Aller au contenu

romnath

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    21

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par romnath

  1. romnath
    en fait je ne peux pas recuperer IE car apparement je ne suis plus administrateur de mon ordinateur...!!!
  2. romnath
    je suis en train de sauvegarder sur dvd ce qui est important et je vais faire un formatage, c'est radical mais je pense que ca ira mieux apres non ?
  3. romnath
    bonjour, je viens de redemarrer mon ordi avec bcp de mal... plus de souris, j'ai du en retrouver une vieille avec un fil.., donc non je n'ai pas du internet explorer la fenetre s'ouvre puis se ferme de suite.... je crois que c'est de pire en pire que faire...???
  4. romnath
    pour installer anitivir j'ai un soucis car quand je le lance il me dit qu'il faut etre connecte pour lancer l'installation... alors que je usis en ligne sur mozilla car IE ne marche pas... tu sais pourquoi ?
  5. romnath
    voici mon dernier rapport : Malwarebytes' Anti-Malware 1.32 Version de la base de données: 1638 Windows 5.1.2600 Service Pack 3 10/01/2009 23:52:40 mbam-log-2009-01-10 (23-52-40).txt Type de recherche: Examen complet (C:\|) Eléments examinés: 140674 Temps écoulé: 1 hour(s), 29 minute(s), 58 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) et le dernier hijackthis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:54:54, on 10/01/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AGI\common\win32\PythonService.exe C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe C:\Program Files\AntivirusFirewall\Anti-Virus\FSGK32.EXE C:\Program Files\AntivirusFirewall\Anti-Virus\fssm32.exe C:\WINDOWS\System32\FTRTSVC.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\RunDll32.exe C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\WINDOWS\VM305_STI.EXE C:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\TomTom HOME 2\HOMERunner.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\Wireless LAN Driver and Utility\RtWLan.exe C:\Program Files\IncrediMail\bin\IMApp.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\AntivirusFirewall\Common\FSLAUNCH.EXE C:\Program Files\IncrediMail\bin\IncMail.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\IncrediMail\bin\IncMail.exe C:\Documents and Settings\nathalie\Bureau\antivirus\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [OPSE reminder] "C:\Program Files\ScanSoft\OmniPageSE2.0\EregFre\Ereg.exe" -r "C:\Program Files\ScanSoft\OmniPageSE2.0\EregFre\ereg.ini" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [bigDog305] C:\WINDOWS\VM305_STI.EXE VIMICRO USB PC Camera (ZC0305) O4 - HKLM\..\Run: [NetAnalyse] C:\Program Files\NetAnalyse\NetAnalyse.exe O4 - HKLM\..\Run: [Anniversaires] C:\Anuman Interactive\Le journal de votre naissance\anniv.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe" -atboottime O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: NetAnalyse.lnk = C:\Program Files\NetAnalyse\NetAnalyse.exe O4 - Startup: PowerReg Scheduler V3.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Wireless LAN Utility.lnk = ? O8 - Extra context menu item: &Bloquer cette fenêtre publicitaire - C:\Program Files\AntivirusFirewall\Anti-Spyware\blockpopups.htm O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?bc611d11bab3496a82a04ef96140a3a9 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?bc611d11bab3496a82a04ef96140a3a9 O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing) O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/dow...llerControl.cab O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0..._instmodule.exe O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-20283c53200f4686.spaces.live.co...ad/MsnPUpld.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/in...nagerPlugin.CAB O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{A436BD83-2F05-4783-B218-BB51F96D727A}: NameServer = 192.168.1.1 O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe -- End of file - 10079 bytes
  6. romnath
    ok je fais tout ca... je te post ca demain ok ? car c'est tres long et il commence a ce faire tard pour moi... tu seras la demain , j'aurais une reponse de toi ?
  7. romnath
    voici nouveau rapport : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:03:09, on 10/01/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AGI\common\win32\PythonService.exe C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe C:\Program Files\AntivirusFirewall\Anti-Virus\FSGK32.EXE C:\Program Files\AntivirusFirewall\Anti-Virus\fssm32.exe C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE C:\WINDOWS\System32\FTRTSVC.exe C:\Program Files\AntivirusFirewall\Common\FSMB32.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\AntivirusFirewall\Common\FCH32.EXE C:\Program Files\AntivirusFirewall\Anti-Virus\fsqh.exe C:\Program Files\AntivirusFirewall\Common\FAMEH32.EXE C:\Program Files\AntivirusFirewall\Anti-Virus\fsrw.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\AntivirusFirewall\Anti-Virus\fsav32.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\RunDll32.exe C:\Program Files\AntivirusFirewall\Common\FSM32.EXE C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\WINDOWS\VM305_STI.EXE C:\PROGRA~1\ANTIVI~1\ANTI-S~1\fsaw.exe C:\Anuman Interactive\Le journal de votre naissance\anniv.exe C:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\AntivirusFirewall\FSGUI\fsguidll.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\TomTom HOME 2\HOMERunner.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\Wireless LAN Driver and Utility\RtWLan.exe C:\Program Files\IncrediMail\bin\IMApp.exe C:\Documents and Settings\nathalie\Bureau\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\AntivirusFirewall\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\AntivirusFirewall\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\AntivirusFirewall\FSGUI\FSSW.EXE" /reboot O4 - HKLM\..\Run: [News Service] "C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe" O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [OPSE reminder] "C:\Program Files\ScanSoft\OmniPageSE2.0\EregFre\Ereg.exe" -r "C:\Program Files\ScanSoft\OmniPageSE2.0\EregFre\ereg.ini" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [bigDog305] C:\WINDOWS\VM305_STI.EXE VIMICRO USB PC Camera (ZC0305) O4 - HKLM\..\Run: [NetAnalyse] C:\Program Files\NetAnalyse\NetAnalyse.exe O4 - HKLM\..\Run: [Anniversaires] C:\Anuman Interactive\Le journal de votre naissance\anniv.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe" -atboottime O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: NetAnalyse.lnk = C:\Program Files\NetAnalyse\NetAnalyse.exe O4 - Startup: PowerReg Scheduler V3.exe O4 - Global Startup: Antivirus Firewall.lnk = C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Wireless LAN Utility.lnk = ? O8 - Extra context menu item: &Bloquer cette fenêtre publicitaire - C:\Program Files\AntivirusFirewall\Anti-Spyware\blockpopups.htm O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?bc611d11bab3496a82a04ef96140a3a9 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?bc611d11bab3496a82a04ef96140a3a9 O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing) O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/dow...llerControl.cab O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0..._instmodule.exe O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-20283c53200f4686.spaces.live.co...ad/MsnPUpld.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/in...nagerPlugin.CAB O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{A436BD83-2F05-4783-B218-BB51F96D727A}: NameServer = 192.168.1.1 O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Antivirus Firewall (BackWeb Plug-in - 6588780) - Securitoo Portal - C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe -- End of file - 12014 bytes
  8. romnath
    ok je fais ca... pour mon antivirus c'est celui d'orange mais mes mise a jours sont bloquées depuis 1 semaine ainsi que mon parefeu...ca fait 1 semaine que mon ordi merde...
  9. romnath
    voici le nouveau rapport: Logfile of random's system information tool 1.05 (written by random/random) Run by nathalie at 2009-01-10 21:35:15 Microsoft Windows XP Professionnel Service Pack 3 System drive C: has 65 GB (44%) free of 149 GB Total RAM: 1023 MB (48% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:36:10, on 10/01/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AGI\common\win32\PythonService.exe C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe C:\Program Files\AntivirusFirewall\Anti-Virus\FSGK32.EXE C:\Program Files\AntivirusFirewall\Anti-Virus\fssm32.exe C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE C:\WINDOWS\System32\FTRTSVC.exe C:\Program Files\AntivirusFirewall\Common\FSMB32.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\AntivirusFirewall\Common\FCH32.EXE C:\Program Files\AntivirusFirewall\Common\FAMEH32.EXE C:\Program Files\AntivirusFirewall\Anti-Virus\fsqh.exe C:\Program Files\AntivirusFirewall\Anti-Virus\fsrw.exe C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe C:\Program Files\AntivirusFirewall\Anti-Virus\fsav32.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RunDll32.exe C:\Program Files\AntivirusFirewall\Common\FSM32.EXE C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\PROGRA~1\ANTIVI~1\ANTI-S~1\fsaw.exe C:\Program Files\AntivirusFirewall\FSGUI\fsguidll.exe C:\WINDOWS\VM305_STI.EXE C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\Wireless LAN Driver and Utility\RtWLan.exe C:\Program Files\IncrediMail\bin\IMApp.exe C:\Documents and Settings\nathalie\Bureau\RSIT.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\trend micro\nathalie.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\AntivirusFirewall\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\AntivirusFirewall\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\AntivirusFirewall\FSGUI\FSSW.EXE" /reboot O4 - HKLM\..\Run: [News Service] "C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe" O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [OPSE reminder] "C:\Program Files\ScanSoft\OmniPageSE2.0\EregFre\Ereg.exe" -r "C:\Program Files\ScanSoft\OmniPageSE2.0\EregFre\ereg.ini" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [bigDog305] C:\WINDOWS\VM305_STI.EXE VIMICRO USB PC Camera (ZC0305) O4 - HKLM\..\Run: [NetAnalyse] C:\Program Files\NetAnalyse\NetAnalyse.exe O4 - HKLM\..\Run: [Anniversaires] C:\Anuman Interactive\Le journal de votre naissance\anniv.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe" -atboottime O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: NetAnalyse.lnk = C:\Program Files\NetAnalyse\NetAnalyse.exe O4 - Startup: PowerReg Scheduler V3.exe O4 - Global Startup: Antivirus Firewall.lnk = C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Wireless LAN Utility.lnk = ? O8 - Extra context menu item: &Bloquer cette fenêtre publicitaire - C:\Program Files\AntivirusFirewall\Anti-Spyware\blockpopups.htm O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?bc611d11bab3496a82a04ef96140a3a9 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?bc611d11bab3496a82a04ef96140a3a9 O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing) O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/dow...llerControl.cab O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0..._instmodule.exe O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-20283c53200f4686.spaces.live.co...ad/MsnPUpld.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/in...nagerPlugin.CAB O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{A436BD83-2F05-4783-B218-BB51F96D727A}: NameServer = 192.168.1.1 O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Antivirus Firewall (BackWeb Plug-in - 6588780) - Securitoo Portal - C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe -- End of file - 12078 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\EasyShare Registration Task.job C:\WINDOWS\tasks\Scheduled scanning task.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}] AGSearchHook Class - C:\Program Files\AGI\common\agcutils.dll [2009-01-10 43520] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}] BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll [2008-08-11 656696] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}] Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Cmaudio"=RunDll32 cmicnfg.cpl [] "Recguard"=C:\WINDOWS\SMINST\RECGUARD.EXE [2005-07-19 999424] "WOOWATCH"=C:\PROGRA~1\Wanadoo\Watch.exe [2004-08-23 20480] "WOOTASKBARICON"=C:\PROGRA~1\Wanadoo\GestMaj.exe [2004-10-14 32768] "F-Secure Manager"=C:\Program Files\AntivirusFirewall\Common\FSM32.EXE [2005-10-26 122929] "F-Secure TNB"=C:\Program Files\AntivirusFirewall\TNB\TNBUtil.exe [2005-07-18 700416] "F-Secure Startup Wizard"=C:\Program Files\AntivirusFirewall\FSGUI\FSSW.EXE [2005-10-18 372736] "News Service"=C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe [2005-05-31 356352] "OpwareSE2"=C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe [2003-05-08 49152] "OPSE reminder"=C:\Program Files\ScanSoft\OmniPageSE2.0\EregFre\Ereg.exe [2003-07-07 729088] "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784] "BigDog305"=C:\WINDOWS\VM305_STI.EXE [2005-08-05 61440] "NetAnalyse"=C:\Program Files\NetAnalyse\NetAnalyse.exe [] "Anniversaires"=C:\Anuman Interactive\Le journal de votre naissance\anniv.exe [2007-12-22 765952] "QuickTime Task"=C:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe [2008-09-06 282624] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "WOOKIT"=C:\PROGRA~1\Wanadoo\Shell.exe [2004-08-23 122880] "IncrediMail"=C:\Program Files\IncrediMail\bin\IncMail.exe [2008-07-24 243072] "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232] "msnmsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184] "ares"=C:\Program Files\Ares\Ares.exe -h [] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\HOMERunner.exe [2008-05-06 202088] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Anniversaires] C:\Anuman Interactive\Le journal de votre naissance\anniv.exe [2007-12-22 765952] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares] C:\Program Files\Ares\Ares.exe -h [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent] C:\Program Files\BitTorrent\bittorrent.exe --force_start_minimized [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] C:\Program Files\MSN Messenger\MsnMsgr.Exe /background [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OrangePlayer] c:\program files\orange\player orange\Orange Player.exe /systray [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WINCINEMAMGR] C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe [2004-12-30 270336] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^InterVideo Scheduler server.lnk] C:\PROGRA~1\INTERV~1\DVD5R\SchSvr.exe [2005-01-05 147456] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^InterVideo WinCinema Manager.lnk] C:\PROGRA~1\INTERV~1\Common\Bin\WINCIN~1.EXE [2004-12-30 270336] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^KODAK Software Updater.lnk] C:\PROGRA~1\Kodak\KODAKS~1\7288971\Program\KODAKS~1.EXE [2004-02-13 16423] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logiciel Kodak EasyShare.lnk] C:\PROGRA~1\Kodak\KODAKE~1\bin\EASYSH~1.EXE [2007-06-21 282624] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Antivirus Firewall.lnk - C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE Wireless LAN Utility.lnk - C:\Program Files\Wireless LAN Driver and Utility\RtWLan.exe C:\Documents and Settings\nathalie\Menu Démarrer\Programmes\Démarrage NetAnalyse.lnk - C:\Program Files\NetAnalyse\NetAnalyse.exe PowerReg Scheduler V3.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2006-01-05 61440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=95000000 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe"="C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe:*:Enabled:Antivirus Firewall" "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule" "C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail" "C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail" "C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail" "C:\Program Files\IncrediMail\bin\ImLc.exe"="C:\Program Files\IncrediMail\bin\ImLc.exe:*:Enabled:IncrediMail" "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent" "C:\Documents and Settings\nathalie\Bureau\mule\eMule\emule.exe"="C:\Documents and Settings\nathalie\Bureau\mule\eMule\emule.exe:*:Enabled:eMule" "C:\Program Files\Ares\Ares.exe"="C:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows" "C:\Program Files\Morpheus\Morpheus.exe"="C:\Program Files\Morpheus\Morpheus.exe:*:Enabled:Morpheus" "C:\Program Files\eMule\eMule0.48a\emule.exe"="C:\Program Files\eMule\eMule0.48a\emule.exe:*:Enabled:eMule" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\KAZAA LITE TOOLS K++\KazaaLite.kpp"="C:\Program Files\KAZAA LITE TOOLS K++\KazaaLite.kpp:*:Enabled:KazaaLite" "C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe"="C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater" "C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe"="C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare" "C:\Program Files\Kazaa Lite Resurrection\kazaalite.kpp"="C:\Program Files\Kazaa Lite Resurrection\kazaalite.kpp:*:Enabled:kazaalite" "C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client" "C:\Program Files\Azureus\Azureus.exe"="C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus" "C:\Program Files\Global Star Software\Airport Tycoon 3\at3.exe"="C:\Program Files\Global Star Software\Airport Tycoon 3\at3.exe:*:Enabled:at3" "C:\Program Files\SopCast\adv\SopAdver.exe"="C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver" "C:\Program Files\SopCast\SopCast.exe"="C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\Program Files\GOA\Gunbound\GunBound.gme"="C:\Program Files\GOA\Gunbound\GunBound.gme:*:Enabled:GunBound" "C:\Program Files\Lphant\eLePhantClient.exe"="C:\Program Files\Lphant\eLePhantClient.exe:*:Enabled:lphant Client" "C:\Documents and Settings\nathalie\Bureau\mwodownloader.exe"="C:\Documents and Settings\nathalie\Bureau\mwodownloader.exe:*:Enabled:BitCometLite" "C:\Documents and Settings\nathalie\Bureau\freezer.exe"="C:\Documents and Settings\nathalie\Bureau\freezer.exe:*:Enabled:freezer" "C:\Program Files\MultiProxy\mproxy.exe"="C:\Program Files\MultiProxy\mproxy.exe:*:Enabled:MultiProxy personal proxy server" "C:\Program Files\Atari\Deer Hunter 2005\DH2005.exe"="C:\Program Files\Atari\Deer Hunter 2005\DH2005.exe:*:Enabled:DH2005" "C:\Program Files\GameSpy Arcade\Aphex.exe"="C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade" "C:\Program Files\Microsoft Games\Halo\halo.exe"="C:\Program Files\Microsoft Games\Halo\halo.exe:*:Enabled:Halo" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe"="C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe:*:Enabled:Antivirus Firewall" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\Z] shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe folder.htt 480 480 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1c6434bb-6128-11dc-a847-0013d3a014e0}] shell\AutoRun\command - F:\InstallTomTomHOME.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{24d7c524-9817-11dc-a8a1-0013d3a014e0}] shell\AutoRun\command - F:\setupSNK.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{88961462-ba09-11dc-a8cf-0013d3a014e0}] shell\AutoRun\command - F:\AutoTransfer.exe ======List of files/folders created in the last 1 months====== 2009-01-10 21:17:51 ----A---- C:\WINDOWS\ntbtlog.txt 2009-01-10 20:39:02 ----D---- C:\_OTMoveIt 2009-01-10 20:25:05 ----A---- C:\cleannavi.txt 2009-01-10 20:20:00 ----D---- C:\Documents and Settings\All Users\Application Data\Kiwee Toolbar 2009-01-10 20:15:51 ----A---- C:\WINDOWS\hglnblou.txt 2009-01-10 19:56:11 ----A---- C:\fixnavi.txt 2009-01-10 19:55:22 ----D---- C:\Program Files\Navilog1 2009-01-10 19:43:34 ----A---- C:\TB.txt 2009-01-10 19:42:55 ----D---- C:\ToolBar SD 2009-01-10 19:30:42 ----D---- C:\Documents and Settings\nathalie\Application Data\Malwarebytes 2009-01-10 19:30:34 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-01-10 19:30:34 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2009-01-10 13:30:33 ----D---- C:\Program Files\trend micro 2009-01-10 13:30:26 ----D---- C:\rsit 2009-01-09 21:30:44 ----D---- C:\Program Files\Panda Security 2009-01-08 19:56:10 ----D---- C:\Program Files\JaliyaV4 2009-01-08 19:55:47 ----D---- C:\Program Files\Zylom Games 2009-01-08 19:55:47 ----D---- C:\Program Files\Warcraft III 2009-01-08 19:55:47 ----D---- C:\Program Files\Samsung 2009-01-08 19:55:45 ----D---- C:\Program Files\SAGEM 2009-01-08 19:55:45 ----D---- C:\Program Files\Project64 1.6 2009-01-08 19:55:45 ----D---- C:\Program Files\NRJ 2009-01-08 19:55:45 ----D---- C:\Program Files\MorpheusBar 2009-01-08 19:55:45 ----D---- C:\Program Files\Morpheus 2009-01-08 19:55:41 ----D---- C:\Program Files\MaCuisineLapeyrePrima 2009-01-08 19:55:41 ----D---- C:\Program Files\LimeWire 2009-01-08 19:55:41 ----D---- C:\Program Files\Kazaa Lite Resurrection 2009-01-08 19:55:40 ----D---- C:\Program Files\Infogrames 2009-01-08 19:55:40 ----D---- C:\Program Files\IKEA HomePlanner 2009-01-08 19:55:40 ----D---- C:\Program Files\GOA 2009-01-08 19:55:40 ----D---- C:\Program Files\GIMP-2.0 2009-01-08 19:55:38 ----D---- C:\Program Files\GameSpy Arcade 2009-01-08 19:55:38 ----D---- C:\Program Files\EoRezo 2009-01-08 19:55:38 ----D---- C:\Program Files\EA Games 2009-01-08 19:55:38 ----D---- C:\Program Files\d-lusion 2009-01-08 19:55:27 ----D---- C:\Program Files\BoontyGames 2009-01-08 19:55:26 ----D---- C:\Program Files\Boonty 2009-01-08 19:55:25 ----D---- C:\Program Files\Azureus 2009-01-08 19:55:24 ----D---- C:\totalcmd 2009-01-08 19:55:24 ----D---- C:\Team17 2009-01-08 19:55:24 ----D---- C:\Sierra 2009-01-08 19:55:24 ----D---- C:\Program Files\AviSynth 2.5 2009-01-08 19:55:24 ----D---- C:\eJay 2009-01-06 09:41:26 ----D---- C:\Program Files\Microsoft Silverlight 2008-12-27 13:00:08 ----A---- C:\WINDOWS\msnfix.txt 2008-12-26 13:43:50 ----A---- C:\WINDOWS\system32\MSCMCDE.DLL 2008-12-26 13:43:50 ----A---- C:\WINDOWS\system32\MSCC2DE.DLL 2008-12-26 13:43:50 ----A---- C:\WINDOWS\system32\CMDLGDE.DLL 2008-12-26 13:43:49 ----A---- C:\WINDOWS\system32\VB6DE.DLL 2008-12-22 21:37:05 ----D---- C:\WINDOWS\Minidump 2008-12-16 09:56:18 ----A---- C:\WINDOWS\wininit.ini 2008-12-11 22:48:29 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$ 2008-12-11 22:45:22 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$ 2008-12-11 22:45:03 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$ 2008-12-11 22:44:40 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$ ======List of files/folders modified in the last 1 months====== 2009-01-10 21:36:04 ----D---- C:\WINDOWS\Temp 2009-01-10 21:35:35 ----D---- C:\WINDOWS\Prefetch 2009-01-10 21:35:32 ----D---- C:\Program Files\Mozilla Firefox 2009-01-10 21:35:02 ----D---- C:\Program Files\Wanadoo 2009-01-10 21:33:44 ----A---- C:\WINDOWS\RTacDbg.txt 2009-01-10 21:33:41 ----D---- C:\WINDOWS 2009-01-10 21:31:10 ----D---- C:\WINDOWS\system32\CatRoot2 2009-01-10 21:16:00 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-01-10 20:39:02 ----D---- C:\Program Files 2009-01-10 20:33:12 ----D---- C:\WINDOWS\system32 2009-01-10 20:15:51 ----D---- C:\WINDOWS\system32\drivers 2009-01-09 21:31:41 ----HD---- C:\WINDOWS\inf 2009-01-08 19:58:54 ----D---- C:\WINDOWS\system32\config 2009-01-08 19:58:25 ----D---- C:\WINDOWS\system32\wbem 2009-01-08 19:58:24 ----D---- C:\WINDOWS\Registration 2009-01-08 19:57:37 ----D---- C:\Downloads 2009-01-08 19:56:43 ----SHD---- C:\Config.Msi 2009-01-08 19:56:11 ----SHD---- C:\WINDOWS\Installer 2009-01-08 19:55:09 ----D---- C:\Program Files\Spybot - Search & Destroy 2009-01-08 19:55:04 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2009-01-07 21:59:28 ----AD---- C:\Program Files\Paint Shop Pro 6 2009-01-04 17:44:54 ----HD---- C:\Program Files\InstallShield Installation Information 2008-12-22 22:10:34 ----SD---- C:\Documents and Settings\nathalie\Application Data\Microsoft 2008-12-19 19:47:50 ----RSHDC---- C:\WINDOWS\system32\dllcache 2008-12-19 19:44:28 ----HD---- C:\WINDOWS\$hf_mig$ 2008-12-13 07:37:56 ----A---- C:\WINDOWS\system32\mshtml.dll 2008-12-11 22:48:35 ----A---- C:\WINDOWS\imsins.BAK 2008-12-11 22:48:08 ----D---- C:\Program Files\Internet Explorer ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576] R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-11-08 21035] R2 F-Secure Filter;F-Secure File System Filter; \??\C:\Program Files\AntivirusFirewall\Anti-Virus\Win2K\FSfilter.sys [] R2 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Program Files\AntivirusFirewall\Anti-Virus\Win2K\FSgk.sys [] R2 F-Secure Recognizer;F-Secure File System Recognizer; \??\C:\Program Files\AntivirusFirewall\Anti-Virus\Win2K\FSrec.sys [] R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-08-03 11868] R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys [] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-01-05 1420288] R3 cmudax;C-Media High Definition Audio Interface; C:\WINDOWS\system32\drivers\cmudax.sys [2005-05-12 1287296] R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 Iviaspi;IVI ASPI Shell; C:\WINDOWS\system32\drivers\iviaspi.sys [2003-09-10 21060] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 Pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 10368] R3 RTL8023;Realtek RTL8139/810x/8169/8110 all in one NDIS NT Driver; C:\WINDOWS\system32\DRIVERS\Rtlnic51.sys [2003-08-13 65280] R3 RTLWUSB;802.11g USB 2.0 Wireless LAN Adapter; C:\WINDOWS\system32\DRIVERS\RTL8187.sys [2006-09-06 187392] R3 SjyPkt;SjyPkt; \??\C:\WINDOWS\System32\Drivers\SjyPkt.sys [] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] S3 catchme;catchme; \??\C:\DOCUME~1\nathalie\LOCALS~1\Temp\catchme.sys [] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys [] S3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys [2004-08-03 1041536] S3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFBS2S2.sys [2004-08-03 220032] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320] S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2004-10-29 32000] S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS [] S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS [] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2005-12-06 80272] S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2005-12-06 10864] S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2005-12-06 137884] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSFCXTS2.sys [2004-08-03 685056] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S3 ZSMC0305;VIMICRO USB PC Camera V; C:\WINDOWS\System32\Drivers\usbVM305.sys [2005-11-30 392316] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AGWinService;AG Windows Service; C:\Program Files\AGI\common\win32\PythonService.exe [2008-10-05 10240] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-01-05 405504] R2 BackWeb Plug-in - 6588780;Antivirus Firewall; C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE [2007-06-02 32807] R2 fsbwsys;fsbwsys; C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe [2007-06-02 278581] R2 F-Secure Gatekeeper Handler Starter;FSGKHS; C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe [2005-07-13 36947] R2 FSMA;F-Secure Management Agent; C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE [2005-10-26 61490] R2 FTRTSVC;France Telecom Routing Table Service; C:\WINDOWS\System32\FTRTSVC.exe [2004-08-23 40960] R2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] R3 FSDFWD;F-Secure Anti-Virus Firewall Daemon; C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe [2005-11-18 204863] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800] S3 Boonty Games;Boonty Games; C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [2007-06-12 69120] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2004-10-29 86016] S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] mais je n'ai plus d'antivirus le mien est bloqué...
  10. romnath
    [ok je fais ca et je re...
  11. romnath
    voici nouveau rapport hijackthis au redemarrage: Logfile of random's system information tool 1.05 (written by random/random) Run by nathalie at 2009-01-10 21:03:15 Microsoft Windows XP Professionnel Service Pack 3 System drive C: has 65 GB (44%) free of 149 GB Total RAM: 1023 MB (41% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:03:45, on 10/01/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AGI\common\win32\PythonService.exe C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe C:\Program Files\AntivirusFirewall\Anti-Virus\FSGK32.EXE C:\Program Files\AntivirusFirewall\Anti-Virus\fssm32.exe C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE C:\WINDOWS\System32\FTRTSVC.exe C:\Program Files\AntivirusFirewall\Common\FSMB32.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\AntivirusFirewall\Common\FCH32.EXE C:\Program Files\AntivirusFirewall\Anti-Virus\fsqh.exe C:\Program Files\AntivirusFirewall\Common\FAMEH32.EXE C:\Program Files\AntivirusFirewall\Anti-Virus\fsrw.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wscntfy.exe C:\Program Files\AntivirusFirewall\Anti-Virus\fsav32.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\RunDll32.exe C:\Program Files\AntivirusFirewall\Common\FSM32.EXE C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\WINDOWS\VM305_STI.EXE C:\PROGRA~1\ANTIVI~1\ANTI-S~1\fsaw.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\AntivirusFirewall\FSGUI\fsguidll.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\Wireless LAN Driver and Utility\RtWLan.exe C:\Program Files\IncrediMail\bin\IMApp.exe C:\Documents and Settings\nathalie\Bureau\RSIT.exe C:\Program Files\trend micro\nathalie.exe C:\Program Files\Mozilla Firefox\firefox.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\AntivirusFirewall\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\AntivirusFirewall\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\AntivirusFirewall\FSGUI\FSSW.EXE" /reboot O4 - HKLM\..\Run: [News Service] "C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe" O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [OPSE reminder] "C:\Program Files\ScanSoft\OmniPageSE2.0\EregFre\Ereg.exe" -r "C:\Program Files\ScanSoft\OmniPageSE2.0\EregFre\ereg.ini" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [bigDog305] C:\WINDOWS\VM305_STI.EXE VIMICRO USB PC Camera (ZC0305) O4 - HKLM\..\Run: [NetAnalyse] C:\Program Files\NetAnalyse\NetAnalyse.exe O4 - HKLM\..\Run: [Anniversaires] C:\Anuman Interactive\Le journal de votre naissance\anniv.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe" -atboottime O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: NetAnalyse.lnk = C:\Program Files\NetAnalyse\NetAnalyse.exe O4 - Startup: PowerReg Scheduler V3.exe O4 - Global Startup: Antivirus Firewall.lnk = C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Wireless LAN Utility.lnk = ? O8 - Extra context menu item: &Bloquer cette fenêtre publicitaire - C:\Program Files\AntivirusFirewall\Anti-Spyware\blockpopups.htm O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?bc611d11bab3496a82a04ef96140a3a9 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?bc611d11bab3496a82a04ef96140a3a9 O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing) O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/dow...llerControl.cab O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0..._instmodule.exe O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-20283c53200f4686.spaces.live.co...ad/MsnPUpld.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/in...nagerPlugin.CAB O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{A436BD83-2F05-4783-B218-BB51F96D727A}: NameServer = 192.168.1.1 O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Antivirus Firewall (BackWeb Plug-in - 6588780) - Securitoo Portal - C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe -- End of file - 12078 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\EasyShare Registration Task.job C:\WINDOWS\tasks\Scheduled scanning task.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}] AGSearchHook Class - C:\Program Files\AGI\common\agcutils.dll [2009-01-10 43520] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}] BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll [2008-08-11 656696] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}] Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Cmaudio"=RunDll32 cmicnfg.cpl [] "Recguard"=C:\WINDOWS\SMINST\RECGUARD.EXE [2005-07-19 999424] "WOOWATCH"=C:\PROGRA~1\Wanadoo\Watch.exe [2004-08-23 20480] "WOOTASKBARICON"=C:\PROGRA~1\Wanadoo\GestMaj.exe [2004-10-14 32768] "F-Secure Manager"=C:\Program Files\AntivirusFirewall\Common\FSM32.EXE [2005-10-26 122929] "F-Secure TNB"=C:\Program Files\AntivirusFirewall\TNB\TNBUtil.exe [2005-07-18 700416] "F-Secure Startup Wizard"=C:\Program Files\AntivirusFirewall\FSGUI\FSSW.EXE [2005-10-18 372736] "News Service"=C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe [2005-05-31 356352] "OpwareSE2"=C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe [2003-05-08 49152] "OPSE reminder"=C:\Program Files\ScanSoft\OmniPageSE2.0\EregFre\Ereg.exe [2003-07-07 729088] "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784] "BigDog305"=C:\WINDOWS\VM305_STI.EXE [2005-08-05 61440] "NetAnalyse"=C:\Program Files\NetAnalyse\NetAnalyse.exe [] "Anniversaires"=C:\Anuman Interactive\Le journal de votre naissance\anniv.exe [2007-12-22 765952] "QuickTime Task"=C:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe [2008-09-06 282624] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "WOOKIT"=C:\PROGRA~1\Wanadoo\Shell.exe [2004-08-23 122880] "IncrediMail"=C:\Program Files\IncrediMail\bin\IncMail.exe [2008-07-24 243072] "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232] "msnmsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184] "ares"=C:\Program Files\Ares\Ares.exe -h [] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\HOMERunner.exe [2008-05-06 202088] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Anniversaires] C:\Anuman Interactive\Le journal de votre naissance\anniv.exe [2007-12-22 765952] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares] C:\Program Files\Ares\Ares.exe -h [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent] C:\Program Files\BitTorrent\bittorrent.exe --force_start_minimized [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] C:\Program Files\MSN Messenger\MsnMsgr.Exe /background [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OrangePlayer] c:\program files\orange\player orange\Orange Player.exe /systray [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WINCINEMAMGR] C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe [2004-12-30 270336] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^InterVideo Scheduler server.lnk] C:\PROGRA~1\INTERV~1\DVD5R\SchSvr.exe [2005-01-05 147456] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^InterVideo WinCinema Manager.lnk] C:\PROGRA~1\INTERV~1\Common\Bin\WINCIN~1.EXE [2004-12-30 270336] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^KODAK Software Updater.lnk] C:\PROGRA~1\Kodak\KODAKS~1\7288971\Program\KODAKS~1.EXE [2004-02-13 16423] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logiciel Kodak EasyShare.lnk] C:\PROGRA~1\Kodak\KODAKE~1\bin\EASYSH~1.EXE [2007-06-21 282624] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Antivirus Firewall.lnk - C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE Wireless LAN Utility.lnk - C:\Program Files\Wireless LAN Driver and Utility\RtWLan.exe C:\Documents and Settings\nathalie\Menu Démarrer\Programmes\Démarrage NetAnalyse.lnk - C:\Program Files\NetAnalyse\NetAnalyse.exe PowerReg Scheduler V3.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2006-01-05 61440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=95000000 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe"="C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe:*:Enabled:Antivirus Firewall" "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule" "C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail" "C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail" "C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail" "C:\Program Files\IncrediMail\bin\ImLc.exe"="C:\Program Files\IncrediMail\bin\ImLc.exe:*:Enabled:IncrediMail" "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent" "C:\Documents and Settings\nathalie\Bureau\mule\eMule\emule.exe"="C:\Documents and Settings\nathalie\Bureau\mule\eMule\emule.exe:*:Enabled:eMule" "C:\Program Files\Ares\Ares.exe"="C:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows" "C:\Program Files\Morpheus\Morpheus.exe"="C:\Program Files\Morpheus\Morpheus.exe:*:Enabled:Morpheus" "C:\Program Files\eMule\eMule0.48a\emule.exe"="C:\Program Files\eMule\eMule0.48a\emule.exe:*:Enabled:eMule" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\KAZAA LITE TOOLS K++\KazaaLite.kpp"="C:\Program Files\KAZAA LITE TOOLS K++\KazaaLite.kpp:*:Enabled:KazaaLite" "C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe"="C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater" "C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe"="C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare" "C:\Program Files\Kazaa Lite Resurrection\kazaalite.kpp"="C:\Program Files\Kazaa Lite Resurrection\kazaalite.kpp:*:Enabled:kazaalite" "C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client" "C:\Program Files\Azureus\Azureus.exe"="C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus" "C:\Program Files\Global Star Software\Airport Tycoon 3\at3.exe"="C:\Program Files\Global Star Software\Airport Tycoon 3\at3.exe:*:Enabled:at3" "C:\Program Files\SopCast\adv\SopAdver.exe"="C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver" "C:\Program Files\SopCast\SopCast.exe"="C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\Program Files\GOA\Gunbound\GunBound.gme"="C:\Program Files\GOA\Gunbound\GunBound.gme:*:Enabled:GunBound" "C:\Program Files\Lphant\eLePhantClient.exe"="C:\Program Files\Lphant\eLePhantClient.exe:*:Enabled:lphant Client" "C:\Documents and Settings\nathalie\Bureau\mwodownloader.exe"="C:\Documents and Settings\nathalie\Bureau\mwodownloader.exe:*:Enabled:BitCometLite" "C:\Documents and Settings\nathalie\Bureau\freezer.exe"="C:\Documents and Settings\nathalie\Bureau\freezer.exe:*:Enabled:freezer" "C:\Program Files\MultiProxy\mproxy.exe"="C:\Program Files\MultiProxy\mproxy.exe:*:Enabled:MultiProxy personal proxy server" "C:\Program Files\Atari\Deer Hunter 2005\DH2005.exe"="C:\Program Files\Atari\Deer Hunter 2005\DH2005.exe:*:Enabled:DH2005" "C:\Program Files\GameSpy Arcade\Aphex.exe"="C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade" "C:\Program Files\Microsoft Games\Halo\halo.exe"="C:\Program Files\Microsoft Games\Halo\halo.exe:*:Enabled:Halo" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe"="C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe:*:Enabled:Antivirus Firewall" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\Z] shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe folder.htt 480 480 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1c6434bb-6128-11dc-a847-0013d3a014e0}] shell\AutoRun\command - F:\InstallTomTomHOME.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{24d7c524-9817-11dc-a8a1-0013d3a014e0}] shell\AutoRun\command - F:\setupSNK.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{88961462-ba09-11dc-a8cf-0013d3a014e0}] shell\AutoRun\command - F:\AutoTransfer.exe ======List of files/folders created in the last 1 months====== 2009-01-10 20:39:02 ----D---- C:\_OTMoveIt 2009-01-10 20:25:05 ----A---- C:\cleannavi.txt 2009-01-10 20:20:00 ----D---- C:\Documents and Settings\All Users\Application Data\Kiwee Toolbar 2009-01-10 20:15:51 ----A---- C:\WINDOWS\hglnblou.txt 2009-01-10 19:56:11 ----A---- C:\fixnavi.txt 2009-01-10 19:55:22 ----D---- C:\Program Files\Navilog1 2009-01-10 19:43:34 ----A---- C:\TB.txt 2009-01-10 19:42:55 ----D---- C:\ToolBar SD 2009-01-10 19:30:42 ----D---- C:\Documents and Settings\nathalie\Application Data\Malwarebytes 2009-01-10 19:30:34 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-01-10 19:30:34 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2009-01-10 13:30:33 ----D---- C:\Program Files\trend micro 2009-01-10 13:30:26 ----D---- C:\rsit 2009-01-09 21:30:44 ----D---- C:\Program Files\Panda Security 2009-01-08 19:56:10 ----D---- C:\Program Files\JaliyaV4 2009-01-08 19:55:47 ----D---- C:\Program Files\Zylom Games 2009-01-08 19:55:47 ----D---- C:\Program Files\Warcraft III 2009-01-08 19:55:47 ----D---- C:\Program Files\Samsung 2009-01-08 19:55:45 ----D---- C:\Program Files\SAGEM 2009-01-08 19:55:45 ----D---- C:\Program Files\Project64 1.6 2009-01-08 19:55:45 ----D---- C:\Program Files\NRJ 2009-01-08 19:55:45 ----D---- C:\Program Files\MorpheusBar 2009-01-08 19:55:45 ----D---- C:\Program Files\Morpheus 2009-01-08 19:55:41 ----D---- C:\Program Files\MaCuisineLapeyrePrima 2009-01-08 19:55:41 ----D---- C:\Program Files\LimeWire 2009-01-08 19:55:41 ----D---- C:\Program Files\Kazaa Lite Resurrection 2009-01-08 19:55:40 ----D---- C:\Program Files\Infogrames 2009-01-08 19:55:40 ----D---- C:\Program Files\IKEA HomePlanner 2009-01-08 19:55:40 ----D---- C:\Program Files\GOA 2009-01-08 19:55:40 ----D---- C:\Program Files\GIMP-2.0 2009-01-08 19:55:38 ----D---- C:\Program Files\GameSpy Arcade 2009-01-08 19:55:38 ----D---- C:\Program Files\EoRezo 2009-01-08 19:55:38 ----D---- C:\Program Files\EA Games 2009-01-08 19:55:38 ----D---- C:\Program Files\d-lusion 2009-01-08 19:55:27 ----D---- C:\Program Files\BoontyGames 2009-01-08 19:55:26 ----D---- C:\Program Files\Boonty 2009-01-08 19:55:25 ----D---- C:\Program Files\Azureus 2009-01-08 19:55:24 ----D---- C:\totalcmd 2009-01-08 19:55:24 ----D---- C:\Team17 2009-01-08 19:55:24 ----D---- C:\Sierra 2009-01-08 19:55:24 ----D---- C:\Program Files\AviSynth 2.5 2009-01-08 19:55:24 ----D---- C:\eJay 2009-01-06 09:41:26 ----D---- C:\Program Files\Microsoft Silverlight 2008-12-27 13:00:08 ----A---- C:\WINDOWS\msnfix.txt 2008-12-26 13:43:50 ----A---- C:\WINDOWS\system32\MSCMCDE.DLL 2008-12-26 13:43:50 ----A---- C:\WINDOWS\system32\MSCC2DE.DLL 2008-12-26 13:43:50 ----A---- C:\WINDOWS\system32\CMDLGDE.DLL 2008-12-26 13:43:49 ----A---- C:\WINDOWS\system32\VB6DE.DLL 2008-12-22 21:37:05 ----D---- C:\WINDOWS\Minidump 2008-12-16 09:56:18 ----A---- C:\WINDOWS\wininit.ini 2008-12-11 22:48:29 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$ 2008-12-11 22:45:22 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$ 2008-12-11 22:45:03 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$ 2008-12-11 22:44:40 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$ ======List of files/folders modified in the last 1 months====== 2009-01-10 21:03:42 ----D---- C:\WINDOWS\Temp 2009-01-10 21:03:29 ----D---- C:\Program Files\Mozilla Firefox 2009-01-10 21:03:05 ----D---- C:\Program Files\Wanadoo 2009-01-10 21:02:31 ----A---- C:\WINDOWS\RTacDbg.txt 2009-01-10 21:02:29 ----D---- C:\WINDOWS 2009-01-10 21:01:37 ----D---- C:\WINDOWS\Prefetch 2009-01-10 20:58:05 ----D---- C:\WINDOWS\system32\CatRoot2 2009-01-10 20:56:13 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-01-10 20:39:02 ----D---- C:\Program Files 2009-01-10 20:33:12 ----D---- C:\WINDOWS\system32 2009-01-10 20:15:51 ----D---- C:\WINDOWS\system32\drivers 2009-01-09 21:31:41 ----HD---- C:\WINDOWS\inf 2009-01-08 19:58:54 ----D---- C:\WINDOWS\system32\config 2009-01-08 19:58:25 ----D---- C:\WINDOWS\system32\wbem 2009-01-08 19:58:24 ----D---- C:\WINDOWS\Registration 2009-01-08 19:57:37 ----D---- C:\Downloads 2009-01-08 19:56:43 ----SHD---- C:\Config.Msi 2009-01-08 19:56:11 ----SHD---- C:\WINDOWS\Installer 2009-01-08 19:55:09 ----D---- C:\Program Files\Spybot - Search & Destroy 2009-01-08 19:55:04 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2009-01-07 21:59:28 ----AD---- C:\Program Files\Paint Shop Pro 6 2009-01-04 17:44:54 ----HD---- C:\Program Files\InstallShield Installation Information 2008-12-22 22:10:34 ----SD---- C:\Documents and Settings\nathalie\Application Data\Microsoft 2008-12-19 19:47:50 ----RSHDC---- C:\WINDOWS\system32\dllcache 2008-12-19 19:44:28 ----HD---- C:\WINDOWS\$hf_mig$ 2008-12-13 07:37:56 ----A---- C:\WINDOWS\system32\mshtml.dll 2008-12-11 22:48:35 ----A---- C:\WINDOWS\imsins.BAK 2008-12-11 22:48:08 ----D---- C:\Program Files\Internet Explorer ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576] R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-11-08 21035] R2 F-Secure Filter;F-Secure File System Filter; \??\C:\Program Files\AntivirusFirewall\Anti-Virus\Win2K\FSfilter.sys [] R2 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Program Files\AntivirusFirewall\Anti-Virus\Win2K\FSgk.sys [] R2 F-Secure Recognizer;F-Secure File System Recognizer; \??\C:\Program Files\AntivirusFirewall\Anti-Virus\Win2K\FSrec.sys [] R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-08-03 11868] R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys [] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-01-05 1420288] R3 cmudax;C-Media High Definition Audio Interface; C:\WINDOWS\system32\drivers\cmudax.sys [2005-05-12 1287296] R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 Iviaspi;IVI ASPI Shell; C:\WINDOWS\system32\drivers\iviaspi.sys [2003-09-10 21060] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 Pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 10368] R3 RTL8023;Realtek RTL8139/810x/8169/8110 all in one NDIS NT Driver; C:\WINDOWS\system32\DRIVERS\Rtlnic51.sys [2003-08-13 65280] R3 RTLWUSB;802.11g USB 2.0 Wireless LAN Adapter; C:\WINDOWS\system32\DRIVERS\RTL8187.sys [2006-09-06 187392] R3 SjyPkt;SjyPkt; \??\C:\WINDOWS\System32\Drivers\SjyPkt.sys [] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] S3 catchme;catchme; \??\C:\DOCUME~1\nathalie\LOCALS~1\Temp\catchme.sys [] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys [] S3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys [2004-08-03 1041536] S3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFBS2S2.sys [2004-08-03 220032] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320] S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2004-10-29 32000] S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS [] S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS [] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2005-12-06 80272] S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2005-12-06 10864] S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2005-12-06 137884] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSFCXTS2.sys [2004-08-03 685056] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S3 ZSMC0305;VIMICRO USB PC Camera V; C:\WINDOWS\System32\Drivers\usbVM305.sys [2005-11-30 392316] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AGWinService;AG Windows Service; C:\Program Files\AGI\common\win32\PythonService.exe [2008-10-05 10240] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-01-05 405504] R2 BackWeb Plug-in - 6588780;Antivirus Firewall; C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE [2007-06-02 32807] R2 fsbwsys;fsbwsys; C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe [2007-06-02 278581] R2 F-Secure Gatekeeper Handler Starter;FSGKHS; C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe [2005-07-13 36947] R2 FSMA;F-Secure Management Agent; C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE [2005-10-26 61490] R2 FTRTSVC;France Telecom Routing Table Service; C:\WINDOWS\System32\FTRTSVC.exe [2004-08-23 40960] R2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] R3 FSDFWD;F-Secure Anti-Virus Firewall Daemon; C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe [2005-11-18 204863] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800] S3 Boonty Games;Boonty Games; C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [2007-06-12 69120] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2004-10-29 86016] S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] -----------------EOF-----------------
  12. romnath
    voici l'autre: Error: Unable to interpret <First> in the current context! ========== FILES ========== C:\Program Files\Kiwee Toolbar\2.8.167 moved successfully. C:\Program Files\Kiwee Toolbar moved successfully. ========== COMMANDS ========== File delete failed. C:\DOCUME~1\nathalie\LOCALS~1\Temp\etilqs_R8QRnsgIgjfLfq94NUYb scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\nathalie\LOCALS~1\Temp\etilqs_sINhvVZrEQ9CH3ovbw7W scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\nathalie\LOCALS~1\Temp\etilqs_sINhvVZrEQ9CH3ovbw7W-journal scheduled to be deleted on reboot. User's Temp folder emptied. User's Temporary Internet Files folder emptied. User's Internet Explorer cache folder emptied. File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be deleted on reboot. Local Service Temp folder emptied. Local Service Temporary Internet Files folder emptied. Windows Temp folder emptied. Java cache emptied. File delete failed. C:\Documents and Settings\nathalie\Local Settings\Application Data\Mozilla\Firefox\Profiles\dn43lin3.default\OfflineCache\index.sqlite scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\nathalie\Local Settings\Application Data\Mozilla\Firefox\Profiles\dn43lin3.default\Cache\_CACHE_001_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\nathalie\Local Settings\Application Data\Mozilla\Firefox\Profiles\dn43lin3.default\Cache\_CACHE_002_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\nathalie\Local Settings\Application Data\Mozilla\Firefox\Profiles\dn43lin3.default\Cache\_CACHE_003_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\nathalie\Local Settings\Application Data\Mozilla\Firefox\Profiles\dn43lin3.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\nathalie\Local Settings\Application Data\Mozilla\Firefox\Profiles\dn43lin3.default\urlclassifier3.sqlite scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\nathalie\Local Settings\Application Data\Mozilla\Firefox\Profiles\dn43lin3.default\XUL.mfl scheduled to be deleted on reboot. FireFox cache emptied. Temp folders emptied. OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 01102009_203902 je ne peux plus fermer OTmoveit...
  13. romnath
    voici le rapport cleanavi apres redemarrage automatique de l'ordi: Clean Navipromo version 3.7.1 commencé le 10/01/2009 à 20:25:05,20 Outil exécuté depuis C:\Program Files\navilog1 Mise à jour le 02.01.2009 à 19h00 par IL-MAFIOSO Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Multiprocessor Free : Intel® Pentium® 4 CPU 3.20GHz ) BIOS : Phoenix - AwardBIOS v6.00PG USER : nathalie ( Administrator ) BOOT : Normal boot Antivirus : AntiVirus Firewall 6.15 6.15 (Activated) Firewall : AntiVirus Firewall 6.15 6.15 (Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:145 Go (Free:63 Go) D:\ (CD or DVD) E:\ (CD or DVD) Mode suppression automatique avec prise en charge résultats Catchme et GNS Nettoyage exécuté au redémarrage de l'ordinateur *** fsbl1.txt non trouvé *** (Assurez-vous que Catchme n'avait rien trouvé lors de la recherche) *** Suppression avec sauvegardes résultats GenericNaviSearch *** * Suppression dans "C:\WINDOWS\System32" * koqdclyu.exe trouvé ! Copie koqdclyu.exe réalisée avec succès ! koqdclyu.exe supprimé ! koqdclyu.dat trouvé ! Copie koqdclyu.dat réalisée avec succès ! koqdclyu.dat supprimé ! rkumyn.exe trouvé ! Copie rkumyn.exe réalisée avec succès ! rkumyn.exe supprimé ! rkumyn.dat trouvé ! Copie rkumyn.dat réalisée avec succès ! rkumyn.dat supprimé ! * Suppression dans "C:\Documents and Settings\nathalie\locals~1\applic~1" * * Suppression dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" * *** Suppression dossiers dans "C:\WINDOWS" *** *** Suppression dossiers dans "C:\Program Files" *** *** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" *** *** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1" *** *** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\nathalie\applic~1" *** *** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\nathalie\locals~1\applic~1" *** *** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\nathalie\menudm~1\progra~1" *** ...\InternetGamebox ...suppression... ...\InternetGamebox supprimé ! *** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\menudm~1\progra~1" *** *** Suppression fichiers *** C:\WINDOWS\pack.epk supprimé ! *** Suppression fichiers temporaires *** Nettoyage contenu C:\WINDOWS\Temp effectué ! Nettoyage contenu C:\Documents and Settings\nathalie\locals~1\Temp effectué ! *** Traitement Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Suppression avec sauvegardes nouveaux fichiers Instant Access : 2)Recherche, création sauvegardes et suppression Heuristique : * Dans "C:\WINDOWS\system32" * acdmwvsi_navfx.dat trouvé ! Copie acdmwvsi_navfx.dat réalisée avec succès ! acdmwvsi_navfx.dat supprimé ! * Dans "C:\Documents and Settings\nathalie\locals~1\applic~1" * * Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" * *** Sauvegarde du Registre vers dossier Safebackup *** sauvegarde du Registre réalisée avec succès ! *** Nettoyage Registre *** Nettoyage Registre Ok *** Certificats *** Certificat Egroup supprimé ! Certificat Electronic-Group supprimé ! Certificat Montorgueil absent ! Certificat OOO-Favorit supprimé ! Certificat Sunny-Day-Design-Ltdt absent ! *** Recherche autres dossiers et fichiers connus *** *** Nettoyage terminé le 10/01/2009 à 20:33:12,62 *** je lance l'autre de suite
  14. romnath
    voici le second: Search Navipromo version 3.7.1 commencé le 10/01/2009 à 19:56:11,75 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Postez ce rapport sur le forum pour le faire analyser !!! !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!! Outil exécuté depuis C:\Program Files\navilog1 Mise à jour le 02.01.2009 à 19h00 par IL-MAFIOSO Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Multiprocessor Free : Intel® Pentium® 4 CPU 3.20GHz ) BIOS : Phoenix - AwardBIOS v6.00PG USER : nathalie ( Administrator ) BOOT : Normal boot Antivirus : AntiVirus Firewall 6.15 6.15 (Activated) Firewall : AntiVirus Firewall 6.15 6.15 (Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:145 Go (Free:63 Go) D:\ (CD or DVD) E:\ (CD or DVD) Recherche executé en mode normal *** Recherche Programmes installés *** *** Recherche dossiers dans "C:\WINDOWS" *** *** Recherche dossiers dans "C:\Program Files" *** *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" *** *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" *** *** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\nathalie\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\nathalie\locals~1\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\nathalie\menudm~1\progra~1" *** ...\InternetGameBox trouvé ! *** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\menudm~1\progra~1" *** *** Recherche avec Catchme-rootkit/stealth malware detector par gmer *** pour + d'infos : http://www.gmer.net *** Recherche avec GenericNaviSearch *** !!! Tous ces résultats peuvent révéler des fichiers légitimes !!! !!! A vérifier impérativement avant toute suppression manuelle !!! * Recherche dans "C:\WINDOWS\system32" * Fichiers trouvés : koqdclyu.exe trouvé ! koqdclyu.dat trouvé ! koqdclyu_nav.dat trouvé ! koqdclyu_navps.dat trouvé ! rkumyn.exe trouvé ! rkumyn.dat trouvé ! rkumyn_nav.dat trouvé ! rkumyn_navps.dat trouvé ! * Recherche dans "C:\Documents and Settings\nathalie\locals~1\applic~1" * * Recherche dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" * *** Recherche fichiers *** C:\WINDOWS\pack.epk trouvé ! *** Recherche clés spécifiques dans le Registre *** !! Les clés trouvées ne sont pas forcément infectées !! HKEY_CURRENT_USER\Software\Lanconfig *** Module de Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Recherche nouveaux fichiers Instant Access : 2)Recherche Heuristique :
  15. romnath
    voici le 1er rapport: -----------\\ ToolBar S&D 1.2.8 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Multiprocessor Free : Intel® Pentium® 4 CPU 3.20GHz ) BIOS : Phoenix - AwardBIOS v6.00PG USER : nathalie ( Administrator ) BOOT : Normal boot Antivirus : AntiVirus Firewall 6.15 6.15 (Activated) Firewall : AntiVirus Firewall 6.15 6.15 (Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:145 Go (Free:63 Go) D:\ (CD or DVD) E:\ (CD or DVD) "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 ) Option : [2] ( 10/01/2009|19:50 ) -----------\\ SUPPRESSION Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\config Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images Echec ! - C:\Program Files\Kiwee Toolbar\2.8.167 Echec ! - C:\Program Files\Kiwee Toolbar\2.8.167\AGTBCore.dll Echec ! - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeCommonCtrls.dll Echec ! - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeContentHost.dll Echec ! - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeTBCore.dll Echec ! - C:\Program Files\Kiwee Toolbar\2.8.167\mfc80u.dll Echec ! - C:\Program Files\Kiwee Toolbar\2.8.167\MsnIMToolbar.dll Echec ! - C:\Program Files\Kiwee Toolbar\2.8.167\Riched20.dll Supprime! - C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Kiwee Toolbar Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar Echec ! - C:\Program Files\Kiwee Toolbar -----------\\ DEUXIEME PASSAGE Echec ! - C:\Program Files\Kiwee Toolbar\2.8.167 Echec ! - C:\Program Files\Kiwee Toolbar\2.8.167\AGTBCore.dll Echec ! - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeCommonCtrls.dll Echec ! - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeContentHost.dll Echec ! - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeTBCore.dll Echec ! - C:\Program Files\Kiwee Toolbar\2.8.167\mfc80u.dll Echec ! - C:\Program Files\Kiwee Toolbar\2.8.167\MsnIMToolbar.dll Echec ! - C:\Program Files\Kiwee Toolbar\2.8.167\Riched20.dll Echec ! - C:\Program Files\Kiwee Toolbar -----------\\ Recherche de Fichiers / Dossiers ... C:\Program Files\Kiwee Toolbar C:\Program Files\Kiwee Toolbar\2.8.167 C:\Program Files\Kiwee Toolbar\2.8.167\AGTBCore.dll C:\Program Files\Kiwee Toolbar\2.8.167\KiweeCommonCtrls.dll C:\Program Files\Kiwee Toolbar\2.8.167\KiweeContentHost.dll C:\Program Files\Kiwee Toolbar\2.8.167\KiweeTBCore.dll C:\Program Files\Kiwee Toolbar\2.8.167\mfc80u.dll C:\Program Files\Kiwee Toolbar\2.8.167\MsnIMToolbar.dll C:\Program Files\Kiwee Toolbar\2.8.167\Riched20.dll \...\{2bae58c2-79f9-45d1-a286-81f911301c3a} - (p2p_energy) -----------\\ Extensions (nathalie) - {19503e42-ca3c-4c27-b1e2-9cdb2170ee34} => flashgot (nathalie) - {2bae58c2-79f9-45d1-a286-81f911301c3a} => p2p_energy (nathalie) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Start Page"="http://www.orange.fr" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome" "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home" --------------------\\ Recherche d'autres infections C:\WINDOWS\Pack.epk C:\WINDOWS\System32\acdmwvsi_navfx.dat C:\WINDOWS\System32\koqdclyu.dat C:\WINDOWS\System32\koqdclyu.exe C:\WINDOWS\System32\koqdclyu_nav.dat C:\WINDOWS\System32\koqdclyu_navps.dat C:\WINDOWS\System32\rkumyn.dat C:\WINDOWS\System32\rkumyn.exe C:\WINDOWS\System32\rkumyn_nav.dat C:\WINDOWS\System32\rkumyn_navps.dat ==> EGDACCESS <== 1 - "C:\ToolBar SD\TB_1.txt" - 10/01/2009|19:45 - Option : [1] 2 - "C:\ToolBar SD\TB_2.txt" - 10/01/2009|19:53 - Option : [2] -----------\\ Fin du rapport a 19:53:00,39 je lance le secaond de suite
  16. romnath
    voici mon rapport: -----------\\ ToolBar S&D 1.2.8 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Multiprocessor Free : Intel® Pentium® 4 CPU 3.20GHz ) BIOS : Phoenix - AwardBIOS v6.00PG USER : nathalie ( Administrator ) BOOT : Normal boot Antivirus : AntiVirus Firewall 6.15 6.15 (Activated) Firewall : AntiVirus Firewall 6.15 6.15 (Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:145 Go (Free:63 Go) D:\ (CD or DVD) E:\ (CD or DVD) "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 ) Option : [1] ( 10/01/2009|19:43 ) -----------\\ Recherche de Fichiers / Dossiers ... C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\config C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\config\content_a.xml C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\config\content_ie.xml C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\config\content_m.xml C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\config\content_y.xml C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\config\logger.xml C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\config\toolbarIE.xml C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\config\toolbarIM_a.xml C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\config\toolbarIM_m.xml C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\config\toolbarIM_y.xml C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\allow.bmp C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\block.bmp C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\dontsend.bmp C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\im_toolbardropdownmenu.bmp C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\im_toolbarsHelprolloverbase.bmp C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\im_toolbarsm1rolloverbase.bmp C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\im_toolbarsm1rolloverbase_bg.bmp C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\im_toolbarsm1rolloverbase_dp.bmp C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\im_toolbarsm2rolloverbase.bmp C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\im_toolbarstextrollover.bmp C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\kiwee_iconX16.ico C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\kiwee_iconX48.ico C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\send.bmp C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\toolbar_eg.bmp C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\toolbar_emoticons.bmp C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\toolbar_eyeglass.bmp C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\toolbar_gear.bmp C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\toolbar_images.bmp C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\toolbar_kiwee.bmp C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\toolbar_msnlogo.bmp C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\toolbar_news.bmp C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\toolbar_text.bmp C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\toolbar_videos.bmp C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\toolbar_webshots.bmp C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\toolbar_winks.bmp C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar\images\X.bmp C:\Program Files\Kiwee Toolbar C:\Program Files\Kiwee Toolbar\2.8.167 C:\Program Files\Kiwee Toolbar\2.8.167\AGTBCore.dll C:\Program Files\Kiwee Toolbar\2.8.167\AolIMToolbar.dll C:\Program Files\Kiwee Toolbar\2.8.167\firefox C:\Program Files\Kiwee Toolbar\2.8.167\FlashCOM.dll C:\Program Files\Kiwee Toolbar\2.8.167\KiweeCommonCtrls.dll C:\Program Files\Kiwee Toolbar\2.8.167\KiweeContentHost.dll C:\Program Files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll C:\Program Files\Kiwee Toolbar\2.8.167\KiweeIMToolbar.dll C:\Program Files\Kiwee Toolbar\2.8.167\KiweeTBCore.dll C:\Program Files\Kiwee Toolbar\2.8.167\KiweeTBCore.tlb C:\Program Files\Kiwee Toolbar\2.8.167\kiweetoolbar.zip C:\Program Files\Kiwee Toolbar\2.8.167\kwtbaim.exe C:\Program Files\Kiwee Toolbar\2.8.167\mfc80u.dll C:\Program Files\Kiwee Toolbar\2.8.167\Microsoft.VC80.CRT.manifest C:\Program Files\Kiwee Toolbar\2.8.167\Microsoft.VC80.MFC.manifest C:\Program Files\Kiwee Toolbar\2.8.167\msimg32.dll C:\Program Files\Kiwee Toolbar\2.8.167\MsnIMToolbar.dll C:\Program Files\Kiwee Toolbar\2.8.167\msvcp80.dll C:\Program Files\Kiwee Toolbar\2.8.167\msvcr80.dll C:\Program Files\Kiwee Toolbar\2.8.167\RemoteLib.dll C:\Program Files\Kiwee Toolbar\2.8.167\Riched20.dll C:\Program Files\Kiwee Toolbar\2.8.167\firefox\chrome C:\Program Files\Kiwee Toolbar\2.8.167\firefox\chrome.manifest C:\Program Files\Kiwee Toolbar\2.8.167\firefox\components C:\Program Files\Kiwee Toolbar\2.8.167\firefox\defaults C:\Program Files\Kiwee Toolbar\2.8.167\firefox\firefox.xpi C:\Program Files\Kiwee Toolbar\2.8.167\firefox\install.rdf C:\Program Files\Kiwee Toolbar\2.8.167\firefox\META-INF C:\Program Files\Kiwee Toolbar\2.8.167\firefox\chrome\kiweetoolbar.jar C:\Program Files\Kiwee Toolbar\2.8.167\firefox\components\AGCore.js C:\Program Files\Kiwee Toolbar\2.8.167\firefox\components\AGCore.xpt C:\Program Files\Kiwee Toolbar\2.8.167\firefox\components\KiweeSearchHistory.js C:\Program Files\Kiwee Toolbar\2.8.167\firefox\components\SearchProtection.js C:\Program Files\Kiwee Toolbar\2.8.167\firefox\components\SearchProtection.xpt C:\Program Files\Kiwee Toolbar\2.8.167\firefox\defaults\preferences C:\Program Files\Kiwee Toolbar\2.8.167\firefox\defaults\preferences\defaults.js C:\Program Files\Kiwee Toolbar\2.8.167\firefox\META-INF\manifest.mf C:\Program Files\Kiwee Toolbar\2.8.167\firefox\META-INF\zigbert.rsa C:\Program Files\Kiwee Toolbar\2.8.167\firefox\META-INF\zigbert.sf C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Kiwee Toolbar \...\{2bae58c2-79f9-45d1-a286-81f911301c3a} - (p2p_energy) -----------\\ Extensions (nathalie) - {19503e42-ca3c-4c27-b1e2-9cdb2170ee34} => flashgot (nathalie) - {2bae58c2-79f9-45d1-a286-81f911301c3a} => p2p_energy (nathalie) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Start Page"="http://www.orange.fr" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome" "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home" --------------------\\ Recherche d'autres infections C:\WINDOWS\Pack.epk C:\WINDOWS\System32\acdmwvsi_navfx.dat C:\WINDOWS\System32\koqdclyu.dat C:\WINDOWS\System32\koqdclyu.exe C:\WINDOWS\System32\koqdclyu_nav.dat C:\WINDOWS\System32\koqdclyu_navps.dat C:\WINDOWS\System32\rkumyn.dat C:\WINDOWS\System32\rkumyn.exe C:\WINDOWS\System32\rkumyn_nav.dat C:\WINDOWS\System32\rkumyn_navps.dat ==> EGDACCESS <== 1 - "C:\ToolBar SD\TB_1.txt" - 10/01/2009|19:45 - Option : [1] -----------\\ Fin du rapport a 19:45:30,17 que dois je faire maintenant. merci pour votre aide est ce ca qui m'empeche de faire toutes mes mises a jours(antivirus firewall, windows...)?
  17. romnath
    voici mon rapport hijacktehis qqn peut m'aidera savoir ce qu'a mon ordi... merci... : Logfile of random's system information tool 1.05 (written by random/random) Run by nathalie at 2009-01-10 19:03:16 Microsoft Windows XP Professionnel Service Pack 3 System drive C: has 65 GB (44%) free of 149 GB Total RAM: 1023 MB (39% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:03:25, on 10/01/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AGI\common\win32\PythonService.exe C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe C:\Program Files\AntivirusFirewall\Anti-Virus\FSGK32.EXE C:\Program Files\AntivirusFirewall\Anti-Virus\fssm32.exe C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE C:\WINDOWS\System32\FTRTSVC.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RunDll32.exe C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\WINDOWS\VM305_STI.EXE C:\Program Files\Kiwee Toolbar\2.8.167\kwtbaim.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\IncrediMail\bin\IMApp.exe C:\Program Files\Wireless LAN Driver and Utility\RtWLan.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\AntivirusFirewall\Common\FSM32.EXE C:\Program Files\AntivirusFirewall\Common\FSMB32.EXE C:\Program Files\AntivirusFirewall\Common\FCH32.EXE C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE C:\Program Files\AntivirusFirewall\Common\FAMEH32.EXE C:\Program Files\AntivirusFirewall\Anti-Virus\fsqh.exe C:\Program Files\AntivirusFirewall\Anti-Virus\fsrw.exe C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe C:\Program Files\AntivirusFirewall\Anti-Virus\fsav32.exe C:\PROGRA~1\ANTIVI~1\ANTI-S~1\fsaw.exe C:\Program Files\AntivirusFirewall\FSGUI\fsguidll.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\nathalie\Bureau\RSIT.exe C:\Program Files\trend micro\nathalie.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\AntivirusFirewall\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\AntivirusFirewall\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\AntivirusFirewall\FSGUI\FSSW.EXE" /reboot O4 - HKLM\..\Run: [News Service] "C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe" O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [OPSE reminder] "C:\Program Files\ScanSoft\OmniPageSE2.0\EregFre\Ereg.exe" -r "C:\Program Files\ScanSoft\OmniPageSE2.0\EregFre\ereg.ini" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [bigDog305] C:\WINDOWS\VM305_STI.EXE VIMICRO USB PC Camera (ZC0305) O4 - HKLM\..\Run: [NetAnalyse] C:\Program Files\NetAnalyse\NetAnalyse.exe O4 - HKLM\..\Run: [Anniversaires] C:\Anuman Interactive\Le journal de votre naissance\anniv.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe" -atboottime O4 - HKLM\..\Run: [KiweeHook] "C:\Program Files\Kiwee Toolbar\2.8.167\kwtbaim.exe" O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: NetAnalyse.lnk = C:\Program Files\NetAnalyse\NetAnalyse.exe O4 - Startup: PowerReg Scheduler V3.exe O4 - Global Startup: Antivirus Firewall.lnk = C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Wireless LAN Utility.lnk = ? O8 - Extra context menu item: &Bloquer cette fenêtre publicitaire - C:\Program Files\AntivirusFirewall\Anti-Spyware\blockpopups.htm O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?bc611d11bab3496a82a04ef96140a3a9 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?bc611d11bab3496a82a04ef96140a3a9 O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing) O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/dow...llerControl.cab O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0..._instmodule.exe O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-20283c53200f4686.spaces.live.co...ad/MsnPUpld.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/in...nagerPlugin.CAB O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{A436BD83-2F05-4783-B218-BB51F96D727A}: NameServer = 192.168.1.1 O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Antivirus Firewall (BackWeb Plug-in - 6588780) - Securitoo Portal - C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe -- End of file - 12378 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\EasyShare Registration Task.job C:\WINDOWS\tasks\Scheduled scanning task.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}] AGSearchHook Class - C:\Program Files\AGI\common\agcutils.dll [2009-01-10 43520] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}] BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll [2008-08-11 656696] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}] Kiwee Toolbar - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll [2008-10-05 277648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}] Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320] {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - Kiwee Toolbar - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll [2008-10-05 277648] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Cmaudio"=RunDll32 cmicnfg.cpl [] "Recguard"=C:\WINDOWS\SMINST\RECGUARD.EXE [2005-07-19 999424] "WOOWATCH"=C:\PROGRA~1\Wanadoo\Watch.exe [2004-08-23 20480] "WOOTASKBARICON"=C:\PROGRA~1\Wanadoo\GestMaj.exe [2004-10-14 32768] "F-Secure Manager"=C:\Program Files\AntivirusFirewall\Common\FSM32.EXE [2005-10-26 122929] "F-Secure TNB"=C:\Program Files\AntivirusFirewall\TNB\TNBUtil.exe [2005-07-18 700416] "F-Secure Startup Wizard"=C:\Program Files\AntivirusFirewall\FSGUI\FSSW.EXE [2005-10-18 372736] "News Service"=C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe [2005-05-31 356352] "OpwareSE2"=C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe [2003-05-08 49152] "OPSE reminder"=C:\Program Files\ScanSoft\OmniPageSE2.0\EregFre\Ereg.exe [2003-07-07 729088] "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784] "BigDog305"=C:\WINDOWS\VM305_STI.EXE [2005-08-05 61440] "NetAnalyse"=C:\Program Files\NetAnalyse\NetAnalyse.exe [] "Anniversaires"=C:\Anuman Interactive\Le journal de votre naissance\anniv.exe [2007-12-22 765952] "QuickTime Task"=C:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe [2008-09-06 282624] "KiweeHook"=C:\Program Files\Kiwee Toolbar\2.8.167\kwtbaim.exe [2008-10-05 56456] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "WOOKIT"=C:\PROGRA~1\Wanadoo\Shell.exe [2004-08-23 122880] "IncrediMail"=C:\Program Files\IncrediMail\bin\IncMail.exe [2008-07-24 243072] "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232] "msnmsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184] "ares"=C:\Program Files\Ares\Ares.exe -h [] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\HOMERunner.exe [2008-05-06 202088] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Anniversaires] C:\Anuman Interactive\Le journal de votre naissance\anniv.exe [2007-12-22 765952] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares] C:\Program Files\Ares\Ares.exe -h [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent] C:\Program Files\BitTorrent\bittorrent.exe --force_start_minimized [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] C:\Program Files\MSN Messenger\MsnMsgr.Exe /background [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OrangePlayer] c:\program files\orange\player orange\Orange Player.exe /systray [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WINCINEMAMGR] C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe [2004-12-30 270336] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^InterVideo Scheduler server.lnk] C:\PROGRA~1\INTERV~1\DVD5R\SchSvr.exe [2005-01-05 147456] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^InterVideo WinCinema Manager.lnk] C:\PROGRA~1\INTERV~1\Common\Bin\WINCIN~1.EXE [2004-12-30 270336] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^KODAK Software Updater.lnk] C:\PROGRA~1\Kodak\KODAKS~1\7288971\Program\KODAKS~1.EXE [2004-02-13 16423] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logiciel Kodak EasyShare.lnk] C:\PROGRA~1\Kodak\KODAKE~1\bin\EASYSH~1.EXE [2007-06-21 282624] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Antivirus Firewall.lnk - C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE Wireless LAN Utility.lnk - C:\Program Files\Wireless LAN Driver and Utility\RtWLan.exe C:\Documents and Settings\nathalie\Menu Démarrer\Programmes\Démarrage NetAnalyse.lnk - C:\Program Files\NetAnalyse\NetAnalyse.exe PowerReg Scheduler V3.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2006-01-05 61440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=95000000 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe"="C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe:*:Enabled:Antivirus Firewall" "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule" "C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail" "C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail" "C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail" "C:\Program Files\IncrediMail\bin\ImLc.exe"="C:\Program Files\IncrediMail\bin\ImLc.exe:*:Enabled:IncrediMail" "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent" "C:\Documents and Settings\nathalie\Bureau\mule\eMule\emule.exe"="C:\Documents and Settings\nathalie\Bureau\mule\eMule\emule.exe:*:Enabled:eMule" "C:\Program Files\Ares\Ares.exe"="C:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows" "C:\Program Files\Morpheus\Morpheus.exe"="C:\Program Files\Morpheus\Morpheus.exe:*:Enabled:Morpheus" "C:\Program Files\eMule\eMule0.48a\emule.exe"="C:\Program Files\eMule\eMule0.48a\emule.exe:*:Enabled:eMule" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\KAZAA LITE TOOLS K++\KazaaLite.kpp"="C:\Program Files\KAZAA LITE TOOLS K++\KazaaLite.kpp:*:Enabled:KazaaLite" "C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe"="C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater" "C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe"="C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare" "C:\Program Files\Kazaa Lite Resurrection\kazaalite.kpp"="C:\Program Files\Kazaa Lite Resurrection\kazaalite.kpp:*:Enabled:kazaalite" "C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client" "C:\Program Files\Azureus\Azureus.exe"="C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus" "C:\Program Files\Global Star Software\Airport Tycoon 3\at3.exe"="C:\Program Files\Global Star Software\Airport Tycoon 3\at3.exe:*:Enabled:at3" "C:\Program Files\SopCast\adv\SopAdver.exe"="C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver" "C:\Program Files\SopCast\SopCast.exe"="C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\Program Files\GOA\Gunbound\GunBound.gme"="C:\Program Files\GOA\Gunbound\GunBound.gme:*:Enabled:GunBound" "C:\Program Files\Lphant\eLePhantClient.exe"="C:\Program Files\Lphant\eLePhantClient.exe:*:Enabled:lphant Client" "C:\Documents and Settings\nathalie\Bureau\mwodownloader.exe"="C:\Documents and Settings\nathalie\Bureau\mwodownloader.exe:*:Enabled:BitCometLite" "C:\Documents and Settings\nathalie\Bureau\freezer.exe"="C:\Documents and Settings\nathalie\Bureau\freezer.exe:*:Enabled:freezer" "C:\Program Files\MultiProxy\mproxy.exe"="C:\Program Files\MultiProxy\mproxy.exe:*:Enabled:MultiProxy personal proxy server" "C:\Program Files\Atari\Deer Hunter 2005\DH2005.exe"="C:\Program Files\Atari\Deer Hunter 2005\DH2005.exe:*:Enabled:DH2005" "C:\Program Files\GameSpy Arcade\Aphex.exe"="C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade" "C:\Program Files\Microsoft Games\Halo\halo.exe"="C:\Program Files\Microsoft Games\Halo\halo.exe:*:Enabled:Halo" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe"="C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe:*:Enabled:Antivirus Firewall" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\Z] shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe folder.htt 480 480 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1c6434bb-6128-11dc-a847-0013d3a014e0}] shell\AutoRun\command - F:\InstallTomTomHOME.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{24d7c524-9817-11dc-a8a1-0013d3a014e0}] shell\AutoRun\command - F:\setupSNK.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{88961462-ba09-11dc-a8cf-0013d3a014e0}] shell\AutoRun\command - F:\AutoTransfer.exe ======List of files/folders created in the last 1 months====== 2009-01-10 13:30:33 ----D---- C:\Program Files\trend micro 2009-01-10 13:30:26 ----D---- C:\rsit 2009-01-09 21:31:38 ----D---- C:\WINDOWS\LastGood 2009-01-09 21:30:44 ----D---- C:\Program Files\Panda Security 2009-01-08 19:56:10 ----D---- C:\Program Files\JaliyaV4 2009-01-08 19:55:47 ----D---- C:\Program Files\Zylom Games 2009-01-08 19:55:47 ----D---- C:\Program Files\Warcraft III 2009-01-08 19:55:47 ----D---- C:\Program Files\Samsung 2009-01-08 19:55:45 ----D---- C:\Program Files\SAGEM 2009-01-08 19:55:45 ----D---- C:\Program Files\Project64 1.6 2009-01-08 19:55:45 ----D---- C:\Program Files\NRJ 2009-01-08 19:55:45 ----D---- C:\Program Files\MorpheusBar 2009-01-08 19:55:45 ----D---- C:\Program Files\Morpheus 2009-01-08 19:55:41 ----D---- C:\Program Files\MaCuisineLapeyrePrima 2009-01-08 19:55:41 ----D---- C:\Program Files\LimeWire 2009-01-08 19:55:41 ----D---- C:\Program Files\Kazaa Lite Resurrection 2009-01-08 19:55:40 ----D---- C:\Program Files\Infogrames 2009-01-08 19:55:40 ----D---- C:\Program Files\IKEA HomePlanner 2009-01-08 19:55:40 ----D---- C:\Program Files\GOA 2009-01-08 19:55:40 ----D---- C:\Program Files\GIMP-2.0 2009-01-08 19:55:38 ----D---- C:\Program Files\GameSpy Arcade 2009-01-08 19:55:38 ----D---- C:\Program Files\EoRezo 2009-01-08 19:55:38 ----D---- C:\Program Files\EA Games 2009-01-08 19:55:38 ----D---- C:\Program Files\d-lusion 2009-01-08 19:55:27 ----D---- C:\Program Files\BoontyGames 2009-01-08 19:55:26 ----D---- C:\Program Files\Boonty 2009-01-08 19:55:25 ----D---- C:\Program Files\Azureus 2009-01-08 19:55:24 ----D---- C:\totalcmd 2009-01-08 19:55:24 ----D---- C:\Team17 2009-01-08 19:55:24 ----D---- C:\Sierra 2009-01-08 19:55:24 ----D---- C:\Program Files\AviSynth 2.5 2009-01-08 19:55:24 ----D---- C:\eJay 2009-01-06 09:41:26 ----D---- C:\Program Files\Microsoft Silverlight 2008-12-27 13:00:08 ----A---- C:\WINDOWS\msnfix.txt 2008-12-26 13:43:50 ----A---- C:\WINDOWS\system32\MSCMCDE.DLL 2008-12-26 13:43:50 ----A---- C:\WINDOWS\system32\MSCC2DE.DLL 2008-12-26 13:43:50 ----A---- C:\WINDOWS\system32\CMDLGDE.DLL 2008-12-26 13:43:49 ----A---- C:\WINDOWS\system32\VB6DE.DLL 2008-12-22 21:37:05 ----D---- C:\WINDOWS\Minidump 2008-12-16 09:56:18 ----A---- C:\WINDOWS\wininit.ini 2008-12-11 22:48:29 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$ 2008-12-11 22:45:22 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$ 2008-12-11 22:45:03 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$ 2008-12-11 22:44:40 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$ ======List of files/folders modified in the last 1 months====== 2009-01-10 19:03:25 ----D---- C:\WINDOWS\Temp 2009-01-10 13:36:20 ----D---- C:\Program Files\Mozilla Firefox 2009-01-10 13:31:21 ----D---- C:\WINDOWS\Prefetch 2009-01-10 13:30:33 ----D---- C:\Program Files 2009-01-10 13:15:46 ----A---- C:\WINDOWS\RTacDbg.txt 2009-01-09 21:36:06 ----D---- C:\WINDOWS\system32\drivers 2009-01-09 21:31:41 ----HD---- C:\WINDOWS\inf 2009-01-09 21:31:38 ----D---- C:\WINDOWS 2009-01-09 07:12:04 ----D---- C:\Program Files\Wanadoo 2009-01-09 07:02:49 ----D---- C:\WINDOWS\system32\CatRoot2 2009-01-08 23:04:22 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-01-08 19:58:54 ----D---- C:\WINDOWS\system32\config 2009-01-08 19:58:25 ----D---- C:\WINDOWS\system32\wbem 2009-01-08 19:58:24 ----D---- C:\WINDOWS\Registration 2009-01-08 19:57:37 ----D---- C:\Downloads 2009-01-08 19:56:43 ----SHD---- C:\Config.Msi 2009-01-08 19:56:11 ----SHD---- C:\WINDOWS\Installer 2009-01-08 19:55:09 ----D---- C:\Program Files\Spybot - Search & Destroy 2009-01-08 19:55:04 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2009-01-07 21:59:28 ----AD---- C:\Program Files\Paint Shop Pro 6 2009-01-04 17:44:54 ----HD---- C:\Program Files\InstallShield Installation Information 2008-12-26 13:43:50 ----D---- C:\WINDOWS\system32 2008-12-22 22:10:34 ----SD---- C:\Documents and Settings\nathalie\Application Data\Microsoft 2008-12-19 19:47:50 ----RSHDC---- C:\WINDOWS\system32\dllcache 2008-12-19 19:44:28 ----HD---- C:\WINDOWS\$hf_mig$ 2008-12-13 07:37:56 ----A---- C:\WINDOWS\system32\mshtml.dll 2008-12-11 22:48:35 ----A---- C:\WINDOWS\imsins.BAK 2008-12-11 22:48:08 ----D---- C:\Program Files\Internet Explorer ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576] R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-11-08 21035] R2 F-Secure Filter;F-Secure File System Filter; \??\C:\Program Files\AntivirusFirewall\Anti-Virus\Win2K\FSfilter.sys [] R2 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Program Files\AntivirusFirewall\Anti-Virus\Win2K\FSgk.sys [] R2 F-Secure Recognizer;F-Secure File System Recognizer; \??\C:\Program Files\AntivirusFirewall\Anti-Virus\Win2K\FSrec.sys [] R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-08-03 11868] R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys [] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-01-05 1420288] R3 cmudax;C-Media High Definition Audio Interface; C:\WINDOWS\system32\drivers\cmudax.sys [2005-05-12 1287296] R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 Iviaspi;IVI ASPI Shell; C:\WINDOWS\system32\drivers\iviaspi.sys [2003-09-10 21060] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 Pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 10368] R3 RTL8023;Realtek RTL8139/810x/8169/8110 all in one NDIS NT Driver; C:\WINDOWS\system32\DRIVERS\Rtlnic51.sys [2003-08-13 65280] R3 RTLWUSB;802.11g USB 2.0 Wireless LAN Adapter; C:\WINDOWS\system32\DRIVERS\RTL8187.sys [2006-09-06 187392] R3 SjyPkt;SjyPkt; \??\C:\WINDOWS\System32\Drivers\SjyPkt.sys [] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys [] S3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys [2004-08-03 1041536] S3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFBS2S2.sys [2004-08-03 220032] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320] S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2004-10-29 32000] S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS [] S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS [] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2005-12-06 80272] S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2005-12-06 10864] S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2005-12-06 137884] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSFCXTS2.sys [2004-08-03 685056] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S3 ZSMC0305;VIMICRO USB PC Camera V; C:\WINDOWS\System32\Drivers\usbVM305.sys [2005-11-30 392316] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AGWinService;AG Windows Service; C:\Program Files\AGI\common\win32\PythonService.exe [2008-10-05 10240] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-01-05 405504] R2 BackWeb Plug-in - 6588780;Antivirus Firewall; C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE [2007-06-02 32807] R2 fsbwsys;fsbwsys; C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe [2007-06-02 278581] R2 F-Secure Gatekeeper Handler Starter;FSGKHS; C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe [2005-07-13 36947] R2 FSMA;F-Secure Management Agent; C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE [2005-10-26 61490] R2 FTRTSVC;France Telecom Routing Table Service; C:\WINDOWS\System32\FTRTSVC.exe [2004-08-23 40960] R2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] R3 FSDFWD;F-Secure Anti-Virus Firewall Daemon; C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe [2005-11-18 204863] R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800] S3 Boonty Games;Boonty Games; C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [2007-06-12 69120] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2004-10-29 86016] S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] -----------------EOF-----------------
  18. romnath
    voila le contenu mais c'est tres long... Logfile of random's system information tool 1.05 (written by random/random) Run by nathalie at 2009-01-10 13:30:26 Microsoft Windows XP Professionnel Service Pack 3 System drive C: has 65 GB (44%) free of 149 GB Total RAM: 1023 MB (38% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:31:02, on 10/01/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AGI\common\win32\PythonService.exe C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe C:\Program Files\AntivirusFirewall\Anti-Virus\FSGK32.EXE C:\Program Files\AntivirusFirewall\Anti-Virus\fssm32.exe C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE C:\WINDOWS\System32\FTRTSVC.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RunDll32.exe C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\WINDOWS\VM305_STI.EXE C:\Program Files\Kiwee Toolbar\2.8.167\kwtbaim.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\IncrediMail\bin\IMApp.exe C:\Program Files\Wireless LAN Driver and Utility\RtWLan.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\AntivirusFirewall\Common\FSM32.EXE C:\Program Files\AntivirusFirewall\Common\FSMB32.EXE C:\Program Files\AntivirusFirewall\Common\FCH32.EXE C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE C:\Program Files\AntivirusFirewall\Common\FAMEH32.EXE C:\Program Files\AntivirusFirewall\Anti-Virus\fsqh.exe C:\Program Files\AntivirusFirewall\Anti-Virus\fsrw.exe C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe C:\Program Files\AntivirusFirewall\Anti-Virus\fsav32.exe C:\PROGRA~1\ANTIVI~1\ANTI-S~1\fsaw.exe C:\Program Files\AntivirusFirewall\FSGUI\fsguidll.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\nathalie\Bureau\RSIT.exe C:\Program Files\trend micro\nathalie.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\AntivirusFirewall\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\AntivirusFirewall\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\AntivirusFirewall\FSGUI\FSSW.EXE" /reboot O4 - HKLM\..\Run: [News Service] "C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe" O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [OPSE reminder] "C:\Program Files\ScanSoft\OmniPageSE2.0\EregFre\Ereg.exe" -r "C:\Program Files\ScanSoft\OmniPageSE2.0\EregFre\ereg.ini" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [bigDog305] C:\WINDOWS\VM305_STI.EXE VIMICRO USB PC Camera (ZC0305) O4 - HKLM\..\Run: [NetAnalyse] C:\Program Files\NetAnalyse\NetAnalyse.exe O4 - HKLM\..\Run: [Anniversaires] C:\Anuman Interactive\Le journal de votre naissance\anniv.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe" -atboottime O4 - HKLM\..\Run: [KiweeHook] "C:\Program Files\Kiwee Toolbar\2.8.167\kwtbaim.exe" O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: NetAnalyse.lnk = C:\Program Files\NetAnalyse\NetAnalyse.exe O4 - Startup: PowerReg Scheduler V3.exe O4 - Global Startup: Antivirus Firewall.lnk = C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Wireless LAN Utility.lnk = ? O8 - Extra context menu item: &Bloquer cette fenêtre publicitaire - C:\Program Files\AntivirusFirewall\Anti-Spyware\blockpopups.htm O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?bc611d11bab3496a82a04ef96140a3a9 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?bc611d11bab3496a82a04ef96140a3a9 O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing) O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/dow...llerControl.cab O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0..._instmodule.exe O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-20283c53200f4686.spaces.live.co...ad/MsnPUpld.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/in...nagerPlugin.CAB O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{A436BD83-2F05-4783-B218-BB51F96D727A}: NameServer = 192.168.1.1 O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Antivirus Firewall (BackWeb Plug-in - 6588780) - Securitoo Portal - C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe -- End of file - 12378 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\EasyShare Registration Task.job C:\WINDOWS\tasks\Scheduled scanning task.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}] AGSearchHook Class - C:\Program Files\AGI\common\agcutils.dll [2009-01-10 43520] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}] BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll [2008-08-11 656696] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}] Kiwee Toolbar - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll [2008-10-05 277648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}] Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320] {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - Kiwee Toolbar - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll [2008-10-05 277648] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Cmaudio"=RunDll32 cmicnfg.cpl [] "Recguard"=C:\WINDOWS\SMINST\RECGUARD.EXE [2005-07-19 999424] "WOOWATCH"=C:\PROGRA~1\Wanadoo\Watch.exe [2004-08-23 20480] "WOOTASKBARICON"=C:\PROGRA~1\Wanadoo\GestMaj.exe [2004-10-14 32768] "F-Secure Manager"=C:\Program Files\AntivirusFirewall\Common\FSM32.EXE [2005-10-26 122929] "F-Secure TNB"=C:\Program Files\AntivirusFirewall\TNB\TNBUtil.exe [2005-07-18 700416] "F-Secure Startup Wizard"=C:\Program Files\AntivirusFirewall\FSGUI\FSSW.EXE [2005-10-18 372736] "News Service"=C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe [2005-05-31 356352] "OpwareSE2"=C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe [2003-05-08 49152] "OPSE reminder"=C:\Program Files\ScanSoft\OmniPageSE2.0\EregFre\Ereg.exe [2003-07-07 729088] "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784] "BigDog305"=C:\WINDOWS\VM305_STI.EXE [2005-08-05 61440] "NetAnalyse"=C:\Program Files\NetAnalyse\NetAnalyse.exe [] "Anniversaires"=C:\Anuman Interactive\Le journal de votre naissance\anniv.exe [2007-12-22 765952] "QuickTime Task"=C:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe [2008-09-06 282624] "KiweeHook"=C:\Program Files\Kiwee Toolbar\2.8.167\kwtbaim.exe [2008-10-05 56456] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "WOOKIT"=C:\PROGRA~1\Wanadoo\Shell.exe [2004-08-23 122880] "IncrediMail"=C:\Program Files\IncrediMail\bin\IncMail.exe [2008-07-24 243072] "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232] "msnmsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184] "ares"=C:\Program Files\Ares\Ares.exe -h [] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\HOMERunner.exe [2008-05-06 202088] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Anniversaires] C:\Anuman Interactive\Le journal de votre naissance\anniv.exe [2007-12-22 765952] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares] C:\Program Files\Ares\Ares.exe -h [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent] C:\Program Files\BitTorrent\bittorrent.exe --force_start_minimized [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] C:\Program Files\MSN Messenger\MsnMsgr.Exe /background [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OrangePlayer] c:\program files\orange\player orange\Orange Player.exe /systray [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WINCINEMAMGR] C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe [2004-12-30 270336] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^InterVideo Scheduler server.lnk] C:\PROGRA~1\INTERV~1\DVD5R\SchSvr.exe [2005-01-05 147456] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^InterVideo WinCinema Manager.lnk] C:\PROGRA~1\INTERV~1\Common\Bin\WINCIN~1.EXE [2004-12-30 270336] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^KODAK Software Updater.lnk] C:\PROGRA~1\Kodak\KODAKS~1\7288971\Program\KODAKS~1.EXE [2004-02-13 16423] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logiciel Kodak EasyShare.lnk] C:\PROGRA~1\Kodak\KODAKE~1\bin\EASYSH~1.EXE [2007-06-21 282624] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Antivirus Firewall.lnk - C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE Wireless LAN Utility.lnk - C:\Program Files\Wireless LAN Driver and Utility\RtWLan.exe C:\Documents and Settings\nathalie\Menu Démarrer\Programmes\Démarrage NetAnalyse.lnk - C:\Program Files\NetAnalyse\NetAnalyse.exe PowerReg Scheduler V3.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2006-01-05 61440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=95000000 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe"="C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe:*:Enabled:Antivirus Firewall" "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule" "C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail" "C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail" "C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail" "C:\Program Files\IncrediMail\bin\ImLc.exe"="C:\Program Files\IncrediMail\bin\ImLc.exe:*:Enabled:IncrediMail" "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent" "C:\Documents and Settings\nathalie\Bureau\mule\eMule\emule.exe"="C:\Documents and Settings\nathalie\Bureau\mule\eMule\emule.exe:*:Enabled:eMule" "C:\Program Files\Ares\Ares.exe"="C:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows" "C:\Program Files\Morpheus\Morpheus.exe"="C:\Program Files\Morpheus\Morpheus.exe:*:Enabled:Morpheus" "C:\Program Files\eMule\eMule0.48a\emule.exe"="C:\Program Files\eMule\eMule0.48a\emule.exe:*:Enabled:eMule" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\KAZAA LITE TOOLS K++\KazaaLite.kpp"="C:\Program Files\KAZAA LITE TOOLS K++\KazaaLite.kpp:*:Enabled:KazaaLite" "C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe"="C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater" "C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe"="C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare" "C:\Program Files\Kazaa Lite Resurrection\kazaalite.kpp"="C:\Program Files\Kazaa Lite Resurrection\kazaalite.kpp:*:Enabled:kazaalite" "C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client" "C:\Program Files\Azureus\Azureus.exe"="C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus" "C:\Program Files\Global Star Software\Airport Tycoon 3\at3.exe"="C:\Program Files\Global Star Software\Airport Tycoon 3\at3.exe:*:Enabled:at3" "C:\Program Files\SopCast\adv\SopAdver.exe"="C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver" "C:\Program Files\SopCast\SopCast.exe"="C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\Program Files\GOA\Gunbound\GunBound.gme"="C:\Program Files\GOA\Gunbound\GunBound.gme:*:Enabled:GunBound" "C:\Program Files\Lphant\eLePhantClient.exe"="C:\Program Files\Lphant\eLePhantClient.exe:*:Enabled:lphant Client" "C:\Documents and Settings\nathalie\Bureau\mwodownloader.exe"="C:\Documents and Settings\nathalie\Bureau\mwodownloader.exe:*:Enabled:BitCometLite" "C:\Documents and Settings\nathalie\Bureau\freezer.exe"="C:\Documents and Settings\nathalie\Bureau\freezer.exe:*:Enabled:freezer" "C:\Program Files\MultiProxy\mproxy.exe"="C:\Program Files\MultiProxy\mproxy.exe:*:Enabled:MultiProxy personal proxy server" "C:\Program Files\Atari\Deer Hunter 2005\DH2005.exe"="C:\Program Files\Atari\Deer Hunter 2005\DH2005.exe:*:Enabled:DH2005" "C:\Program Files\GameSpy Arcade\Aphex.exe"="C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade" "C:\Program Files\Microsoft Games\Halo\halo.exe"="C:\Program Files\Microsoft Games\Halo\halo.exe:*:Enabled:Halo" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe"="C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe:*:Enabled:Antivirus Firewall" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\Z] shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe folder.htt 480 480 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1c6434bb-6128-11dc-a847-0013d3a014e0}] shell\AutoRun\command - F:\InstallTomTomHOME.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{24d7c524-9817-11dc-a8a1-0013d3a014e0}] shell\AutoRun\command - F:\setupSNK.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{88961462-ba09-11dc-a8cf-0013d3a014e0}] shell\AutoRun\command - F:\AutoTransfer.exe ======List of files/folders created in the last 1 months====== 2009-01-10 13:30:33 ----D---- C:\Program Files\trend micro et le infotxt: info.txt logfile of random's system information tool 1.05 2009-01-10 13:31:05 ======Uninstall list====== -->"C:\Program Files\AntivirusFirewall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Spyware Scanner" -->"C:\Program Files\AntivirusFirewall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Spyware" -->"C:\Program Files\AntivirusFirewall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Virus Client Security Installer" -->"C:\Program Files\AntivirusFirewall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Virus" -->"C:\Program Files\AntivirusFirewall\fsuninst.exe" /UninstRegKey:"F-Secure DAAS" -->"C:\Program Files\AntivirusFirewall\fsuninst.exe" /UninstRegKey:"F-Secure Diagnostics" -->"C:\Program Files\AntivirusFirewall\fsuninst.exe" /UninstRegKey:"F-Secure E-mail Scanning" -->"C:\Program Files\AntivirusFirewall\fsuninst.exe" /UninstRegKey:"F-Secure FWES" -->"C:\Program Files\AntivirusFirewall\fsuninst.exe" /UninstRegKey:"F-Secure GUI" -->"C:\Program Files\AntivirusFirewall\fsuninst.exe" /UninstRegKey:"F-Secure Help" -->"C:\Program Files\AntivirusFirewall\fsuninst.exe" /UninstRegKey:"F-Secure Internet Shield" -->"C:\Program Files\AntivirusFirewall\fsuninst.exe" /UninstRegKey:"F-Secure Management Agent" -->"C:\Program Files\AntivirusFirewall\fsuninst.exe" /UninstRegKey:"F-Secure Spam Control" -->"C:\Program Files\AntivirusFirewall\fsuninst.exe" /UninstRegKey:"F-Secure Spam Scanner" -->"C:\Program Files\AntivirusFirewall\fsuninst.exe" /UninstRegKey:"F-Secure TNB" -->"C:\Program Files\AntivirusFirewall\fsuninst.exe" /UninstRegKey:"News Service" -->"C:\Program Files\InstallShield Installation Information\{0B168FED-B9EC-4DA8-AC17-9A41F284640B}\setup.exe" REMOVEALL -->"C:\Program Files\InstallShield Installation Information\{2FCE4FC5-6930-40E7-A4F1-F862207424EF}\setup.exe" REMOVEALL -->"C:\Program Files\InstallShield Installation Information\{F366D0C4-18F2-44A6-A4E7-7ED2DD37F3D3}\setup.exe" --u:{F366D0C4-18F2-44A6-A4E7-7ED2DD37F3D3} -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40602E2C-AB5C-4887-8093-3BFE5B8B95B3}\setup.exe" REMOVEALL -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Adobe Acrobat 5.0-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll" Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 7.1.0 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A71000000002} Adobe Shockwave Player-->C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log AntiVirus Firewall-->C:\PROGRA~1\ANTIVI~1\Common\fsbwih.exe /uninstall Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe ArcSoft PhotoStudio 5.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{85309D89-7BE9-4094-BB17-24999C6118FC}\Setup.exe" -l0x40c Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986} ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean Barre d'outils Outlook de Windows Live (Windows Live Toolbar)-->MsiExec.exe /X{6E15BEDF-7EB5-4010-998E-B430DB4EFE45} Beauty Wizard-->C:\WINDOWS\uninst.exe -f"C:\Program Files\VI-SOFT\Beauty Wizard\DeIsL1.isu" -c"C:\Program Files\VI-SOFT\Beauty Wizard\_ISREG32.DLL" Bird Hunter 2003-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{C9090D9D-AE80-4E15-8E74-EDE04FC41BF7} BitComet 1.04-->C:\Program Files\BitComet\uninst.exe Bloqueur de fenêtres pop-up (Windows Live Toolbar)-->MsiExec.exe /X{A425C250-A0E1-4D78-B1C1-A5CBC7385E7C} CamfrogWEB Advanced ActiveX Plugin (remove only)-->"C:\Program Files\CFWebAdvancedU\Uninstall.exe" Canon CanoScan Toolbox 4.9-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}\setup.exe" -l0x40c anything Canon ScanGear Starter-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{18A5DFF2-8A95-49F3-873F-743CB5549F3D}\SETUP.EXE" -l0x40c anything CCScore-->MsiExec.exe /I{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992} Classic PhoneTools-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E3436EE2-D5CB-4249-840B-3A0140CC34C3}\Setup.exe" -l0x40c ControlPanel C-Media High Definition Audio Driver-->C:\WINDOWS\system32\cmirmdrv.exe Codeur Windows Media Série 9-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} Codeur Windows Media Série 9-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe" Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe" Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Deer Hunter - The 2005 Season-->"C:\Program Files\Atari\Deer Hunter 2005\unins000.exe" Détecteur de flux Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{EFFCB0F1-CFEC-48D4-B793-EBFCAE852976} EPSON Attach To Email-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{20C45B32-5AB6-46A4-94EF-58950CAF05E5} /l1033 ADDREMOVEDLG EPSON Easy Photo Print-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5DA7BC15-18D3-41A0-9F59-838DA3EAEF17}\SETUP.EXE" -l0x40c UNINST EPSON File Manager-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E86BC406-944E-41F6-ADE6-2C136734C96B}\Setup.exe" -l0x40c UNINST EPSON Logiciel imprimante-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R EPSON Scan Assistant-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}\Setup.exe" -l0x40c -u ESSBrwr-->MsiExec.exe /I{643EAE81-920C-4931-9F0B-4B343B225CA6} ESSCDBK-->MsiExec.exe /I{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD} ESScore-->MsiExec.exe /I{42938595-0D83-404D-9F73-F8177FDD531A} ESSgui-->MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A} ESSini-->MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765} ESSPCD-->MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5} ESSPDock-->MsiExec.exe /I{FCDB1C92-03C6-4C76-8625-371224256091} ESSSONIC-->MsiExec.exe /I{073F22CE-9A5B-4A40-A604-C7270AC6BF34} ESSTOOLS-->MsiExec.exe /I{8A502E38-29C9-49FA-BCFA-D727CA062589} essvatgt-->MsiExec.exe /I{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F} Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C52BA20C2D} Extension HighMAT pour l'Assistant Graver un CD de Microsoft Windows XP-->MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F} Fastlab Print Service-->"C:\Program Files\Fastlab Print Service\unins000.exe" fflink-->MsiExec.exe /I{608D2A3C-6889-4C11-9B54-A42F45ACBFDB} Generic SoftK56 Data Fax-->C:\Program Files\CONEXANT\HSF_MODEM_PCI\HXFSETUP.EXE -U -IGENHSF5.INF Gestionnaire Internet-->C:\PROGRA~1\Wanadoo\uninstall.exe getPlus®_ocx-->rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\inf\GETPLUSo.INF, DefaultUninstall GTK+ 2.10.11 runtime environment-->"C:\Program Files\Fichiers communs\GTK\2.0\setup\unins000.exe" HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" IncrediMail Xe-->C:\Program Files\IncrediMail\bin\ImSetup.exe /remove /addon:IncrediMail /log:IncMail.log InterVideo Launcher-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8AEEE6D6-C95D-465A-B8D3-B7AE2FA7B8B4}\setup.exe" REMOVEALL IsoBuster 2.4-->"C:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe" Jaliya V4.05-->"C:\Program Files\JaliyaV4\unins000.exe" Java 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020} Java 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030} Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070} Java SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010} kgcbaby-->MsiExec.exe /I{E18B549C-5D15-45DA-8D8F-8FD2BD946344} kgcbase-->MsiExec.exe /I{F22C222C-3CE2-4A4B-A83F-AF4681371ABE} kgchday-->MsiExec.exe /I{11F3F858-4131-4FFA-A560-3FE282933B6E} kgchlwn-->MsiExec.exe /I{03EDED24-8375-407D-A721-4643D9768BE1} kgcinvt-->MsiExec.exe /I{9BD54685-1496-46A5-AB62-357CD140ED8B} kgckids-->MsiExec.exe /I{693C08A7-9E76-43FF-B11E-9A58175474C4} kgcmove-->MsiExec.exe /I{A1588373-1D86-4D44-86C9-78ABD190F9CC} kgcvday-->MsiExec.exe /I{8A8664E1-84C8-4936-891C-BC1F07797549} Kiwee Toolbar-->"C:\Program Files\AGI\common\bootstrapper.exe" -uninstall"\"C:/Program Files/AGI/Python25\pythonw.exe\" \"C:\Program Files\AGI\common\pyagcore\installer.pyc\" -u KiweeToolbar" KSU-->MsiExec.exe /I{B997C2A0-4383-41BF-B76E-9B8B7ECFB267} Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall livebox-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17342E3B-0818-4A6F-BFF8-99476605ADD6}\Setup.exe" -l0x40c Logiciel Kodak EasyShare-->C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_140002_1a8857d\Setup.exe /APR-REMOVE Ma Cuisine Lapeyre Prima-->C:\PROGRA~1\MACUIS~1\UNWISE.EXE C:\PROGRA~1\MACUIS~1\INSTALL.LOG Manual CanoScan LiDE 60-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23B72D50-1C7E-491C-8086-9E060051D316}\setup.exe" -l0x40c MediaBar-->C:\WINDOWS\Downloaded Program Files\MusicManagerUnInstaller.exe "C:\WINDOWS\Downloaded Program Files\MusicManagerPlugin.ocx" "{C45B1500-7B63-47C2-AB25-C28CB46AFDEE}" Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929} Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700} Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28} Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Halo-->"C:\Program Files\Microsoft Games\Halo\UNINSTAL.EXE" /runtemp /addremove Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Office 2000 Premium-->MsiExec.exe /I{0000040C-78E1-11D2-B60F-006097C998E7} Microsoft Office Excel Viewer 2003-->MsiExec.exe /I{9084040C-6000-11D3-8CFE-0150048383C9} Microsoft Office PowerPoint Viewer 2003-->MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9} Microsoft Office Word Viewer 2003-->MsiExec.exe /I{9085040C-6000-11D3-8CFE-0150048383C9} Microsoft Publisher 98-->C:\Program Files\Microsoft Office\Office\Install\Install.exe /m Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7} Mise à jour de sécurité pour le Codeur Windows Media (KB954156)-->"C:\WINDOWS\$NtUninstallKB954156_WM9L$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe" Mozilla Firefox (3.0.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MpcStar 3.1-->C:\Program Files\MpcStar\uninst.exe MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F} MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC} MSXML4 Parser-->MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13} Navigateur Orange-->C:\PROGRA~1\Wanadoo\Shell.exe inst\uninst_FTBrowser.shl Navigation par onglets (Windows Live Toolbar)-->MsiExec.exe /X{E916E61F-DE9D-4EAF-91E1-CEB50016326A} netbrdg-->MsiExec.exe /I{4537EA4B-F603-4181-89FB-2953FC695AB1} Notifier-->MsiExec.exe /I{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2} OfotoXMI-->MsiExec.exe /I{B162D0A6-9A1D-4B7C-91A5-88FB48113C45} OmniPage SE 2.0-->MsiExec.exe /I{79D5997E-BF79-48BB-8B41-9BE59C15C2D7} OneCare Advisor (Windows Live Toolbar)-->MsiExec.exe /X{6D7F8D4B-D1A4-402A-973E-31E90940E585} OpenOffice.org Installer 1.0-->MsiExec.exe /X{3A2AF807-9F9F-43C9-A24A-17B617238B74} Panda ActiveScan 2.0-->C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe QuickPar 0.9-->C:\Program Files\QuickPar\uninst.exe QuickTime-->MsiExec.exe /I{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8} SFR-->MsiExec.exe /I{DB02F716-6275-42E9-B8D2-83BA2BF5100B} SHASTA-->MsiExec.exe /I{605A4E39-613C-4A12-B56F-DEFBE6757237} skin0001-->MsiExec.exe /I{5316DFC9-CE99-4458-9AB3-E8726EDE0210} SKINXSDK-->MsiExec.exe /I{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F} Spybot - Search & Destroy 1.4-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins001.exe" staticcr-->MsiExec.exe /I{8943CE61-53BD-475E-90E1-A580869E98A2} TomTom HOME-->C:\Program Files\TomTom HOME 2\Uninstall TomTom HOME.exe tooltips-->MsiExec.exe /I{E79987F0-0E34-42CC-B8FF-6C860AEEB26A} UseNeXT-->"C:\Program Files\UseNeXT\unins000.exe" VC_MergeModuleToMSI-->MsiExec.exe /I{900A92BA-19EF-4A34-86CF-7B6C85BDD971} VideoLAN VLC media player 0.8.6b-->C:\Program Files\VideoLAN\VLC\uninstall.exe Virtual DJ - Atomix Productions-->C:\PROGRA~1\VIRTUA~1\UNWISE.EXE C:\PROGRA~1\VIRTUA~1\INSTALL.LOG VPRINTOL-->MsiExec.exe /I{999D43F4-9709-4887-9B1A-83EBB15A8370} Winamp (remove only)-->"C:\Program Files\Winamp\UninstWA.exe" Windows Live Favorites pour Windows Live Toolbar-->MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66} Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390} Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65} Windows Live OneCare safety scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT Windows Live Toolbar-->"C:\Program Files\Windows Live Toolbar\UnInstall.exe" {0A8C97AD-DEED-4894-B446-3ABA95A77D0D} Windows Live Toolbar-->MsiExec.exe /X{0A8C97AD-DEED-4894-B446-3ABA95A77D0D} Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Format SDK Hotfix - KB891122-->"C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe" Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" WinPcap 3.1 beta4-->"C:\Program Files\WinPcap\Uninstall.exe" "C:\Program Files\WinPcap\install.log" Wireless LAN Driver and Utility-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D1DDE912-03B9-4C1C-A7EB-C60693820E18}\setup.exe" -l0x40c REMOVE -removeonly WIRELESS-->MsiExec.exe /I{F9593CFB-D836-49BC-BFF1-0E669A411D9F} Xilisoft MP4 Converter-->C:\Program Files\Xilisoft\MP4 Converter 3\Uninstall.exe ======Hosts File====== 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com ======Security center information====== AV: AntiVirus Firewall 6.15 (outdated) FW: AntiVirus Firewall 6.15 System event log Computer Name: R2D2 Event Code: 17 Message: Fournisseur de temps NtpClient : une erreur s'est produite lors de la recherche DNS de l'homologue manuellement configuré 'time.windows.com,0x1'. NtpClient va essayer à nouveau la recherche DNS dans 15 minutes. L'erreur était : Une opération a été tentée sur un hôte impossible à atteindre. (0x80072751) Record Number: 6288 Source Name: W32Time Time Written: 20081201133150.000000+060 Event Type: erreur User: Computer Name: R2D2 Event Code: 4201 Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{B369AE13-B33F-40E2-885A-DCF138A43232} était connectée au réseau, et a lancé une opération normale sur la carte réseau. Record Number: 6287 Source Name: Tcpip Time Written: 20081201133143.000000+060 Event Type: Informations User: Computer Name: R2D2 Event Code: 4202 Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{B369AE13-B33F-40E2-885A-DCF138A43232} était déconnectée du réseau, et la configuration réseau de la carte a été abandonnée. Si la carte réseau n'était pas déconnectée, ceci peut indiquer un disfonctionnement. Contactez le fabricant pour des pilotes mis à jour. Record Number: 6286 Source Name: Tcpip Time Written: 20081201133123.000000+060 Event Type: Informations User: Computer Name: R2D2 Event Code: 2504 Message: Le serveur n'a pas pu se lier au transport \Device\NetBT_Tcpip_{B369AE13-B33F-40E2-885A-DCF138A43232}. Record Number: 6285 Source Name: Server Time Written: 20081201133116.000000+060 Event Type: Avertissement User: Computer Name: R2D2 Event Code: 4201 Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{B369AE13-B33F-40E2-885A-DCF138A43232} était connectée au réseau, et a lancé une opération normale sur la carte réseau. Record Number: 6284 Source Name: Tcpip Time Written: 20081201133108.000000+060 Event Type: Informations User: Application event log Computer Name: R2D2 Event Code: 103 Message: 12 2008-10-08 12:04:15+02:00 r2d2 R2D2\nathalie F-Secure Anti-Virus Scanning of C:\DOWNLOADS\FOOTBALL MANAGER 2008 WORKING CRACK 100%\FM.EXE was aborted due to exceeded scanning time limit. The file may be in use or reading it was too slow (e.g. network connection was under stress). Record Number: 1768 Source Name: F-Secure Anti-Virus Time Written: 20081008120416.000000+120 Event Type: erreur User: Computer Name: R2D2 Event Code: 103 Message: 11 2008-10-08 12:03:49+02:00 r2d2 R2D2\nathalie F-Secure Anti-Virus Scanning of C:\DOWNLOADS\FOOTBALL MANAGER 2008 WORKING CRACK 100%\FM.EXE was aborted due to exceeded scanning time limit. The file may be in use or reading it was too slow (e.g. network connection was under stress). Record Number: 1767 Source Name: F-Secure Anti-Virus Time Written: 20081008120350.000000+120 Event Type: erreur User: Computer Name: R2D2 Event Code: 103 Message: 10 2008-10-08 12:03:26+02:00 r2d2 R2D2\nathalie F-Secure Anti-Virus Scanning of C:\DOWNLOADS\FOOTBALL MANAGER 2008 WORKING CRACK 100%\FM.EXE was aborted due to exceeded scanning time limit. The file may be in use or reading it was too slow (e.g. network connection was under stress). Record Number: 1766 Source Name: F-Secure Anti-Virus Time Written: 20081008120327.000000+120 Event Type: erreur User: Computer Name: R2D2 Event Code: 103 Message: 9 2008-10-08 12:03:24+02:00 r2d2 R2D2\nathalie F-Secure Anti-Virus Scanning of C:\DOWNLOADS\FOOTBALL MANAGER 2008 WORKING CRACK 100%\FM.EXE was aborted due to exceeded scanning time limit. The file may be in use or reading it was too slow (e.g. network connection was under stress). Record Number: 1765 Source Name: F-Secure Anti-Virus Time Written: 20081008120324.000000+120 Event Type: erreur User: Computer Name: R2D2 Event Code: 103 Message: 8 2008-10-08 12:02:56+02:00 r2d2 R2D2\nathalie F-Secure Anti-Virus Scanning of C:\DOWNLOADS\FOOTBALL MANAGER 2008 WORKING CRACK 100%\FM.EXE was aborted due to exceeded scanning time limit. The file may be in use or reading it was too slow (e.g. network connection was under stress). Record Number: 1764 Source Name: F-Secure Anti-Virus Time Written: 20081008120256.000000+120 Event Type: erreur User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\PROGRA~1\MICROS~2\Office;C:\Program Files\Fichiers communs\GTK\2.0\bin;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Smart Projects\IsoBuster "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 3, GenuineIntel "PROCESSOR_REVISION"=0403 "NUMBER_OF_PROCESSORS"=2 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "LANG"=fr "CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_02\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre1.6.0_02\lib\ext\QTJava.zip
  19. romnath
    ok je ferais ca ce soir car je dois partir et oui je peux me connecter via mozilla... je poste le rapport dans la soirée merci de ton aide
  20. romnath
    bonjour, je ne peux plus faire de mises a jours, mon antivirus est bloqué, mon parefeu est depassé, internet explorer ne marche plus, et j'ai l'impression que des fois mon ordi " fait ce qu'il veut"... mais je ne peux pas formater, comment faire pour savoir ce que j'ai et m'en debarrasser?
  21. romnath
    bonjour, depuis qlqs jours je ne peux plus faire de mise a jours pour windows et pour mon anti virus orange, le pare feu est depassé... et certainnes actions bloque que dois je faire pour savoir ce qu'a mon ordi et comment le depanner merci de votre aide...
×
×
  • Créer...