Aller au contenu

etoiledemer

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    36

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par etoiledemer

  1. etoiledemer
    Bon j'ai été obligé de refaire partir combofix , et j'ai enfn le rapport : le voilà ! omboFix 09-03-19.02 - jean philippe 2009-03-22 16:28:47.3 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.503.112 [GMT 1:00] Lancé depuis: c:\documents and settings\jean philippe\Bureau\Combo-Fix.exe * Resident AV is active . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . ---- Exécution préalable ------- . c:\documents and settings\Arthur2\Cookies\esyhike.bat c:\documents and settings\Arthur2\Local Settings\Temporary Internet Files\ikalyqev.lib c:\documents and settings\Arthur2\Local Settings\Temporary Internet Files\yrejewila.bat c:\documents and settings\corinne\Cookies\elonib.com c:\documents and settings\corinne\Cookies\ewem.vbs c:\documents and settings\corinne\Cookies\xeryqefaz.dl c:\windows\system32\drivers\UACnopardkm.sys c:\windows\system32\TDSSlrvd.dat c:\windows\system32\TDSSosvd.dat c:\windows\system32\UACcwnkidvj.dll c:\windows\system32\UACiktrfbkn.log c:\windows\system32\UACilbmqpxj.db c:\windows\system32\uacinit.dll c:\windows\system32\UAClvrmraua.log c:\windows\system32\UACrmphweew.dll c:\windows\system32\UACrxlyfurx.log c:\windows\system32\UACsvgtjkxv.dll c:\windows\system32\UACtbkdbiur.dat c:\windows\system32\UACubxmimxe.dll c:\windows\system32\UACvokcsfyq.dll c:\windows\system32\UACwflqylfv.dll . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_UACd.sys ((((((((((((((((((((((((((((( Fichiers créés du 2009-02-22 au 2009-03-22 )))))))))))))))))))))))))))))))))))) . 2009-03-21 20:50 . 2009-03-21 20:50 8,192 --ahs---- c:\windows\Thumbs.db 2009-03-21 17:56 . 2009-03-21 17:56 <REP> d-------- C:\rsit 2009-03-21 17:56 . 2009-03-21 17:56 <REP> d-------- c:\program files\trend micro 2009-03-21 17:49 . 2009-03-21 17:49 21,410 --a------ c:\windows\system32\AAWService_2009_03_21_17_49_42.dmp 2009-03-20 22:35 . 2009-03-21 17:28 <REP> d-------- c:\program files\karcher 2009-03-20 22:22 . 2009-03-20 19:34 15,688 --a------ c:\windows\system32\lsdelete.exe 2009-03-20 19:35 . 2009-03-20 19:34 64,160 --a------ c:\windows\system32\drivers\Lbd.sys 2009-03-20 19:33 . 2009-03-20 19:33 <REP> d--h-c--- c:\documents and settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800} 2009-03-19 19:14 . 2009-03-21 18:55 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware 2009-03-19 19:01 . 2009-03-19 19:01 21,402 --a------ c:\windows\system32\AAWService_2009_03_19_19_01_45.dmp 2009-03-18 16:25 . 2009-03-18 16:25 21,402 --a------ c:\windows\system32\AAWService_2009_03_18_16_25_55.dmp 2009-03-18 16:07 . 2009-03-18 16:07 0 --a------ c:\windows\system32\AAWService_2009_03_18_16_07_47.dmp 2009-03-18 15:22 . 2009-03-18 15:22 21,402 --a------ c:\windows\system32\AAWService_2009_03_18_15_22_37.dmp 2009-03-18 10:45 . 2009-03-18 10:45 21,402 --a------ c:\windows\system32\AAWService_2009_03_18_10_45_13.dmp 2009-03-17 19:25 . 2009-03-17 19:25 21,402 --a------ c:\windows\system32\AAWService_2009_03_17_19_25_56.dmp 2009-03-17 06:57 . 2009-03-21 17:50 1,896,749 --a------ c:\windows\system32\uactmp.db . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-03-21 18:53 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater 2009-03-20 18:32 --------- d-----w c:\program files\Lavasoft 2009-03-20 18:32 --------- d-----w c:\documents and settings\All Users\Application Data\Lavasoft 2009-03-12 20:07 --------- d-----w c:\documents and settings\jean philippe\Application Data\Skype 2009-03-12 18:08 --------- d-----w c:\documents and settings\jean philippe\Application Data\skypePM 2009-03-07 15:07 --------- d-----w c:\documents and settings\jean philippe\Application Data\HP 2009-03-05 18:12 --------- d-----w c:\documents and settings\Arthur2\Application Data\dvdcss 2009-02-16 09:30 65,624 -c--a-w c:\documents and settings\corinne\Application Data\GDIPFONTCACHEV1.DAT 2009-02-09 14:05 1,846,912 ----a-w c:\windows\system32\win32k.sys 2009-01-25 17:12 65,624 -c--a-w c:\documents and settings\Arthur2\Application Data\GDIPFONTCACHEV1.DAT 2009-01-22 20:00 --------- d-----w c:\documents and settings\Arthur2\Application Data\Skype 2009-01-22 19:59 --------- d-----w c:\documents and settings\Arthur2\Application Data\skypePM 2009-01-05 22:33 3,751,995 ----a-w c:\windows\system32\GPhotos.scr 2008-12-10 16:46 65,624 ----a-w c:\documents and settings\jean philippe\Application Data\GDIPFONTCACHEV1.DAT 2008-11-20 19:57 19,977 ----a-w c:\program files\Fichiers communs\jyloj.dll 2008-11-20 19:57 17,502 ----a-w c:\program files\Fichiers communs\ydipa.dat 2008-11-20 19:57 17,119 ----a-w c:\documents and settings\All Users\Application Data\cejaqo.sys 2008-11-20 19:57 16,718 ----a-w c:\program files\Fichiers communs\oxub.pif 2008-11-20 19:57 13,878 ----a-w c:\documents and settings\All Users\Application Data\ilozokemef.vbs 2008-11-20 19:57 11,474 ----a-w c:\program files\Fichiers communs\fuguwuku.sys 2008-11-20 19:08 19,798 ----a-w c:\documents and settings\All Users\Application Data\kubeluqev.reg 2008-11-20 19:08 19,419 ----a-w c:\program files\Fichiers communs\uraweja.bat 2008-11-20 19:08 19,175 ----a-w c:\program files\Fichiers communs\gimuhiticu.db 2008-11-20 19:08 17,437 ----a-w c:\documents and settings\All Users\Application Data\iqujawih.bin 2008-11-20 19:08 16,927 ----a-w c:\documents and settings\Arthur2\Application Data\fyconapyg.reg 2008-11-20 19:08 11,994 ----a-w c:\program files\Fichiers communs\cadujuh.dat 2008-07-28 17:31 61,736 -c--a-w c:\documents and settings\TEMP\Application Data\GDIPFONTCACHEV1.DAT 2008-04-28 07:55 15,397 -c--a-w c:\program files\settings.dat 2005-01-09 15:35 0 -csha-w c:\windows\SMINST\HPCD.sys 2008-07-27 10:46 32,768 -csha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008072720080728\index.dat . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe" [bU] "LogitechSoftwareUpdate"="c:\program files\Logitech\Video\ManifestEngine.exe" [2004-06-01 196608] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-13 68856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunKistEM"="c:\program files\Digital Media Reader\shwiconem.exe" [2004-10-18 135168] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2002-09-13 212992] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2004-07-01 155648] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2004-07-01 118784] "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2003-10-31 32768] "HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2005-01-12 241664] "TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2005-01-09 151597] "ShStatEXE"="c:\program files\Network Associates\VirusScan\SHSTAT.EXE" [2003-09-29 81990] "McAfeeUpdaterUI"="c:\program files\Network Associates\Common Framework\UpdaterUI.exe" [2003-09-10 135251] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2005-02-08 98304] "LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2004-05-21 221184] "LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2004-06-01 458752] "LogitechVideoTray"="c:\program files\Logitech\Video\LogiTray.exe" [2004-06-01 217088] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-04-27 29744] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 39792] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840] "Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-03-20 515416] "Raccourci vers la page des propriétés de High Definition Audio"="HDAudPropShortcut.exe" [2004-03-17 c:\windows\system32\Hdaudpropshortcut.exe] "CHotkey"="zHotkey.exe" [2004-05-17 c:\windows\zHotkey.exe] "ShowWnd"="ShowWnd.exe" [2003-09-19 c:\windows\ShowWnd.exe] "SoundMan"="SOUNDMAN.EXE" [2004-09-28 c:\windows\SOUNDMAN.EXE] "AlcWzrd"="ALCWZRD.EXE" [2004-09-28 c:\windows\ALCWZRD.EXE] "DXDllRegExe"="dxdllreg.exe" [bU] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\corinne\Menu D‚marrer\Programmes\D‚marrage\ Vente Flash.lnk - c:\program files\Vente Flash\vente_flash.exe [2007-07-27 2484551] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2003-09-16 237568] Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-12-18 67128] Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Real\\RealOne Player\\realplay.exe"= "c:\\WINDOWS\\system32\\mshta.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Microsoft Games\\Age of Empires II\\empires2.exe"= "c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-03-20 64160] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2009-01-18 951632] S3 GoogleDesktopManager-022208-143751;Google Desktop Manager 5.7.802.22438;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2007-10-18 29744] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{18ce8c64-8d1c-11dc-93e4-0011118e2887}] \Shell\AutoRun\command - E:\start.exe \Shell\iledefrance\command - E:\start.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d81fd471-3133-11d9-b32b-806d6172696f}] \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe folder.htt 480 480 . Contenu du dossier 'Tâches planifiées' 2009-03-20 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-20 19:34] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.google.com uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 mStart Page = hxxp://www.google.com uInternet Settings,ProxyOverride = localhost uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: &Recherche AOL Toolbar - c:\program files\AOL Toolbar\toolbar.dll/SEARCH.HTML IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000 Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} - hxxp://copainsdavant.linternaute.com/html_include_bibliotheque/objimageuploader/5.1.1.0/ImageUploader5.cab . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-03-22 16:34:15 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . Heure de fin: 2009-03-22 16:37:33 ComboFix-quarantined-files.txt 2009-03-22 15:37:29 Avant-CF: 36,170,649,600 octets libres Après-CF: 36,246,499,328 octets libres 189 --- E O F --- 2009-03-17 06:11:40
  2. etoiledemer
    re, La réponse est la suivant : Windows ne trouve pas , pourtant j'ai fait un copier coller : donc pas d'erreur sur le nom c'est la galère !!!
  3. etoiledemer
    Bonjour Gof , Désolée mais je ne trouve pas sur C : ComboFix.txt , impossible de faire une copie écran !!!!
  4. etoiledemer
    bon combofix a fini ,il n'a pas affiché de rapport, juste indiqué C:\ComboFix.txt . , et le pc s'est éteint et à redemarrer. que dois-je faire ?
  5. etoiledemer
    OK , j'accepte et je continue ....
  6. etoiledemer
    Pas facile, mon écran s'est éteint , jereviens , par contre lors du lancement de combofix il me recommande d'installer la console de recuperation windows , car il il dit qu elle est inexistante sur ce pc ??, faut il le faire ? ou pas ? toujours un peu peur d'accepter certaines licence !!! si je ne le fais je perd tout ou pas ?
  7. etoiledemer
    Bonsoir Gof ! Merci pour ta réponse rapide, Avant de commencer , une petite interrogation , tu me dis de le renommer mais sur l'écran ( si je comprens " bien " l'anglais il est dit de le renommer comme combo-fix ??? je croyais que renommer voulait dire changer de nom ?? un peu perdue !!
  8. etoiledemer
    Voici aussi ce que j'ai avec ad-aware Logfile created: 21/03/2009 17:35:31 Lavasoft Ad-Aware version: 8.0.3 Extended engine version: 8.1 User performing scan: jean philippe *********************** Definitions database information *********************** Lavasoft definition file: 147.1 Extended engine definition file: 8.1 ******************************** Scan results: ********************************* Scan profile name: Analyse astucieuse (ID: smart) Objects scanned: 131240 Objects detected: 9 Type Detected ========================== Processes.......: 0 Registry entries: 0 Hostfile entries: 0 Files...........: 1 Folders.........: 0 LSPs............: 0 Cookies.........: 8 Browser hijacks.: 0 MRU objects.....: 0 Removed items: Description: *atdmt* Family Name: Cookies Clean status: Success Item ID: 408910 Family ID: 0 Description: *bs.serving-sys* Family Name: Cookies Clean status: Success Item ID: 408902 Family ID: 0 Description: *serving-sys* Family Name: Cookies Clean status: Success Item ID: 409130 Family ID: 0 Description: *2o7* Family Name: Cookies Clean status: Success Item ID: 408943 Family ID: 0 Description: *advertis* Family Name: Cookies Clean status: Success Item ID: 408918 Family ID: 0 Description: *advertising* Family Name: Cookies Clean status: Failed Item ID: 409017 Family ID: 0 Description: *doubleclick* Family Name: Cookies Clean status: Success Item ID: 408875 Family ID: 0 Description: *tradedoubler* Family Name: Cookies Clean status: Success Item ID: 408964 Family ID: 0 Quarantined items: Description: C:\WINDOWS\system32\drivers\UACnopardkm.sys Family Name: Win32.Rootkit.TDSS Clean status: Reboot required Item ID: 592112 Family ID: 495042 Scan and cleaning complete: Finished correctly after 560 seconds *********************************** Settings *********************************** Scan profile: ID: smart, enabled:1, value: Analyse astucieuse ID: scancriticalareas, enabled:1, value: true ID: scanrunningapps, enabled:1, value: true ID: scanregistry, enabled:1, value: true ID: scanlsp, enabled:1, value: true ID: scanads, enabled:1, value: false ID: scanhostsfile, enabled:1, value: false ID: scanmru, enabled:1, value: false ID: scanbrowserhijacks, enabled:1, value: true ID: scantrackingcookies, enabled:1, value: true ID: closebrowsers, enabled:1, value: false ID: folderstoscan, enabled:1, value: ID: scanrootkits, enabled:1, value: true ID: usespywareheuristics, enabled:1, value: true ID: extendedengine, enabled:0, value: true ID: useheuristics, enabled:0, value: true ID: heuristicslevel, enabled:0, value: mild, domain: medium,mild,strict ID: filescanningoptions, enabled:1 ID: archives, enabled:1, value: false ID: onlyexecutables, enabled:1, value: true ID: skiplargerthan, enabled:1, value: 20480 Scan global: ID: global, enabled:1 ID: addtocontextmenu, enabled:1, value: true ID: playsoundoninfection, enabled:1, value: false ID: soundfile, enabled:0, value: *to be filled in automatically*\alert.wav Scheduled scan settings: <Empty> Update settings: ID: updates, enabled:1 ID: launchthreatworksafterscan, enabled:1, value: normal, domain: normal,off,silently ID: displaystatus, enabled:1, value: false ID: deffiles, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall ID: autodetectproxy, enabled:1, value: false ID: useautoconfigscript, enabled:1, value: false ID: autoconfigurl, enabled:0, value: ID: useproxy, enabled:1, value: false ID: proxyserver, enabled:0, value: ID: softwareupdates, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall ID: licenseandinfo, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall ID: schedules, enabled:1, value: true ID: updatedaily, enabled:1, value: Daily ID: time, enabled:1, value: Fri Mar 20 19:34:00 2009 ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly ID: weekdays, enabled:1 ID: monday, enabled:1, value: false ID: tuesday, enabled:1, value: false ID: wednesday, enabled:1, value: false ID: thursday, enabled:1, value: false ID: friday, enabled:1, value: false ID: saturday, enabled:1, value: false ID: sunday, enabled:1, value: false ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31 ID: scanprofile, enabled:1, value: ID: auto_deal_with_infections, enabled:1, value: false ID: updateweekly, enabled:1, value: Weekly ID: time, enabled:1, value: Fri Mar 20 19:34:00 2009 ID: frequency, enabled:1, value: weekly, domain: daily,monthly,once,systemstart,weekly ID: weekdays, enabled:1 ID: monday, enabled:1, value: true ID: tuesday, enabled:1, value: false ID: wednesday, enabled:1, value: false ID: thursday, enabled:1, value: false ID: friday, enabled:1, value: true ID: saturday, enabled:1, value: false ID: sunday, enabled:1, value: false ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31 ID: scanprofile, enabled:1, value: ID: auto_deal_with_infections, enabled:1, value: false Appearance settings: ID: appearance, enabled:1 ID: skin, enabled:1, value: default.egl, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Resource ID: showtrayicon, enabled:1, value: true ID: language, enabled:1, value: fr, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Language Realtime protection settings: ID: realtime, enabled:1 ID: processprotection, enabled:1, value: true ID: registryprotection, enabled:0, value: false ID: networkprotection, enabled:0, value: false ID: loadatstartup, enabled:1, value: true ID: usespywareheuristics, enabled:0, value: false ID: extendedengine, enabled:0, value: false ID: useheuristics, enabled:0, value: false ID: heuristicslevel, enabled:0, value: mild, domain: medium,mild,strict ID: infomessages, enabled:1, value: onlyimportant, domain: display,dontnotify,onlyimportant ****************************** System information ****************************** Computer name: GRIGNÉJIP Processor name: Intel® Pentium® 4 CPU 2.93GHz Processor identifier: x86 Family 15 Model 3 Stepping 4 Raw info: processorarchitecture 0, processortype 586, processorlevel 15, processor revision 772, number of processors 1 Physical memory available: 84004864 bytes Physical memory total: 527147008 bytes Virtual memory available: 2055581696 bytes Virtual memory total: 2147352576 bytes Memory load: 84% Microsoft Windows XP Professional Service Pack 3 (build 2600) Windows startup mode: Running processes: PID: 608 name: \SystemRoot\System32\smss.exe owner: SYSTEM domain: AUTORITE NT PID: 664 name: \??\C:\WINDOWS\system32\csrss.exe owner: SYSTEM domain: AUTORITE NT PID: 688 name: \??\C:\WINDOWS\system32\winlogon.exe owner: SYSTEM domain: AUTORITE NT PID: 736 name: C:\WINDOWS\system32\services.exe owner: SYSTEM domain: AUTORITE NT PID: 748 name: C:\WINDOWS\system32\lsass.exe owner: SYSTEM domain: AUTORITE NT PID: 908 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: AUTORITE NT PID: 1012 name: C:\WINDOWS\system32\svchost.exe owner: SERVICE RÉSEAU domain: AUTORITE NT PID: 1116 name: C:\WINDOWS\System32\svchost.exe owner: SYSTEM domain: AUTORITE NT PID: 1152 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: AUTORITE NT PID: 1276 name: C:\WINDOWS\system32\svchost.exe owner: SERVICE RÉSEAU domain: AUTORITE NT PID: 1392 name: C:\WINDOWS\system32\svchost.exe owner: SERVICE LOCAL domain: AUTORITE NT PID: 1492 name: C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe owner: SYSTEM domain: AUTORITE NT PID: 1748 name: C:\WINDOWS\Explorer.EXE owner: jean philippe domain: GRIGNÉJIP PID: 1756 name: C:\WINDOWS\system32\spoolsv.exe owner: SYSTEM domain: AUTORITE NT PID: 1792 name: C:\Program Files\Internet Explorer\Iexplore.exe owner: jean philippe domain: GRIGNÉJIP PID: 1932 name: C:\WINDOWS\system32\ctfmon.exe owner: jean philippe domain: GRIGNÉJIP PID: 432 name: C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe owner: jean philippe domain: GRIGNÉJIP PID: 516 name: C:\Program Files\Digital Media Reader\shwiconem.exe owner: jean philippe domain: GRIGNÉJIP PID: 552 name: C:\WINDOWS\system32\igfxtray.exe owner: jean philippe domain: GRIGNÉJIP PID: 568 name: C:\WINDOWS\system32\hkcmd.exe owner: jean philippe domain: GRIGNÉJIP PID: 584 name: C:\WINDOWS\zHotkey.exe owner: jean philippe domain: GRIGNÉJIP PID: 600 name: C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe owner: jean philippe domain: GRIGNÉJIP PID: 628 name: C:\WINDOWS\SOUNDMAN.EXE owner: jean philippe domain: GRIGNÉJIP PID: 640 name: C:\WINDOWS\ALCWZRD.EXE owner: jean philippe domain: GRIGNÉJIP PID: 712 name: C:\Program Files\HP\hpcoretech\hpcmpmgr.exe owner: jean philippe domain: GRIGNÉJIP PID: 1072 name: C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe owner: jean philippe domain: GRIGNÉJIP PID: 1088 name: C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE owner: jean philippe domain: GRIGNÉJIP PID: 1100 name: C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe owner: jean philippe domain: GRIGNÉJIP PID: 1168 name: C:\Program Files\QuickTime\qttask.exe owner: jean philippe domain: GRIGNÉJIP PID: 1212 name: C:\WINDOWS\system32\LVCOMSX.EXE owner: jean philippe domain: GRIGNÉJIP PID: 1304 name: C:\Program Files\Logitech\Video\LogiTray.exe owner: jean philippe domain: GRIGNÉJIP PID: 1328 name: C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe owner: jean philippe domain: GRIGNÉJIP PID: 1340 name: C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe owner: jean philippe domain: GRIGNÉJIP PID: 1404 name: C:\Program Files\HP\HP Software Update\HPWuSchd2.exe owner: jean philippe domain: GRIGNÉJIP PID: 1416 name: C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe owner: jean philippe domain: GRIGNÉJIP PID: 1592 name: C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe owner: jean philippe domain: GRIGNÉJIP PID: 1536 name: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe owner: jean philippe domain: GRIGNÉJIP PID: 232 name: C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe owner: jean philippe domain: GRIGNÉJIP PID: 356 name: C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe owner: SYSTEM domain: AUTORITE NT PID: 536 name: C:\Program Files\Network Associates\Common Framework\FrameworkService.exe owner: SYSTEM domain: AUTORITE NT PID: 528 name: C:\Program Files\Logitech\Video\FxSvr2.exe owner: jean philippe domain: GRIGNÉJIP PID: 1060 name: C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe owner: jean philippe domain: GRIGNÉJIP PID: 2112 name: C:\Program Files\Network Associates\VirusScan\Mcshield.exe owner: SYSTEM domain: AUTORITE NT PID: 2144 name: C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe owner: SYSTEM domain: AUTORITE NT PID: 2260 name: C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe owner: SYSTEM domain: AUTORITE NT PID: 2364 name: C:\Program Files\Fichiers communs\New Boundary\PrismXL\PRISMXL.SYS owner: SYSTEM domain: AUTORITE NT PID: 2464 name: C:\WINDOWS\system32\slserv.exe owner: SYSTEM domain: AUTORITE NT PID: 2492 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: AUTORITE NT PID: 3588 name: C:\WINDOWS\system32\wbem\unsecapp.exe owner: SYSTEM domain: AUTORITE NT PID: 3664 name: C:\WINDOWS\System32\alg.exe owner: SERVICE LOCAL domain: AUTORITE NT PID: 3932 name: C:\WINDOWS\system32\wbem\wmiprvse.exe owner: SYSTEM domain: AUTORITE NT PID: 1640 name: C:\WINDOWS\system32\wuauclt.exe owner: SYSTEM domain: AUTORITE NT PID: 2328 name: C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe owner: jean philippe domain: GRIGNÉJIP PID: 296 name: C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe owner: jean philippe domain: GRIGNÉJIP Startup items: Name: PostBootReminder imagepath: {7849596a-48ea-486e-8937-a2a3009f31a9} Name: CDBurn imagepath: {fbeb8a05-beee-4442-804e-409d6c4515e9} Name: WebCheck imagepath: {E6FB5E20-DE35-11CF-9C87-00AA005127ED} Name: SysTray imagepath: {35CEC8A3-2BE6-11D2-8773-92E220524153} Name: WPDShServiceObj imagepath: {AAA288BA-9A4C-45B0-95D7-94D524869DB5} Name: {438755C2-A8BA-11D1-B96B-00A0C90312E1} imagepath: Pré-chargeur Browseui Name: {8C7461EF-2B13-11d2-BE35-3078302C2030} imagepath: Démon de cache des catégories de composant Name: CTFMON.EXE imagepath: C:\WINDOWS\system32\CTFMON.EXE Name: Raccourci vers la page des propriétés de High Definition Audio imagepath: HDAudPropShortcut.exe Name: SunKistEM imagepath: C:\Program Files\Digital Media Reader\shwiconem.exe Name: Name: NeroFilterCheck imagepath: C:\WINDOWS\system32\NeroCheck.exe Name: Recguard imagepath: C:\WINDOWS\SMINST\RECGUARD.EXE Name: IgfxTray imagepath: C:\WINDOWS\system32\igfxtray.exe Name: HotKeysCmds imagepath: C:\WINDOWS\system32\hkcmd.exe Name: CHotkey imagepath: zHotkey.exe Name: ShowWnd imagepath: ShowWnd.exe Name: RemoteControl imagepath: "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" Name: SoundMan imagepath: SOUNDMAN.EXE Name: AlcWzrd imagepath: ALCWZRD.EXE Name: Alcmtr imagepath: ALCMTR.EXE Name: HP Component Manager imagepath: "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" Name: DXDllRegExe imagepath: dxdllreg.exe Name: TkBellExe imagepath: C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe -osboot Name: ShStatEXE imagepath: "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE Name: McAfeeUpdaterUI imagepath: "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey Name: QuickTime Task imagepath: "C:\Program Files\QuickTime\qttask.exe" -atboottime Name: LVCOMSX imagepath: C:\WINDOWS\system32\LVCOMSX.EXE Name: LogitechVideoRepair imagepath: C:\Program Files\Logitech\Video\ISStart.exe Name: LogitechVideoTray imagepath: C:\Program Files\Logitech\Video\LogiTray.exe Name: SunJavaUpdateSched imagepath: "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" Name: Google Desktop Search imagepath: "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup Name: Adobe Reader Speed Launcher imagepath: "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" Name: HP Software Update imagepath: C:\Program Files\HP\HP Software Update\HPWuSchd2.exe Name: Ad-Watch imagepath: C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe Name: imagepath: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\desktop.ini Name: location: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk imagepath: C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe Name: location: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk imagepath: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe Name: location: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk imagepath: C:\Program Files\Microsoft Office\Office10\OSA.EXE Bootexecute items: Name: imagepath: autocheck autochk * Name: imagepath: lsdelete Running services: Name: ALG displayname: Service de la passerelle de la couche Application Name: AudioSrv displayname: Audio Windows Name: BITS displayname: Service de transfert intelligent en arrière-plan Name: Browser displayname: Explorateur d'ordinateur Name: CryptSvc displayname: Services de cryptographie Name: DcomLaunch displayname: Lanceur de processus serveur DCOM Name: Dhcp displayname: Client DHCP Name: Dnscache displayname: Client DNS Name: ERSvc displayname: Service de rapport d'erreurs Name: Eventlog displayname: Journal des événements Name: EventSystem displayname: Système d'événements de COM+ Name: FastUserSwitchingCompatibility displayname: Compatibilité avec le Changement rapide d'utilisateur Name: gusvc displayname: Google Updater Service Name: helpsvc displayname: Aide et support Name: lanmanserver displayname: Serveur Name: lanmanworkstation displayname: Station de travail Name: Lavasoft Ad-Aware Service displayname: Lavasoft Ad-Aware Service Name: LmHosts displayname: Assistance TCP/IP NetBIOS Name: McAfeeFramework displayname: Service Framework McAfee Name: McShield displayname: Network Associates McShield Name: McTaskManager displayname: Network Associates Task Manager Name: Netman displayname: Connexions réseau Name: Nla displayname: NLA (Network Location Awareness) Name: PlugPlay displayname: Plug-and-Play Name: PolicyAgent displayname: Services IPSEC Name: PrismXL displayname: PrismXL Name: ProtectedStorage displayname: Emplacement protégé Name: RasMan displayname: Gestionnaire de connexions d'accès distant Name: RpcSs displayname: Appel de procédure distante (RPC) Name: SamSs displayname: Gestionnaire de comptes de sécurité Name: Schedule displayname: Planificateur de tâches Name: seclogon displayname: Connexion secondaire Name: SENS displayname: Notification d'événement système Name: SharedAccess displayname: Pare-feu Windows / Partage de connexion Internet Name: ShellHWDetection displayname: Détection matériel noyau Name: SLService displayname: SmartLinkService Name: Spooler displayname: Spouleur d'impression Name: srservice displayname: Service de restauration système Name: SSDPSRV displayname: Service de découvertes SSDP Name: stisvc displayname: Acquisition d'image Windows (WIA) Name: TapiSrv displayname: Téléphonie Name: TermService displayname: Services Terminal Server Name: Themes displayname: Thèmes Name: TrkWks displayname: Client de suivi de lien distribué Name: W32Time displayname: Horloge Windows Name: WebClient displayname: WebClient Name: winmgmt displayname: Infrastructure de gestion Windows Name: wuauserv displayname: Mises à jour automatiques Name: WudfSvc displayname: Windows Driver Foundation - User-mode Driver Framework Name: WZCSVC displayname: Configuration automatique sans fil merci
  9. etoiledemer
    Bonjour et merci pour votre réponse, voilà ce que j'ai après le telechargement de random : info.txt logfile of random's system information tool 1.05 2009-03-21 17:56:41 ======Uninstall list====== -->C:\Program Files\Fichiers communs\Real\Update_OB\rnuninst.exe RealNetworks|RealPlayer|6.0 -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Ad-Aware-->"C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe" REMOVE=TRUE MODIFY=FALSE Ad-Aware-->C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Reader 8.1.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81000000003} Age of Empires III-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{485775E8-AEB8-46BD-922B-242879E03DD5} Age of Mythology-->"C:\Program Files\Microsoft Games\Age of Mythology\UNINSTAL.EXE" /runtemp /addremove Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe ArcSoft Camera Suite 1.3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AD13BFB0-FDD2-4AFA-A8AF-9F4A950D56B7}\setup.exe" -l0x40c Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2} Autodesk Inventor 8-->MsiExec.exe /I{7F4DD591-8000-0409-0000-7107D70F3DB4} Canon Camera Support Core Library-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{26BDE7D8-93F0-4A07-AD47-1707DB417941} /l1036 Canon Camera Window for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{B34BE30D-A759-4EC2-B58F-19FE2DEBF651} Canon Internet Library for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{2F81FBFC-9A37-431F-9050-14B55485DF5A} Canon MovieEdit Task for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{DE286975-ACF1-45B8-9EF7-34E162B2C817} Canon PhotoRecord-->MsiExec.exe /X{0878E100-C0BB-41E8-B4C6-C486B61FDA7B} Canon RAW Image Task for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{68E7E8BD-2233-49BE-81D6-1A1FAF1B5196} Canon RemoteCapture Task for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{CF2C1A86-5A98-4862-A3AE-9992E3A6427D} Canon Utilities PhotoStitch 3.1-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{EF4C7EB0-D71B-43A3-9552-8053DE4B0401} Canon Utilities ZoomBrowser EX-->MsiExec.exe /X{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2} CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe" CDex 1.50 [Extraction Audio]-->"C:\Program Files\CDex\uninstall.exe" Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE} Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe" Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe" Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Digital Media Reader-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{81EED1A1-AE78-4B11-BE47-C6AE9F5E87F1} Empire Earth-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2447500B-22D7-47BD-9B13-1A927F43A267}\Setup.exe" -l0x40c FMS-->C:\Program Files\FMS\Uninstall.exe GdiplusUpgrade-->MsiExec.exe /I{5421155F-B033-49DB-9B33-8F80F233D4D5} Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3} Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0531C63A913CC9D1.exe" /uninstall High Definition Audio Driver Package - KB835221-->C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" HP Image Zone 3.5-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat HP PSC & OfficeJet 3.5-->"C:\Program Files\HP\Digital Imaging\{0FABD3D7-3036-4e78-B29D-58957ADB0A12}\setup\hpzscr01.exe" -datfile hposcr03.dat HP Update-->MsiExec.exe /X{FE57DE70-95DE-4B64-9266-84DA811053DB} IGN Rando-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll<UNINSTALL_CMD> Intel® Graphics Media Accelerator Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2782 PCI\VEN_8086&DEV_2582 Intel® PRO Network Adapters and Drivers-->Prounstl.exe J2SE Runtime Environment 5.0 Update 10-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100} J2SE Runtime Environment 5.0 Update 11-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110} J2SE Runtime Environment 5.0 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150020} J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060} James Bond 007: Nightfire-->C:\PROGRA~1\EAGAME~1\NIGHTF~1\UNWISE.EXE C:\PROGRA~1\EAGAME~1\NIGHTF~1\INSTALL.LOG Jasc Paint Shop Pro 8-->MsiExec.exe /I{81A34902-9D0B-4920-A25C-4CDC5D14B328} Java 2 Runtime Environment, SE v1.4.2-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142000} Java 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020} Java 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030} Java 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050} Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070} Java SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010} Learn2 Player (Uninstall Only)-->C:\Program Files\Learn2.com\StRunner\stuninst.exe Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe" -l0x40c UNINSTALL Logitech Print Service-->C:\PROGRA~1\Logitech\PRINTS~1\UNWISE.EXE C:\PROGRA~1\Logitech\PRINTS~1\INSTALL.LOG Logitech QuickCam-->MsiExec.exe /I{0496D9E9-224B-4AFA-8F37-23B98D52F1EB} McAfee VirusScan Enterprise-->MsiExec.exe /I{43D1F052-544F-468E-9944-3791243FF672} Memories Disc Creator 2.0-->MsiExec.exe /X{2E132061-C78A-48D4-A899-1D13B9D189FA} Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700} Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft Age of Empires II-->"C:\Program Files\Microsoft Games\Age of Empires II\UNINSTAL.EXE" /runtemp /uninstall Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Office XP Professional avec FrontPage-->MsiExec.exe /I{9028040C-6000-11D3-8CFE-0050048383C9} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Works 7.0-->MsiExec.exe /I{64D114CE-4234-45C2-B60A-2B07D5A48F72} Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 9 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F} MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML4 Parser-->MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13} Multimedia Keyboard Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FF262740-C85A-11D5-BBEC-00D0B740900A}\Setup.exe" -l0x40c Nero BurnRights-->C:\WINDOWS\UNNeroBurnRights.exe /UNINSTALL Nero OEM-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL OpenMG Secure Module 4.7.00-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{CCD663AE-610D-4BDF-AAB0-E914B044527D} UNINSTALL OpenOffice.org Installer 1.0-->MsiExec.exe /X{3A2AF807-9F9F-43C9-A24A-17B617238B74} Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall overland-->MsiExec.exe /I{766273C1-A39B-47EB-ACE8-DEBDD8094BCC} Paint Shop Pro 7 Evaluation-->MsiExec.exe /I{D6DE02C7-1F47-11D4-9515-00105AE4B89A} PDFCreator Toolbar-->"C:\WINDOWS\PDFCreator_Toolbar_Uninstaller_3828.exe" _?=C:\Program Files\PDFCreator Toolbar PDFCreator-->C:\Program Files\PDFCreator\unins000.exe Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe" PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall Programme de gestion Camera de Logitech®-->"C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT QuickTime-->C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log RamBoost XP 4.0.6-->"C:\Program Files\RamBoost XP\unins000.exe" RealOne Player-->C:\Program Files\Fichiers communs\Real\Update_OB\rnuninst.exe RealNetworks|RealPlayer|6.0 Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" REMOVE RUNAWAY - A road adventure-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6CEE8642-A462-42CE-8C3B-22E370DE7947}\setup.exe" Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Shockwave-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\INSTALL.LOG Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82} Smart Link 56K Voice Modem-->C:\WINDOWS\Modio\SLAMR2KV\Setup.exe /Remove Utilitaire de sauvegarde Windows-->MsiExec.exe /I{76EFFC7C-17A6-479D-9E47-8E658C1695AE} Vente Flash-->C:\Program Files\Vente Flash\uninst.exe VideoLAN VLC media player 0.8.6h-->C:\Program Files\VideoLAN\VLC\uninstall.exe Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27} Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT="" Windows Genuine Advantage v1.3.0254.0-->MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91} Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390} Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65} Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" WinZip-->"C:\Program Files\WinZip\WINZIP32.EXE" /uninstall System event log Computer Name: GRIGNÉJIP Event Code: 7026 Message: Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se charger : Beep Record Number: 5 Source Name: Service Control Manager Time Written: 20090318155152.000000+060 Event Type: erreur User: Computer Name: GRIGNÉJIP Event Code: 7035 Message: Un contrôle Démarrer a correctement été envoyé au service Gestionnaire de connexions d'accès distant. Record Number: 4 Source Name: Service Control Manager Time Written: 20090318155152.000000+060 Event Type: Informations User: AUTORITE NT\SYSTEM Computer Name: GRIGNÉJIP Event Code: 7000 Message: Le service Aspi32 n'a pas pu démarrer en raison de l'erreur : Le fichier spécifié est introuvable. Record Number: 3 Source Name: Service Control Manager Time Written: 20090318155152.000000+060 Event Type: erreur User: Computer Name: GRIGNÉJIP Event Code: 6005 Message: Le service d'Enregistrement d'événement a démarré. Record Number: 2 Source Name: EventLog Time Written: 20090318155050.000000+060 Event Type: Informations User: Computer Name: GRIGNÉJIP Event Code: 6009 Message: Microsoft ® Windows ® 5.01. 2600 Service Pack 3 Multiprocessor Free. et aussi : Logfile of random's system information tool 1.05 (written by random/random) Run by jean philippe at 2009-03-21 17:56:08 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 32 GB (21%) free of 150 GB Total RAM: 503 MB (23% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:56:35, on 21/03/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Internet Explorer\Iexplore.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Network Associates\Common Framework\FrameworkService.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Digital Media Reader\shwiconem.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\zHotkey.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\ALCWZRD.EXE C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe C:\Program Files\Network Associates\VirusScan\Mcshield.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe C:\Program Files\Fichiers communs\New Boundary\PrismXL\PRISMXL.SYS C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\jean philippe\Local Settings\Temporary Internet Files\Content.IE5\EEQGYCRM\RSIT[1].exe C:\Program Files\trend micro\jean philippe.exe C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe O4 - HKLM\..\Run: [sunKistEM] C:\Program Files\Digital Media Reader\shwiconem.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [CHotkey] zHotkey.exe O4 - HKLM\..\Run: [showWnd] ShowWnd.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe -osboot O4 - HKLM\..\Run: [shStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1120154610984 O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} - http://copainsdavant.linternaute.com/html_...geUploader5.cab O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: karna.dat O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: Service Framework McAfee (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Fichiers communs\New Boundary\PrismXL\PRISMXL.SYS O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe -- End of file - 10605 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-12-31 251504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2008-12-31 657904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}] Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2008-12-31 522224] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - PDFCreator Toolbar - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll [2008-04-28 806912] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-12-31 251504] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Raccourci vers la page des propriétés de High Definition Audio"=C:\WINDOWS\system32\HDAudPropShortcut.exe [2004-03-17 61952] "SunKistEM"=C:\Program Files\Digital Media Reader\shwiconem.exe [2004-10-18 135168] ""= [] "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] "Recguard"=C:\WINDOWS\SMINST\RECGUARD.EXE [2002-09-13 212992] "IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2004-07-01 155648] "HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2004-07-01 118784] "CHotkey"=C:\WINDOWS\zHotkey.exe [2004-05-17 543232] "ShowWnd"=C:\WINDOWS\ShowWnd.exe [2003-09-19 36864] "RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2003-10-31 32768] "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-09-28 77824] "AlcWzrd"=C:\WINDOWS\ALCWZRD.EXE [2004-09-28 2552320] "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2004-09-28 57344] "HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2005-01-12 241664] "DXDllRegExe"=dxdllreg.exe [] "TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2005-01-09 151597] "ShStatEXE"=C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE [2003-09-29 81990] "McAfeeUpdaterUI"=C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe [2003-09-10 135251] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2005-02-08 98304] "LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2004-05-21 221184] "LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe [2004-06-01 458752] "LogitechVideoTray"=C:\Program Files\Logitech\Video\LogiTray.exe [2004-06-01 217088] "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784] "Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-04-27 29744] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-10-10 39792] "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840] "Ad-Watch"=C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-03-20 515416] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "LDM"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe [] "LogitechSoftwareUpdate"=C:\Program Files\Logitech\Video\ManifestEngine.exe [2004-06-01 196608] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-06-13 68856] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="karna.dat" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxsrvc.dll [2004-07-01 344064] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2007-02-15 236928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\AOL 9.0\waol.exe"="C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0" "C:\Program Files\AOL 9.0a\waol.exe"="C:\Program Files\AOL 9.0a\waol.exe:*:Enabled:AOL 9.0a" "C:\Program Files\AOL 9.0b\waol.exe"="C:\Program Files\AOL 9.0b\waol.exe:*:Enabled:AOL 9.0b" "C:\Program Files\AOL 9.0c\waol.exe"="C:\Program Files\AOL 9.0c\waol.exe:*:Enabled:AOL 9.0c" "C:\Program Files\AOL 9.0d\waol.exe"="C:\Program Files\AOL 9.0d\waol.exe:*:Enabled:AOL 9.0d" "C:\Program Files\AOL 9.0e\waol.exe"="C:\Program Files\AOL 9.0e\waol.exe:*:Enabled:AOL 9.0e" "C:\Program Files\AOL 9.0f\waol.exe"="C:\Program Files\AOL 9.0f\waol.exe:*:Enabled:AOL 9.0f" "C:\Program Files\AOL 9.0g\waol.exe"="C:\Program Files\AOL 9.0g\waol.exe:*:Enabled:AOL 9.0g" "C:\Program Files\Real\RealOne Player\realplay.exe"="C:\Program Files\Real\RealOne Player\realplay.exe:*:Enabled:RealOne Player" "C:\WINDOWS\system32\mshta.exe"="C:\WINDOWS\system32\mshta.exe:*:Enabled:Microsoft ® HTML Application host" "C:\Program Files\Fichiers communs\AOL\ACS\AOLAcsd.exe"="C:\Program Files\Fichiers communs\AOL\ACS\AOLAcsd.exe:*:Enabled:AOL" "C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe"="C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe:*:Enabled:AOL" "C:\Program Files\AOL 9.0h\waol.exe"="C:\Program Files\AOL 9.0h\waol.exe:*:Enabled:AOL" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\AOL 9.0i\waol.exe"="C:\Program Files\AOL 9.0i\waol.exe:*:Enabled:AOL" "C:\Program Files\Microsoft Games\Age of Empires II\empires2.exe"="C:\Program Files\Microsoft Games\Age of Empires II\empires2.exe:*:Enabled:Age of Empires II" "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger" "C:\Program Files\UltraVNC\winvnc.exe"="C:\Program Files\UltraVNC\winvnc.exe:*:Enabled:Serveur VNC pour Win32" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\AOL 9.0\waol.exe"="C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0" "C:\Program Files\AOL 9.0a\waol.exe"="C:\Program Files\AOL 9.0a\waol.exe:*:Enabled:AOL 9.0a" "C:\Program Files\AOL 9.0b\waol.exe"="C:\Program Files\AOL 9.0b\waol.exe:*:Enabled:AOL 9.0b" "C:\Program Files\AOL 9.0c\waol.exe"="C:\Program Files\AOL 9.0c\waol.exe:*:Enabled:AOL 9.0c" "C:\Program Files\AOL 9.0d\waol.exe"="C:\Program Files\AOL 9.0d\waol.exe:*:Enabled:AOL 9.0d" "C:\Program Files\AOL 9.0e\waol.exe"="C:\Program Files\AOL 9.0e\waol.exe:*:Enabled:AOL 9.0e" "C:\Program Files\AOL 9.0f\waol.exe"="C:\Program Files\AOL 9.0f\waol.exe:*:Enabled:AOL 9.0f" "C:\Program Files\AOL 9.0g\waol.exe"="C:\Program Files\AOL 9.0g\waol.exe:*:Enabled:AOL 9.0g" "C:\Program Files\Fichiers communs\AOL\ACS\AOLAcsd.exe"="C:\Program Files\Fichiers communs\AOL\ACS\AOLAcsd.exe:*:Enabled:AOL" "C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe"="C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe:*:Enabled:AOL" "C:\Program Files\AOL 9.0h\waol.exe"="C:\Program Files\AOL 9.0h\waol.exe:*:Enabled:AOL" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\AOL 9.0i\waol.exe"="C:\Program Files\AOL 9.0i\waol.exe:*:Enabled:AOL" "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{18ce8c64-8d1c-11dc-93e4-0011118e2887}] shell\AutoRun\command - E:\start.exe shell\iledefrance\command - E:\start.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d81fd471-3133-11d9-b32b-806d6172696f}] shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe folder.htt 480 480 ======List of files/folders created in the last 1 months====== 2009-03-21 17:56:12 ----D---- C:\Program Files\trend micro 2009-03-21 17:56:08 ----D---- C:\rsit 2009-03-20 22:35:33 ----D---- C:\Program Files\karcher 2009-03-20 22:22:06 ----A---- C:\WINDOWS\system32\lsdelete.exe 2009-03-20 19:33:15 ----HDC---- C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800} 2009-03-19 19:14:09 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-03-10 21:27:23 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$ 2009-03-10 21:27:15 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$ 2009-03-10 21:26:01 ----HDC---- C:\WINDOWS\$NtUninstallKB959772_WM11$ 2009-02-25 10:41:55 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$ ======List of files/folders modified in the last 1 months====== 2009-03-21 17:56:12 ----RD---- C:\Program Files 2009-03-21 17:52:26 ----D---- C:\WINDOWS\Temp 2009-03-21 17:52:26 ----D---- C:\WINDOWS\system32 2009-03-21 17:51:45 ----A---- C:\WINDOWS\ModemLog_Smart Link 56K Voice Modem.txt 2009-03-21 17:51:37 ----D---- C:\WINDOWS 2009-03-21 17:49:36 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-03-21 17:26:48 ----D---- C:\WINDOWS\system32\drivers 2009-03-21 15:31:59 ----D---- C:\WINDOWS\Prefetch 2009-03-20 22:00:39 ----D---- C:\WINDOWS\Minidump 2009-03-20 19:35:10 ----SD---- C:\WINDOWS\Tasks 2009-03-20 19:35:03 ----D---- C:\WINDOWS\system32\CatRoot2 2009-03-20 19:35:01 ----DC---- C:\WINDOWS\system32\DRVSTORE 2009-03-20 19:33:15 ----D---- C:\Config.Msi 2009-03-20 19:33:13 ----SHD---- C:\WINDOWS\Installer 2009-03-20 19:32:59 ----D---- C:\Program Files\Lavasoft 2009-03-20 19:32:59 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft 2009-03-20 18:52:28 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater 2009-03-19 20:51:50 ----A---- C:\WINDOWS\NeroDigital.ini 2009-03-17 21:40:37 ----SD---- C:\Documents and Settings\jean philippe\Application Data\Microsoft 2009-03-17 19:06:54 ----D---- C:\WINDOWS\Debug 2009-03-16 18:46:03 ----D---- C:\Documents and Settings\jean philippe\Application Data\Google 2009-03-12 21:07:52 ----D---- C:\Documents and Settings\jean philippe\Application Data\Skype 2009-03-12 19:08:14 ----D---- C:\Documents and Settings\jean philippe\Application Data\skypePM 2009-03-11 20:54:54 ----A---- C:\WINDOWS\win.ini 2009-03-10 21:27:27 ----HD---- C:\WINDOWS\inf 2009-03-10 21:27:26 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-03-10 19:51:20 ----HD---- C:\WINDOWS\$hf_mig$ 2009-03-07 16:07:42 ----D---- C:\Documents and Settings\jean philippe\Application Data\HP 2009-03-05 20:59:13 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2009-03-05 20:59:13 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared 2009-02-25 12:55:00 ----A---- C:\WINDOWS\system32\MRT.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2006-09-29 43672] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576] R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 E100B;Intel® PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2004-02-10 154112] R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2004-03-17 135168] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2004-07-01 724221] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2004-09-28 2241280] R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2004-05-27 19968] R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128] R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\system32\DRIVERS\Mtlmnt5.sys [2004-02-29 230584] R3 NaiAvFilter1;NaiAvFilter1; C:\WINDOWS\system32\drivers\naiavf5x.sys [2003-09-29 83008] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2002-10-01 9856] R3 QCMerced;Logitech QuickCam Communicate; C:\WINDOWS\system32\DRIVERS\LVCM.sys [2004-05-21 471232] R3 Slntamr;SmartLink AMR_PCI Driver; C:\WINDOWS\system32\DRIVERS\slntamr.sys [2004-04-11 635280] R3 SlWdmSup;SlWdmSup; C:\WINDOWS\system32\DRIVERS\SlWdmSup.sys [2004-02-29 13248] R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480] S1 P3;Pilote processeur Intel Pentium III; C:\WINDOWS\system32\DRIVERS\p3.sys [2008-04-14 46848] S2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 HdAudAddService;Pilote de fonction Microsoft UAA pour Service High Definition Audio; C:\WINDOWS\system32\drivers\HdAudio.sys [2004-03-17 113664] S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-01-05 51056] S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-01-05 16496] S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-01-05 21488] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 Mtlstrm;Mtlstrm; C:\WINDOWS\system32\DRIVERS\Mtlstrm.sys [2004-04-11 1301080] S3 mxnic;Pilote Macronix MX987xx Family Fast Ethernet NT; C:\WINDOWS\system32\DRIVERS\mxnic.sys [2001-08-18 19968] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 NtMtlFax;NtMtlFax; C:\WINDOWS\system32\DRIVERS\NtMtlFax.sys [2004-02-29 180592] S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-04 1897408] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 SlNtHal;SlNtHal; C:\WINDOWS\system32\DRIVERS\Slnthal.sys [2004-04-11 95800] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 SunkFilt;Alcor Micro Corp - 9360; \??\C:\WINDOWS\System32\Drivers\sunkfilt.sys [] S3 SunkFilt39;Alcor Micro Corp - 3239; \??\C:\WINDOWS\System32\Drivers\sunkfilt39.sys [] S3 Sunkfiltp;HP && Alcor Micro Corp for Phison; \??\C:\WINDOWS\System32\Drivers\sunkfiltp.sys [] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104] S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-01-10 33588] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-23 168432] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-03-20 951632] R2 McAfeeFramework;Service Framework McAfee; C:\Program Files\Network Associates\Common Framework\FrameworkService.exe [2003-09-10 106586] R2 McShield;Network Associates McShield; C:\Program Files\Network Associates\VirusScan\Mcshield.exe [2003-09-29 237657] R2 McTaskManager;Network Associates Task Manager; C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe [2003-09-29 69706] R2 PrismXL;PrismXL; C:\Program Files\Fichiers communs\New Boundary\PrismXL\PRISMXL.SYS [2004-11-08 172032] R2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2004-02-29 45056] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800] S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768] S3 GoogleDesktopManager-022208-143751;Google Desktop Manager 5.7.802.22438; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-04-27 29744] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632] S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe [2006-12-14 45056] S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe [2006-12-14 57344] S3 SPTISRV;Sony SPTI Service; C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe [2006-12-14 69632] S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] -----------------EOF----------------- j'espère que c'est bien ce que vous me emandiez ???? de plus , maintenant quand je vais sur internet , mes demandes sont redirectionnées sur des sites pornos " par vraiment sympa!!!!
  10. etoiledemer
  11. etoiledemer
    BOnjour, mon ordinateur est infecté par un virus win32rootkit.tdss décelé par ad-aware mais qu'il ne peut pas supprimer. J'ai téléchargé malwarebytes antimalware , mais impossible de lancer l'application lorsque je double clic sur l'icone sur le bureau ; que faire ???? merci pour votre aide future, petite info, je suis novice en informatique , pour preuve jai eu bcq de mal à m'inscrire sur ce site et à trouver comment envoyer ce message !!!!!
×
×
  • Créer...