documents and Settings\NEHR ALEKSANDRA\Application Data\Uniblue\Registry Booster2 moved successfully. D:\Documents and Settings\NEHR ALEKSANDRA\Application Data\Uniblue moved successfully. C:\WINDOWS\tasks\RegistrySmart Scheduled Scan.job moved successfully. C:\WINDOWS\SOUNDMAN.EXE moved successfully. C:\Program Files\HP\HP Software Update\hpwuSchd2.exe moved successfully. C:\Program Files\OFFICE One6.5\program\soffice.exe moved successfully. C:\Program Files\QuickTime\qttask.exe moved successfully. C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe moved successfully. C:\Program Files\Java\jre6\bin\jusched.exe moved successfully. C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe moved successfully. File/Folder C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe not found. ========== REGISTRY ========== Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\\ deleted successfully. Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b3f1bba8-25a3-11dd-a3d0-806d6172696f}\\ deleted successfully. ========== COMMANDS ========== File delete failed. D:\DOCUME~1\NEHRAL~1\LOCALS~1\Temp\hpodvd09.log scheduled to be deleted on reboot. File delete failed. D:\DOCUME~1\NEHRAL~1\LOCALS~1\Temp\WCESCOMM.LOG scheduled to be deleted on reboot. File delete failed. D:\DOCUME~1\NEHRAL~1\LOCALS~1\Temp\~DF50DF.tmp scheduled to be deleted on reboot. User's Temp folder emptied. User's Temporary Internet Files folder emptied. User's Internet Explorer cache folder emptied. Local Service Temp folder emptied. Local Service Temporary Internet Files folder emptied. File delete failed. C:\WINDOWS\temp\nvcbin.def.6E73AF6C.TMP scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_3b0.dat scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_744.dat scheduled to be deleted on reboot. Windows Temp folder emptied. Java cache emptied. FireFox cache emptied. Temp folders emptied. Explorer started successfully OTMoveIt3 by OldTimer - Version 1.0.7.2 log created on 12222008_141021 LORSQUE MON ORDI S'EST RALLUME IL M'A INDIQUE QUE: D:/documents&settings/nehr n'est pas accessible..... Accès refusé Je fais maintenant un nouvel Hijackthis
  6. Pear, Eant nul de chez nul, pour moi, je n'ai rien plannifier mais en me rendant dans le dossier tasks je constate en effet ces 3 situations. Je n'y comprends rien......je vous indique les propriétées de chaque.... peut-être ainsi vuscomprendrez Pour: C:\WINDOWS\tasks\Rappel d'enregistrement 3.job =>C:\WINDOWS\system32\OOBE\oobebaln.exe /sys /r /n:3 Pour: C:\WINDOWS\tasks\RegistrySmart Scheduled Scan.job =>"C:\Program Files\RegistrySmart\RegistrySmart.exe" scheduled =>Runs RegistrySmart to optimize your registry. Pour: C:\WINDOWS\tasks\Scheduled scanning task.job =>C:\PROGRA~1\PACKSE~1\ANTI-V~1\fsav.exe /HARD /POLICY /SCHED /NOBREAK /REPORT=C:\PROGRA~1\PACKSE~1\ANTI-V~1\report.txt => Tâche ajoutée par F-Secure Anti-Virus. Pour: C:\Program Files\Uniblue\RegistryBooster 2 => je veux bien le désinstaller mais je ne le trouve pas.
  7. Pear, Si j'ai bien compris, vous attendez ce rapport Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:08:57, on 21/12/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe C:\Program Files\Pack Securite\Common\FSMA32.EXE C:\Program Files\Pack Securite\Anti-Virus\FSGK32.EXE C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Pack Securite\Common\FSMB32.EXE C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Pack Securite\Common\FCH32.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Pack Securite\Anti-Virus\fsqh.exe C:\Program Files\Pack Securite\Common\FAMEH32.EXE C:\Program Files\Pack Securite\FSPC\fspc.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe C:\Apps\Powercinema\PCMService.exe C:\apps\ABoard\ABoard.exe C:\Program Files\QuickTime\qttask.exe C:\apps\ABoard\AOSD.exe C:\Program Files\Pack Securite\Common\FSM32.EXE C:\Program Files\Unlocker\UnlockerAssistant.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Pack Securite\FSGUI\fsguidll.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Fichiers communs\Goto Software\Vaderetro_Mgr.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\OFFICE One6.5\program\soffice.exe C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe c:\APPS\Powercinema\Kernel\TV\CLSched.exe C:\Program Files\Pack Securite\FSAUA\program\fsaua.exe C:\Program Files\Pack Securite\Anti-Virus\fssm32.exe C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Pack Securite\FSAUA\program\fsus.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\Pack Securite\Anti-Virus\fsav32.exe C:\Program Files\Adobe Media Player\Adobe Media Player.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\karcher\hijackthis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neufportail.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ATIPTA] "C:\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Pack Securite\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Pack Securite\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [VadeRetro Outlook] C:\Program Files\Goto Software\Vade Retro\VrMoRegister.exe -s O4 - HKLM\..\Run: [VRManager] C:\Program Files\Fichiers communs\Goto Software\Vaderetro_Mgr.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [OoPDFSettingsv6.exe] C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" O4 - HKCU\..\Run: [RegistryBooster 2 d’Uniblue ] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: OFFICE One 6.5.lnk = C:\Program Files\OFFICE One6.5\program\quickstart.exe O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll O9 - Extra button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll O9 - Extra 'Tools' menuitem: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Pack Securite\FSAUA\program\fsaua.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Pack Securite\Common\FSMA32.EXE O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe -- End of file - 12170 bytes
  8. Bonjour Pear, je ne peux pas envoyer le fichier mon outlook ne veut pas s'ouvrir mais je pense pouvoir vous donner la réponse. E: est mon lecteur de cd => il y avait le cd d'installation office97. Mon ami l'a installé car il avait besoin de power point (car lorsque j'ai acheté l'ordi, je n'avais pas ce genre de logiciel) En regardant la pochette de office 97, je vois que c'est compatible avec NT mais moi je suis XP.... Cela pose -t-il un problème? J'ai tenté d'ouvrir mon lecteur windows media player mais de nouveau la fenêtre "wmplayer.exe a rencontré un problème et doit fermé..." et du coup je ne peux lire mes musiques.
  9. Bonsoir Pear, Après 5 heures d'analyse, voici le rapport Malwarebytes' Anti-Malware 1.31 Version de la base de données: 1525 Windows 5.1.2600 Service Pack 3 20/12/2008 20:00:44 mbam-log-2008-12-20 (20-00-44).txt Type de recherche: Examen complet (C:\|D:\|F:\|) Eléments examinés: 176085 Temps écoulé: 5 hour(s), 25 minute(s), 38 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 1 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 1 Fichier(s) infecté(s): 6 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\RegistrySmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): D:\Documents and Settings\LocalService.AUTORITE NT\Application Data\NetMon (Trojan.NetMon) -> Quarantined and deleted successfully. Fichier(s) infecté(s): D:\Documents and Settings\NEHR\Local Settings\Application Data\ddutlkb_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully. D:\Documents and Settings\NEHR\Local Settings\Application Data\ddutlkb_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully. D:\Documents and Settings\NEHR\Local Settings\Application Data\ddutlkb.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully. D:\Documents and Settings\NEHR ALEKSANDRA\Application Data\Desktopicon\eBayShortcuts.exe (Trojan.Agent) -> Quarantined and deleted successfully. D:\Documents and Settings\LocalService.AUTORITE NT\Application Data\NetMon\domains.txt (Trojan.NetMon) -> Quarantined and deleted successfully. D:\Documents and Settings\LocalService.AUTORITE NT\Application Data\NetMon\log.txt (Trojan.NetMon) -> Quarantined and deleted successfully. Malwarebytes' Anti-Malware 1.31 Version de la base de données: 1525 Windows 5.1.2600 Service Pack 3 20/12/2008 20:00:24 mbam-log-2008-12-20 (20-00-13).txt Type de recherche: Examen complet (C:\|D:\|F:\|) Eléments examinés: 176085 Temps écoulé: 5 hour(s), 25 minute(s), 38 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 1 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 1 Fichier(s) infecté(s): 6 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\RegistrySmart (Rogue.RegistrySmart) -> No action taken. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): D:\Documents and Settings\LocalService.AUTORITE NT\Application Data\NetMon (Trojan.NetMon) -> No action taken. Fichier(s) infecté(s): D:\Documents and Settings\NEHR\Local Settings\Application Data\ddutlkb_navps.dat (Adware.Navipromo.H) -> No action taken. D:\Documents and Settings\NEHR\Local Settings\Application Data\ddutlkb_nav.dat (Adware.Navipromo.H) -> No action taken. D:\Documents and Settings\NEHR\Local Settings\Application Data\ddutlkb.dat (Adware.Navipromo.H) -> No action taken. D:\Documents and Settings\NEHR ALEKSANDRA\Application Data\Desktopicon\eBayShortcuts.exe (Trojan.Agent) -> No action taken. D:\Documents and Settings\LocalService.AUTORITE NT\Application Data\NetMon\domains.txt (Trojan.NetMon) -> No action taken. D:\Documents and Settings\LocalService.AUTORITE NT\Application Data\NetMon\log.txt (Trojan.NetMon) -> No action taken. En attente du diagnotic docteur....
  10. Pear, Comme vous pouvez le constater, vous pouvez consulter les rapports. Lors de l'action de l'option1 - recherche, une fenêtre m'a indiqué que mon ordi est infecté par win32/zlob.gen123. Nous verrons la suite demain. Passez une bonne soirée. Un grand merci pour votre collaboration.
  11. Pear, Voici le rapport suite à l'option 2 - Nettoyage en mode sans echec: SmitFraudFix v2.387 Rapport fait à 23:09:26,28, 19/12/2008 Executé à partir de D:\Documents and Settings\NEHR ALEKSANDRA\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est NTFS Fix executé en mode sans echec »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus »»»»»»»»»»»»»»»»»»»»»»»» hosts 127.0.0.1 localhost »»»»»»»»»»»»»»»»»»»»»»»» VACFix VACFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix S!Ri's WS2Fix: LSP not Found. »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés »»»»»»»»»»»»»»»»»»»»»»»» IEDFix IEDFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix Agent.OMZ.Fix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» 404Fix 404Fix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» RK »»»»»»»»»»»»»»»»»»»»»»»» DNS HKLM\SYSTEM\CCS\Services\Tcpip\..\{C64E4432-9925-4407-BB0F-D22D3FD21109}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS1\Services\Tcpip\..\{C64E4432-9925-4407-BB0F-D22D3FD21109}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS2\Services\Tcpip\..\{C64E4432-9925-4407-BB0F-D22D3FD21109}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 »»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre Nettoyage terminé. »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Fin
  12. Bonsoir Pear, Voici le resultat de l'option 1- recherche: SmitFraudFix v2.387 Rapport fait à 22:56:46,51, 19/12/2008 Executé à partir de D:\Documents and Settings\NEHR ALEKSANDRA\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est NTFS Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» Process C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe C:\Program Files\Pack Securite\Common\FSMA32.EXE C:\Program Files\Pack Securite\Anti-Virus\FSGK32.EXE C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Pack Securite\Common\FSMB32.EXE C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Pack Securite\Common\FCH32.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Pack Securite\Anti-Virus\fsqh.exe C:\Program Files\Pack Securite\Common\FAMEH32.EXE C:\Program Files\Pack Securite\FSPC\fspc.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe C:\Apps\Powercinema\PCMService.exe C:\apps\ABoard\ABoard.exe C:\Program Files\QuickTime\qttask.exe C:\apps\ABoard\AOSD.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Fichiers communs\Goto Software\Vaderetro_Mgr.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Pack Securite\FSGUI\fsguidll.exe C:\Program Files\OFFICE One6.5\program\soffice.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe c:\APPS\Powercinema\Kernel\TV\CLSched.exe C:\Program Files\Pack Securite\FSAUA\program\fsaua.exe C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe C:\Program Files\Pack Securite\Anti-Virus\fssm32.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Pack Securite\FSAUA\program\fsus.exe C:\Program Files\Pack Securite\Anti-Virus\fsav32.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE D:\Documents and Settings\NEHR ALEKSANDRA\Bureau\SmitfraudFix\Policies.exe C:\WINDOWS\system32\cmd.exe »»»»»»»»»»»»»»»»»»»»»»»» hosts »»»»»»»»»»»»»»»»»»»»»»»» D:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles »»»»»»»»»»»»»»»»»»»»»»»» D:\Documents and Settings\NEHR ALEKSANDRA »»»»»»»»»»»»»»»»»»»»»»»» D:\DOCUME~1\NEHRAL~1\LOCALS~1\Temp »»»»»»»»»»»»»»»»»»»»»»»» D:\Documents and Settings\NEHR ALEKSANDRA\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» D:\DOCUME~1\NEHRAL~1\Favoris »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau »»»»»»»»»»»»»»»»»»»»»»»» o4Patch !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! o4Patch Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» IEDFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! IEDFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! »»»»»»»»»»»»»»»»»»»»»»»» VACFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! VACFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» 404Fix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! 404Fix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="MsgPlusLoader.dll" »»»»»»»»»»»»»»»»»»»»»»»» Winlogon !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "Userinit"="C:\\WINDOWS\\system32\\userinit.exe," "System"="" »»»»»»»»»»»»»»»»»»»»»»»» RK »»»»»»»»»»»»»»»»»»»»»»»» DNS Description: Realtek RTL8139/810x Family Fast Ethernet NIC - Miniport d'ordonnancement de paquets DNS Server Search Order: 192.168.1.1 HKLM\SYSTEM\CCS\Services\Tcpip\..\{C64E4432-9925-4407-BB0F-D22D3FD21109}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS1\Services\Tcpip\..\{C64E4432-9925-4407-BB0F-D22D3FD21109}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS2\Services\Tcpip\..\{C64E4432-9925-4407-BB0F-D22D3FD21109}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin
  13. Voilà docteur... -le log txt: Logfile of random's system information tool 1.05 (written by random/random) Run by NEHR ALEKSANDRA at 2008-12-19 19:34:59 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 18 GB (60%) free of 31 GB Total RAM: 1023 MB (36% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:35:35, on 19/12/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe C:\Program Files\Pack Securite\Common\FSMA32.EXE C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Pack Securite\Common\FSMB32.EXE C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Pack Securite\Common\FCH32.EXE C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Pack Securite\Common\FAMEH32.EXE C:\Program Files\Pack Securite\Anti-Virus\fsqh.exe C:\Program Files\Pack Securite\FSPC\fspc.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe c:\APPS\Powercinema\Kernel\TV\CLSched.exe C:\Program Files\Pack Securite\FSAUA\program\fsaua.exe C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Pack Securite\FSAUA\program\fsus.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe C:\Apps\Powercinema\PCMService.exe C:\apps\ABoard\ABoard.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Pack Securite\Common\FSM32.EXE C:\apps\ABoard\AOSD.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Fichiers communs\Goto Software\Vaderetro_Mgr.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE C:\Program Files\Pack Securite\FSGUI\fsguidll.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\OFFICE One6.5\program\soffice.exe C:\Program Files\Pack Securite\Anti-Virus\fsav32.exe C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Pack Securite\Anti-Virus\FSGK32.EXE C:\Program Files\Pack Securite\Anti-Virus\fssm32.exe D:\Documents and Settings\NEHR ALEKSANDRA\Bureau\RSIT.exe C:\karcher\NEHR ALEKSANDRA.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ATIPTA] "C:\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Pack Securite\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Pack Securite\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [VadeRetro Outlook] C:\Program Files\Goto Software\Vade Retro\VrMoRegister.exe -s O4 - HKLM\..\Run: [VRManager] C:\Program Files\Fichiers communs\Goto Software\Vaderetro_Mgr.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [OoPDFSettingsv6.exe] C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" O4 - HKCU\..\Run: [RegistryBooster 2 d’Uniblue ] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: OFFICE One 6.5.lnk = C:\Program Files\OFFICE One6.5\program\quickstart.exe O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll O9 - Extra button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll O9 - Extra 'Tools' menuitem: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Pack Securite\FSAUA\program\fsaua.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Pack Securite\Common\FSMA32.EXE O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe -- End of file - 11968 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Rappel d'enregistrement 3.job C:\WINDOWS\tasks\RegistrySmart Scheduled Scan.job C:\WINDOWS\tasks\Scheduled scanning task.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-17 320920] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll [2008-10-03 652784] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-17 34816] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-17 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Barre d'outils MSN - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll [2005-02-07 203464] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168] "PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168] "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-05-17 77824] "ATIPTA"=C:\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-08-05 344064] "Ulead AutoDetector v2"=C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe [2004-11-26 90112] "PCMService"=c:\Apps\Powercinema\PCMService.exe [2005-05-11 127118] "ACTIVBOARD"=c:\apps\ABoard\ABoard.exe [2003-05-02 24576] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2005-09-21 98304] "F-Secure Manager"=C:\Program Files\Pack Securite\Common\FSM32.EXE [2007-04-26 183208] "F-Secure TNB"=C:\Program Files\Pack Securite\FSGUI\TNBUtil.exe [2007-04-26 740208] "UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2008-05-02 15872] "MessengerPlus3"=C:\Program Files\MessengerPlus! 3\MsgPlus.exe [2008-08-20 190024] "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112] "ISUSPM Startup"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe -startup [] "ISUSScheduler"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2005-08-11 81920] "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2004-09-13 49152] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672] "TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2005-09-21 180269] "VadeRetro Outlook"=C:\Program Files\Goto Software\Vade Retro\VrMoRegister.exe [2008-09-02 88064] "VRManager"=C:\Program Files\Fichiers communs\Goto Software\Vaderetro_Mgr.exe [2008-11-14 2294272] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-17 136600] "OoPDFSettingsv6.exe"=C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe [2003-11-20 460800] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0 [] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5724184] "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-08-20 39408] "H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE [2001-07-20 401493] "RegistryBooster 2 d’Uniblue "=C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S [] D:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Démarrage rapide du logiciel HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE D:\Documents and Settings\NEHR ALEKSANDRA\Menu Démarrer\Programmes\Démarrage OFFICE One 6.5.lnk - C:\Program Files\OFFICE One6.5\program\quickstart.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="MsgPlusLoader.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2007-12-21 122880] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%ProgramFiles%\AOL 9.0\aol.exe"="%ProgramFiles%\AOL 9.0\aol.exe:*:Enabled:AOL" "%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\logo_ubi.exe"="%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\logo_ubi.exe:*:Enabled:SPLINTER CELL PANDORA" "%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\pandora.exe"="%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\pandora.exe:*:Enabled:PANDORA" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\APPS\Inventime\my.exe"="C:\APPS\Inventime\my.exe:*:Enabled:INVENTIME" "C:\Program Files\AOL 9.0\waol.exe"="C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0" "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire" "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice" "C:\APPS\skype\phone\Skype.exe"="C:\APPS\skype\phone\Skype.exe:*:Enabled:Skype" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\Fichiers communs\AOL\Loader\aolload.exe"="C:\Program Files\Fichiers communs\AOL\Loader\aolload.exe:*:Enabled:AOL Loader" "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:*:Enabled:Connection Manager" "C:\Program Files\Microsoft ActiveSync\WcesMgr.exe"="C:\Program Files\Microsoft ActiveSync\WcesMgr.exe:*:Enabled:ActiveSync Application" "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\AOL 9.0\waol.exe"="C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b3f1bba8-25a3-11dd-a3d0-806d6172696f}] shell\AutoRun\command - E:\AUTORUN\AUTORUN.EXE ======List of files/folders created in the last 3 months====== 2008-12-19 19:34:59 ----D---- C:\rsit 2008-12-19 18:34:45 ----D---- C:\karcher 2008-12-19 18:24:53 ----A---- C:\cleannavi.txt 2008-12-19 14:51:53 ----A---- C:\fixnavi.txt 2008-12-19 14:46:46 ----D---- C:\Program Files\Navilog1 2008-12-19 13:28:54 ----A---- C:\WINDOWS\system32\tmp.txt 2008-12-19 13:28:25 ----A---- C:\rapport.txt 2008-12-19 12:21:30 ----A---- C:\WINDOWS\system32\mapi32.dll 2008-12-19 06:48:11 ----HDC---- C:\WINDOWS\$NtUninstallKB954156_WM9L$ 2008-12-19 00:47:11 ----N---- C:\WINDOWS\system32\pxsfs.dll 2008-12-19 00:47:11 ----N---- C:\WINDOWS\system32\pxinsa64.exe 2008-12-19 00:47:11 ----N---- C:\WINDOWS\system32\pxhpinst.exe 2008-12-19 00:47:11 ----N---- C:\WINDOWS\system32\pxcpya64.exe 2008-12-19 00:47:11 ----N---- C:\WINDOWS\system32\pxafs.dll 2008-12-19 00:47:00 ----D---- D:\Documents and Settings\NEHR ALEKSANDRA\Application Data\Winamp 2008-12-19 00:47:00 ----D---- C:\Program Files\Winamp 2008-12-19 00:26:41 ----HDC---- D:\Documents and Settings\All Users\Application Data\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185} 2008-12-19 00:16:19 ----D---- D:\Documents and Settings\NEHR ALEKSANDRA\Application Data\VadeRetro 2008-12-19 00:16:14 ----D---- C:\Program Files\Fichiers communs\Goto Software 2008-12-19 00:16:11 ----D---- D:\Documents and Settings\All Users\Application Data\VadeRetro 2008-12-19 00:16:11 ----D---- C:\Program Files\Goto Software 2008-12-18 17:42:25 ----A---- C:\WINDOWS\exchng.ini 2008-12-18 13:50:52 ----D---- D:\Documents and Settings\NEHR ALEKSANDRA\Application Data\Uniblue 2008-12-17 13:35:34 ----A---- C:\WINDOWS\system32\javaws.exe 2008-12-17 13:35:34 ----A---- C:\WINDOWS\system32\javaw.exe 2008-12-17 13:35:34 ----A---- C:\WINDOWS\system32\java.exe 2008-12-17 13:35:34 ----A---- C:\WINDOWS\system32\deploytk.dll 2008-12-17 13:14:01 ----A---- C:\WINDOWS\ntbtlog.txt 2008-12-15 16:35:54 ----D---- C:\Program Files\LimeWire 2008-12-11 13:03:39 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$ 2008-12-11 13:00:53 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$ 2008-12-11 13:00:46 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$ 2008-12-11 13:00:41 ----A---- C:\WINDOWS\imsins.BAK 2008-12-11 13:00:33 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$ 2008-12-10 13:48:07 ----D---- C:\Program Files\IKEA HomePlanner 2008-12-10 13:47:43 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard 2008-12-05 15:57:53 ----D---- C:\Program Files\Fichiers communs\PC Tools 2008-12-03 15:16:18 ----D---- D:\Documents and Settings\NEHR ALEKSANDRA\Application Data\Scribus 2008-12-03 14:34:52 ----D---- C:\Program Files\Web Publish 2008-12-03 14:34:35 ----A---- C:\WINDOWS\UnKeeBoo.exe 2008-12-03 14:34:23 ----D---- C:\Program Files\KeeBoo 2008-12-03 13:15:50 ----D---- D:\Documents and Settings\NEHR ALEKSANDRA\Application Data\GlarySoft 2008-12-03 12:10:41 ----D---- D:\Documents and Settings\NEHR ALEKSANDRA\Application Data\gtk-2.0 2008-11-26 13:42:44 ----D---- C:\Program Files\Microsoft Silverlight 2008-11-13 13:01:31 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$ 2008-11-13 13:01:04 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$ 2008-11-13 13:00:55 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$ 2008-11-04 13:51:24 ----A---- C:\WINDOWS\capture.ini 2008-10-31 15:24:44 ----D---- C:\Program Files\Packard Bell ImageWriter 2008-10-31 11:09:46 ----D---- C:\installXP 2008-10-31 10:29:28 ----D---- C:\WINDOWS\Prefetch 2008-10-31 10:24:35 ----D---- C:\Program Files\Xenocode 2008-10-31 10:17:58 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$ 2008-10-31 10:17:43 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$ 2008-10-31 10:17:27 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$ 2008-10-31 10:17:13 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$ 2008-10-31 10:16:57 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$ 2008-10-31 10:16:41 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$ 2008-10-31 10:16:27 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$ 2008-10-31 10:16:06 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$ 2008-10-31 10:15:50 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$ 2008-10-31 10:15:32 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$ 2008-10-30 13:29:29 ----D---- C:\WINDOWS\pss 2008-10-30 12:39:21 ----D---- C:\Program Files\QUAD Utilities 2008-10-30 11:11:15 ----D---- C:\WINDOWS\Performance 2008-10-30 11:10:59 ----D---- D:\Documents and Settings\All Users\Application Data\Microsoft Corporation 2008-10-30 10:53:31 ----HDC---- C:\WINDOWS\$NtUninstallQ828026$ 2008-10-30 10:33:53 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_2$ 2008-10-30 10:33:36 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_2$ 2008-10-30 10:33:14 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_2$ 2008-10-30 10:32:58 ----HDC---- C:\WINDOWS\$NtUninstallKB951698_2$ 2008-10-30 10:32:37 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_2$ 2008-10-30 10:32:04 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_2$ 2008-10-30 10:31:32 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_2$ 2008-10-30 10:31:17 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_2$ 2008-10-30 10:31:03 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_2$ 2008-10-30 10:30:48 ----HDC---- C:\WINDOWS\$NtUninstallKB938464_2$ 2008-10-24 21:00:24 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$ 2008-10-15 12:50:38 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$ 2008-10-15 12:50:34 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$ 2008-10-15 12:50:29 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$ 2008-10-15 12:49:59 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$ 2008-10-15 12:49:35 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$ 2008-10-04 16:12:37 ----D---- D:\Documents and Settings\All Users\Application Data\ScanSoft 2008-10-04 11:29:31 ----D---- C:\Program Files\Packard Bell 2008-10-04 11:05:16 ----D---- C:\Program Files\DIFX 2008-10-03 17:14:28 ----A---- C:\WINDOWS\hpqEmlSz.INI 2008-10-03 12:17:44 ----A---- C:\WINDOWS\system32\STKIT432.DLL 2008-09-30 16:43:34 ----A---- C:\WINDOWS\system32\msxml4.dll 2008-09-29 18:46:50 ----D---- D:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-09-27 21:07:14 ----A---- C:\WINDOWS\ODBC.INI 2008-09-27 21:06:15 ----D---- C:\Program Files\Microsoft Visual Studio 2008-09-27 19:28:22 ----D---- D:\Documents and Settings\NEHR ALEKSANDRA\Application Data\Help 2008-09-27 19:25:35 ----D---- C:\Program Files\AvantGo Connect 2008-09-27 19:25:32 ----D---- C:\Program Files\Common Files 2008-09-27 19:24:45 ----A---- C:\WINDOWS\system32\ppvexp.dll 2008-09-27 19:24:42 ----A---- C:\WINDOWS\system32\malslib.dll 2008-09-27 19:24:41 ----A---- C:\WINDOWS\system32\uicom.dll 2008-09-27 19:24:41 ----A---- C:\WINDOWS\system32\pmailext.dll 2008-09-27 19:24:40 ----A---- C:\WINDOWS\system32\rapi.dll 2008-09-27 19:24:40 ----A---- C:\WINDOWS\system32\ppcload.dll 2008-09-27 19:24:40 ----A---- C:\WINDOWS\system32\MsgStRPC.dll 2008-09-27 19:24:39 ----D---- C:\Program Files\Microsoft ActiveSync 2008-09-27 19:24:39 ----A---- C:\WINDOWS\system32\ceutil.dll 2008-09-22 21:01:39 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$ 2008-09-22 21:01:25 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$ 2008-09-22 21:01:08 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$ 2008-09-22 21:00:57 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$ 2008-09-22 17:06:58 ----D---- D:\Documents and Settings\NEHR ALEKSANDRA\Application Data\Google 2008-09-22 17:04:04 ----D---- C:\Program Files\Fichiers communs\Adobe 2008-09-22 17:04:04 ----D---- C:\Program Files\Adobe 2008-09-22 09:22:34 ----D---- C:\Program Files\Fichiers communs\HP 2008-09-22 09:20:33 ----D---- C:\Program Files\Hewlett-Packard 2008-09-22 09:19:41 ----D---- C:\Program Files\Fichiers communs\Hewlett-Packard 2008-09-22 09:15:54 ----A---- C:\WINDOWS\system32\HPZisn12.dll 2008-09-22 09:15:54 ----A---- C:\WINDOWS\system32\HPZipt12.dll 2008-09-22 09:15:54 ----A---- C:\WINDOWS\system32\HPZipr12.dll 2008-09-22 09:15:54 ----A---- C:\WINDOWS\system32\HPZipm12.exe 2008-09-22 09:15:54 ----A---- C:\WINDOWS\system32\HPZinw12.exe 2008-09-22 09:15:53 ----A---- C:\WINDOWS\system32\HPZidr12.dll 2008-09-22 09:13:10 ----D---- C:\Program Files\HP 2008-09-22 09:11:37 ----HD---- C:\Config.Msi 2008-09-22 09:09:19 ----RA---- C:\WINDOWS\system32\HPZc3212.dll 2008-09-22 09:09:17 ----RA---- C:\WINDOWS\system32\hpovst08.dll 2008-09-22 09:09:12 ----RA---- C:\WINDOWS\system32\hpotiop.dll 2008-09-22 09:09:09 ----RA---- C:\WINDOWS\system32\hpgwiamd.dll 2008-09-21 13:00:00 ----D---- C:\Program Files\VirginMega 2008-09-21 12:51:20 ----N---- C:\WINDOWS\system32\spmsg.dll 2008-09-21 12:51:18 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$ 2008-09-21 12:50:59 ----D---- C:\Program Files\Windows Media Connect 2 2008-09-21 12:49:51 ----D---- C:\WINDOWS\system32\LogFiles 2008-09-21 12:49:47 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$ 2008-09-21 12:28:33 ----D---- D:\Documents and Settings\All Users\Application Data\AOL OCP 2008-09-21 12:21:48 ----D---- D:\Documents and Settings\All Users\Application Data\AOL Downloads 2008-09-21 00:58:22 ----D---- C:\Program Files\MSECache 2008-09-21 00:46:45 ----D---- D:\Documents and Settings\All Users\Application Data\Messenger Plus! 2008-09-21 00:35:57 ----D---- C:\WINDOWS\SxsCaPendDel 2008-09-20 23:58:10 ----D---- C:\WINDOWS\Minidump ======List of files/folders modified in the last 3 months====== 2008-12-19 19:35:35 ----D---- C:\WINDOWS\Temp 2008-12-19 19:17:24 ----AD---- C:\WINDOWS\system32 2008-12-19 19:17:21 ----D---- C:\WINDOWS\system32\drivers 2008-12-19 18:29:45 ----D---- C:\WINDOWS 2008-12-19 18:28:05 ----D---- C:\WINDOWS\system32\CatRoot2 2008-12-19 18:26:00 ----A---- C:\WINDOWS\SchedLgU.Txt 2008-12-19 17:48:47 ----RD---- C:\Program Files 2008-12-19 12:44:35 ----SHD---- C:\WINDOWS\Installer 2008-12-19 06:48:24 ----RSHD---- C:\WINDOWS\system32\dllcache 2008-12-19 06:48:24 ----HD---- C:\WINDOWS\inf 2008-12-19 06:48:23 ----D---- C:\WINDOWS\system32\CatRoot 2008-12-19 05:45:11 ----D---- C:\Program Files\Microsoft Office 2008-12-19 05:44:51 ----A---- C:\WINDOWS\win.ini 2008-12-19 05:44:50 ----A---- C:\WINDOWS\ODBCINST.INI 2008-12-19 05:44:48 ----D---- C:\WINDOWS\Media 2008-12-19 05:44:48 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared 2008-12-19 05:44:16 ----D---- C:\WINDOWS\system 2008-12-19 05:44:16 ----D---- C:\WINDOWS\Help 2008-12-19 02:46:30 ----D---- C:\WINDOWS\Microsoft.NET 2008-12-19 02:46:23 ----RSD---- C:\WINDOWS\assembly 2008-12-19 02:04:20 ----D---- C:\APPS 2008-12-19 01:51:17 ----D---- C:\Program Files\Windows Media Player 2008-12-19 01:40:13 ----D---- C:\Program Files\Java 2008-12-19 01:02:01 ----SD---- C:\WINDOWS\Tasks 2008-12-19 00:16:14 ----D---- C:\Program Files\Fichiers communs 2008-12-19 00:06:40 ----SD---- D:\Documents and Settings\All Users\Application Data\Microsoft 2008-12-18 23:38:01 ----D---- C:\WINDOWS\WinSxS 2008-12-18 23:37:22 ----D---- D:\Documents and Settings\All Users\Application Data\Google Updater 2008-12-18 20:05:25 ----D---- C:\WINDOWS\system32\config 2008-12-18 17:41:39 ----RSD---- C:\WINDOWS\Fonts 2008-12-18 13:03:01 ----HD---- C:\WINDOWS\$hf_mig$ 2008-12-17 19:23:11 ----D---- D:\Documents and Settings\NEHR ALEKSANDRA\Application Data\LimeWire 2008-12-17 13:38:23 ----SHD---- C:\System Volume Information 2008-12-17 13:38:23 ----D---- C:\WINDOWS\system32\Restore 2008-12-17 13:16:54 ----SHD---- C:\RECYCLER 2008-12-13 07:37:56 ----A---- C:\WINDOWS\system32\mshtml.dll 2008-12-12 16:43:40 ----SHD---- C:\DRIVERS 2008-12-12 11:26:10 ----D---- C:\Program Files\OFFICE One6.5 2008-12-12 10:42:21 ----AD---- D:\Documents and Settings\All Users\Application Data\TEMP 2008-12-11 13:03:17 ----D---- C:\Program Files\Internet Explorer 2008-12-11 13:01:07 ----D---- C:\WINDOWS\Debug 2008-12-10 00:24:37 ----A---- C:\WINDOWS\system32\MRT.exe 2008-12-04 09:10:56 ----SD---- C:\WINDOWS\Downloaded Program Files 2008-12-03 14:53:09 ----DC---- C:\WINDOWS\system32\DRVSTORE 2008-12-03 13:18:44 ----D---- C:\WINDOWS\twain_32 2008-11-26 16:31:14 ----D---- C:\WINDOWS\network diagnostic 2008-11-16 21:12:59 ----D---- C:\Program Files\Google 2008-11-15 19:44:26 ----SD---- D:\Documents and Settings\NEHR ALEKSANDRA\Application Data\Microsoft 2008-11-04 13:49:34 ----D---- D:\Documents and Settings\All Users\Application Data\SSScanWizard 2008-11-04 13:47:56 ----D---- D:\Documents and Settings\All Users\Application Data\SSScanAppDataDir 2008-11-01 10:48:20 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2008-10-31 12:55:46 ----D---- C:\Program Files\AOL 9.0 2008-10-31 11:20:00 ----D---- C:\WINDOWS\REPAIR 2008-10-31 10:28:22 ----D---- C:\WINDOWS\security 2008-10-31 10:15:11 ----D---- C:\Program Files\Messenger 2008-10-31 10:14:32 ----D---- C:\WINDOWS\system32\oobe 2008-10-31 10:13:29 ----D---- C:\WINDOWS\system32\ReinstallBackups 2008-10-31 10:13:16 ----D---- C:\WINDOWS\EHome 2008-10-31 09:49:33 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$ 2008-10-31 09:12:22 ----A---- C:\WINDOWS\orun32.ini 2008-10-23 13:36:51 ----A---- C:\WINDOWS\system32\gdi32.dll 2008-10-23 11:06:59 ----N---- C:\WINDOWS\system32\tzchange.exe 2008-10-21 21:49:26 ----D---- C:\Program Files\Pack Securite 2008-10-16 21:18:43 ----A---- C:\WINDOWS\system32\wininet.dll 2008-10-16 21:18:42 ----A---- C:\WINDOWS\system32\webcheck.dll 2008-10-16 21:18:42 ----A---- C:\WINDOWS\system32\urlmon.dll 2008-10-16 21:18:41 ----A---- C:\WINDOWS\system32\url.dll 2008-10-16 21:18:41 ----A---- C:\WINDOWS\system32\pngfilt.dll 2008-10-16 21:18:41 ----A---- C:\WINDOWS\system32\occache.dll 2008-10-16 21:18:41 ----A---- C:\WINDOWS\system32\mstime.dll 2008-10-16 21:18:40 ----A---- C:\WINDOWS\system32\msrating.dll 2008-10-16 21:18:40 ----A---- C:\WINDOWS\system32\mshtmled.dll 2008-10-16 21:18:37 ----A---- C:\WINDOWS\system32\msfeedsbs.dll 2008-10-16 21:18:37 ----A---- C:\WINDOWS\system32\msfeeds.dll 2008-10-16 21:18:36 ----A---- C:\WINDOWS\system32\jsproxy.dll 2008-10-16 21:18:35 ----A---- C:\WINDOWS\system32\iertutil.dll 2008-10-16 21:18:35 ----A---- C:\WINDOWS\system32\iernonce.dll 2008-10-16 21:18:35 ----A---- C:\WINDOWS\system32\ieframe.dll 2008-10-16 21:18:32 ----A---- C:\WINDOWS\system32\iedkcs32.dll 2008-10-16 21:18:32 ----A---- C:\WINDOWS\system32\ieapfltr.dll 2008-10-16 21:18:32 ----A---- C:\WINDOWS\system32\ieaksie.dll 2008-10-16 21:18:32 ----A---- C:\WINDOWS\system32\ieakeng.dll 2008-10-16 21:18:32 ----A---- C:\WINDOWS\system32\icardie.dll 2008-10-16 21:18:31 ----A---- C:\WINDOWS\system32\extmgr.dll 2008-10-16 21:18:31 ----A---- C:\WINDOWS\system32\dxtrans.dll 2008-10-16 21:18:31 ----A---- C:\WINDOWS\system32\dxtmsft.dll 2008-10-16 21:18:31 ----A---- C:\WINDOWS\system32\advpack.dll 2008-10-16 14:13:40 ----A---- C:\WINDOWS\system32\wuweb.dll 2008-10-16 14:13:40 ----A---- C:\WINDOWS\system32\wuaueng.dll 2008-10-16 14:12:22 ----A---- C:\WINDOWS\system32\wucltui.dll 2008-10-16 14:12:20 ----A---- C:\WINDOWS\system32\wuapi.dll 2008-10-16 14:12:20 ----A---- C:\WINDOWS\system32\ie4uinit.exe 2008-10-16 14:11:09 ----A---- C:\WINDOWS\system32\ieudinit.exe 2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wups2.dll 2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wucltui.dll.mui 2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wuauclt.exe 2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\cdm.dll 2008-10-16 14:08:58 ----A---- C:\WINDOWS\system32\wups.dll 2008-10-16 14:08:06 ----A---- C:\WINDOWS\system32\wuapi.dll.mui 2008-10-16 14:07:32 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui 2008-10-16 14:06:48 ----A---- C:\WINDOWS\system32\muweb.dll 2008-10-16 14:06:48 ----A---- C:\WINDOWS\system32\mucltui.dll 2008-10-16 14:06:40 ----A---- C:\WINDOWS\system32\mucltui.dll.mui 2008-10-15 17:35:43 ----A---- C:\WINDOWS\system32\netapi32.dll 2008-10-15 08:04:53 ----A---- C:\WINDOWS\system32\ieakui.dll 2008-10-03 11:03:53 ----A---- C:\WINDOWS\system32\strmdll.dll 2008-09-27 21:06:15 ----D---- C:\Program Files\Fichiers communs\Designer 2008-09-27 21:05:45 ----D---- C:\Program Files\Fichiers communs\System 2008-09-23 22:13:58 ----D---- C:\Program Files\Windows Live 2008-09-23 12:45:58 ----D---- D:\Documents and Settings\All Users\Application Data\WLInstaller 2008-09-22 17:28:07 ----D---- D:\Documents and Settings\All Users\Application Data\NOS 2008-09-22 17:28:05 ----D---- C:\Program Files\NOS 2008-09-21 12:45:38 ----D---- C:\WINDOWS\SoftwareDistribution 2008-09-21 12:41:28 ----D---- D:\Documents and Settings\All Users\Application Data\AOL 2008-09-21 12:41:28 ----D---- C:\Program Files\Fichiers communs\AOL 2008-09-21 01:23:11 ----D---- D:\Documents and Settings\NEHR ALEKSANDRA\Application Data\Identities 2008-09-21 00:19:12 ----D---- C:\Program Files\Neuf 2008-09-21 00:05:08 ----D---- D:\Documents and Settings\All Users\Application Data\fssg ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 43008] R1 F-Secure HIPS;F-Secure HIPS; \??\C:\Program Files\Pack Securite\HIPS\fshs.sys [] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] R3 3xHybrid;3xHybrid service; C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2005-05-27 799744] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-05-18 2319680] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-12-21 2843136] R3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Program Files\Pack Securite\Anti-Virus\minifilter\fsgk.sys [] R3 HdAudAddService;ATI Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\AtiHdAud.sys [2006-12-28 84992] R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-12-14 51120] R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-12-14 16496] R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-12-14 21744] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2004-12-02 70912] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152] R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-01-10 33588] S1 wceusbsh;Pilote d'hôte USB série pour Windows CE; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2008-04-14 32128] S3 catchme;catchme; \??\D:\DOCUME~1\NEHRAL~1\LOCALS~1\Temp\catchme.sys [] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [] S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] S3 MPE;Filtre BDA MPE; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\PCASp50.sys [2005-11-19 20096] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 TVICHW32;TVICHW32; C:\WINDOWS\system32\drivers\TVICHW32.sys [] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 F-Secure Filter;F-Secure File System Filter; \??\C:\Program Files\Pack Securite\Anti-Virus\Win2K\FSfilter.sys [] S4 F-Secure Recognizer;F-Secure File System Recognizer; \??\C:\Program Files\Pack Securite\Anti-Virus\Win2K\FSrec.sys [] S4 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AOL ACS;AOL Connectivity Service; C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe [2004-04-08 1135728] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-12-21 512000] R2 CLCapSvc;CyberLink Background Capture Service (CBCS); c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe [2005-05-11 221266] R2 CLSched;CyberLink Task Scheduler (CTS); c:\APPS\Powercinema\Kernel\TV\CLSched.exe [2005-05-11 110672] R2 CyberLink Media Library Service;CyberLink Media Library Service; C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe [2005-05-11 61440] R2 F-Secure Gatekeeper Handler Starter;FSGKHS; C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe [2007-04-26 48072] R2 FSMA;FSMA; C:\Program Files\Pack Securite\Common\FSMA32.EXE [2007-04-26 113576] R2 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-03 168432] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-17 152984] R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632] R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe [2004-02-26 49152] R3 FSAUA;F-Secure Automatic Update Agent; C:\Program Files\Pack Securite\FSAUA\program\fsaua.exe [2007-04-26 457584] R3 FSDFWD;F-Secure Anti-Virus Firewall Daemon; C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe [2007-04-26 453488] R4 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-11-26 155160] S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2007-12-20 593920] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144] S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2008-07-25 191656] S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S4 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [] -----------------EOF----------------- - info txt: info.txt logfile of random's system information tool 1.05 2008-12-19 19:35:37 ======Uninstall list====== -->"C:\Program Files\Fichiers communs\aolshare\Coach\AolCInUn.exe" -lang="fr-fr" -->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Spyware Scanner" -->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Spyware" -->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Virus Client Security Installer" -->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Virus" -->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Automatic Update Agent" -->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure DAAS" -->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Diagnostics" -->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure E-mail Scanning" -->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure FWES" -->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure GateKeeper Interface" -->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Gemini" -->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure GUI" -->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Help" -->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure HIPS" -->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Internet Shield" -->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Localization API" -->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Management Agent" -->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Pegasus Engine" -->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Protocol Scanner" -->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Spam Control" -->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Spam Scanner" -->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure TNB" -->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Uninstall" -->"C:\Program Files\Pack Securite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Web Filter" -->C:\PROGRA~1\FICHIE~1\AOL\ACS\AcsUninstall.exe /c -->C:\Program Files\Fichiers communs\AOL\Screensaver\uninst_ygpss.exe -->C:\Program Files\Fichiers communs\aolshare\Aolunins_fr.exe -->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 -->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 -->C:\Program Files\Learn2.com\StRunner\stuninst.exe -->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu -->C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19} -->C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log -->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} -->MsiExec.exe /I{8B543A39-9401-44F4-B572-069E64C15189} -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\Setup.EXE" -uninstall -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F9CFBD8-8F77-4DCD-8CB5-CDD5F653C872}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4F1DA6BF-3614-48A1-9970-9E90F646789E}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5A065EA0-0EEC-4E94-A2A0-40812576C122}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5AFA4872-16B2-419E-ADCA-8E96E739115D}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0A32C786-85DE-48F8-9E54-848B3E34A90C}\setup.exe" -l0x40c -removeonly -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001} ATI - Utilitaire de désinstallation du logiciel-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe ATI AVIVO Codecs-->MsiExec.exe /I{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3} ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0 ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean ATI Parental Control & Encoder-->MsiExec.exe /I{36CDA33B-909B-4719-97D1-C4B99309BDC7} Barre d'outils MSN-->C:\Program Files\MSN Toolbar\01.01.2607.0\fr\mtbs.exe c Codeur Windows Media Série 9-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe" Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Driver CD Creator v1.3.1-->"C:\Program Files\Packard Bell\Driver CD Creator\unins000.exe" Galerie de photos Windows Live-->MsiExec.exe /X{A70FA218-6598-4AC9-813D-63597C5DD068} High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe" HijackThis 2.0.2-->"C:\karcher\HijackThis.exe" /uninstall Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" HP Extended Capabilities 4.7-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat HP Image Zone 4.7-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat HP PSC & OfficeJet 4.7-->"C:\Program Files\HP\Digital Imaging\{342C7C88-D335-4bc2-8CF1-281857629CE2}\setup\hpzscr01.exe" -datfile hposcr05.dat HP Software Update-->MsiExec.exe /X{64FC0C98-B035-4530-B15D-3D30610B6DF1} IKEA Home Planner-->MsiExec.exe /I{E7310F2E-C551-4FAB-BA07-EAC2E158B1BB} ISSENDIS WebUpdate v6-->"C:\Program Files\ISSENDIS\ISSENDIS WebUpdate v6\unins000.exe" J2SE Runtime Environment 5.0 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150020} Java 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF} LimeWire 4.18.8-->"C:\Program Files\LimeWire\uninstall.exe" Ludi-->C:\Program Files\Ludi\uninstall.exe Ma-Config.com-->MsiExec.exe /X{CFF24C43-9C46-4044-9C54-A4D98A3A25FB} Macromedia Shockwave Player-->MsiExec.exe /X{7D1D6A24-65D4-454C-8815-4F08A5FFF12C} Messenger Plus! 3-->"C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /Remove Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700} Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28} Microsoft ActiveSync 3.5-->"C:\WINDOWS\ISUN040C.EXE" -f"C:\Program Files\Microsoft ActiveSync\DeIsL1.isu" -c"C:\Program Files\Microsoft ActiveSync\ceuninst.dll" Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Outlook 2002-->MsiExec.exe /I{911A040C-6000-11D3-8CFE-0050048383C9} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Web Publishing Wizard 1.52-->RunDll32 ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\wpie4x86.inf,WebPostUninstall Mise à jour de sécurité pour le Codeur Windows Media (KB954156)-->"C:\WINDOWS\$NtUninstallKB954156_WM9L$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe" MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} Navilog1 3.7.0-->"C:\Program Files\Navilog1\unins000.exe" OFFICE One 450 Fonts-->C:\WINDOWS\Fonts\unins000.exe OFFICE One 6.5 Bureautique désinstallation complète 6.5-->"C:\Program Files\OFFICE One6.5\Uninstall All\SETUP\setup.exe" /u OFFICE One 6.5-->c:\Program Files\OFFICE ONE6.5\program\setup.exe -deinstall OFFICE One Color Picker 6.5-->"C:\Program Files\OFFICE ONE6.5\OFFICE One Color Picker\SETUP\setup.exe" /u OFFICE One Guide 6.5-->"C:\Program Files\OFFICE ONE6.5\Guide\SETUP\setup.exe" /u OFFICE One PDF Manager 6.5-->"C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\SETUP\setup.exe" /u Office XP Web Services Toolkit [CD]-->MsiExec.exe /X{A43B8D30-B46F-11D5-A54F-0090278A1BB8} OmniPage SE-->MsiExec.exe /I{6249C22D-E6A8-407B-BA8B-40298848ED94} OpenOffice.org Installer 1.0-->MsiExec.exe /X{3A2AF807-9F9F-43C9-A24A-17B617238B74} Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall Pack Securite Plus-->"C:\Program Files\Pack Securite\FSGUI\PostInstall.exe" /tUnInstall Packard Bell ImageWriter v1.1-->"C:\Program Files\Packard Bell ImageWriter\unins000.exe" Panneau de contrôle ATI-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe" Readiris Pro 8-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9B93C2B3-D9E8-11D6-AB3E-000102B0F79A}\setup.exe" -l0x40c Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\Setup.exe" -l0x40c REMOVE -removeonly Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} SFR - Kit de connexion-->C:\Program Files\Neuf\Kit\uninstall.exe Sonic MyDVD-->MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29} Sonic RecordNow!-->MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19} Suite graphique CorelDRAW 11-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{A7B78C41-6594-438B-B607-DD1710472C7F} TV sur PC-->C:\Program Files\Neuf\TV_PC\uninstall.exe Unlocker 1.8.7-->C:\Program Files\Unlocker\uninst.exe Vade Retro Outlook, Outlook Express, Windows Mail (Vista)-->C:\Program Files\Goto Software\Vade Retro\uninst.exe VideoLAN VLC media player 0.8.6b-->C:\Program Files\VideoLAN\VLC\uninstall.exe Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u VirginMega.Fr Premium-->MsiExec.exe /I{EE467474-04A8-48D5-8DDF-0F8D3A3CCBE5} Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe" Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65} Windows Live Writer-->MsiExec.exe /X{3DFF4274-EBB0-4356-9692-972965018954} Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" Xenocode Postbuild 2008 for .NET-->MsiExec.exe /I{C673D369-E537-45BE-8272-29AD9B077275} ======Security center information====== AV: Pack Securite Plus 7.00 FW: Pack Securite Plus 7.00 System event log Computer Name: 1042545403196 Event Code: 7036 Message: Le service Pml Driver HPZ12 est entré dans l'état : en cours d'exécution. Record Number: 62626 Source Name: Service Control Manager Time Written: 20081218222546.000000+060 Event Type: Informations User: Computer Name: 1042545403196 Event Code: 7035 Message: Un contrôle Démarrer a correctement été envoyé au service Pml Driver HPZ12. Record Number: 62625 Source Name: Service Control Manager Time Written: 20081218222546.000000+060 Event Type: Informations User: 1042545403196\NEHR ALEKSANDRA Computer Name: 1042545403196 Event Code: 7036 Message: Le service Pml Driver HPZ12 est entré dans l'état : arrêté. Record Number: 62624 Source Name: Service Control Manager Time Written: 20081218222346.000000+060 Event Type: Informations User: Computer Name: 1042545403196 Event Code: 7036 Message: Le service Pml Driver HPZ12 est entré dans l'état : en cours d'exécution. Record Number: 62623 Source Name: Service Control Manager Time Written: 20081218222346.000000+060 Event Type: Informations User: Computer Name: 1042545403196 Event Code: 7035 Message: Un contrôle Démarrer a correctement été envoyé au service Pml Driver HPZ12. Record Number: 62622 Source Name: Service Control Manager Time Written: 20081218222346.000000+060 Event Type: Informations User: 1042545403196\NEHR ALEKSANDRA Application event log Computer Name: 1042545403196 Event Code: 100 Message: msnmsgr (3596) Le moteur de base de données 5.01.2600.5512 est démarré. Record Number: 8295 Source Name: ESENT Time Written: 20081012004151.000000+120 Event Type: Informations User: Computer Name: 1042545403196 Event Code: 101 Message: msnmsgr (3596) Le moteur de base de données est arrêté. Record Number: 8294 Source Name: ESENT Time Written: 20081012004114.000000+120 Event Type: Informations User: Computer Name: 1042545403196 Event Code: 103 Message: msnmsgr (3596) \\.\D:\Documents and Settings\NEHR ALEKSANDRA\Local Settings\Application Data\Microsoft\Messenger\leksa@live.fr\SharingMetadata\Working\database_A070_C591_70C5_6E9A\dfsr.db: Le moteur de base de données a arrêté une instance (0). Record Number: 8293 Source Name: ESENT Time Written: 20081012004114.000000+120 Event Type: Informations User: Computer Name: 1042545403196 Event Code: 704 Message: msnmsgr (3596) La défragmentation en ligne de la base de données '\\.\D:\Documents and Settings\NEHR ALEKSANDRA\Local Settings\Application Data\Microsoft\Messenger\leksa@live.fr\SharingMetadata\Working\database_A070_C591_70C5_6E9A\dfsr.db' a été interrompue et arrêtée. La prochaine fois qu'une défragmentation en ligne sera effectuée dans cette base de données, elle reprendra à l'endroit où elle a été interrompue. Record Number: 8292 Source Name: ESENT Time Written: 20081012004114.000000+120 Event Type: Informations User: Computer Name: 1042545403196 Event Code: 701 Message: msnmsgr (3596) La défragmentation en ligne a terminé un passage complet dans la base de données '\\.\D:\Documents and Settings\NEHR ALEKSANDRA\Local Settings\Application Data\Microsoft\Messenger\leksa@live.fr\SharingMetadata\Working\database_A070_C591_70C5_6E9A\dfsr.db'. Record Number: 8291 Source Name: ESENT Time Written: 20081012000000.000000+120 Event Type: Informations User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\ATI Technologies\ATI Control Panel;C:\Program Files\Fichiers communs\Ulead Systems\MPEG;C:\PROGRA~1\FICHIE~1\SONICS~1\;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 39 Stepping 1, AuthenticAMD "PROCESSOR_REVISION"=2701 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP -----------------EOF-----------------
  14. Je ne peux toujours pas ouvrir mon lecteur windows média player. => la version 11 est redevenu version 10 => quand je tente de l'ouvrir il m'indique que wmplayer.exe a rencontré des problèmes et doit fermer. Le petit point blanc en haut à gauche de mon écran est toujours là. Il est très lent pour l'ouverture de logiciels et internet, ce qui n'est pas dans son habitude. Je continue d'avoir des pubs intempestives lorsque je me connecte sur internet. Il y a des dossiers que je ne peux pas ouvrir dans D:documents&settings Dans propriété de D: il est dit qu'il y a 183 Go d'utilisé sur les 196 total alros que mes dossiers en intégralité sur D: prennent que 16,5 Go Dans propriété de C: il est dit qu'il y a 12,1 Go utilisé sur les 29,90 total alors que mes dossiers en intégralité sur C: prennent que 8,75 Go Pour l'histoire des anti-virus.... j'ai fais la manip. merci. j'ai également des problèmes avec mon outlook... il est revenu à la version précédente (maintenant 2002) mais je ne peux plus envoyer/recevoir de messages provenant de ma messagerie neuf.
  15. Pear...... Merci de venir à mon secour! Voici le rapport Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:36:49, on 19/12/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe C:\Program Files\Pack Securite\Common\FSMA32.EXE C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Pack Securite\Common\FSMB32.EXE C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Pack Securite\Common\FCH32.EXE C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Pack Securite\Common\FAMEH32.EXE C:\Program Files\Pack Securite\Anti-Virus\fsqh.exe C:\Program Files\Pack Securite\FSPC\fspc.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe c:\APPS\Powercinema\Kernel\TV\CLSched.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Pack Securite\FSAUA\program\fsaua.exe C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Pack Securite\FSAUA\program\fsus.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe C:\Apps\Powercinema\PCMService.exe C:\apps\ABoard\ABoard.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Pack Securite\Common\FSM32.EXE C:\apps\ABoard\AOSD.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Fichiers communs\Goto Software\Vaderetro_Mgr.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE C:\Program Files\Pack Securite\FSGUI\fsguidll.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\OFFICE One6.5\program\soffice.exe C:\Program Files\Pack Securite\Anti-Virus\fsav32.exe C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Pack Securite\Anti-Virus\FSGK32.EXE C:\Program Files\Pack Securite\Anti-Virus\fssm32.exe C:\karcher\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ATIPTA] "C:\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Pack Securite\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Pack Securite\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [VadeRetro Outlook] C:\Program Files\Goto Software\Vade Retro\VrMoRegister.exe -s O4 - HKLM\..\Run: [VRManager] C:\Program Files\Fichiers communs\Goto Software\Vaderetro_Mgr.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [OoPDFSettingsv6.exe] C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" O4 - HKCU\..\Run: [RegistryBooster 2 d’Uniblue ] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: OFFICE One 6.5.lnk = C:\Program Files\OFFICE One6.5\program\quickstart.exe O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll O9 - Extra button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll O9 - Extra 'Tools' menuitem: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Pack Securite\FSAUA\program\fsaua.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Pack Securite\Common\FSMA32.EXE O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe -- End of file - 12615 bytes
×
×
  • Créer...